Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus


  • This topic is locked This topic is locked
28 replies to this topic

#1 OhSht

OhSht

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 12 April 2011 - 06:21 PM

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Administrator at 17:16:17.04 on Wed 04/13/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.2934 [GMT -5:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
svchost.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Desktop\virus remove\dds (1).scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/?pc=Z016&form=ZGAPHP
uInternet Settings,ProxyOverride = *.local;<local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\prxtbXfi0.dll
BHO: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\prxtbXfi0.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [Linksys Wireless Manager] "c:\program files\linksys\linksys wireless manager\LinksysWirelessManager.exe" /cm /min /lcid 1033
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [QuickTime Task] "c:\program files\quicktime alternative\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ClamWin] "c:\program files\clamwin\bin\ClamTray.exe" --logon
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\logite~1.lnk - c:\program files\common files\logishrd\ereg\setpoint\eReg.exe
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoSMMyPictures = 1 (0x1)
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
uPolicies-explorer: NoWinKeys = 1 (0x1)
mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoSMMyPictures = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: Free YouTube Download - c:\documents and settings\administrator\application data\dvdvideosoftiehelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\administrator\application data\dvdvideosoftiehelpers\youtubetomp3.htm
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\5lvwquy8.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z016&form=ZGAPHP
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z016&form=ZGAADF&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\5lvwquy8.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\5lvwquy8.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\RadioWMPCore.dll
FF - plugin: c:\documents and settings\administrator\application data\move networks\plugins\npqmp071705000014.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - %profile%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Search Toolbar: searchtoolbar@zugo.com - %profile%\extensions\searchtoolbar@zugo.com
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\administrator\application data\Move Networks
.
============= SERVICES / DRIVERS ===============
.
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [2010-4-1 33824]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2007-10-9 38144]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2011-1-29 10448]
R3 RT80x86;Linksys WPC600N/WMP600N Wireless-N Card Driver;c:\windows\system32\drivers\rt2860.sys [2010-4-5 712704]
S0 nielprt;Nielsen Patch Service;c:\windows\system32\drivers\nielprt.sys --> c:\windows\system32\drivers\nielprt.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-12-17 1684736]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 NielGfx;Nielsen USB GFX;c:\windows\system32\drivers\nielgfx.sys --> c:\windows\system32\drivers\nielgfx.sys [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2009-7-31 341504]
S3 XDva379;XDva379;\??\c:\windows\system32\xdva379.sys --> c:\windows\system32\XDva379.sys [?]
S3 XDva380;XDva380;\??\c:\windows\system32\xdva380.sys --> c:\windows\system32\XDva380.sys [?]
S3 XDva382;XDva382;\??\c:\windows\system32\xdva382.sys --> c:\windows\system32\XDva382.sys [?]
S3 XDva385;XDva385;\??\c:\windows\system32\xdva385.sys --> c:\windows\system32\XDva385.sys [?]
.
=============== Created Last 30 ================
.
2011-04-06 01:38:37 -------- d-----w- c:\program files\AVAST Software
2011-04-06 01:38:37 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVAST Software
2011-04-06 01:14:00 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\Microsoft Help
2011-04-05 23:03:10 536429798 ----a-w- c:\program files\CrossFire_Setup_v1062.exe
2011-03-29 23:01:47 -------- d-----w- c:\docume~1\admini~1\applic~1\Mumble
2011-03-29 23:01:30 -------- d-----w- c:\program files\Mumble
2011-03-26 01:37:46 140288 ----a-w- c:\windows\system32\comdlg32.ocx
2011-03-26 01:37:46 -------- d-----w- c:\program files\Easy Hi-Q Recorder
2011-03-26 01:30:44 -------- d-----w- c:\program files\Microluck
2011-03-26 01:19:41 -------- d-----w- c:\program files\Audacity
.
==================== Find3M ====================
.
2011-03-11 06:06:37 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-02-26 01:19:32 41872 ----a-w- c:\windows\system32\xfcodec.dll
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-03 02:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-03 00:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-27 19:01:34 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-01-21 14:42:25 439808 ----a-w- c:\windows\system32\shimgvw.dll
2010-12-24 18:55:57 506802211 ----a-w- c:\program files\CrossFire_Setup_v1056_xfire.exe
2010-10-31 12:58:53 490405407 ----a-w- c:\program files\CrossFire_Setup_v1052.exe
2010-08-20 20:13:48 36868 ----a-w- c:\program files\uninst-SoundKeys.exe
2003-11-03 23:07:06 499712 ----a-w- c:\program files\msvcp71.dll
2003-11-03 23:07:06 348160 ----a-w- c:\program files\msvcr71.dll
2003-05-30 15:22:06 344064 ----a-r- c:\program files\msvcr70.dll
2002-01-05 09:40:18 487424 ----a-w- c:\program files\msvcp70.dll
.
============= FINISH: 17:16:30.23 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:53 AM

Posted 21 April 2011 - 07:49 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 OhSht

OhSht
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 23 April 2011 - 03:56 PM

Hello, I subscribed.

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:53 AM

Posted 23 April 2011 - 04:58 PM

Please first run TDSSKiller

  • Download TDSSKiller and save it to your Desktop.

  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.

  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l report.txt

  • Now click Start Scan.
  • If Malicious objects are found, ensure Cure is selected then click Continue > Reboot now.
  • Click Close
  • Finally press Report and copy and paste the contents into your next reply. If you've rebooted then the log will be found at C:\

Posted Image
m0le is a proud member of UNITE

#5 OhSht

OhSht
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 24 April 2011 - 04:40 PM

2011/04/25 17:46:40.0296 2688 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/25 17:46:40.0750 2688 ================================================================================
2011/04/25 17:46:40.0750 2688 SystemInfo:
2011/04/25 17:46:40.0750 2688
2011/04/25 17:46:40.0750 2688 OS Version: 5.1.2600 ServicePack: 3.0
2011/04/25 17:46:40.0750 2688 Product type: Workstation
2011/04/25 17:46:40.0750 2688 ComputerName: CAMERONPC
2011/04/25 17:46:40.0750 2688 UserName: Administrator
2011/04/25 17:46:40.0750 2688 Windows directory: C:\WINDOWS
2011/04/25 17:46:40.0750 2688 System windows directory: C:\WINDOWS
2011/04/25 17:46:40.0750 2688 Processor architecture: Intel x86
2011/04/25 17:46:40.0750 2688 Number of processors: 4
2011/04/25 17:46:40.0750 2688 Page size: 0x1000
2011/04/25 17:46:40.0750 2688 Boot type: Normal boot
2011/04/25 17:46:40.0750 2688 ================================================================================
2011/04/25 17:46:40.0921 2688 Initialize success
2011/04/25 17:46:56.0468 5400 ================================================================================
2011/04/25 17:46:56.0468 5400 Scan started
2011/04/25 17:46:56.0468 5400 Mode: Manual;
2011/04/25 17:46:56.0468 5400 ================================================================================
2011/04/25 17:46:57.0046 5400 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/25 17:46:57.0062 5400 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/25 17:46:57.0093 5400 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\WINDOWS\system32\drivers\adfs.sys
2011/04/25 17:46:57.0109 5400 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/04/25 17:46:57.0140 5400 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/04/25 17:46:57.0171 5400 AFD (38d7b715504da4741df35e3594fe2099) C:\WINDOWS\System32\drivers\afd.sys
2011/04/25 17:46:57.0234 5400 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/04/25 17:46:57.0296 5400 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/25 17:46:57.0312 5400 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/25 17:46:57.0328 5400 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/25 17:46:57.0343 5400 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/25 17:46:57.0406 5400 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
2011/04/25 17:46:57.0421 5400 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/25 17:46:57.0437 5400 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/25 17:46:57.0453 5400 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/25 17:46:57.0468 5400 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/25 17:46:57.0515 5400 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/25 17:46:57.0562 5400 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/25 17:46:57.0578 5400 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/25 17:46:57.0578 5400 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/25 17:46:57.0593 5400 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/25 17:46:57.0609 5400 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/25 17:46:57.0640 5400 EAPPkt (c47e7c5e7410c7de98f7219e3008c23d) C:\WINDOWS\system32\DRIVERS\EAPPkt.sys
2011/04/25 17:46:57.0671 5400 ENTECH (fd9fc82f134b1c91004ffc76a5ae494b) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
2011/04/25 17:46:57.0703 5400 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/25 17:46:57.0718 5400 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/04/25 17:46:57.0718 5400 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/25 17:46:57.0734 5400 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/04/25 17:46:57.0734 5400 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/04/25 17:46:57.0750 5400 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/25 17:46:57.0750 5400 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/25 17:46:57.0796 5400 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/04/25 17:46:57.0812 5400 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/25 17:46:57.0828 5400 hamachi (7929a161f9951d173ca9900fe7067391) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2011/04/25 17:46:57.0843 5400 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/04/25 17:46:57.0859 5400 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/04/25 17:46:57.0890 5400 HTTP (937031c085718c1c04a9c0864625ec6b) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/25 17:46:57.0921 5400 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/25 17:46:57.0937 5400 iaStor (d483687eace0c065ee772481a96e05f5) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/04/25 17:46:57.0953 5400 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/25 17:46:58.0046 5400 IntcAzAudAddService (512cc914475348d774d1bb9f866396a5) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/04/25 17:46:58.0140 5400 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/04/25 17:46:58.0156 5400 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/04/25 17:46:58.0171 5400 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/25 17:46:58.0171 5400 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/25 17:46:58.0187 5400 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/25 17:46:58.0187 5400 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/25 17:46:58.0234 5400 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/25 17:46:58.0234 5400 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/25 17:46:58.0265 5400 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/25 17:46:58.0265 5400 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/04/25 17:46:58.0281 5400 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/25 17:46:58.0312 5400 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/25 17:46:58.0328 5400 LBeepKE (c99ba72106a858cb8b521bb4c02c93ed) C:\WINDOWS\system32\Drivers\LBeepKE.sys
2011/04/25 17:46:58.0343 5400 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/04/25 17:46:58.0375 5400 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/04/25 17:46:58.0375 5400 LUsbFilt (81642f134929946ab4b9572c4c17298c) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
2011/04/25 17:46:58.0421 5400 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/04/25 17:46:58.0437 5400 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/25 17:46:58.0453 5400 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/04/25 17:46:58.0453 5400 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/25 17:46:58.0484 5400 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/25 17:46:58.0500 5400 MRxSmb (fb7dfd15d760ad339837a470f0e780d3) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/25 17:46:58.0515 5400 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/25 17:46:58.0531 5400 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/25 17:46:58.0546 5400 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/25 17:46:58.0546 5400 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/25 17:46:58.0546 5400 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/25 17:46:58.0562 5400 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/25 17:46:58.0578 5400 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/25 17:46:58.0578 5400 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/25 17:46:58.0593 5400 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/25 17:46:58.0609 5400 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/25 17:46:58.0625 5400 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/25 17:46:58.0640 5400 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/25 17:46:58.0640 5400 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/25 17:46:58.0671 5400 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/25 17:46:58.0687 5400 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/25 17:46:58.0703 5400 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/25 17:46:58.0859 5400 nv (a05d99cbf55eb493c9e82b4bca848ef5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/04/25 17:46:59.0031 5400 oreans32 (b99575d16f887883b821d372ff292c20) C:\WINDOWS\system32\drivers\oreans32.sys
2011/04/25 17:46:59.0046 5400 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/04/25 17:46:59.0062 5400 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/25 17:46:59.0078 5400 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/25 17:46:59.0078 5400 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/25 17:46:59.0093 5400 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/04/25 17:46:59.0156 5400 pnarp (ce27fc8bdc54b3ac63d53e2d5f6cc929) C:\WINDOWS\system32\DRIVERS\pnarp.sys
2011/04/25 17:46:59.0171 5400 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/25 17:46:59.0171 5400 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/25 17:46:59.0187 5400 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/25 17:46:59.0203 5400 purendis (f4fd591e86ecb6b5d000c7d6c987416b) C:\WINDOWS\system32\DRIVERS\purendis.sys
2011/04/25 17:46:59.0234 5400 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/25 17:46:59.0250 5400 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/25 17:46:59.0250 5400 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/25 17:46:59.0265 5400 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/25 17:46:59.0265 5400 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/25 17:46:59.0265 5400 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/25 17:46:59.0296 5400 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/04/25 17:46:59.0312 5400 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/25 17:46:59.0328 5400 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/25 17:46:59.0343 5400 RT80x86 (ed36e76a08971e133c3c5e2440bfbe84) C:\WINDOWS\system32\DRIVERS\RT2860.sys
2011/04/25 17:46:59.0375 5400 RTL8187B (de4635e8b7975d2b5d961299469a7462) C:\WINDOWS\system32\DRIVERS\wg111v3.sys
2011/04/25 17:46:59.0406 5400 RTLE8023xp (79b4fe884c18dd82d5449f6b6026d092) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/04/25 17:46:59.0421 5400 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/25 17:46:59.0421 5400 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/04/25 17:46:59.0437 5400 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/25 17:46:59.0468 5400 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/25 17:46:59.0484 5400 Sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/25 17:46:59.0500 5400 Srv (9b390283569ea58d43d2586032b892f5) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/25 17:46:59.0515 5400 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/25 17:46:59.0531 5400 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/25 17:46:59.0562 5400 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/25 17:46:59.0593 5400 Tcpip (ad978a1b783b5719720cff204b666c8e) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/25 17:46:59.0609 5400 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/25 17:46:59.0625 5400 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/25 17:46:59.0625 5400 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/25 17:46:59.0640 5400 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/25 17:46:59.0671 5400 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/25 17:46:59.0703 5400 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/04/25 17:46:59.0750 5400 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/04/25 17:46:59.0765 5400 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/25 17:46:59.0765 5400 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/25 17:46:59.0781 5400 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/04/25 17:46:59.0796 5400 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/25 17:46:59.0812 5400 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/25 17:46:59.0828 5400 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/04/25 17:46:59.0843 5400 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/25 17:46:59.0859 5400 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/25 17:46:59.0875 5400 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/04/25 17:46:59.0921 5400 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/25 17:46:59.0953 5400 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/04/25 17:46:59.0984 5400 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/04/25 17:47:00.0125 5400 ================================================================================
2011/04/25 17:47:00.0125 5400 Scan finished
2011/04/25 17:47:00.0125 5400 ================================================================================

