Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirecting in all search engines


  • This topic is locked This topic is locked
2 replies to this topic

#1 Affinity Computers

Affinity Computers

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 05 August 2011 - 11:13 AM

Referred from here: http://www.bleepingcomputer.com/forums/topic412728.html ~ OB

DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Smiley82 at 11:43:15 on 2011-08-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3838.1754 [GMT -4:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\system32\lxdqcoms.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\system32\Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WTablet\TabUserW.exe
C:\Windows\system32\Tablet.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mStart Page = about:blank
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [avp] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Smiley82\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre1.5.0\bin\npjpi150.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 205.152.37.23 205.152.150.23
TCP: Interfaces\{9F617790-5114-4690-B917-4DD8C73C7490} : NameServer = 205.152.37.23,205.152.37.150
TCP: Interfaces\{9F617790-5114-4690-B917-4DD8C73C7490} : DhcpNameServer = 205.152.37.23 205.152.150.23
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
BHO-X64: link filter bho - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB-X64: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [avp] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Smiley82\AppData\Roaming\Mozilla\Firefox\Profiles\582k2qyk.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://stp.startnow.com/s/?src=addrbar&provider=bing&provider_name=bing&provider_code=Z087&partner_id=681&product_id=691&affiliate_id=&channel=183221483&toolbar_id=200&toolbar_version=2.1.0&install_country=US&install_date=20110706&user_guid=F4642C61E28C411F90D700ED3F0AE43D&machine_id=6e34b76a840dea0fe66f4eb156a03703&browser=FF&os=win&os_version=6.1-x64-SP0&q=
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.5.0\bin\NPJPI150.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-7-18 146816]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-11-2 365336]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-25 92216]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-7-6 375176]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-1-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 lxdq_device;lxdq_device;C:\Windows\system32\lxdqcoms.exe -service --> C:\Windows\system32\lxdqcoms.exe -service [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-14 136176]
S2 lxdqCATSCustConnectService;lxdqCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxdqserv.exe [2009-4-28 29184]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-14 136176]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-08-05 06:36:34 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54F580A3-B48A-4C7B-A344-C9AFF6E1C2E5}\mpengine.dll
2011-08-05 01:23:40 -------- d-----w- C:\Program Files (x86)\ESET
2011-08-03 21:48:37 -------- d-sh--w- C:\$RECYCLE.BIN
2011-08-03 20:26:01 -------- d-----w- C:\combofix
2011-08-03 20:19:39 35712 ----a-w- C:\Windows\SysWow64\drivers\BlackBox.sys
2011-08-03 20:18:13 34560 ----a-w- C:\Windows\SysWow64\drivers\Normandy.sys
2011-08-03 20:08:23 388096 ----a-r- C:\Users\Smiley82\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-03 20:08:23 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-08-03 18:20:52 -------- d-----w- C:\Users\Smiley82\AppData\Roaming\SUPERAntiSpyware.com
2011-08-03 18:20:36 -------- d-----w- C:\ProgramData\!SASCORE
2011-08-03 18:20:35 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-08-03 18:20:35 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-08-03 14:44:37 -------- d---a-w- C:\Windows\VDLL.DLL
2011-08-03 14:44:37 -------- d---a-w- C:\Windows\SysWow64\runouce.exe
2011-08-03 14:44:37 -------- d---a-w- C:\Windows\RUNDL132.EXE
2011-08-03 14:44:37 -------- d---a-w- C:\Windows\logo_1.exe
2011-08-03 14:43:15 632064 ----a-w- C:\Windows\SysWow64\msvcr80.dll
2011-08-03 14:43:14 554240 ----a-w- C:\Windows\SysWow64\msvcp80.dll
2011-08-03 14:43:13 34048 ----a-w- C:\Windows\SysWow64\eEmpty.exe
2011-08-03 14:43:09 -------- d-----w- C:\Program Files (x86)\Common Files\MicroWorld
2011-08-03 14:43:04 -------- d-----w- C:\ProgramData\MicroWorld
2011-08-02 16:06:06 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-02 15:48:14 -------- d-----w- C:\Program Files (x86)\Yahoo!
2011-08-02 15:48:12 -------- d-----w- C:\Program Files (x86)\CCleaner
2011-08-01 19:40:05 256000 ----a-w- C:\Windows\PEV.exe
2011-07-23 18:46:10 -------- d-----w- C:\Users\Smiley82\AppData\Roaming\Windows Live Writer
2011-07-23 18:46:10 -------- d-----w- C:\Users\Smiley82\AppData\Local\Windows Live Writer
2011-07-21 18:25:39 150200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak\components\kavlinkfilter.dll
2011-07-21 18:23:54 -------- d-----w- C:\ProgramData\Kaspersky Lab
2011-07-21 18:23:54 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2011-07-21 17:28:19 -------- d-----w- C:\Windows\en
2011-07-21 17:26:22 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2011-07-21 17:26:22 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2011-07-21 17:26:21 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2011-07-21 17:26:21 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2011-07-21 16:44:36 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\78ca58701cc47c52d\InstallManager_WLE_WLE.exe
2011-07-21 16:44:11 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6a4696101cc47c522\MeshBetaRemover.exe
2011-07-21 16:43:52 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\DSETUP.dll
2011-07-21 16:43:52 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\DXSETUP.exe
2011-07-21 16:43:52 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\dsetup32.dll
2011-07-21 16:43:50 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\DSETUP.dll
2011-07-21 16:43:50 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\DXSETUP.exe
2011-07-21 16:43:50 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\dsetup32.dll
2011-07-21 16:42:54 -------- d-----w- C:\Users\Smiley82\AppData\Local\Windows Live
2011-07-21 16:33:11 -------- d-----w- C:\Windows\System32\SPReview
2011-07-21 16:32:18 -------- d-----w- C:\Windows\System32\EventProviders
2011-07-20 21:12:09 98816 ----a-w- C:\Windows\sed.exe
2011-07-20 21:12:09 518144 ----a-w- C:\Windows\SWREG.exe
2011-07-20 21:12:09 208896 ----a-w- C:\Windows\MBR.exe
2011-07-20 19:45:03 -------- d-----w- C:\Users\Smiley82\AppData\Roaming\Malwarebytes
2011-07-20 19:44:58 -------- d-----w- C:\ProgramData\Malwarebytes
2011-07-20 19:44:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-19 22:25:06 -------- d-----w- C:\Program Files (x86)\WildTangent Games
2011-07-13 14:00:58 3137536 ----a-w- C:\Windows\System32\win32k.sys
2011-07-12 17:14:50 -------- d-----w- C:\117ae68ef9f125395b78
2011-07-12 17:14:43 -------- d-----w- C:\Users\Smiley82\AppData\Local\LogMeIn
2011-07-12 17:14:39 60800 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2011-07-12 17:14:39 33152 ----a-w- C:\Windows\System32\LMIport.dll
2011-07-12 17:14:38 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-07-12 17:14:38 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2011-07-12 17:14:35 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-07-12 17:14:33 -------- d-----w- C:\ProgramData\LogMeIn
2011-07-12 17:14:21 -------- d-----w- C:\Program Files (x86)\LogMeIn
2011-07-12 17:11:59 -------- d-----w- C:\Users\Smiley82\AppData\Local\Apps
2011-07-12 17:11:58 -------- d-----w- C:\Users\Smiley82\AppData\Local\Deployment
2011-07-09 23:42:43 0 ----a-w- C:\Users\Smiley82\AppData\Local\BIT3747.tmp
.
==================== Find3M ====================
.
2011-08-01 19:27:29 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-21 16:40:32 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-07-21 16:40:31 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe
2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-05-24 23:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
.
============= FINISH: 11:52:22.20 ===============

Edited by Orange Blossom, 05 August 2011 - 11:41 PM.