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:53 AM

Posted 24 April 2011 - 05:16 PM

No TDSS rootkit behind this so we can now run Combofix, a powerful removal tool

Please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe
  • Disable your AntiVirus and AntiSpyware applications including Firewalls, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Comfix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Posted Image
m0le is a proud member of UNITE

#7 OhSht

OhSht
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 26 April 2011 - 05:34 PM

ComboFix 11-04-26.02 - Administrator 04/27/2011 18:36:15.5.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.2813 [GMT -5:00]
Running from: e:\downloads\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\CrashLog_20101228.txt
c:\cflog\CrashLog_20101231.txt
c:\cflog\CrashLog_20110124.txt
c:\cflog\CrashLog_20110206.txt
c:\cflog\CrashLog_20110207.txt
c:\program files\Search Toolbar
c:\program files\Search Toolbar\icon.ico
c:\program files\Search Toolbar\SearchToolbar.dll
c:\program files\Search Toolbar\SearchToolbarUninstall.exe
c:\program files\Search Toolbar\SearchToolbarUpdater.exe
C:\readme.txt
.
.
((((((((((((((((((((((((( Files Created from 2011-03-27 to 2011-04-27 )))))))))))))))))))))))))))))))
.
.
2011-04-08 11:28 . 2011-04-08 11:28 41872 ----a-w- c:\windows\system32\xfcodec.dll
2011-04-06 01:38 . 2011-04-10 19:41 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-04-06 01:38 . 2011-04-06 01:38 -------- d-----w- c:\program files\AVAST Software
2011-04-06 01:14 . 2011-04-06 01:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Help
2011-04-06 01:13 . 2011-04-06 01:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2011-04-05 23:03 . 2011-04-05 23:08 536429798 ----a-w- c:\program files\CrossFire_Setup_v1062.exe
2011-03-29 23:01 . 2011-03-29 23:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\Mumble
2011-03-29 23:01 . 2011-03-29 23:01 -------- d-----w- c:\program files\Mumble
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-11 06:06 . 2011-03-11 06:06 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-03-04 06:35 . 2009-08-09 01:23 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:27 . 2009-12-11 21:23 1866880 ----a-w- c:\windows\system32\win32k.sys
2011-02-25 04:20 . 2011-01-30 00:25 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-02-22 23:27 . 2008-04-14 08:42 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-22 23:27 . 2008-04-14 08:42 919552 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:27 . 2008-04-14 08:41 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-18 12:08 . 2008-04-14 03:07 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:19 . 2009-08-09 01:23 457472 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:19 . 2009-08-09 01:23 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-08-09 01:24 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2008-04-14 08:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2008-04-14 08:42 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 08:41 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2008-04-14 08:41 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2007-04-03 11:44 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-03 02:40 . 2010-09-21 22:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-03 00:19 . 2010-10-21 01:53 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-30 00:26 . 2011-01-30 00:26 53248 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-12-24 18:55 . 2010-12-24 18:50 506802211 ----a-w- c:\program files\CrossFire_Setup_v1056_xfire.exe
2010-10-31 12:58 . 2010-10-31 12:53 490405407 ----a-w- c:\program files\CrossFire_Setup_v1052.exe
2010-08-20 20:13 . 2010-08-20 20:05 36868 ----a-w- c:\program files\uninst-SoundKeys.exe
2003-11-03 23:07 . 2004-04-23 23:06 499712 ----a-w- c:\program files\msvcp71.dll
2003-11-03 23:07 . 2004-04-23 23:06 348160 ----a-w- c:\program files\msvcr71.dll
2003-05-30 15:22 . 2003-09-08 15:09 344064 ----a-r- c:\program files\msvcr70.dll
2002-01-05 09:40 . 2003-09-08 15:09 487424 ----a-w- c:\program files\msvcp70.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2010-09-21_22.11.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-11 15:59 . 2011-01-11 15:59 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_214ee422\vcomp90.dll
+ 2007-11-07 08:19 . 2007-11-07 08:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90rus.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90kor.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90jpn.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90ita.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90fra.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esp.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esn.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90enu.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90deu.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90cht.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90chs.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90u.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90.dll
+ 2008-07-29 12:07 . 2008-07-29 12:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 12:07 . 2008-07-29 12:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2011-01-11 04:03 . 2011-01-11 04:03 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_189d6662\vcomp.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80KOR.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80JPN.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ITA.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80FRA.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ESP.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ENU.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80DEU.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHT.dll
+ 2011-01-11 03:32 . 2011-01-11 03:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHS.dll
+ 2011-01-11 09:05 . 2011-01-11 09:05 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80u.dll
+ 2011-01-11 09:23 . 2011-01-11 09:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80.dll
+ 2011-01-11 02:21 . 2011-01-11 02:21 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_7837863c\ATL80.dll
+ 2011-04-25 23:49 . 2011-04-25 23:49 16384 c:\windows\temp\Perflib_Perfdata_6b4.dat
+ 2010-09-22 00:35 . 2008-04-14 01:12 13824 c:\windows\system32\wscntfy.exe
- 2009-10-28 14:07 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
+ 2009-10-28 14:07 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 08:42 . 2010-08-27 06:05 99840 c:\windows\system32\srvsvc.dll
+ 2008-04-14 08:42 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2011-01-30 00:26 . 2001-08-18 00:48 12160 c:\windows\system32\ReinstallBackups\0021\DriverFiles\i386\mouhid.sys
+ 2011-01-30 00:26 . 2008-04-14 11:09 23040 c:\windows\system32\ReinstallBackups\0021\DriverFiles\i386\mouclass.sys
+ 2011-01-30 00:25 . 2008-04-14 03:09 14592 c:\windows\system32\ReinstallBackups\0020\DriverFiles\i386\kbdhid.sys
+ 2011-01-30 00:25 . 2008-04-14 03:09 24576 c:\windows\system32\ReinstallBackups\0020\DriverFiles\i386\kbdclass.sys
+ 2011-01-30 00:25 . 2009-12-11 21:23 12160 c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\mouhid.sys
+ 2011-01-30 00:25 . 2009-12-11 21:23 23040 c:\windows\system32\ReinstallBackups\0019\DriverFiles\i386\mouclass.sys
+ 2011-01-30 00:25 . 2008-04-14 03:15 10368 c:\windows\system32\ReinstallBackups\0018\DriverFiles\i386\hidusb.sys
+ 2011-01-30 00:25 . 2008-04-14 03:15 24960 c:\windows\system32\ReinstallBackups\0018\DriverFiles\i386\hidparse.sys
+ 2011-01-30 00:25 . 2008-04-14 03:15 36864 c:\windows\system32\ReinstallBackups\0018\DriverFiles\i386\hidclass.sys
+ 2011-01-30 00:25 . 2009-12-11 21:23 20992 c:\windows\system32\ReinstallBackups\0018\DriverFiles\i386\hid.dll
+ 2001-08-23 13:00 . 2011-04-16 01:01 67516 c:\windows\system32\perfc009.dat
- 2001-08-23 13:00 . 2010-09-19 06:24 67516 c:\windows\system32\perfc009.dat
- 2008-04-14 08:42 . 2009-03-08 10:31 66560 c:\windows\system32\mshtmled.dll
+ 2008-04-14 08:42 . 2011-02-22 23:27 66560 c:\windows\system32\mshtmled.dll
- 2009-03-08 10:31 . 2010-06-24 12:24 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 10:31 . 2011-02-22 23:27 55296 c:\windows\system32\msfeedsbs.dll
+ 2010-01-06 21:38 . 2011-03-04 19:55 63072 c:\windows\system32\mlfcache.dat
- 2010-01-12 07:17 . 2010-01-12 07:17 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
- 2010-01-12 07:17 . 2010-01-12 07:17 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2010-01-12 07:17 . 2010-01-12 07:17 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2010-01-12 07:17 . 2010-01-12 07:17 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2010-08-24 17:31 . 2010-08-24 17:31 53328 c:\windows\system32\LMouFiltCoInst.dll
+ 2008-04-14 08:41 . 2011-02-22 23:27 25600 c:\windows\system32\jsproxy.dll
- 2008-04-14 08:41 . 2010-06-24 12:24 25600 c:\windows\system32\jsproxy.dll
+ 2006-10-26 19:10 . 2006-10-26 19:10 33088 c:\windows\system32\FM20ENU.DLL
- 2009-12-20 02:22 . 2010-09-17 22:09 22328 c:\windows\system32\drivers\PnkBstrK.sys
+ 2009-12-20 02:22 . 2011-01-27 19:01 22328 c:\windows\system32\drivers\PnkBstrK.sys
+ 2008-04-14 03:27 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
- 2001-08-17 18:48 . 2009-12-11 21:23 12160 c:\windows\system32\drivers\mouhid.sys
+ 2001-08-17 18:48 . 2001-08-18 00:48 12160 c:\windows\system32\drivers\mouhid.sys
+ 2008-04-14 05:09 . 2008-04-14 11:09 23040 c:\windows\system32\drivers\mouclass.sys
- 2008-04-14 05:09 . 2009-12-11 21:23 23040 c:\windows\system32\drivers\mouclass.sys
+ 2009-12-17 19:49 . 2010-12-21 00:09 38224 c:\windows\system32\drivers\mbamswissarmy.sys
- 2009-12-17 19:49 . 2009-12-03 22:14 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2009-12-17 19:49 . 2010-12-21 00:08 20952 c:\windows\system32\drivers\mbam.sys
+ 2010-08-24 17:31 . 2010-08-24 17:31 28624 c:\windows\system32\drivers\LUsbFilt.sys
+ 2010-08-24 17:31 . 2010-08-24 17:31 37328 c:\windows\system32\drivers\LMouFilt.Sys
+ 2010-08-24 17:30 . 2010-08-24 17:30 38864 c:\windows\system32\drivers\LHidFilt.Sys
+ 2011-01-30 00:25 . 2010-08-24 17:30 10448 c:\windows\system32\drivers\LBeepKE.sys
- 2008-04-14 03:09 . 2008-04-14 03:09 14592 c:\windows\system32\drivers\kbdhid.sys
+ 2008-04-14 03:09 . 2008-04-14 12:09 14592 c:\windows\system32\drivers\kbdhid.sys
+ 2008-04-14 03:09 . 2008-04-14 12:09 24576 c:\windows\system32\drivers\kbdclass.sys
- 2008-04-14 03:09 . 2008-04-14 03:09 24576 c:\windows\system32\drivers\kbdclass.sys
+ 2008-04-14 03:15 . 2008-04-14 12:15 10368 c:\windows\system32\drivers\hidusb.sys
- 2008-04-14 03:15 . 2008-04-14 03:15 10368 c:\windows\system32\drivers\hidusb.sys
- 2008-04-14 03:15 . 2008-04-14 03:15 24960 c:\windows\system32\drivers\hidparse.sys
+ 2008-04-14 03:15 . 2008-04-14 12:15 24960 c:\windows\system32\drivers\hidparse.sys
+ 2008-04-14 03:15 . 2008-04-14 12:15 36864 c:\windows\system32\drivers\hidclass.sys
- 2008-04-14 03:15 . 2008-04-14 03:15 36864 c:\windows\system32\drivers\hidclass.sys
- 2008-04-14 08:41 . 2008-04-14 08:41 45568 c:\windows\system32\dnsrslvr.dll
+ 2008-04-14 08:41 . 2009-04-20 17:06 45568 c:\windows\system32\dnsrslvr.dll
+ 2009-12-17 21:59 . 2011-02-22 23:27 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-12-17 21:59 . 2010-06-24 12:24 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-09-22 00:35 . 2008-04-14 01:12 13824 c:\windows\system32\dllcache\wscntfy.exe
+ 2008-04-14 08:42 . 2010-08-27 06:05 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2008-04-14 08:42 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2008-04-14 03:27 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
+ 2008-04-14 08:42 . 2011-02-22 23:27 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2009-12-17 21:59 . 2010-06-24 12:24 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-12-17 21:59 . 2011-02-22 23:27 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2001-08-17 18:48 . 2001-08-18 00:48 12160 c:\windows\system32\dllcache\mouhid.sys
+ 2008-04-14 05:09 . 2008-04-14 11:09 23040 c:\windows\system32\dllcache\mouclass.sys
+ 2008-04-14 08:41 . 2011-02-22 23:27 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2008-04-14 03:09 . 2008-04-14 12:09 14592 c:\windows\system32\dllcache\kbdhid.sys
+ 2008-04-14 03:09 . 2008-04-14 12:09 24576 c:\windows\system32\dllcache\kbdclass.sys
- 2008-04-14 08:41 . 2010-06-24 12:24 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 08:41 . 2011-02-22 23:27 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 03:15 . 2008-04-14 12:15 10368 c:\windows\system32\dllcache\hidusb.sys
+ 2008-04-14 03:15 . 2008-04-14 12:15 24960 c:\windows\system32\dllcache\hidparse.sys
+ 2008-04-14 03:15 . 2008-04-14 12:15 36864 c:\windows\system32\dllcache\hidclass.sys
+ 2008-04-14 08:41 . 2009-04-20 17:06 45568 c:\windows\system32\dllcache\dnsrslvr.dll
- 2008-04-14 08:41 . 2008-04-14 08:41 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2008-04-14 08:41 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2008-04-14 08:41 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 08:41 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll
- 2008-04-14 08:41 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
+ 2010-09-21 22:18 . 2010-09-21 22:07 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-21 22:18 . 2010-09-21 22:07 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-12-17 19:53 . 2011-02-11 01:08 87711 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2011-02-02 13:46 . 2011-02-02 13:46 98304 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
- 2009-10-29 04:55 . 2009-10-29 04:55 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2011-02-02 13:55 . 2011-02-02 13:55 68536 c:\windows\system32\Adobe\Director\SWDNLD.EXE
+ 2010-09-22 14:43 . 2010-09-22 14:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2010-03-23 10:31 . 2010-03-23 10:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2011-04-16 00:59 . 2011-04-16 00:59 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
- 2010-09-19 06:25 . 2010-09-19 06:25 49936 c:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
+ 2011-04-16 01:01 . 2011-04-16 01:01 65360 c:\windows\Installer\{95120000-003F-0409-0000-0000000FF1CE}\xlvwicon.exe
- 2010-09-19 06:25 . 2010-09-19 06:25 65360 c:\windows\Installer\{95120000-003F-0409-0000-0000000FF1CE}\xlvwicon.exe
- 2009-12-17 19:50 . 2010-09-19 06:25 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2009-12-17 19:50 . 2011-04-16 01:01 40960 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2011-04-16 00:59 . 2011-04-16 00:59 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2010-09-19 06:25 . 2010-09-19 06:25 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-07-20 02:34 . 2011-04-22 04:15 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-07-20 02:34 . 2010-07-20 02:34 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-09-23 09:47 . 2010-09-23 09:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\reader_sl.exe
+ 2010-09-23 08:03 . 2010-09-23 08:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\eula.exe
+ 2010-09-23 07:52 . 2010-09-23 07:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrotextextractor.exe
+ 2010-09-22 23:12 . 2010-09-22 23:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32Info.exe
+ 2011-04-16 01:01 . 2010-12-20 23:58 12800 c:\windows\ie8updates\KB2497640-IE8\xpshims.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 66560 c:\windows\ie8updates\KB2497640-IE8\mshtmled.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 55296 c:\windows\ie8updates\KB2497640-IE8\msfeedsbs.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 43520 c:\windows\ie8updates\KB2497640-IE8\licmgr10.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 25600 c:\windows\ie8updates\KB2497640-IE8\jsproxy.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll
+ 2011-01-30 03:24 . 2010-09-10 05:57 12800 c:\windows\ie8updates\KB2416400-IE8\xpshims.dll
+ 2011-01-30 03:23 . 2010-09-10 05:57 66560 c:\windows\ie8updates\KB2416400-IE8\mshtmled.dll
+ 2011-01-30 03:23 . 2010-09-10 05:57 55296 c:\windows\ie8updates\KB2416400-IE8\msfeedsbs.dll
+ 2011-01-30 03:24 . 2010-09-10 05:57 43520 c:\windows\ie8updates\KB2416400-IE8\licmgr10.dll
+ 2011-01-30 03:24 . 2010-09-10 05:57 25600 c:\windows\ie8updates\KB2416400-IE8\jsproxy.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll
+ 2010-10-20 21:32 . 2009-03-08 10:31 66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll
+ 2010-10-20 21:32 . 2009-03-08 10:34 43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\368187bcb570d202a019fc7c53b1df4c\UIAutomationProvider.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3f621b90371e67197bd4d0b86aa6f21d\System.Windows.Presentation.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\577b049541803541e6b00e2c36c00852\System.Web.DynamicData.Design.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\636ed65b7e5481320e3010b78a5e6cfa\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f83b1e8dd8c90490c8d924826c8b107d\System.AddIn.Contract.ni.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2740ba673b1040f1995f13c6044da64c\PresentationFontCache.ni.exe
+ 2011-04-16 01:01 . 2011-04-16 01:01 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8514e7de63d46b6f8232ef70d93a1650\PresentationCFFRasterizer.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\108426b4dc654100c9a99bfa71f69886\Microsoft.Vsa.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8905268997c77a27c7f9c54aeba37f24\Microsoft.Build.Framework.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\11bb8ef375848eb1c074da1afd5cecdc\Microsoft.Build.Framework.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\6d74b9308a1517bfe959e597c3dd2427\dfsvc.ni.exe
+ 2011-04-16 01:03 . 2011-04-16 01:03 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fdf7f1404f4a5c7f5a0463d8e7a442e4\Accessibility.ni.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-10-20 20:53 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll
+ 2010-10-20 20:53 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981322\spmsg.dll
+ 2011-03-21 03:38 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2011-03-21 03:38 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2011-03-27 02:19 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2524375\update\spcustom.dll
+ 2011-03-27 02:19 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2524375\spmsg.dll
+ 2011-03-01 23:45 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485376\update\spcustom.dll
+ 2011-03-01 23:45 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485376\spmsg.dll
+ 2011-03-13 18:53 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-13 18:53 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2011-03-01 23:42 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476687\update\spcustom.dll
+ 2011-03-01 23:42 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476687\spmsg.dll
+ 2010-12-09 14:29 . 2010-12-09 14:29 33280 c:\windows\$hf_mig$\KB2476687\SP3QFE\csrsrv.dll
+ 2011-01-30 03:23 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2467659\update\spcustom.dll
+ 2011-01-30 03:23 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2467659\spmsg.dll
+ 2011-01-30 03:23 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2440591\update\spcustom.dll
+ 2011-01-30 03:23 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2440591\spmsg.dll
+ 2011-01-30 02:25 . 2010-11-03 05:55 40960 c:\windows\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys
+ 2011-01-30 03:23 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2419632\update\spcustom.dll
+ 2011-01-30 03:23 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2419632\spmsg.dll
+ 2010-10-20 21:33 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2387149\update\spcustom.dll
+ 2010-10-20 21:33 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2387149\spmsg.dll
+ 2010-10-20 20:53 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll
+ 2010-10-20 20:53 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2347290\spmsg.dll
+ 2010-08-17 13:19 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
+ 2011-01-30 03:24 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2296199\update\spcustom.dll
+ 2011-01-30 03:24 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2296199\spmsg.dll
+ 2010-10-20 21:33 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2279986\update\spcustom.dll
+ 2010-10-20 21:33 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2279986\spmsg.dll
+ 2010-10-20 20:53 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2121546\update\spcustom.dll
+ 2010-10-20 20:53 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2121546\spmsg.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-02-02 13:47 . 2011-02-02 13:47 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
- 2009-10-29 05:29 . 2009-10-29 05:29 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-09-19 06:24 . 2010-09-19 06:24 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-09-19 06:24 . 2010-09-19 06:24 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcr90.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcp90.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcm90.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_65b7a93a\atl90.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2011-01-11 09:27 . 2011-01-11 09:27 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcr80.dll
+ 2011-01-11 09:24 . 2011-01-11 09:24 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcp80.dll
+ 2011-01-11 09:08 . 2011-01-11 09:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcm80.dll
+ 2008-04-14 08:42 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
- 2008-04-14 08:42 . 2008-04-14 08:42 293376 c:\windows\system32\winsrv.dll
+ 2008-04-14 08:42 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
- 2008-04-14 08:42 . 2008-04-14 08:42 406016 c:\windows\system32\usp10.dll
+ 2009-08-09 01:24 . 2010-08-27 08:01 119808 c:\windows\system32\t2embed.dll
- 2009-08-09 01:24 . 2009-10-15 16:39 119808 c:\windows\system32\t2embed.dll
+ 2008-04-14 08:42 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
- 2008-04-14 08:42 . 2008-04-14 08:42 135168 c:\windows\system32\shsvcs.dll
+ 2008-04-14 08:42 . 2011-01-21 14:42 439808 c:\windows\system32\shimgvw.dll
+ 2009-08-09 01:24 . 2010-08-16 08:43 590848 c:\windows\system32\rpcrt4.dll
+ 2011-03-07 18:45 . 2006-06-20 08:56 225280 c:\windows\system32\rewire.dll
+ 2009-11-16 21:14 . 2009-11-16 21:43 524288 c:\windows\system32\RegisterDialog.dll
- 2009-12-20 02:22 . 2010-09-17 22:09 103736 c:\windows\system32\PnkBstrB.exe
+ 2009-12-20 02:22 . 2011-01-27 19:01 103736 c:\windows\system32\PnkBstrB.exe
- 2001-08-23 13:00 . 2010-09-19 06:24 432686 c:\windows\system32\perfh009.dat
+ 2001-08-23 13:00 . 2011-04-16 01:01 432686 c:\windows\system32\perfh009.dat
+ 2008-04-14 08:42 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll
- 2008-04-14 08:42 . 2008-04-14 08:42 249856 c:\windows\system32\odbc32.dll
- 2008-04-14 08:42 . 2010-06-24 12:24 206848 c:\windows\system32\occache.dll
+ 2008-04-14 08:42 . 2011-02-22 23:27 206848 c:\windows\system32\occache.dll
+ 2009-02-09 08:56 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll
+ 2010-03-18 14:15 . 2010-03-18 14:15 770384 c:\windows\system32\msvcr100.dll
+ 2010-03-18 14:15 . 2010-03-18 14:15 421200 c:\windows\system32\msvcp100.dll
- 2008-04-14 08:42 . 2010-06-24 12:24 611840 c:\windows\system32\mstime.dll
+ 2008-04-14 08:42 . 2011-02-22 23:27 611840 c:\windows\system32\mstime.dll
+ 2009-03-08 10:32 . 2011-02-22 23:27 602112 c:\windows\system32\msfeeds.dll
- 2009-08-08 18:31 . 2009-08-08 18:31 317440 c:\windows\system32\mp4sdecd.dll
+ 2009-08-08 18:31 . 2010-03-30 17:24 317440 c:\windows\system32\mp4sdecd.dll
+ 2008-04-14 08:41 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll
+ 2001-08-23 13:00 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 136568 c:\windows\system32\Macromed\Shockwave 10\SCC.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll
- 2010-01-12 07:17 . 2010-01-12 07:17 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll
- 2010-01-12 07:17 . 2010-01-12 07:17 475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll
- 2010-01-12 07:17 . 2010-01-12 07:17 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll
- 2010-01-12 07:17 . 2010-01-12 07:17 606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 798208 c:\windows\system32\Macromed\Shockwave 10\gi.dll
- 2010-01-12 07:17 . 2010-01-12 07:17 471040 c:\windows\system32\Macromed\Shockwave 10\Control.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 471040 c:\windows\system32\Macromed\Shockwave 10\Control.dll
+ 2011-04-12 22:32 . 2011-04-12 22:32 235168 c:\windows\system32\Macromed\Flash\FlashUtil10o_Plugin.exe
+ 2011-03-12 01:32 . 2011-03-12 01:32 234656 c:\windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe
+ 2011-03-12 01:32 . 2011-03-12 01:32 311456 c:\windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.dll
- 2009-08-12 02:24 . 2009-08-12 02:24 730112 c:\windows\system32\lsasrv.dll
+ 2009-08-12 02:24 . 2010-12-20 17:24 730112 c:\windows\system32\lsasrv.dll
+ 2008-02-08 23:13 . 2007-06-08 14:10 319488 c:\windows\system32\LS3Renderer.dll
+ 2009-08-12 02:24 . 2010-12-22 12:32 301568 c:\windows\system32\kerberos.dll
- 2009-08-12 02:24 . 2009-08-12 02:24 301568 c:\windows\system32\kerberos.dll
+ 2009-11-09 18:25 . 2011-03-04 06:35 726528 c:\windows\system32\jscript.dll
- 2009-11-09 18:25 . 2009-12-09 05:51 726528 c:\windows\system32\jscript.dll
+ 2011-03-26 01:40 . 2011-02-03 02:40 157472 c:\windows\system32\javaws.exe
- 2009-12-17 19:48 . 2009-12-17 19:48 145184 c:\windows\system32\javaw.exe
+ 2011-03-26 01:40 . 2011-02-03 02:40 145184 c:\windows\system32\javaw.exe
+ 2011-03-26 01:40 . 2011-02-03 02:40 145184 c:\windows\system32\java.exe
- 2009-12-17 19:48 . 2009-12-17 19:48 145184 c:\windows\system32\java.exe
- 2008-04-14 08:41 . 2010-06-24 12:24 184320 c:\windows\system32\iepeers.dll
+ 2008-04-14 08:41 . 2011-02-22 23:27 184320 c:\windows\system32\iepeers.dll
+ 2008-04-14 08:41 . 2011-02-22 23:27 387584 c:\windows\system32\iedkcs32.dll
- 2008-04-14 08:41 . 2010-06-24 12:24 387584 c:\windows\system32\iedkcs32.dll
+ 2008-04-14 08:42 . 2011-02-22 12:08 173568 c:\windows\system32\ie4uinit.exe
+ 2009-08-09 02:55 . 2008-06-20 11:59 361600 c:\windows\system32\drivers\tcpip.sys
- 2009-08-09 02:55 . 2009-08-09 02:55 361600 c:\windows\system32\drivers\tcpip.sys
+ 2010-01-07 20:09 . 2011-01-01 18:59 691696 c:\windows\system32\drivers\sptd.sys
- 2009-08-09 01:23 . 2009-08-09 01:23 138496 c:\windows\system32\drivers\afd.sys
+ 2009-08-09 01:23 . 2008-10-16 15:07 138496 c:\windows\system32\drivers\afd.sys
+ 2009-08-09 01:23 . 2011-03-03 06:53 149504 c:\windows\system32\dnsapi.dll
+ 2009-12-17 09:07 . 2010-07-12 13:02 218112 c:\windows\system32\dllcache\wordpad.exe
- 2008-04-14 08:42 . 2008-04-14 08:42 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2008-04-14 08:42 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2008-04-14 08:42 . 2011-02-22 23:27 919552 c:\windows\system32\dllcache\wininet.dll
+ 2009-08-09 01:23 . 2011-03-04 06:35 420864 c:\windows\system32\dllcache\vbscript.dll
- 2008-04-14 08:42 . 2008-04-14 08:42 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-04-14 08:42 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-06-20 11:59 . 2008-06-20 11:59 361600 c:\windows\system32\dllcache\tcpip.sys
+ 2009-08-09 01:24 . 2010-08-27 08:01 119808 c:\windows\system32\dllcache\t2embed.dll
- 2009-08-09 01:24 . 2009-10-15 16:39 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-08-09 01:23 . 2011-02-17 13:19 357888 c:\windows\system32\dllcache\srv.sys
- 2008-04-14 08:42 . 2008-04-14 08:42 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2008-04-14 08:42 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2008-04-14 08:42 . 2011-01-21 14:42 439808 c:\windows\system32\dllcache\shimgvw.dll
+ 2008-04-14 08:42 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
- 2008-04-14 08:42 . 2008-04-14 08:42 270848 c:\windows\system32\dllcache\sbe.dll
+ 2009-08-09 01:24 . 2010-08-16 08:43 590848 c:\windows\system32\dllcache\rpcrt4.dll
- 2008-04-14 08:42 . 2008-04-14 08:42 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2008-04-14 08:42 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2008-04-14 08:42 . 2011-02-22 23:27 206848 c:\windows\system32\dllcache\occache.dll
- 2008-04-14 08:42 . 2010-06-24 12:24 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-02-09 08:56 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
- 2008-04-14 08:42 . 2010-06-24 12:24 611840 c:\windows\system32\dllcache\mstime.dll
+ 2008-04-14 08:42 . 2011-02-22 23:27 611840 c:\windows\system32\dllcache\mstime.dll
- 2009-12-17 09:08 . 2008-04-14 08:42 102400 c:\windows\system32\dllcache\msjro.dll
+ 2009-12-17 09:08 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
+ 2009-12-17 21:59 . 2011-02-22 23:27 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-12-17 09:08 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
- 2009-12-17 09:08 . 2008-04-14 08:42 200704 c:\windows\system32\dllcache\msadox.dll
+ 2009-12-17 09:08 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
- 2009-12-17 09:08 . 2008-04-14 08:42 180224 c:\windows\system32\dllcache\msadomd.dll
- 2009-12-17 09:08 . 2008-04-14 08:42 536576 c:\windows\system32\dllcache\msado15.dll
+ 2009-12-17 09:08 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2009-12-17 09:08 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
- 2009-12-17 09:08 . 2008-04-14 08:42 143360 c:\windows\system32\dllcache\msadco.dll
+ 2010-05-03 14:01 . 2011-02-17 13:19 457472 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-03-30 17:24 . 2010-03-30 17:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2007-04-03 11:44 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2008-04-14 08:41 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2008-04-14 08:41 . 2010-09-18 06:53 953856 c:\windows\system32\dllcache\mfc40u.dll
+ 2001-08-23 13:00 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
- 2009-08-12 02:24 . 2009-08-12 02:24 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-08-12 02:24 . 2010-12-20 17:24 730112 c:\windows\system32\dllcache\lsasrv.dll
- 2009-08-12 02:24 . 2009-08-12 02:24 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2009-08-12 02:24 . 2010-12-22 12:32 301568 c:\windows\system32\dllcache\kerberos.dll
- 2009-11-09 18:25 . 2009-12-09 05:51 726528 c:\windows\system32\dllcache\jscript.dll
+ 2009-11-09 18:25 . 2011-03-04 06:35 726528 c:\windows\system32\dllcache\jscript.dll
+ 2009-12-17 21:59 . 2011-02-22 23:27 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-12-17 21:59 . 2010-06-24 12:24 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2008-04-14 08:41 . 2010-06-24 12:24 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2008-04-14 08:41 . 2011-02-22 23:27 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-09-19 03:12 . 2010-06-24 12:24 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-09-19 03:12 . 2011-02-22 23:27 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2008-04-14 08:41 . 2010-06-24 12:24 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-14 08:41 . 2011-02-22 23:27 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-14 08:42 . 2011-02-22 12:08 173568 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-04-14 08:41 . 2008-04-14 08:41 186880 c:\windows\system32\dllcache\encdec.dll
+ 2008-04-14 08:41 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2009-08-09 01:23 . 2011-03-03 06:53 149504 c:\windows\system32\dllcache\dnsapi.dll
- 2008-04-14 08:41 . 2008-04-14 08:41 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2008-04-14 08:41 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2008-04-14 08:39 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
- 2009-08-09 01:23 . 2009-08-09 01:23 138496 c:\windows\system32\dllcache\afd.sys
+ 2009-08-09 01:23 . 2008-10-16 15:07 138496 c:\windows\system32\dllcache\afd.sys
- 2010-09-08 20:49 . 2010-09-08 20:49 262144 c:\windows\system32\config\systemprofile\NtUser.dat
+ 2010-09-08 20:49 . 2011-01-04 22:12 262144 c:\windows\system32\config\systemprofile\NtUser.dat
+ 2008-04-14 08:41 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll
- 2008-04-14 08:41 . 2008-04-14 08:41 617472 c:\windows\system32\comctl32.dll
+ 2011-02-02 13:46 . 2011-02-02 13:46 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
- 2009-10-29 05:27 . 2009-10-29 05:27 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2011-02-02 13:55 . 2011-02-02 13:55 469944 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1159620.exe
+ 2011-02-02 13:35 . 2011-02-02 13:35 136568 c:\windows\system32\Adobe\Shockwave 11\SCC.dll
+ 2011-02-02 13:48 . 2011-02-02 13:48 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
- 2009-10-29 05:29 . 2009-10-29 05:29 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2011-02-02 13:47 . 2011-02-02 13:47 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
- 2009-10-29 05:28 . 2009-10-29 05:28 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 798208 c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2011-02-02 13:46 . 2011-02-02 13:46 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
- 2009-10-29 05:26 . 2009-10-29 05:26 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2011-02-02 13:55 . 2011-02-02 13:55 215992 c:\windows\system32\Adobe\Director\SwDir.dll
+ 2011-02-02 13:47 . 2011-02-02 13:47 135168 c:\windows\system32\Adobe\Director\np32dsw.dll
- 2010-03-23 10:31 . 2010-03-23 10:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-09-22 14:43 . 2010-09-22 14:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2010-05-11 11:40 . 2010-05-11 11:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 09:39 . 2011-01-18 09:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-18 09:39 . 2011-01-18 09:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-01-18 09:39 . 2011-01-18 09:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2010-05-11 11:40 . 2010-05-11 11:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-10-21 01:53 . 2010-10-21 01:53 676352 c:\windows\Installer\d4d7d0.msi
+ 2011-04-16 01:02 . 2011-04-16 01:02 459264 c:\windows\Installer\a5f9b71.msi
+ 2011-04-16 00:55 . 2011-04-16 00:55 223232 c:\windows\Installer\a5f9b1b.msi
+ 2011-01-17 22:06 . 2011-01-17 22:06 683520 c:\windows\Installer\3d2e2d6.msi
+ 2010-09-24 02:02 . 2010-09-24 02:02 798208 c:\windows\Installer\1d8ac9.msp
+ 2011-01-30 00:26 . 2011-01-30 00:26 240640 c:\windows\Installer\1b6b4a5.msi
+ 2011-01-30 00:25 . 2011-01-30 00:25 228352 c:\windows\Installer\1b6b49f.msi
+ 2011-03-26 01:40 . 2011-03-26 01:40 180224 c:\windows\Installer\10d61.msi
+ 2009-12-17 19:50 . 2011-04-16 01:01 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-12-17 19:50 . 2010-09-19 06:25 135168 c:\windows\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2010-09-22 23:10 . 2010-09-22 23:10 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\nppdf32.dll
+ 2010-09-10 23:17 . 2010-09-10 23:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\JP2KLib.dll
+ 2010-09-23 01:41 . 2010-09-23 01:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AdobeCollabSync.exe
+ 2010-09-23 09:47 . 2010-09-23 09:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.exe
+ 2010-09-22 23:04 . 2010-09-22 23:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroPDF.dll
+ 2010-09-23 00:39 . 2010-09-23 00:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrobroker.exe
+ 2010-09-22 23:50 . 2010-09-22 23:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\a3dutility.exe
+ 2011-04-16 00:55 . 2010-03-10 06:18 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2011-04-16 00:55 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2011-04-16 00:55 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
+ 2011-04-16 00:55 . 2009-12-09 05:51 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 919552 c:\windows\ie8updates\KB2497640-IE8\wininet.dll