BC AdBot (Login to Remove)

 


#2 Affinity Computers

Affinity Computers
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 05 August 2011 - 11:24 AM

ComboFix 11-08-01.05 - Smiley82 08/01/2011 15:47:59.2.2 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3838.2740 [GMT -4:00]
Running from: c:\users\Smiley82\Desktop\combofix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\StartNow Toolbar
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_images.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_news.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_web.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_games.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files (x86)\StartNow Toolbar\Resources\installer.xml
c:\program files (x86)\StartNow Toolbar\Resources\protect\index.html
c:\program files (x86)\StartNow Toolbar\Resources\protect\NotIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\OnlyIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\SearchProtectIcon.png
c:\program files (x86)\StartNow Toolbar\Resources\protect\window.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\window.js
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\index.html
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\LeftImage.png
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\NotIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\OnlyIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\window.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\window.js
c:\program files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_background.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\separator.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\splitter.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files (x86)\StartNow Toolbar\Resources\toolbar.xml
c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe
c:\program files (x86)\StartNow Toolbar\Toolbar32.dll
c:\program files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
c:\program files (x86)\StartNow Toolbar\uninstall.dat
c:\programdata\SPL4EDA.tmp
c:\programdata\SPL5A9D.tmp
c:\programdata\SPL5F9C.tmp
c:\programdata\SPL6C58.tmp
c:\programdata\SPL9022.tmp
c:\programdata\SPL99DE.tmp
c:\programdata\SPLA40B.tmp
c:\programdata\SPLAFC5.tmp
c:\programdata\SPLCD70.tmp
c:\programdata\SPLDCE0.tmp
c:\programdata\SPLEB5D.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-07-01 to 2011-08-01 )))))))))))))))))))))))))))))))
.
.
2011-08-01 20:23 . 2011-08-01 20:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-29 12:42 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF7916BE-0FB8-4D73-B48F-3DFCF2661F49}\mpengine.dll
2011-07-23 18:46 . 2011-07-23 18:46 -------- d-----w- c:\users\Smiley82\AppData\Local\Windows Live Writer
2011-07-23 18:46 . 2011-07-23 18:46 -------- d-----w- c:\users\Smiley82\AppData\Roaming\Windows Live Writer
2011-07-21 18:25 . 2010-10-06 00:27 150200 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak\components\kavlinkfilter.dll
2011-07-21 18:23 . 2011-08-01 20:27 -------- d-----w- c:\programdata\Kaspersky Lab
2011-07-21 18:23 . 2011-07-21 18:23 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2011-07-21 17:28 . 2011-07-21 17:28 -------- d-----w- c:\windows\en
2011-07-21 17:26 . 2011-07-21 17:26 -------- d-----w- c:\program files\Windows Live
2011-07-21 17:26 . 2009-09-04 21:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-07-21 17:26 . 2009-09-04 21:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-07-21 17:26 . 2009-09-04 21:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-07-21 17:26 . 2009-09-04 21:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-07-21 16:44 . 2011-07-21 16:44 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\78ca58701cc47c52d\InstallManager_WLE_WLE.exe
2011-07-21 16:44 . 2011-07-21 16:44 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\6a4696101cc47c522\MeshBetaRemover.exe
2011-07-21 16:43 . 2011-07-21 16:43 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\DSETUP.dll
2011-07-21 16:43 . 2011-07-21 16:43 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\DXSETUP.exe
2011-07-21 16:43 . 2011-07-21 16:43 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5e8109501cc47c51a\dsetup32.dll
2011-07-21 16:43 . 2011-07-21 16:43 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\DSETUP.dll
2011-07-21 16:43 . 2011-07-21 16:43 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\DXSETUP.exe
2011-07-21 16:43 . 2011-07-21 16:43 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5ce9fe301cc47c519\dsetup32.dll
2011-07-21 16:42 . 2011-07-23 16:49 -------- d-----w- c:\users\Smiley82\AppData\Local\Windows Live
2011-07-21 16:33 . 2011-07-21 16:33 -------- d-----w- c:\windows\system32\SPReview
2011-07-21 16:32 . 2011-07-21 16:32 -------- d-----w- c:\windows\system32\EventProviders
2011-07-20 19:45 . 2011-07-20 19:45 -------- d-----w- c:\users\Smiley82\AppData\Roaming\Malwarebytes
2011-07-20 19:44 . 2011-07-20 19:44 -------- d-----w- c:\programdata\Malwarebytes
2011-07-20 19:44 . 2011-07-23 12:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-19 22:25 . 2011-07-19 22:25 -------- d-----w- c:\program files (x86)\WildTangent Games
2011-07-13 14:00 . 2011-06-11 03:07 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-07-12 17:14 . 2011-07-12 17:16 -------- d-----w- C:\117ae68ef9f125395b78
2011-07-12 17:14 . 2011-07-12 17:14 -------- d-----w- c:\users\Smiley82\AppData\Local\LogMeIn
2011-07-12 17:14 . 2011-07-06 20:33 60800 ----a-w- c:\windows\system32\Spool\prtprocs\x64\LMIproc.dll
2011-07-12 17:14 . 2011-07-06 20:33 33152 ----a-w- c:\windows\system32\LMIport.dll
2011-07-12 17:14 . 2011-07-06 20:33 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-07-12 17:14 . 2011-01-11 23:04 72216 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2011-07-12 17:14 . 2011-07-06 20:33 80768 ----a-w- c:\windows\system32\LMIinit.dll
2011-07-12 17:14 . 2011-08-01 13:24 -------- d-----w- c:\programdata\LogMeIn
2011-07-12 17:14 . 2011-07-12 17:14 -------- d-----w- c:\program files (x86)\LogMeIn
2011-07-12 17:11 . 2011-07-12 17:11 -------- d-----w- c:\users\Smiley82\AppData\Local\Apps
2011-07-12 17:11 . 2011-07-12 17:12 -------- d-----w- c:\users\Smiley82\AppData\Local\Deployment
2011-07-09 23:42 . 2011-07-09 23:42 0 ----a-w- c:\users\Smiley82\AppData\Local\BIT3747.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-01 19:27 . 2011-05-16 13:24 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-21 17:27 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-21 16:40 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-21 16:40 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-06-09 12:24 . 2011-06-09 12:24 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-06-09 12:23 . 2011-06-09 12:23 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-06-09 12:23 . 2011-06-09 12:23 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-06-03 05:57 . 2011-07-13 14:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-28 03:30 . 2011-06-16 14:27 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-28 02:53 . 2011-06-16 14:27 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-05-24 23:14 . 2010-08-12 16:15 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-24 11:42 . 2011-06-29 12:51 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-29 12:51 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-29 12:51 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-29 12:51 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-29 12:51 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-05-04 05:25 . 2011-06-29 12:51 2315776 ----a-w- c:\windows\system32\tquery.dll
2011-05-04 05:22 . 2011-06-29 12:51 2223616 ----a-w- c:\windows\system32\mssrch.dll
2011-05-04 05:22 . 2011-06-29 12:51 778752 ----a-w- c:\windows\system32\mssvp.dll
2011-05-04 05:22 . 2011-06-29 12:51 75264 ----a-w- c:\windows\system32\msscntrs.dll
2011-05-04 05:22 . 2011-06-29 12:51 491520 ----a-w- c:\windows\system32\mssph.dll
2011-05-04 05:22 . 2011-06-29 12:51 288256 ----a-w- c:\windows\system32\mssphtb.dll
2011-05-04 05:19 . 2011-06-29 12:51 591872 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-05-04 05:19 . 2011-06-29 12:51 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-05-04 05:19 . 2011-06-29 12:51 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-05-04 04:34 . 2011-06-29 12:51 1549312 ----a-w- c:\windows\SysWow64\tquery.dll
2011-05-04 04:32 . 2011-06-29 12:51 666624 ----a-w- c:\windows\SysWow64\mssvp.dll
2011-05-04 04:32 . 2011-06-29 12:51 1401344 ----a-w- c:\windows\SysWow64\mssrch.dll
2011-05-04 04:32 . 2011-06-29 12:51 337408 ----a-w- c:\windows\SysWow64\mssph.dll
2011-05-04 04:32 . 2011-06-29 12:51 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll
2011-05-04 04:32 . 2011-06-29 12:51 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll
2011-05-04 04:28 . 2011-06-29 12:51 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:28 . 2011-06-29 12:51 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe
2011-05-04 04:28 . 2011-06-29 12:51 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-20_21.56.31 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 00:14 . 2009-07-14 01:16 51200 c:\windows\twain_32.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 51200 c:\windows\twain_32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 27648 c:\windows\SysWOW64\wups.dll
- 2009-07-14 00:14 . 2009-07-14 01:16 87552 c:\windows\SysWOW64\wudriver.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 87552 c:\windows\SysWOW64\wudriver.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 33792 c:\windows\SysWOW64\wuapp.exe
- 2009-07-14 00:14 . 2009-07-14 01:14 33792 c:\windows\SysWOW64\wuapp.exe
+ 2011-07-02 18:29 . 2010-11-20 12:21 40448 c:\windows\SysWOW64\wtsapi32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 51712 c:\windows\SysWOW64\wsnmp32.dll
- 2009-07-13 23:55 . 2009-07-14 01:16 51712 c:\windows\SysWOW64\wsnmp32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 11264 c:\windows\SysWOW64\wshirda.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 36352 c:\windows\SysWOW64\wshbth.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 21504 c:\windows\SysWOW64\wsdchngr.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 51712 c:\windows\SysWOW64\wscapi.dll
- 2009-07-13 23:37 . 2009-07-14 01:16 47104 c:\windows\SysWOW64\wkscli.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 47104 c:\windows\SysWOW64\wkscli.dll
- 2009-07-13 23:27 . 2009-07-14 01:14 28672 c:\windows\SysWOW64\WerFaultSecure.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 28672 c:\windows\SysWOW64\WerFaultSecure.exe
+ 2011-07-02 18:29 . 2010-11-20 12:21 89600 c:\windows\SysWOW64\wbem\WmiApRpl.dll
- 2009-07-13 23:31 . 2009-07-14 01:16 89600 c:\windows\SysWOW64\wbem\WmiApRpl.dll
+ 2011-07-02 18:29 . 2010-11-20 12:17 66048 c:\windows\SysWOW64\w32tm.exe
+ 2011-07-02 18:28 . 2010-11-20 12:21 25600 c:\windows\SysWOW64\vpnikeapi.dll
- 2009-07-14 00:03 . 2009-07-14 01:16 56832 c:\windows\SysWOW64\vfwwdm32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 56832 c:\windows\SysWOW64\vfwwdm32.dll
- 2009-07-14 00:02 . 2009-07-14 01:16 31744 c:\windows\SysWOW64\utildll.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 31744 c:\windows\SysWOW64\utildll.dll
+ 2011-07-02 18:29 . 2010-11-20 12:17 26624 c:\windows\SysWOW64\userinit.exe
+ 2011-07-02 18:29 . 2010-11-20 12:21 81920 c:\windows\SysWOW64\userenv.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 78848 c:\windows\SysWOW64\UserAccountControlSettings.dll
- 2009-07-13 23:40 . 2009-07-14 01:16 78848 c:\windows\SysWOW64\UserAccountControlSettings.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 34304 c:\windows\SysWOW64\unlodctr.exe
+ 2011-07-02 18:28 . 2010-11-20 12:21 59392 c:\windows\SysWOW64\unimdmat.dll
- 2009-07-13 23:55 . 2009-07-14 01:16 59392 c:\windows\SysWOW64\unimdmat.dll
- 2009-07-13 23:15 . 2009-07-14 01:14 47616 c:\windows\SysWOW64\tzutil.exe
+ 2011-07-02 18:29 . 2010-11-20 12:17 47616 c:\windows\SysWOW64\tzutil.exe
+ 2011-07-02 18:29 . 2010-11-20 12:21 65024 c:\windows\SysWOW64\TSpkg.dll
- 2009-07-13 23:34 . 2009-07-14 01:16 65024 c:\windows\SysWOW64\TSpkg.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 36864 c:\windows\SysWOW64\tsgqec.dll
- 2009-07-14 00:02 . 2009-07-14 01:16 36864 c:\windows\SysWOW64\tsgqec.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 12288 c:\windows\SysWOW64\tsbyuv.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 12288 c:\windows\SysWOW64\tsbyuv.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 21504 c:\windows\SysWOW64\TRAPI.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 69632 c:\windows\SysWOW64\tlscsp.dll
- 2009-07-13 23:40 . 2009-07-14 01:16 82944 c:\windows\SysWOW64\thumbcache.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 82944 c:\windows\SysWOW64\thumbcache.dll
+ 2011-07-02 18:29 . 2009-07-14 01:16 61440 c:\windows\SysWOW64\tcpmonui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 51200 c:\windows\SysWOW64\takeown.exe
+ 2011-07-02 18:28 . 2010-11-20 12:21 14848 c:\windows\SysWOW64\syssetup.dll
+ 2011-07-02 18:28 . 2010-11-20 12:08 96768 c:\windows\SysWOW64\sspicli.dll
- 2010-08-12 17:28 . 2009-12-11 07:36 96768 c:\windows\SysWOW64\sspicli.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 90112 c:\windows\SysWOW64\srvcli.dll
- 2009-07-13 23:37 . 2009-07-14 01:16 90112 c:\windows\SysWOW64\srvcli.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 19968 c:\windows\SysWOW64\spopk.dll
- 2009-07-13 23:17 . 2009-07-14 01:16 19968 c:\windows\SysWOW64\spopk.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 61952 c:\windows\SysWOW64\spbcd.dll
- 2009-07-13 23:17 . 2009-07-14 01:16 61952 c:\windows\SysWOW64\spbcd.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 14336 c:\windows\SysWOW64\slwga.dll
- 2011-02-09 20:54 . 2010-12-21 05:38 14336 c:\windows\SysWOW64\slwga.dll
- 2009-07-13 23:14 . 2009-07-14 01:16 19456 c:\windows\SysWOW64\sisbkup.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 19456 c:\windows\SysWOW64\sisbkup.dll
+ 2010-09-23 04:47 . 2010-09-23 04:47 49016 c:\windows\SysWOW64\sirenacm.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 10752 c:\windows\SysWOW64\shunimpl.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 35840 c:\windows\SysWOW64\shimgvw.dll
- 2009-07-13 23:39 . 2009-07-14 01:16 35840 c:\windows\SysWOW64\shimgvw.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 20992 c:\windows\SysWOW64\shgina.dll
- 2009-07-13 23:40 . 2009-07-14 01:16 20992 c:\windows\SysWOW64\shgina.dll
+ 2011-07-13 14:00 . 2011-06-03 05:57 25600 c:\windows\SysWOW64\setup16.exe
- 2011-07-13 14:00 . 2011-06-02 05:56 25600 c:\windows\SysWOW64\setup16.exe
+ 2011-07-02 18:29 . 2010-11-20 12:20 67584 c:\windows\SysWOW64\Setup\pbkmigr.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 22016 c:\windows\SysWOW64\secur32.dll