+ 2011-04-16 01:01 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2497640-IE8\spuninst\updspapi.dll
+ 2011-04-16 01:01 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2497640-IE8\spuninst\spuninst.exe
+ 2011-04-16 01:01 . 2010-12-20 23:58 206848 c:\windows\ie8updates\KB2497640-IE8\occache.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 611840 c:\windows\ie8updates\KB2497640-IE8\mstime.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 602112 c:\windows\ie8updates\KB2497640-IE8\msfeeds.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 247808 c:\windows\ie8updates\KB2497640-IE8\ieproxy.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 184320 c:\windows\ie8updates\KB2497640-IE8\iepeers.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 743424 c:\windows\ie8updates\KB2497640-IE8\iedvtool.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 387584 c:\windows\ie8updates\KB2497640-IE8\iedkcs32.dll
+ 2011-04-16 01:01 . 2010-12-20 12:48 173568 c:\windows\ie8updates\KB2497640-IE8\ie4uinit.exe
+ 2011-03-01 23:42 . 2010-11-06 00:27 919552 c:\windows\ie8updates\KB2482017-IE8\wininet.dll
+ 2011-03-01 23:42 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll
+ 2011-03-01 23:42 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe
+ 2011-03-01 23:42 . 2010-11-06 00:27 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll
+ 2011-03-01 23:42 . 2010-11-03 12:01 173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe
+ 2011-01-30 03:23 . 2010-09-10 05:57 919552 c:\windows\ie8updates\KB2416400-IE8\wininet.dll
+ 2011-01-30 03:24 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2416400-IE8\spuninst\updspapi.dll
+ 2011-01-30 03:24 . 2010-02-22 14:23 231288 c:\windows\ie8updates\KB2416400-IE8\spuninst\spuninst.exe
+ 2011-01-30 03:23 . 2010-09-10 05:57 206848 c:\windows\ie8updates\KB2416400-IE8\occache.dll
+ 2011-01-30 03:23 . 2010-09-10 05:57 611840 c:\windows\ie8updates\KB2416400-IE8\mstime.dll
+ 2011-01-30 03:23 . 2010-09-10 05:57 602112 c:\windows\ie8updates\KB2416400-IE8\msfeeds.dll
+ 2011-01-30 03:24 . 2010-09-10 05:57 247808 c:\windows\ie8updates\KB2416400-IE8\ieproxy.dll
+ 2011-01-30 03:24 . 2010-09-10 05:57 184320 c:\windows\ie8updates\KB2416400-IE8\iepeers.dll
+ 2011-01-30 03:24 . 2010-09-10 05:57 743424 c:\windows\ie8updates\KB2416400-IE8\iedvtool.dll
+ 2011-01-30 03:24 . 2010-09-10 05:57 387584 c:\windows\ie8updates\KB2416400-IE8\iedkcs32.dll
+ 2011-01-30 03:24 . 2010-09-08 15:48 173056 c:\windows\ie8updates\KB2416400-IE8\ie4uinit.exe
+ 2010-10-20 21:32 . 2010-06-24 12:24 919040 c:\windows\ie8updates\KB2360131-IE8\wininet.dll
+ 2010-10-20 21:32 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll
+ 2010-10-20 21:32 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe
+ 2010-10-20 21:32 . 2010-06-24 12:24 206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 599040 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 247808 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 743424 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll
+ 2010-10-20 21:32 . 2010-06-23 11:30 173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe
+ 2010-05-03 14:01 . 2011-02-17 13:19 457472 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-04-16 01:04 . 2011-04-16 01:04 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\95de80b860252231b46014f58226e473\WsatConfig.ni.exe
+ 2011-04-16 01:02 . 2011-04-16 01:02 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\715710f5a31a494ed5c0ec0874dafe3e\WindowsFormsIntegration.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\017be0e6c5f1810f15a696157cd5e2c2\UIAutomationTypes.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\bec5b0a93df12eb26c02c877a4eae678\UIAutomationClient.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3d8f787002439f4942c33f376cfd8555\System.Xml.Linq.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\4b746fea8062a10ccc6e5331914e7dad\System.Web.Routing.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\103956fdb019bce8a173fe9cb9da3e02\System.Web.RegularExpressions.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c0a156fbf46ad272ac262e45eaa998f4\System.Web.Extensions.Design.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e3651e13567ce4e3fa7bb2fbab737d9a\System.Web.Entity.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\834d7769f39e4d937eda1ad3707d4716\System.Web.Entity.Design.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\032c96c6206b53bca122d1fbaf5f8ca2\System.Web.DynamicData.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6ce0e4fb33afcfcce43c427e82b987db\System.Web.Abstractions.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\990d96810a21e0fa95f916ffc66f3a94\System.Transactions.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e0d56c0582316e9ecb4c18186e37217c\System.ServiceProcess.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\9e91cca51a5ed6fb13b67558109d2726\System.Security.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fa6a58394a1f162eecce4cd8af0875c3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\6194eb4bc1e0133d0183d086b747f512\System.Net.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d6ae8171ae6fd4fe83add34e6d70e5b5\System.Management.Instrumentation.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\abd5a61d39e474f12b30ccbbe6277667\System.IO.Log.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\12c4dba6d4ff0278d208c283d9ed7670\System.IdentityModel.Selectors.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.Wrapper.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e6b7128278d8c0e8382a5685f5b196c6\System.Drawing.Design.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ef56bf47fc2fc4204e0fcc1f32bab01\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\447d7b4a7d0add13f8d2086088bcc41c\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ce2afe8854ee9cdc834b6f392348c882\System.Data.Services.Design.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\03d4658290e300e437e745ef4a613b59\System.Data.Services.Client.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\7ce21a2855bb7731de4dab797e69f3f6\System.Data.Entity.Design.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ea57694aea47c05853516c9bb2ad54b4\System.Data.DataSetExtensions.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f312bb844670ebc7458fec9e6b2568b3\System.Configuration.Install.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\afd9595f07a8c68b26e81cf995957f56\System.AddIn.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\3a42b2fbafe93d7b9395e328bea35afa\SMSvcHost.ni.exe
+ 2011-04-16 01:04 . 2011-04-16 01:04 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\97ff96d3fc8d0b10ea294f320acf821e\SMDiagnostics.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\28ed0e9efd938b05b4f53e0d90046701\ServiceModelReg.ni.exe
+ 2011-04-16 01:02 . 2011-04-16 01:02 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ffe13679e6b3e36e5cb6c47f8c4faf9c\PresentationFramework.Aero.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbb40299379f2009c140ddadb04231b4\PresentationFramework.Classic.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a34cd33cec1bdfebe4a3910bceb8723b\PresentationFramework.Royale.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\689bb394bcb437ed085c22a43aba30c6\PresentationFramework.Luna.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5670e74887ef1025c6a8c056ffe86b38\MSBuild.ni.exe
+ 2011-04-16 01:04 . 2011-04-16 01:04 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\653732002ebf5c68f69150a60e145e6a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\cc62770393640302bd4d7e442b1e49a4\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\352bff1ee71ce114e225f849038dc48d\Microsoft.Build.Utilities.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\7345f4d2d7157bf49de4158e8f2b6847\Microsoft.Build.Engine.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\d7dba901ddd410ca1a0156d0f2a27533\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\010552e529d130ce914765b0801e2367\CustomMarshalers.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\6861f639b13967e9b014b44bbb7c5d4c\ComSvcConfig.ni.exe
+ 2011-04-16 01:03 . 2011-04-16 01:03 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\800da7dec567fadf3392091e9f01ecb9\AspNetMMCExt.ni.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-10-20 20:53 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981322\update\updspapi.dll
+ 2010-10-20 20:53 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981322\update\update.exe
+ 2010-10-20 20:53 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981322\spuninst.exe
+ 2010-04-16 15:29 . 2010-04-16 15:29 406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
+ 2011-03-21 03:38 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-03-21 03:38 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-03-21 03:38 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2011-03-27 02:19 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2524375\update\updspapi.dll
+ 2011-03-27 02:19 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2524375\update\update.exe
+ 2011-03-27 02:19 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2524375\spuninst.exe
+ 2011-03-01 23:45 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485376\update\updspapi.dll
+ 2011-03-01 23:45 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485376\update\update.exe
+ 2011-03-01 23:45 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485376\spuninst.exe
+ 2011-01-07 14:09 . 2011-01-07 14:09 290048 c:\windows\$hf_mig$\KB2485376\SP3QFE\atmfd.dll
+ 2011-03-13 18:53 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-13 18:53 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-13 18:53 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-03-01 23:42 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476687\update\updspapi.dll
+ 2011-03-01 23:42 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476687\update\update.exe
+ 2011-03-01 23:42 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476687\spuninst.exe
+ 2011-01-30 03:23 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2467659\update\updspapi.dll
+ 2011-01-30 03:23 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2467659\update\update.exe
+ 2011-01-30 03:23 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2467659\spuninst.exe
+ 2011-01-30 03:23 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2440591\update\updspapi.dll
+ 2011-01-30 03:23 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2440591\update\update.exe
+ 2011-01-30 03:23 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2440591\spuninst.exe
+ 2011-01-30 03:23 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2419632\update\updspapi.dll
+ 2011-01-30 03:23 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2419632\update\update.exe
+ 2011-01-30 03:23 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2419632\spuninst.exe
+ 2010-11-09 14:50 . 2010-11-09 14:50 253952 c:\windows\$hf_mig$\KB2419632\SP3QFE\odbc32.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 102400 c:\windows\$hf_mig$\KB2419632\SP3QFE\msjro.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 200704 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadox.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 180224 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadomd.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 565248 c:\windows\$hf_mig$\KB2419632\SP3QFE\msado15.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 143360 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadco.dll
+ 2010-10-20 21:33 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2387149\update\updspapi.dll
+ 2010-10-20 21:33 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2387149\update\update.exe
+ 2010-10-20 21:33 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2387149\spuninst.exe
+ 2010-10-20 21:05 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42u.dll
+ 2010-10-20 21:05 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42.dll