- 2010-08-12 17:28 . 2009-12-11 07:39 22016 c:\windows\SysWOW64\secur32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 85504 c:\windows\SysWOW64\secproc_ssp_isv.dll
- 2010-08-12 17:30 . 2010-01-18 23:29 85504 c:\windows\SysWOW64\secproc_ssp_isv.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 85504 c:\windows\SysWOW64\secproc_ssp.dll
- 2010-08-12 17:30 . 2010-01-18 23:29 85504 c:\windows\SysWOW64\secproc_ssp.dll
- 2009-07-13 23:37 . 2009-07-14 01:16 17408 c:\windows\SysWOW64\schedcli.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 17408 c:\windows\SysWOW64\schedcli.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 51200 c:\windows\SysWOW64\samcli.dll
- 2009-07-13 23:41 . 2009-07-14 01:14 50688 c:\windows\SysWOW64\runonce.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 50688 c:\windows\SysWOW64\runonce.exe
- 2010-08-12 17:29 . 2010-06-19 06:23 37376 c:\windows\SysWOW64\rtutils.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 37376 c:\windows\SysWOW64\rtutils.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 46080 c:\windows\SysWOW64\RpcRtRemote.dll
+ 2011-07-02 18:29 . 2010-11-20 12:17 98816 c:\windows\SysWOW64\Robocopy.exe
+ 2011-07-02 18:28 . 2010-11-20 12:21 71168 c:\windows\SysWOW64\resutils.dll
- 2009-07-13 23:21 . 2009-07-14 01:16 71168 c:\windows\SysWOW64\resutils.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 37888 c:\windows\SysWOW64\relog.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 83968 c:\windows\SysWOW64\RegisterIEPKEYs.exe
- 2009-07-13 23:43 . 2009-07-14 01:14 83968 c:\windows\SysWOW64\RegisterIEPKEYs.exe
+ 2011-07-02 18:29 . 2010-11-20 12:21 72192 c:\windows\SysWOW64\regapi.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 22016 c:\windows\SysWOW64\ReAgentc.exe
+ 2011-07-02 18:28 . 2010-11-20 12:21 21504 c:\windows\SysWOW64\rdprefdrvapi.dll
- 2009-07-14 00:01 . 2009-07-14 01:16 21504 c:\windows\SysWOW64\rdprefdrvapi.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 52224 c:\windows\SysWOW64\rdpd3d.dll
- 2009-07-14 00:02 . 2009-07-14 01:16 52224 c:\windows\SysWOW64\rdpd3d.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 69632 c:\windows\SysWOW64\rastapi.dll
- 2009-07-13 23:54 . 2009-07-14 01:16 69632 c:\windows\SysWOW64\rastapi.dll
- 2009-07-13 23:52 . 2009-07-14 01:16 80896 c:\windows\SysWOW64\QUTIL.DLL
+ 2011-07-02 18:28 . 2010-11-20 12:21 80896 c:\windows\SysWOW64\QUTIL.DLL
- 2009-07-13 23:52 . 2009-07-14 01:16 99328 c:\windows\SysWOW64\QSVRMGMT.DLL
+ 2011-07-02 18:28 . 2010-11-20 12:20 99328 c:\windows\SysWOW64\QSVRMGMT.DLL
+ 2011-07-02 18:28 . 2010-11-20 12:20 71680 c:\windows\SysWOW64\QCLIPROV.DLL
- 2009-07-13 23:52 . 2009-07-14 01:16 71680 c:\windows\SysWOW64\QCLIPROV.DLL
+ 2011-07-02 18:29 . 2010-11-20 12:17 28672 c:\windows\SysWOW64\proquota.exe
+ 2011-04-27 13:42 . 2011-02-18 05:39 31232 c:\windows\SysWOW64\prevhost.exe
- 2011-04-27 13:42 . 2011-02-18 05:33 31232 c:\windows\SysWOW64\prevhost.exe
+ 2011-07-02 18:30 . 2010-11-05 01:53 99176 c:\windows\SysWOW64\PresentationHostProxy.dll
- 2010-08-12 22:17 . 2009-11-25 16:47 99176 c:\windows\SysWOW64\PresentationHostProxy.dll
+ 2011-07-02 18:28 . 2010-11-20 12:05 35328 c:\windows\SysWOW64\pifmgr.dll
- 2009-07-14 00:02 . 2009-07-14 01:16 17408 c:\windows\SysWOW64\perfts.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 17408 c:\windows\SysWOW64\perfts.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 46592 c:\windows\SysWOW64\pdhui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 77824 c:\windows\SysWOW64\olethk32.dll
- 2009-07-13 23:43 . 2009-07-14 01:16 90112 c:\windows\SysWOW64\olepro32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 90112 c:\windows\SysWOW64\olepro32.dll
- 2009-07-14 00:12 . 2009-07-14 01:16 40960 c:\windows\SysWOW64\odbcconf.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 40960 c:\windows\SysWOW64\odbcconf.dll
- 2011-07-13 14:00 . 2011-06-02 05:59 14336 c:\windows\SysWOW64\ntvdm64.dll
+ 2011-07-13 14:00 . 2011-06-03 06:00 14336 c:\windows\SysWOW64\ntvdm64.dll
+ 2011-07-02 18:29 . 2010-11-20 12:20 69120 c:\windows\SysWOW64\ntlanman.dll
- 2009-07-13 23:31 . 2009-07-14 01:16 69120 c:\windows\SysWOW64\ntlanman.dll
+ 2011-07-02 18:29 . 2010-11-20 12:17 98304 c:\windows\SysWOW64\nslookup.exe
+ 2011-07-02 18:28 . 2010-11-20 12:06 69120 c:\windows\SysWOW64\nlsbres.dll
+ 2011-07-02 18:29 . 2010-11-20 12:20 52224 c:\windows\SysWOW64\nlaapi.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 22528 c:\windows\SysWOW64\netutils.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 25600 c:\windows\SysWOW64\netiougc.exe
+ 2011-07-02 18:29 . 2010-11-05 01:58 49488 c:\windows\SysWOW64\netfxperf.dll
- 2009-07-13 23:53 . 2009-07-14 01:14 24064 c:\windows\SysWOW64\netbtugc.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 24064 c:\windows\SysWOW64\netbtugc.exe
+ 2011-07-02 18:28 . 2010-11-20 12:20 56832 c:\windows\SysWOW64\netapi32.dll
- 2009-07-13 23:37 . 2009-07-14 01:16 56832 c:\windows\SysWOW64\netapi32.dll
- 2009-07-13 23:32 . 2009-07-14 01:16 60928 c:\windows\SysWOW64\ncryptui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 60928 c:\windows\SysWOW64\ncryptui.dll
+ 2011-07-02 18:29 . 2010-11-20 12:20 78848 c:\windows\SysWOW64\nci.dll
+ 2011-07-02 18:28 . 2010-11-20 12:20 68096 c:\windows\SysWOW64\napdsnap.dll
+ 2011-07-02 18:28 . 2010-11-20 12:36 46080 c:\windows\SysWOW64\NAPCRYPT.DLL
- 2009-07-13 23:53 . 2009-07-14 01:22 46080 c:\windows\SysWOW64\NAPCRYPT.DLL
+ 2011-07-02 18:28 . 2010-11-20 12:17 70656 c:\windows\SysWOW64\MuiUnattend.exe
- 2009-07-13 23:13 . 2009-07-14 01:14 70656 c:\windows\SysWOW64\MuiUnattend.exe
+ 2011-07-02 18:28 . 2010-11-20 12:19 13312 c:\windows\SysWOW64\muifontsetup.dll
- 2009-07-13 23:25 . 2009-07-14 01:15 13312 c:\windows\SysWOW64\muifontsetup.dll
+ 2011-07-02 18:29 . 2010-11-05 01:58 11600 c:\windows\SysWOW64\MUI\0409\mscorees.dll
- 2010-08-12 22:17 . 2009-11-25 16:47 11600 c:\windows\SysWOW64\MUI\0409\mscorees.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 22528 c:\windows\SysWOW64\msyuv.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 31744 c:\windows\SysWOW64\msvidc32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 31744 c:\windows\SysWOW64\msvidc32.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 13312 c:\windows\SysWOW64\msrle32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 13312 c:\windows\SysWOW64\msrle32.dll
- 2009-07-13 23:31 . 2009-07-14 01:14 73216 c:\windows\SysWOW64\msiexec.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 73216 c:\windows\SysWOW64\msiexec.exe
- 2011-06-16 14:27 . 2011-04-22 19:31 67072 c:\windows\SysWOW64\mshtmled.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 67072 c:\windows\SysWOW64\mshtmled.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 12800 c:\windows\SysWOW64\msfeedssync.exe
- 2011-06-16 14:27 . 2011-04-22 19:30 12800 c:\windows\SysWOW64\msfeedssync.exe
+ 2011-07-02 18:29 . 2010-11-20 12:19 64512 c:\windows\SysWOW64\msfeedsbs.dll
- 2011-06-16 14:27 . 2011-04-22 19:31 64512 c:\windows\SysWOW64\msfeedsbs.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 30720 c:\windows\SysWOW64\msdmo.dll
+ 2011-07-02 18:29 . 2010-11-05 01:58 80720 c:\windows\SysWOW64\mscories.dll
- 2009-07-13 20:46 . 2009-06-10 21:23 80720 c:\windows\SysWOW64\mscories.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 34304 c:\windows\SysWOW64\msasn1.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 42496 c:\windows\SysWOW64\mimefilt.dll