+ 2010-10-20 21:05 . 2010-09-18 07:18 953856 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
+ 2010-10-20 21:05 . 2010-09-18 07:18 954368 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40.dll
+ 2010-10-20 20:53 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll
+ 2010-10-20 20:53 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2347290\update\update.exe
+ 2010-10-20 20:53 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2347290\spuninst.exe
+ 2011-01-30 03:24 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2296199\update\updspapi.dll
+ 2011-01-30 03:24 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2296199\update\update.exe
+ 2011-01-30 03:24 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2296199\spuninst.exe
+ 2010-10-28 13:08 . 2010-10-28 13:08 290048 c:\windows\$hf_mig$\KB2296199\SP3QFE\atmfd.dll
+ 2010-10-20 21:33 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2279986\update\updspapi.dll
+ 2010-10-20 21:33 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2279986\update\update.exe
+ 2010-10-20 21:33 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2279986\spuninst.exe
+ 2010-09-01 11:48 . 2010-09-01 11:48 285824 c:\windows\$hf_mig$\KB2279986\SP3QFE\atmfd.dll
+ 2010-10-20 20:53 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2121546\update\updspapi.dll
+ 2010-10-20 20:53 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2121546\update\update.exe
+ 2010-10-20 20:53 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2121546\spuninst.exe
+ 2010-06-18 17:43 . 2010-06-18 17:43 293376 c:\windows\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
+ 2011-04-14 23:44 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2010-10-20 21:05 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 3780936 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfc90u.dll
+ 2011-01-11 15:59 . 2011-01-11 15:59 3766088 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfc90.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 14:05 . 2008-07-29 14:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2011-01-11 03:50 . 2011-01-11 03:50 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80u.dll
+ 2011-01-11 03:50 . 2011-01-11 03:50 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80.dll
+ 2008-04-14 08:42 . 2011-02-22 23:27 1212928 c:\windows\system32\urlmon.dll
- 2009-08-09 01:24 . 2010-07-27 06:28 8463360 c:\windows\system32\shell32.dll
+ 2009-08-09 01:24 . 2011-01-21 14:42 8463360 c:\windows\system32\shell32.dll
+ 2008-04-14 08:42 . 2010-07-16 12:04 1289216 c:\windows\system32\ole32.dll
+ 2009-11-09 17:56 . 2010-12-09 13:47 2148864 c:\windows\system32\ntoskrnl.exe
+ 2009-08-04 13:17 . 2010-12-09 13:09 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2009-11-09 17:55 . 2011-02-22 23:27 5964800 c:\windows\system32\mshtml.dll
+ 2008-02-26 16:38 . 2008-02-26 16:38 1060864 c:\windows\system32\mfc71.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 1495040 c:\windows\system32\Macromed\Shockwave 10\dirapiX.dll
+ 2009-10-28 03:40 . 2011-04-12 22:32 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-08-24 17:31 . 2010-08-24 17:31 1581136 c:\windows\system32\LkmdfCoInst.dll
+ 2008-03-20 23:06 . 2009-06-25 18:20 1485176 c:\windows\system32\LegitCheckControl.DLL
+ 2009-03-08 10:32 . 2011-02-22 23:27 1992192 c:\windows\system32\iertutil.dll
+ 2009-12-17 03:05 . 2011-04-16 14:35 2181728 c:\windows\system32\FNTCACHE.DAT
+ 2009-12-11 21:23 . 2011-03-03 13:27 1866880 c:\windows\system32\dllcache\win32k.sys
+ 2008-04-14 08:42 . 2011-02-22 23:27 1212928 c:\windows\system32\dllcache\urlmon.dll
+ 2009-08-09 01:24 . 2011-01-21 14:42 8463360 c:\windows\system32\dllcache\shell32.dll
- 2009-08-09 01:24 . 2010-07-27 06:28 8463360 c:\windows\system32\dllcache\shell32.dll
+ 2008-04-14 08:42 . 2010-07-16 12:04 1289216 c:\windows\system32\dllcache\ole32.dll
+ 2010-09-19 03:13 . 2010-12-09 13:43 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-09-19 03:13 . 2010-12-09 13:09 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2010-04-28 12:14 . 2010-12-10 00:39 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2010-09-19 03:13 . 2010-12-09 13:47 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-11-09 17:55 . 2011-02-22 23:27 5964800 c:\windows\system32\dllcache\mshtml.dll
+ 2009-12-17 21:59 . 2011-02-22 23:27 1992192 c:\windows\system32\dllcache\iertutil.dll
+ 2011-02-02 13:39 . 2011-02-02 13:39 1019904 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 2224816 c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2011-02-02 13:41 . 2011-02-02 13:41 1802240 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
- 2010-03-23 10:32 . 2010-03-23 10:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-09-22 14:44 . 2010-09-22 14:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-01-18 09:39 . 2011-01-18 09:39 5813072 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2010-05-11 11:40 . 2010-05-11 11:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-01-18 09:39 . 2011-01-18 09:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-03-29 23:01 . 2011-03-29 23:01 1636352 c:\windows\Installer\f97ce6a.msi
+ 2011-01-11 22:51 . 2011-01-11 22:51 6694400 c:\windows\Installer\a5f9b69.msp
+ 2010-11-21 04:34 . 2010-11-21 04:34 1198080 c:\windows\Installer\a5f9b46.msp
+ 2011-03-18 01:01 . 2011-03-18 01:01 9563648 c:\windows\Installer\a5f9b33.msp
+ 2011-01-11 22:50 . 2011-01-11 22:50 8177152 c:\windows\Installer\a5f9b2a.msp
+ 2010-11-21 04:33 . 2010-11-21 04:33 1980928 c:\windows\Installer\a5f9b22.msp
+ 2011-04-10 19:28 . 2011-04-10 19:28 3940864 c:\windows\Installer\5c750d.msi
+ 2010-09-17 12:04 . 2010-09-17 12:04 9401856 c:\windows\Installer\259b2a1.msp
+ 2010-10-08 00:43 . 2010-10-08 00:43 1980416 c:\windows\Installer\259b283.msp
+ 2010-08-13 22:59 . 2010-08-13 22:59 8182272 c:\windows\Installer\1d8ae7.msp
+ 2010-08-13 23:02 . 2010-08-13 23:02 2545664 c:\windows\Installer\1d8add.msp
+ 2010-08-19 23:00 . 2010-08-19 23:00 6692352 c:\windows\Installer\1d8ad3.msp
+ 2010-09-23 12:39 . 2010-09-23 12:39 4265472 c:\windows\Installer\1d8ab4.msp
+ 2010-09-02 17:28 . 2010-09-02 17:28 3749376 c:\windows\Installer\1d8aa8.msp
+ 2010-08-25 22:06 . 2010-08-25 22:06 6479360 c:\windows\Installer\180bd.msp
+ 2010-09-22 23:05 . 2010-09-22 23:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\rt3d.dll
+ 2010-09-16 08:08 . 2010-09-16 08:08 6210560 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\authplay.dll
+ 2010-06-19 22:51 . 2010-06-19 22:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AGM.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 1211904 c:\windows\ie8updates\KB2497640-IE8\urlmon.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 5962240 c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 1992192 c:\windows\ie8updates\KB2497640-IE8\iertutil.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 1211904 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 5960704 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
+ 2011-03-01 23:42 . 2010-11-06 00:27 1992192 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll
+ 2011-01-30 03:23 . 2010-09-10 05:57 1211904 c:\windows\ie8updates\KB2416400-IE8\urlmon.dll
+ 2011-01-30 03:23 . 2010-09-10 05:57 5958656 c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
+ 2011-01-30 03:24 . 2010-09-10 05:57 1987072 c:\windows\ie8updates\KB2416400-IE8\iertutil.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 1211904 c:\windows\ie8updates\KB2360131-IE8\urlmon.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 5954560 c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 1987072 c:\windows\ie8updates\KB2360131-IE8\iertutil.dll
+ 2010-09-19 03:13 . 2010-12-09 13:43 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-09-19 03:13 . 2010-12-09 13:09 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2010-04-28 12:14 . 2010-12-10 00:39 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-09-19 03:13 . 2010-12-09 13:47 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-04-16 01:01 . 2011-04-16 01:01 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\76e431fde1b252312b331f7108259fda\WindowsBase.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\9e022c95e79f2b6f383a501ad99f08a9\UIAutomationClientsideProviders.ni.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\6346221cecf631e5c0b754d842aad102\System.WorkflowServices.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\1fbcd203ff8d77d561df8bf806417ab6\System.Workflow.Runtime.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\efbaf3696c44fd7d4b3cd925e0437b36\System.Workflow.ComponentModel.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\52a9bc5dd1fa497af7c7f4600bd8e6d1\System.Workflow.Activities.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f5ebeeb0a8aaba9db15ec3df591339ba\System.Web.Services.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\92d6b75e3b63b528d4069bf4ee01983a\System.Web.Mobile.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\02d53154634c8000382942e0f43ead41\System.Web.Extensions.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\dd128c8e21e7fa14c12b71df9892d046\System.Speech.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8b0bb430bb6af96c18b43e3c54cfafe8\System.ServiceModel.Web.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\85090bd451617e204ffda625b8d9fc30\System.Runtime.Serialization.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\85a7a7aace114e78fc6c9b219bcd5551\System.Printing.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\86c59378e9a43bf101a10ad452a4bb8e\System.IdentityModel.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c05d9332116964104c721e97f7ce1058\System.DirectoryServices.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0118c0c73ea5c77bda7b10b188102ab6\System.Deployment.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\1337829e3df6888464a17aab78bb9b8f\System.Data.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ba3ca7a93e227c32ce7b50d0a7ba935f\System.Data.SqlXml.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de52be5da96059651b5bec800cb4605\System.Data.Services.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\11f1306e0e311a0d0cbd139fb2fa4c36\System.Data.Linq.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\c91e83e85c030bc914ecc302fa9b2c60\System.Data.Entity.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\684fe21837d3cf3e5935bbd0a7f53141\System.Core.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\12efddabe6fe35be21246c88ed9bf8ab\ReachFramework.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\257c9327ba9cc5cd87f58de224aa2e0d\PresentationUI.ni.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b117bf63daa7e587f1bb2d975dccb4af\PresentationBuildTasks.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\269103939243ec6929739c8b9a645c0d\Microsoft.VisualBasic.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\bf7bd26d2828e35156814018939ce4f6\Microsoft.Transactions.Bridge.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\6594c17d7e112b0507b701d5b8a67bba\Microsoft.JScript.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f5eb1e42ccd0f67f7496b94a31949cd0\Microsoft.Build.Tasks.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cc7f05675a5cd8014222be1483d6beaf\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\41cf95aa4ff5765b515d3252abc6353b\Microsoft.Build.Engine.ni.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-12-17 21:25 . 2009-12-17 21:25 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-10-20 21:32 . 2010-10-20 21:32 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-04-16 01:00 . 2011-04-16 01:00 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-09-19 06:24 . 2010-09-19 06:24 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
- 2009-08-12 02:24 . 2009-08-12 02:24 10841088 c:\windows\system32\wmp.dll
+ 2009-08-12 02:24 . 2010-08-26 04:36 10841088 c:\windows\system32\wmp.dll
+ 2009-12-20 03:29 . 2011-04-18 20:46 42181064 c:\windows\system32\MRT.exe
+ 2009-03-08 10:39 . 2011-02-23 09:57 11082752 c:\windows\system32\ieframe.dll