- 2009-07-13 23:42 . 2009-07-14 01:16 90112 c:\windows\SysWOW64\migwiz\replacementmanifests\microsoft-windows-shmig\shmig.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 90112 c:\windows\SysWOW64\migwiz\replacementmanifests\microsoft-windows-shmig\shmig.dll
- 2009-07-13 23:42 . 2009-07-14 01:16 90112 c:\windows\SysWOW64\migwiz\dlmanifests\Microsoft-Windows-shmig-DL\shmig.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 90112 c:\windows\SysWOW64\migwiz\dlmanifests\Microsoft-Windows-shmig-DL\shmig.dll
+ 2011-07-02 18:29 . 2010-11-20 12:21 67584 c:\windows\SysWOW64\migration\WSMT\rras\replacementmanifests\Microsoft-Windows-RasApi-MigPlugin\pbkmigr-Mig.dll
- 2011-06-16 14:27 . 2011-04-22 19:31 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2011-06-16 14:27 . 2011-04-22 19:10 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2009-07-13 23:41 . 2009-07-14 01:16 90112 c:\windows\SysWOW64\migration\shmig.dll
+ 2011-07-02 18:28 . 2010-11-20 12:21 90112 c:\windows\SysWOW64\migration\shmig.dll
- 2009-07-14 00:03 . 2009-07-14 01:15 36352 c:\windows\SysWOW64\mciqtz32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 36352 c:\windows\SysWOW64\mciqtz32.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 84480 c:\windows\SysWOW64\mciavi32.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 84480 c:\windows\SysWOW64\mciavi32.dll
- 2009-07-14 00:12 . 2009-07-14 01:15 76800 c:\windows\SysWOW64\mapistub.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 76800 c:\windows\SysWOW64\mapistub.dll
- 2009-07-14 00:12 . 2009-07-14 01:15 76800 c:\windows\SysWOW64\mapi32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 76800 c:\windows\SysWOW64\mapi32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 41984 c:\windows\SysWOW64\luainstall.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 21504 c:\windows\SysWOW64\lsmproxy.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 82944 c:\windows\SysWOW64\logman.exe
- 2009-07-14 00:08 . 2009-07-14 01:14 95232 c:\windows\SysWOW64\logagent.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 95232 c:\windows\SysWOW64\logagent.exe
+ 2011-07-02 18:29 . 2010-11-20 12:19 44544 c:\windows\SysWOW64\licmgr10.dll
- 2011-06-16 14:27 . 2011-04-22 19:31 44544 c:\windows\SysWOW64\licmgr10.dll
- 2011-06-16 14:27 . 2011-04-22 19:31 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2011-06-16 14:27 . 2011-04-22 19:09 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 50176 c:\windows\SysWOW64\iyuv_32.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 50176 c:\windows\SysWOW64\iyuv_32.dll
+ 2011-07-02 18:29 . 2010-11-20 12:17 86528 c:\windows\SysWOW64\isoburn.exe
- 2009-07-13 23:40 . 2009-07-14 01:14 86528 c:\windows\SysWOW64\isoburn.exe
+ 2011-07-02 18:28 . 2010-11-20 12:19 28672 c:\windows\SysWOW64\iscsium.dll
- 2009-07-13 23:46 . 2009-07-14 01:15 28672 c:\windows\SysWOW64\iscsium.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 96256 c:\windows\SysWOW64\inseng.dll
- 2009-07-13 23:42 . 2009-07-14 01:15 96256 c:\windows\SysWOW64\inseng.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 52736 c:\windows\SysWOW64\inetmib1.dll
- 2009-07-13 23:42 . 2009-07-14 01:15 34304 c:\windows\SysWOW64\imgutil.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 34304 c:\windows\SysWOW64\imgutil.dll
- 2009-07-13 23:26 . 2009-07-14 01:14 90112 c:\windows\SysWOW64\IME\IMESC5\IMSCPROP.exe
+ 2011-07-02 18:28 . 2010-11-20 12:17 90112 c:\windows\SysWOW64\IME\IMESC5\IMSCPROP.exe
+ 2011-07-02 18:28 . 2010-11-20 12:19 82944 c:\windows\SysWOW64\iccvid.dll
- 2010-08-12 17:28 . 2010-07-29 06:30 82944 c:\windows\SysWOW64\iccvid.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 78848 c:\windows\SysWOW64\iasacct.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 34816 c:\windows\SysWOW64\httpapi.dll
- 2009-07-13 23:12 . 2009-07-14 01:15 34816 c:\windows\SysWOW64\httpapi.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 66560 c:\windows\SysWOW64\hbaapi.dll
- 2009-07-13 23:55 . 2009-07-14 01:14 42496 c:\windows\SysWOW64\ftp.exe
+ 2011-07-02 18:29 . 2010-11-20 12:17 42496 c:\windows\SysWOW64\ftp.exe
+ 2011-04-27 13:42 . 2011-03-11 05:31 74240 c:\windows\SysWOW64\fsutil.exe
- 2011-04-27 13:42 . 2011-03-11 05:37 74240 c:\windows\SysWOW64\fsutil.exe
+ 2011-07-02 18:28 . 2010-11-20 12:19 98304 c:\windows\SysWOW64\fphc.dll
+ 2011-02-09 20:54 . 2010-09-30 06:47 70656 c:\windows\SysWOW64\fontsub.dll
- 2010-04-01 00:07 . 2009-10-19 14:10 70656 c:\windows\SysWOW64\fontsub.dll
- 2009-07-13 23:25 . 2009-07-14 01:15 93696 c:\windows\SysWOW64\fms.dll
+ 2011-07-02 18:29 . 2010-11-20 12:19 93696 c:\windows\SysWOW64\fms.dll
+ 2011-07-02 18:28 . 2010-11-20 12:17 62976 c:\windows\SysWOW64\findstr.exe
+ 2011-07-02 18:29 . 2010-11-20 12:19 59904 c:\windows\SysWOW64\fdeploy.dll
- 2009-07-14 05:35 . 2009-07-14 02:11 69632 c:\windows\SysWOW64\en\AuthFWWizFwk.Resources.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 69632 c:\windows\SysWOW64\en\AuthFWWizFwk.Resources.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 22528 c:\windows\SysWOW64\elsTrans.dll
- 2009-07-13 23:56 . 2009-07-14 01:15 94208 c:\windows\SysWOW64\eappgnui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 94208 c:\windows\SysWOW64\eappgnui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 30208 c:\windows\SysWOW64\dsauth.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 82432 c:\windows\SysWOW64\dot3cfg.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 91136 c:\windows\SysWOW64\dot3api.dll
+ 2011-04-15 13:45 . 2011-03-03 05:36 28672 c:\windows\SysWOW64\dnscacheugc.exe
- 2011-04-15 13:45 . 2011-03-03 05:27 28672 c:\windows\SysWOW64\dnscacheugc.exe
- 2009-07-13 23:18 . 2009-07-14 01:15 89600 c:\windows\SysWOW64\Dism\LogProvider.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 89600 c:\windows\SysWOW64\Dism\LogProvider.dll
+ 2011-07-02 18:28 . 2010-11-20 12:19 49152 c:\windows\SysWOW64\Dism\FolderProvider.dll
- 2009-07-13 23:18 . 2009-07-14 01:15 49152 c:\windows\SysWOW64\Dism\FolderProvider.dll
- 2009-07-13 23:18 . 2009-07-14 01:14 82944 c:\windows\SysWOW64\Dism\DismHost.exe
+ 2011-07-02 18:29 . 2010-11-20 12:17 82944 c:\windows\SysWOW64\Dism\DismHost.exe
+ 2011-07-02 18:28 . 2010-11-20 12:18 50688 c:\windows\SysWOW64\Dism\DismCorePS.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 80384 c:\windows\SysWOW64\davclnt.dll
- 2011-02-09 20:54 . 2010-12-21 05:34 80384 c:\windows\SysWOW64\davclnt.dll
- 2009-07-13 23:14 . 2009-07-14 01:15 23040 c:\windows\SysWOW64\cscdll.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 23040 c:\windows\SysWOW64\cscdll.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 34816 c:\windows\SysWOW64\cscapi.dll
- 2009-07-13 23:14 . 2009-07-14 01:15 34816 c:\windows\SysWOW64\cscapi.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 17408 c:\windows\SysWOW64\credssp.dll
- 2009-07-14 04:54 . 2011-07-18 21:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-08-01 20:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-08-01 20:26 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-18 21:45 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-18 21:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-01 20:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-02 18:28 . 2010-11-20 12:17 84992 c:\windows\SysWOW64\cmstp.exe
- 2009-07-13 23:54 . 2009-07-14 01:14 84992 c:\windows\SysWOW64\cmstp.exe
- 2009-07-13 23:36 . 2009-07-14 01:15 65024 c:\windows\SysWOW64\CertPolEng.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 65024 c:\windows\SysWOW64\CertPolEng.dll
- 2009-07-14 00:05 . 2009-07-14 01:15 66560 c:\windows\SysWOW64\cca.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 66560 c:\windows\SysWOW64\cca.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 73216 c:\windows\SysWOW64\cabinet.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 11264 c:\windows\SysWOW64\C_ISCII.DLL
+ 2011-07-02 18:28 . 2010-11-20 12:18 10752 c:\windows\SysWOW64\browseui.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 41984 c:\windows\SysWOW64\browcli.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 19456 c:\windows\SysWOW64\bitsperf.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 28160 c:\windows\SysWOW64\AzSqlExt.dll
- 2010-08-12 17:28 . 2009-12-19 09:02 91648 c:\windows\SysWOW64\avifil32.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 91648 c:\windows\SysWOW64\avifil32.dll
- 2011-04-15 13:46 . 2011-02-19 05:32 34304 c:\windows\SysWOW64\atmlib.dll
+ 2011-04-15 13:46 . 2011-02-19 06:30 34304 c:\windows\SysWOW64\atmlib.dll
- 2010-08-12 17:30 . 2010-03-05 07:42 67584 c:\windows\SysWOW64\asycfilt.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 67584 c:\windows\SysWOW64\asycfilt.dll
+ 2011-07-02 18:28 . 2010-11-20 12:18 70656 c:\windows\SysWOW64\amstream.dll
- 2009-07-14 00:03 . 2009-07-14 01:14 70656 c:\windows\SysWOW64\amstream.dll
- 2009-07-13 23:26 . 2009-07-14 01:14 45568 c:\windows\SysWOW64\acppage.dll
+ 2011-07-02 18:29 . 2010-11-20 12:18 45568 c:\windows\SysWOW64\acppage.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 48640 c:\windows\system32\wwanprotdim.dll
- 2009-07-14 00:12 . 2009-07-14 01:41 48640 c:\windows\system32\wwanprotdim.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 37376 c:\windows\system32\wups2.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 33280 c:\windows\system32\wups.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 98304 c:\windows\system32\wudriver.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 78848 c:\windows\system32\WUDFSvc.dll
- 2009-07-14 00:06 . 2009-07-14 01:41 44544 c:\windows\system32\WUDFCoinstaller.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 44544 c:\windows\system32\WUDFCoinstaller.dll
+ 2011-07-02 18:28 . 2010-11-20 13:25 51200 c:\windows\system32\wuauclt.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 36864 c:\windows\system32\wuapp.exe
- 2011-07-12 17:16 . 2009-08-06 22:59 36864 c:\windows\system32\wuapp.exe
- 2009-07-14 00:10 . 2009-07-14 01:41 67072 c:\windows\system32\wsnmp32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 67072 c:\windows\system32\wsnmp32.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 13824 c:\windows\system32\wshirda.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 47104 c:\windows\system32\wshbth.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 26112 c:\windows\system32\wsdchngr.dll
- 2011-02-09 20:54 . 2010-12-21 06:16 97280 c:\windows\system32\wscsvc.dll
+ 2009-07-13 23:48 . 2009-07-14 01:41 97280 c:\windows\system32\wscsvc.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 63488 c:\windows\system32\wscapi.dll
- 2011-07-13 14:00 . 2011-06-02 06:45 13312 c:\windows\system32\wow64cpu.dll
+ 2011-07-13 14:00 . 2011-06-03 06:57 13312 c:\windows\system32\wow64cpu.dll
- 2009-07-13 23:53 . 2009-07-14 01:41 71680 c:\windows\system32\wkscli.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 71680 c:\windows\system32\wkscli.dll
+ 2011-07-02 18:29 . 2010-11-20 13:25 26112 c:\windows\system32\WerFaultSecure.exe
- 2009-07-13 23:40 . 2009-07-14 01:39 26112 c:\windows\system32\WerFaultSecure.exe
+ 2011-07-02 18:28 . 2010-11-20 13:27 36352 c:\windows\system32\wdiasqmmodule.dll
+ 2010-03-31 23:26 . 2011-08-01 13:27 47842 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-08-01 20:29 23572 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-07-02 18:28 . 2010-11-20 13:27 61952 c:\windows\system32\WavDest.dll
- 2009-07-14 00:25 . 2009-07-14 01:41 61952 c:\windows\system32\WavDest.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 61952 c:\windows\system32\vss_ps.dll
- 2009-07-13 23:36 . 2009-07-14 01:41 61952 c:\windows\system32\vss_ps.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 38912 c:\windows\system32\vpnikeapi.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 68096 c:\windows\system32\vfwwdm32.dll
- 2009-07-14 00:18 . 2009-07-14 01:41 68096 c:\windows\system32\vfwwdm32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:25 30720 c:\windows\system32\userinit.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 84480 c:\windows\system32\UserAccountControlSettings.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 73216 c:\windows\system32\unimdmat.dll
- 2009-07-14 00:10 . 2009-07-14 01:41 73216 c:\windows\system32\unimdmat.dll
- 2009-07-13 23:35 . 2009-07-14 01:41 59904 c:\windows\system32\umb.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 59904 c:\windows\system32\umb.dll
+ 2011-07-02 18:29 . 2010-11-20 13:25 58368 c:\windows\system32\tzutil.exe
+ 2011-07-02 18:30 . 2010-11-20 13:27 12288 c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 40960 c:\windows\system32\TsUsbGDCoInstaller.dll
- 2009-07-13 23:50 . 2009-07-14 01:41 86016 c:\windows\system32\TSpkg.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 86016 c:\windows\system32\TSpkg.dll
- 2009-07-14 00:17 . 2009-07-14 01:41 44032 c:\windows\system32\tsgqec.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 44032 c:\windows\system32\tsgqec.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 14848 c:\windows\system32\tsbyuv.dll
- 2010-08-12 17:28 . 2009-12-19 09:50 14848 c:\windows\system32\tsbyuv.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 21504 c:\windows\system32\TRAPI.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 73728 c:\windows\system32\tlscsp.dll
- 2009-07-14 00:16 . 2009-07-14 01:41 73728 c:\windows\system32\tlscsp.dll
+ 2011-07-02 18:29 . 2010-11-20 13:25 69120 c:\windows\system32\taskhost.exe
- 2009-07-13 23:31 . 2009-07-14 01:39 69120 c:\windows\system32\taskhost.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 63488 c:\windows\system32\takeown.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 92672 c:\windows\system32\TabSvc.dll
- 2009-07-14 00:03 . 2009-07-14 01:39 78848 c:\windows\system32\tabcal.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 78848 c:\windows\system32\tabcal.exe
+ 2011-07-02 18:28 . 2010-11-20 13:27 17408 c:\windows\system32\syssetup.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 29184 c:\windows\system32\sspisrv.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 13312 c:\windows\system32\sscore.dll
- 2009-07-13 23:53 . 2009-07-14 01:41 13312 c:\windows\system32\sscore.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 18944 c:\windows\system32\spopk.dll
- 2009-07-13 23:29 . 2009-07-14 01:41 18944 c:\windows\system32\spopk.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 39424 c:\windows\system32\spool\prtprocs\x64\winprint.dll
- 2009-07-14 00:39 . 2009-07-14 01:41 39424 c:\windows\system32\spool\prtprocs\x64\winprint.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 78848 c:\windows\system32\spbcd.dll
- 2009-07-13 23:29 . 2009-07-14 01:41 78848 c:\windows\system32\spbcd.dll
- 2011-02-09 20:54 . 2010-12-21 06:15 15360 c:\windows\system32\slwga.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 15360 c:\windows\system32\slwga.dll
- 2009-07-13 23:23 . 2009-07-14 01:41 24064 c:\windows\system32\sisbkup.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 24064 c:\windows\system32\sisbkup.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 11264 c:\windows\system32\shunimpl.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 37376 c:\windows\system32\shimgvw.dll