+ 2009-08-12 02:24 . 2010-08-26 04:36 10841088 c:\windows\system32\dllcache\wmp.dll
- 2009-08-12 02:24 . 2009-08-12 02:24 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-10-29 19:15 . 2011-02-23 09:57 11082752 c:\windows\system32\dllcache\ieframe.dll
+ 2011-02-24 14:38 . 2011-02-24 14:38 10984448 c:\windows\Installer\a5f9b61.msp
+ 2011-02-12 01:47 . 2011-02-12 01:47 12028928 c:\windows\Installer\a5f9b57.msp
+ 2011-04-22 04:15 . 2011-04-22 04:15 20314624 c:\windows\Installer\a0eca09.msp
+ 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\5c7582.msp
+ 2011-03-13 01:02 . 2011-03-13 01:02 15139328 c:\windows\Installer\5c7581.msp
+ 2010-10-14 22:57 . 2010-10-14 22:57 11189248 c:\windows\Installer\259b298.msp
+ 2011-01-30 03:23 . 2011-01-30 03:23 20304384 c:\windows\Installer\259b28f.msp
+ 2010-10-20 21:32 . 2010-10-20 21:32 20303872 c:\windows\Installer\1d8ac1.msp
+ 2011-03-11 03:54 . 2011-03-11 03:54 20308992 c:\windows\Installer\10d1aaa.msp
+ 2010-09-23 08:03 . 2010-09-23 08:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.dll
+ 2011-04-16 01:01 . 2010-12-20 23:58 11082752 c:\windows\ie8updates\KB2497640-IE8\ieframe.dll
+ 2011-03-01 23:42 . 2010-11-06 11:57 11082752 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll
+ 2011-01-30 03:24 . 2010-09-10 16:27 11082240 c:\windows\ie8updates\KB2416400-IE8\ieframe.dll
+ 2010-10-20 21:32 . 2010-06-24 12:24 11079168 c:\windows\ie8updates\KB2360131-IE8\ieframe.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll
+ 2011-04-16 01:05 . 2011-04-16 01:05 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d7b7ee04166212533ae21eaeb584fb0d\System.Web.ni.dll
+ 2011-04-16 01:04 . 2011-04-16 01:04 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b5f24d96334ea08b99350421450d3ba4\System.ServiceModel.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\5aeadb9ff9a86f49130de5976a9f1744\System.Design.ni.dll
+ 2011-04-16 01:02 . 2011-04-16 01:02 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1a5d89d569e2e12842daf4d87c57361a\PresentationFramework.ni.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\46c57d845e55232a89e98101075cd455\PresentationCore.ni.dll
+ 2011-04-16 01:01 . 2011-04-16 01:01 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2011-01-17 14:54 175912 ----a-w- c:\program files\XfireXO\prxtbXfi0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\prxtbXfi0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}"= "c:\program files\XfireXO\prxtbXfi0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-21 12669544]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-12 642856]
"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-16 1358384]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-11-19 1657448]
"QuickTime Task"="c:\program files\QuickTime Alternative\qttask.exe" [2010-03-19 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2010-12-06 86016]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-21 963976]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-12 202256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoWinKeys"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Aero Sidebar.lnk]
backup=c:\windows\pss\Aero Sidebar.lnkStartup
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\Aero Sidebar.lnk
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^CCleaner.lnk]
backup=c:\windows\pss\CCleaner.lnkStartup
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\CCleaner.lnk
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\LimeWire On Startup.lnk
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Xfire.lnk]
backup=c:\windows\pss\Xfire.lnkStartup
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\Xfire.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 04:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 13:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 08:42 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2010-10-28 23:32 1352272 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2009-06-05 01:03 186904 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-12-21 00:08 443728 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-11-21 02:32 12669544 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-11-21 02:32 110184 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooVoo.exe]
2010-02-10 17:27 18784440 ----a-w- c:\program files\ooVoo\ooVoo.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-06-25 06:07 17887232 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-05-12 21:50 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Program Files\\ijji\\ijji REACTOR\\REACTOR.exe"=
"c:\\WINDOWS\\Downloaded Program Files\\ijjiOptimizer.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3sp.exe"=
"e:\\Program Files\\ijj\\REACTOR.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\RADVideo\\radvideo.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
"c:\\Program Files\\NETGEAR\\WG111v3\\WG111v3.exe"=
"c:\\Program Files\\Adobe\\Adobe After Effects CS4\\Support Files\\AfterFX.exe"=
"c:\\Program Files\\ijji\\ijji REACTOR\\ijjiOptimizer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Nexon\\Combat Arms\\HShield\\HSUpdate.exe"=
"c:\\Nexon\\Combat Arms\\CombatArms_Direct.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"e:\\Downloads\\BitTorrent-7.2.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Battlefront II\\GameData\\BattlefrontII.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Nexon\\Combat Arms\\Engine.exe"=
"c:\\Nexon\\Combat Arms\\CombatArms.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"57970:TCP"= 57970:TCP:Pando Media Booster
"57970:UDP"= 57970:UDP:Pando Media Booster
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675
"58251:TCP"= 58251:TCP:Pando Media Booster
"58251:UDP"= 58251:UDP:Pando Media Booster
.
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [4/1/2010 9:17 AM 33824]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [10/9/2007 1:13 PM 38144]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [1/29/2011 7:25 PM 10448]
R3 RT80x86;Linksys WPC600N/WMP600N Wireless-N Card Driver;c:\windows\system32\drivers\rt2860.sys [4/5/2010 6:50 PM 712704]
S0 nielprt;Nielsen Patch Service;c:\windows\system32\DRIVERS\nielprt.sys --> c:\windows\system32\DRIVERS\nielprt.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12/17/2009 4:16 AM 1684736]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 NielGfx;Nielsen USB GFX;c:\windows\system32\drivers\nielgfx.sys --> c:\windows\system32\drivers\nielgfx.sys [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [7/31/2009 3:12 PM 341504]
S3 XDva379;XDva379;\??\c:\windows\system32\XDva379.sys --> c:\windows\system32\XDva379.sys [?]
S3 XDva380;XDva380;\??\c:\windows\system32\XDva380.sys --> c:\windows\system32\XDva380.sys [?]
S3 XDva382;XDva382;\??\c:\windows\system32\XDva382.sys --> c:\windows\system32\XDva382.sys [?]
S3 XDva385;XDva385;\??\c:\windows\system32\XDva385.sys --> c:\windows\system32\XDva385.sys [?]
S4 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - NPPTNT2
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839522115-790525478-1801674531-500Core.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-27 01:16]
.
2011-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839522115-790525478-1801674531-500UA.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-27 01:16]
.
2011-04-25 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 20:07]
.
2011-04-25 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-839522115-790525478-1801674531-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 03:09]
.
2011-04-24 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-839522115-790525478-1801674531-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 03:09]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bing.com/?pc=Z016&form=ZGAPHP
uInternet Settings,ProxyOverride = *.local;<local>
IE: Free YouTube Download - c:\documents and settings\Administrator\Application Data\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Administrator\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5lvwquy8.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z016&form=ZGAPHP
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z016&form=ZGAADF&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - %profile%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Search Toolbar: searchtoolbar@zugo.com - %profile%\extensions\searchtoolbar@zugo.com
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\Administrator\Application Data\Move Networks
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Magic Bullet Suite 1.5 - c:\windows\unvise32.exe xxxx\Magic Bullet Suite 1.5\uninstal.log
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-27 18:41
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet009\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-839522115-790525478-1801674531-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,02,3b,9b,0a,66,1a,24,40,a4,93,c5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,29,f7,6c,63,71,49,9b,46,95,97,36,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{4E41A485-04D4-CF7C-6CE3-27F7BEAE7048}\Data*]
@DACL=
"CTE_32 Name"="646278:{C3B8A1BC-8B18-94D5-AD04-2B3354994626}"
.
[HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{EC3F6705-85EF-4FB1-4E30-80781324E273}\Data*]
@DACL=
"DefaultSettings"="99:{C6DDA450-F687-55DF-CA23-1A5083308C5D}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\DirectInput\Compatibility\CLIENT2._EXE35FEFABD00088200*]
@DACL=
"MaxDeviceNameLen"="39\1a04?0000j5f8c"
"NoPollSucceed"="{A4989C8A-A18D-D2D3-2642-0E3AD252403E}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install*Loc\VxDs]
@DACL=
"CTE_32 Name"="2455566:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Current Version\{ADD916B7-3238-B642-38AC-F31A4E6EE8C3}\Install*Loc\VxDs]
@DACL=
"DefaultSettings"="-18:{3C7DA433-1047-9FC4-00BA-978A09424856}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Install*Loc\xga-1-{00745F5E-AF2E-0145-3E33-E0CEE59BEB51}\Version 1.1]
@DACL=
"dat"="806585365:{A8226400-A188-4BA9-5871-C14B3DDBF899}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\z*\{{05FF8CB8-4942-FCF6-301D-6930181DE865}}]
@DACL=
"DefaultSettings"="2455587:{37C8840C-72FD-B1F6-4FC1-23A6EF5B6255}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\{4EABE070-AD1C-DFE1-6E90-B84DFE3660D0}*\Install*Loc\xga-3\dat]
@DACL=
"default"="518022161:{297F5C87-DDFB-DEF5-55CE-2A763826B37D}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Install VBX*\Current*Version\Install*Loc\xga-1-{00745F5E-AF2E-0145-3E33-E0CEE59BEB51}\Version 3.x]
@DACL=
"dat"="1767914624:{2764278B-19D8-889A-A75E-DD8DD6343C72}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smase._dll*]
@DACL=
"AplicationGoo"="39?20\0f1d22?jab32?"
"ChkAppHelp"="{79FFFC6A-C608-F0E6-FB66-C81BA22B825B}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\WinXGA*\Providers*\{D41D8CD9-8F00-B204-E980-0998ECF8427E}\Current*Set\xga-1\ver]
@DACL=
"KnownSvcs"="923716298:{7FD6A8D1-CA70-6DC3-9B66-ABC1EE4B381D}"
.
[HKEY_LOCAL_MACHINE\software\XBMga*\UUIDs\{FDF90EB0-D391-737B-D7B2-7B4E7F69C55A}\xga-1\Install*Loc]
@DACL=
"{19620715-0001-1211-574574-30001}"="234523422:{4CB4AC64-36FA-0971-DBA3-8A9957476568}"
.
[HKEY_LOCAL_MACHINE\software\xGenArts\Sapphire AE\DLL ver*\{A6D90D08-68DD-2B46-E2AC-5782669B2696}]
@DACL=
"CTE_32 Name"="3:{19C42D30-D844-8A07-12A4-E783E7D228F7}"
.
[HKEY_LOCAL_MACHINE\software\xGenArts\Sapphire AE\DLL ver*\{B08ECCAD-FEC0-A273-8DFD-B47BE795EE25}]
@DACL=
"DefaultSettings"="18:{5351C505-4E6C-6ECA-E5BD-7AE84A571B0A}"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(828)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
Completion time: 2011-04-27 18:42:54
ComboFix-quarantined-files.txt 2011-04-27 23:42
ComboFix2.txt 2010-10-16 21:33
ComboFix3.txt 2010-09-28 21:11
ComboFix4.txt 2010-09-21 22:18
ComboFix5.txt 2011-04-27 23:33
.
Pre-Run: 75,094,319,104 bytes free
Post-Run: 75,113,992,192 bytes free
.
Current=9 Default=9 Failed=8 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - 208E7A53ACD855C70DEA4221E3F11789