- 2009-07-13 23:55 . 2009-07-14 01:41 37376 c:\windows\system32\shimgvw.dll
- 2009-07-13 23:55 . 2009-07-14 01:41 28160 c:\windows\system32\shgina.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 28160 c:\windows\system32\shgina.dll
+ 2011-07-02 18:29 . 2010-11-20 13:25 88576 c:\windows\system32\setupcl.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 57856 c:\windows\system32\Setup\pbkmigr.dll
+ 2011-04-15 13:45 . 2010-11-20 13:27 63488 c:\windows\system32\setbcdlocale.dll
- 2009-07-13 23:50 . 2009-07-14 01:41 28160 c:\windows\system32\secur32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 28160 c:\windows\system32\secur32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 30720 c:\windows\system32\seclogon.dll
- 2009-07-13 23:53 . 2009-07-14 01:41 30720 c:\windows\system32\seclogon.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 24064 c:\windows\system32\schedcli.dll
- 2009-07-13 23:53 . 2009-07-14 01:41 24064 c:\windows\system32\schedcli.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 67584 c:\windows\system32\samcli.dll
+ 2011-07-02 18:28 . 2010-11-20 13:25 56832 c:\windows\system32\runonce.exe
- 2009-07-13 23:57 . 2009-07-14 01:39 56832 c:\windows\system32\runonce.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 52224 c:\windows\system32\rtutils.dll
- 2010-08-12 17:29 . 2010-06-19 06:53 52224 c:\windows\system32\rtutils.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 65536 c:\windows\system32\RpcRtRemote.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 10752 c:\windows\system32\riched32.dll
- 2009-07-13 23:22 . 2009-07-14 01:39 51712 c:\windows\system32\repair-bde.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 51712 c:\windows\system32\repair-bde.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 43008 c:\windows\system32\relog.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 98816 c:\windows\system32\RegisterIEPKEYs.exe
- 2009-07-13 23:58 . 2009-07-14 01:39 98816 c:\windows\system32\RegisterIEPKEYs.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 95232 c:\windows\system32\regapi.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 77312 c:\windows\system32\rdpwsx.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 23040 c:\windows\system32\rdprefdrvapi.dll
- 2009-07-14 00:16 . 2009-07-14 01:41 23040 c:\windows\system32\rdprefdrvapi.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 68096 c:\windows\system32\rdpd3d.dll
- 2009-07-14 00:17 . 2009-07-14 01:41 68096 c:\windows\system32\rdpd3d.dll
- 2009-07-14 00:17 . 2009-07-14 01:41 10240 c:\windows\system32\rdpcfgex.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 10240 c:\windows\system32\rdpcfgex.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 79872 c:\windows\system32\QCLIPROV.DLL
- 2009-07-14 00:07 . 2009-07-14 01:41 79872 c:\windows\system32\QCLIPROV.DLL
+ 2011-07-02 18:29 . 2010-11-20 13:25 31744 c:\windows\system32\proquota.exe
+ 2011-07-02 18:28 . 2010-11-20 13:27 33792 c:\windows\system32\profprov.dll
- 2009-07-14 00:39 . 2009-07-14 01:41 48128 c:\windows\system32\PrintIsolationProxy.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 48128 c:\windows\system32\PrintIsolationProxy.dll
- 2011-04-27 13:42 . 2011-02-18 06:33 31232 c:\windows\system32\prevhost.exe
+ 2011-04-27 13:42 . 2011-02-18 10:51 31232 c:\windows\system32\prevhost.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 62976 c:\windows\system32\PnPUnattend.exe
+ 2011-07-02 18:28 . 2010-11-20 13:12 35328 c:\windows\system32\pifmgr.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 57856 c:\windows\system32\oobe\spprgrss.dll
- 2009-07-13 23:57 . 2009-07-14 01:39 71168 c:\windows\system32\oobe\msoobe.exe
+ 2011-07-02 18:28 . 2010-11-20 13:24 71168 c:\windows\system32\oobe\msoobe.exe
- 2009-07-14 00:28 . 2009-07-14 01:41 53248 c:\windows\system32\odbcconf.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 53248 c:\windows\system32\odbcconf.dll
+ 2011-07-13 14:00 . 2011-06-03 06:57 16384 c:\windows\system32\ntvdm64.dll
- 2011-07-13 14:00 . 2011-06-02 06:42 16384 c:\windows\system32\ntvdm64.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 15360 c:\windows\system32\nrpsrv.dll
+ 2011-07-02 18:28 . 2010-11-20 13:13 69120 c:\windows\system32\nlsbres.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 70656 c:\windows\system32\nlaapi.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 29184 c:\windows\system32\netutils.dll
+ 2011-07-02 18:30 . 2010-11-05 01:57 48976 c:\windows\system32\netfxperf.dll
- 2009-07-13 23:53 . 2009-07-14 01:41 72704 c:\windows\system32\netapi32.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 72704 c:\windows\system32\netapi32.dll
- 2009-07-13 23:49 . 2009-07-14 01:41 66048 c:\windows\system32\ncryptui.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 66048 c:\windows\system32\ncryptui.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 90112 c:\windows\system32\nci.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 72192 c:\windows\system32\napdsnap.dll
- 2009-07-14 00:09 . 2009-07-14 01:51 50176 c:\windows\system32\NAPCRYPT.DLL
+ 2011-07-02 18:29 . 2010-11-20 13:44 50176 c:\windows\system32\NAPCRYPT.DLL
- 2009-07-14 00:03 . 2009-07-14 01:39 51712 c:\windows\system32\MultiDigiMon.exe
+ 2011-07-02 18:28 . 2010-11-20 13:25 51712 c:\windows\system32\MultiDigiMon.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 16896 c:\windows\system32\muifontsetup.dll
+ 2011-07-02 18:29 . 2010-11-05 01:57 11600 c:\windows\system32\MUI\0409\mscorees.dll
- 2010-08-12 22:17 . 2009-11-25 16:47 11600 c:\windows\system32\MUI\0409\mscorees.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 25600 c:\windows\system32\msyuv.dll
- 2010-08-12 17:28 . 2009-12-19 09:47 38912 c:\windows\system32\msvidc32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 38912 c:\windows\system32\msvidc32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 16384 c:\windows\system32\msrle32.dll
- 2010-08-12 17:28 . 2009-12-19 09:47 16384 c:\windows\system32\msrle32.dll
- 2011-06-16 14:27 . 2011-04-22 20:14 97280 c:\windows\system32\mshtmled.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 97280 c:\windows\system32\mshtmled.dll
- 2011-06-16 14:27 . 2011-04-22 20:09 12288 c:\windows\system32\msfeedssync.exe
+ 2011-07-02 18:28 . 2010-11-20 13:24 12288 c:\windows\system32\msfeedssync.exe
+ 2011-07-02 18:29 . 2010-11-20 13:27 82944 c:\windows\system32\msfeedsbs.dll
- 2011-06-16 14:27 . 2011-04-22 20:14 82944 c:\windows\system32\msfeedsbs.dll
+ 2011-07-02 18:28 . 2010-11-20 13:27 35840 c:\windows\system32\msdmo.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 46592 c:\windows\system32\msasn1.dll
- 2010-04-01 00:08 . 2009-08-29 07:50 46592 c:\windows\system32\msasn1.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 41472 c:\windows\system32\mimefilt.dll
+ 2011-07-02 18:29 . 2010-11-20 13:27 57856 c:\windows\system32\migration\WSMT\rras\replacementmanifests\Microsoft-Windows-RasApi-MigPlugin\pbkmigr-Mig.dll
+ 2011-06-16 14:27 . 2011-04-22 22:08 95232 c:\windows\system32\migration\WininetPlugin.dll
- 2011-06-16 14:27 . 2011-04-22 20:18 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 84992 c:\windows\system32\Mcx2Svc.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 41472 c:\windows\system32\mciqtz32.dll