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:53 AM

Posted 26 April 2011 - 05:46 PM

Please next run ESET

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image
If no log is generated that means nothing was found. Please let me know if this happens.
Posted Image
m0le is a proud member of UNITE

#9 OhSht

OhSht
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 27 April 2011 - 05:33 AM

C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\3d81ff00-751f2ac9 a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\6ba6700-1679ab48 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\6432d401-6e5590e3 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\75a9588c-5301ec58 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\5ce7604f-3ae0879f multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\1c265dd2-5c9888d8 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\55243fd2-6097bae0 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\616aa192-55885606 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\23\1a0534d7-730c2ecb multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\617dca58-280e324f multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\5d04ef59-5d81a1fe multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\26\508c3cda-79bb9028 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\7061701b-42c29d38 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\7061701b-7f27239e multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\2168fa83-6253d554 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\30\4d8303de-5edfb191 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\5ca157e0-6e90b15b multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\34\c669a2-56017743 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\34\c669a2-682742d8 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\44e0a464-5a4c963d multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\5dc585a4-5083b026 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\4\8f85c44-3a1b1224 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\4\8f85c44-5d7e5abc multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\4\8f85c44-635d0c9e multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\4\8f85c44-6ab93c42 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\18428de9-3de5a555 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\5471c829-24da40e3 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\2d32376b-5d3c6d76 a variant of Java/TrojanDownloader.OpenStream.NBI trojan deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\7a7ad5eb-46825516 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\5d4d61ed-4afc4da5 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\47\42cc9baf-12aab196 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\47\42cc9baf-54d8edca multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\57\e0eac39-2c0c833a multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\5ee2d53b-3ce7a79a multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\6008ac86-5bf69387 multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\6d363f08-57937623 Java/TrojanDownloader.OpenStream.NBL trojan cleaned by deleting - quarantined
C:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\7\5244a747-4e5c5251 multiple threats deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files\Search Toolbar\SearchToolbar.dll.vir Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\System Volume Information\_restore{6E0CFF04-5216-4D80-9A37-542537ACF125}\RP175\A0191092.dll Win32/Toolbar.Zugo application cleaned by deleting - quarantined
E:\Cameron's Computer\Cameron\Best_Vista_Theme_For_XP\Vista XP By EreN\VIPv3 (icon pack).exe Win32/PrcView application deleted - quarantined
E:\Downloads\World largest After Effect Plug-in Collection.rar multiple threats deleted - quarantined
E:\Downloads\Microsoft Office 2010,Pro.Plus,X64+X86+Reg.by ErikB.NL\mini-KMS_Activator_v1.2_Office2010_VL_ENG_FIXED.rar a variant of Win32/HackKMS.A application deleted - quarantined
E:\Downloads\World largest After Effect Plug-in Collection\Adobe After Effects Plugins MegaPack\Digimation Fractal Flow 1.1\Digimation Fractal Flow 1.1.rar probably a variant of Win32/PSW.LdPinch.CVWKGYC trojan deleted - quarantined
E:\Downloads\World largest After Effect Plug-in Collection\Adobe After Effects Plugins MegaPack\Megapack 2\Digimation Fractal Flow 1.1\Digimation Fractal Flow 1.1.rar probably a variant of Win32/PSW.LdPinch.CVWKGYC trojan deleted - quarantined
E:\Downloads\World largest After Effect Plug-in Collection\Adobe After Effects Plugins MegaPack\Megapack 2\Zaxwerks 3D Invigorator Pro 4.0.3\Zaxwerks 3D Invigorator Pro 4.0.3.rar probably a variant of Win32/Agent.FWPLVTU trojan deleted - quarantined
E:\Downloads\World largest After Effect Plug-in Collection\Adobe After Effects Plugins MegaPack\Zaxwerks 3D Invigorator v4.0.9 Pro\Zaxwerks 409p Win.exe probably a variant of Win32/Agent.FWPLVTU trojan deleted - quarantined

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:53 AM

Posted 27 April 2011 - 06:47 PM

What is your E drive?
Posted Image
m0le is a proud member of UNITE

#11 OhSht

OhSht
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 28 April 2011 - 08:42 PM

I dont understand what you mean. I have 2 drives E & C. C has programs and stuff and E has documents I think

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:53 AM

Posted 28 April 2011 - 08:52 PM

Okay, so it's a partition on your hard drive?

That's alright, I wanted to check that it wasn't a removable device.

Next, please let me know how the machine is running now? Any problems still?
Posted Image
m0le is a proud member of UNITE

#13 OhSht

OhSht
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 29 April 2011 - 04:39 PM

My computer runs pretty well. The only problems used to be the updates downloads virus (which I think that one scan fixed) and the google redirects still happen constantly

#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:53 AM

Posted 29 April 2011 - 06:31 PM

You are still getting redirects? Okay, then please do the following:

Please open the command prompt:
Start > Run > type cmd and then OK. Then type the following, into the black window:
ipconfig /flushdns

Then tap the enter button on your keyboard.
You should see the following confirmation:

Windows IP Configuration
Successfully flushed the DNS Resolver Cache.



And then

Lets try to reset the router to its default configuration.
  • This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router.
  • Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds).
  • If you dont know the router's default password, you can look it up. HERE
  • You also need to reconfigure any security settings you had in place prior to the reset.
  • You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.

Let me know if that stops them.
Posted Image
m0le is a proud member of UNITE

#15 OhSht

OhSht
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 30 April 2011 - 02:02 PM

I tried to do the first thing and it said "could not flush the DNS resolver cache: Function failed during execution"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users