- 2009-07-14 00:18 . 2009-07-14 01:41 41472 c:\windows\system32\mciqtz32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 91648 c:\windows\system32\mapistub.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 91648 c:\windows\system32\mapi32.dll
+ 2011-07-02 18:28 . 2010-11-20 13:24 79872 c:\windows\system32\manage-bde.exe
- 2009-07-13 23:22 . 2009-07-14 01:39 79872 c:\windows\system32\manage-bde.exe
+ 2011-07-02 18:28 . 2010-11-20 13:26 48640 c:\windows\system32\luainstall.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 50176 c:\windows\system32\lsmproxy.dll
- 2009-07-13 23:52 . 2009-07-14 01:39 27648 c:\windows\system32\LogonUI.exe
+ 2011-07-02 18:28 . 2010-11-20 13:24 27648 c:\windows\system32\LogonUI.exe
- 2011-06-16 14:27 . 2011-04-22 20:14 57856 c:\windows\system32\licmgr10.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 57856 c:\windows\system32\licmgr10.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 90624 c:\windows\system32\KMSVC.DLL
- 2009-07-14 00:07 . 2009-07-14 01:41 90624 c:\windows\system32\KMSVC.DLL
- 2011-04-15 13:45 . 2011-02-05 12:41 20352 c:\windows\system32\kdusb.dll
+ 2011-04-15 13:45 . 2011-02-05 17:10 20352 c:\windows\system32\kdusb.dll
+ 2011-04-15 13:45 . 2011-02-05 17:10 17792 c:\windows\system32\kdcom.dll
- 2011-04-15 13:45 . 2011-02-05 12:41 17792 c:\windows\system32\kdcom.dll
- 2011-04-15 13:45 . 2011-02-05 12:41 19328 c:\windows\system32\kd1394.dll
+ 2011-04-15 13:45 . 2011-02-05 17:10 19328 c:\windows\system32\kd1394.dll
- 2011-06-16 14:27 . 2011-04-22 20:13 64512 c:\windows\system32\jsproxy.dll
+ 2011-06-16 14:27 . 2011-04-22 22:04 64512 c:\windows\system32\jsproxy.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 54272 c:\windows\system32\iyuv_32.dll
- 2010-08-12 17:28 . 2009-12-19 09:46 54272 c:\windows\system32\iyuv_32.dll
+ 2011-07-02 18:29 . 2010-11-20 13:24 91648 c:\windows\system32\isoburn.exe
+ 2011-07-02 18:29 . 2010-11-20 13:26 37376 c:\windows\system32\iscsium.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 65536 c:\windows\system32\inetmib1.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 76800 c:\windows\system32\imagehlp.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 45056 c:\windows\system32\httpapi.dll
- 2009-07-13 23:21 . 2009-07-14 01:41 45056 c:\windows\system32\httpapi.dll
- 2009-07-13 23:55 . 2009-07-14 01:41 27136 c:\windows\system32\HotStartUserAgent.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 27136 c:\windows\system32\HotStartUserAgent.dll
- 2009-07-14 00:01 . 2009-07-14 01:40 78848 c:\windows\system32\hbaapi.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 78848 c:\windows\system32\hbaapi.dll
+ 2011-07-02 18:28 . 2010-11-20 13:24 18432 c:\windows\system32\FXSUNATD.exe
+ 2011-07-02 18:28 . 2010-11-20 13:26 41984 c:\windows\system32\FXSMON.dll
- 2009-07-14 00:10 . 2009-07-14 01:39 48128 c:\windows\system32\ftp.exe
+ 2011-07-02 18:29 . 2010-11-20 13:24 48128 c:\windows\system32\ftp.exe
+ 2011-04-27 13:42 . 2011-03-11 06:30 96768 c:\windows\system32\fsutil.exe
- 2011-04-27 13:42 . 2011-03-11 06:15 96768 c:\windows\system32\fsutil.exe
+ 2011-07-02 18:28 . 2010-11-20 13:24 17920 c:\windows\system32\fixmapi.exe
+ 2011-07-02 18:28 . 2010-11-20 13:24 71168 c:\windows\system32\findstr.exe
+ 2011-07-02 18:28 . 2010-11-20 13:26 74240 c:\windows\system32\fdProxy.dll
+ 2011-07-02 18:29 . 2010-11-20 13:26 72192 c:\windows\system32\fdeploy.dll
+ 2011-07-21 16:32 . 2011-07-21 16:32 13312 c:\windows\system32\EventProviders\spcmsg.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 25600 c:\windows\system32\elsTrans.dll
+ 2011-07-02 18:28 . 2010-11-20 13:26 36864 c:\windows\system32\dsauth.dll
- 2009-07-14 05:30 . 2011-07-13 18:44 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-07-21 18:24 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-07-02 18:28 . 2010-11-20 13:27 83968 c:\windows\system32\DriverStore\FileRepository\wpdcomp.inf_amd64_neutral_11bbf54c8508434e\Wpdcomp.dll
+ 2011-07-02 18:29 . 2010-11-20 10:43 41984 c:\windows\system32\DriverStore\FileRepository\winusb.inf_amd64_neutral_6cb50ae9f480775b\winusb.sys
+ 2011-04-27 13:42 . 2011-03-11 04:37 91648 c:\windows\system32\DriverStore\FileRepository\usbstor.inf_amd64_neutral_26b33263a639795d\USBSTOR.SYS
+ 2011-07-02 18:29 . 2010-11-20 10:44 91648 c:\windows\system32\DriverStore\FileRepository\usbstor.inf_amd64_neutral_0725c2806a159a9d\USBSTOR.SYS
+ 2009-07-14 00:06 . 2009-07-14 00:06 30720 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbuhci.sys
+ 2009-07-14 00:06 . 2009-07-14 00:06 25600 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbohci.sys
+ 2011-07-02 18:29 . 2010-11-20 10:43 52224 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbehci.sys
+ 2011-05-11 13:33 . 2011-03-25 03:29 30720 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbuhci.sys
+ 2011-05-11 13:33 . 2011-03-25 03:29 25600 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbohci.sys
+ 2011-05-11 13:33 . 2011-03-25 03:29 52736 c:\windows\system32\DriverStore\FileRepository\usbport.inf_amd64_neutral_189259810882aaea\usbehci.sys
+ 2011-07-02 18:28 . 2010-11-20 10:44 98816 c:\windows\system32\DriverStore\FileRepository\usb.inf_amd64_neutral_269d7150439b3372\usbccgp.sys
+ 2011-05-11 13:33 . 2011-03-25 03:29 98816 c:\windows\system32\DriverStore\FileRepository\usb.inf_amd64_neutral_153b489118ee37b8\usbccgp.sys
+ 2011-07-02 18:29 . 2010-11-20 10:44 48640 c:\windows\system32\DriverStore\FileRepository\umbus.inf_amd64_neutral_2d4257afa2e35253\umbus.sys
+ 2011-07-02 18:30 . 2010-11-20 11:07 31232 c:\windows\system32\DriverStore\FileRepository\tsgenericusbdriver.inf_amd64_neutral_24c807694f614911\TsUsbGD.sys
+ 2011-07-02 18:29 . 2010-11-20 10:43 41984 c:\windows\system32\DriverStore\FileRepository\transfercable.inf_amd64_neutral_82f4c743c8996d67\amd64\winusb.sys
+ 2011-07-02 18:28 . 2010-11-20 10:34 14336 c:\windows\system32\DriverStore\FileRepository\sffdisk.inf_amd64_neutral_d2425e60845d17d3\sffp_sd.sys
+ 2009-07-14 00:01 . 2009-07-14 00:01 13824 c:\windows\system32\DriverStore\FileRepository\sffdisk.inf_amd64_neutral_d2425e60845d17d3\sffp_mmc.sys
+ 2009-07-14 00:01 . 2009-07-14 00:01 14336 c:\windows\system32\DriverStore\FileRepository\sffdisk.inf_amd64_neutral_d2425e60845d17d3\sffdisk.sys
+ 2011-07-02 18:28 . 2010-11-20 13:27 22016 c:\windows\system32\DriverStore\FileRepository\ntprint.inf_amd64_neutral_4616c3de1949be6d\Amd64\PJLMON.DLL
+ 2009-07-13 23:19 . 2009-07-14 01:45 17488 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\viaide.sys
+ 2009-07-13 23:19 . 2009-07-14 01:45 48720 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\pciidex.sys
+ 2009-07-13 23:19 . 2009-07-14 01:45 12352 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\pciide.sys
+ 2011-07-02 18:29 . 2010-11-20 13:33 31104 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\msahci.sys
+ 2009-07-13 23:19 . 2009-07-14 01:48 16960 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\intelide.sys
+ 2009-07-13 23:19 . 2009-07-14 01:52 17488 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\cmdide.sys
+ 2009-07-13 23:19 . 2009-07-14 01:52 24128 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
+ 2009-07-13 23:19 . 2009-07-14 01:52 15440 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\amdide.sys
+ 2009-07-13 23:19 . 2009-07-14 01:52 15440 c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\aliide.sys

#3 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:03:36 AM

Posted 08 August 2011 - 11:04 AM

User already being helped here :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users