Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirecting and combofix inoperative, help appreciated!


  • This topic is locked This topic is locked
25 replies to this topic

#1 bdmski

bdmski

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 20 August 2011 - 11:35 AM

I usually have been able to remove malware on my own but am having difficulties this time. Google.com has been redirecting me to sites like fast-answers.com among others. I was unable to do a system restore, and for some reason combofix is stuck at the "searching for infections may take up to 10 minutes" line. I've even left it on overnight several nights only to wake up and it will be just how I left it. It has always worked in the past. I have also tried malwarebytes but it hasn't really been picking anything up. I would definitely appreciate anyone's help in cleaning up my computer! What do I have to do? I'm running windows XP.

Edited by bdmski, 20 August 2011 - 11:37 AM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,842 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:04 PM

Posted 20 August 2011 - 12:04 PM

Hello,

Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.

If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 bdmski

bdmski
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 20 August 2011 - 03:08 PM

I tried step 7 the DDS twice but it stops at 80% similar to the situation i had with combofix. If i touch anything the computer freezes and I have to do a hard reboot. I'll keep continuing the steps.

#4 bdmski

bdmski
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 20 August 2011 - 08:02 PM

Step 8 is all I was able to complete. Here is the log it produced. Hope someone can help!

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-08-20 20:01:16
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 FUJITSU_MHV2060AH rev.000000A0
Running: gmer.exe; Driver: C:\DOCUME~1\Brian\LOCALS~1\Temp\awtdypob.sys


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[3236] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Pando Networks\Media Booster\PMB.exe[3868] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3888] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 1040DBF8 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \FileSystem\Fastfat \Fat A6B7CD20
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@RequireSignedAppInit_DLLs 1
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xE9 0x02 0x6C 0xFA ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x31 0x77 0xE1 0xBA ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...

---- EOF - GMER 1.0.15 ----

#5 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:04 PM

Posted 25 August 2011 - 11:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/415301 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:04 PM

Posted 29 August 2011 - 02:51 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.


The first thing I would like you to do is run this for me - http://download.bleepingcomputer.com/grinler/unhide.exe after it is complete restart the computer and continue with these steps


Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in

    %TEMP%\smtmp\*.* /s

  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTListIt.txt in your next reply.


information and logs:

  • In your next post I need the following

  • .logs from OTL
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 bdmski

bdmski
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 29 August 2011 - 09:16 PM

Thank you for replying and helping me out, I really appreciate it. =] Here is the log you requested

OTL logfile created on: 8/29/2011 9:04:52 PM - Run 1
OTL by OldTimer - Version 3.2.26.6 Folder = C:\Documents and Settings\Brian\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 69.49% Memory free
2.58 Gb Paging File | 2.17 Gb Available in Paging File | 84.14% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.74 Gb Total Space | 15.82 Gb Free Space | 40.83% Space Free | Partition Type: NTFS
Drive D: | 13.70 Gb Total Space | 5.66 Gb Free Space | 41.28% Space Free | Partition Type: NTFS
Drive F: | 831.24 Gb Total Space | 515.56 Gb Free Space | 62.02% Space Free | Partition Type: NTFS
Drive X: | 100.24 Gb Total Space | 99.80 Gb Free Space | 99.56% Space Free | Partition Type: FAT32

Computer Name: BRIANSLAPTOP | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Brian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Documents and Settings\Brian\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe (Google)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Documents and Settings\Brian\Local Settings\Apps\F.lux\flux.exe ()
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe (SprintNextel)
PRC - C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
PRC - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
PRC - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\WINDOWS\MMKeybd.exe (Netropa Corp.)
PRC - C:\WINDOWS\Nhksrv.exe ()
PRC - C:\Program Files\Netropa\OSD.exe (Netropa Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Mozilla Firefox\js3250.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Documents and Settings\Brian\Local Settings\Apps\F.lux\flux.exe ()
MOD - C:\WINDOWS\system32\pdf995mon.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
MOD - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - C:\WINDOWS\Nhksrv.exe ()
MOD - C:\WINDOWS\system32\msiosd32.dll ()


========== Win32 Services (SafeList) ==========

SRV - (PEVSystemStart) -- File not found
SRV - (HidServ) -- File not found
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (Access Utility Service) -- C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe (SprintNextel)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (StyleXPService) -- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
SRV - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (Nhksrv) -- C:\WINDOWS\Nhksrv.exe ()


========== Driver Services (SafeList) ==========

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (epmntdrv) -- C:\WINDOWS\system32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\WINDOWS\system32\EuGdiDrv.sys ()
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech Webcam 300(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (cpuz132) -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys (Windows ® Codename Longhorn DDK provider)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (dsunidrv) -- C:\WINDOWS\system32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (sy03mdm) -- C:\WINDOWS\system32\drivers\sy03mdm.sys (MCCI)
DRV - (sy03serd) SANYO USB Modem SY03 Diagnostic Serial Port (WDM) -- C:\WINDOWS\system32\drivers\sy03serd.sys (MCCI)
DRV - (sy03bus) SANYO USB Composite Device SY03 driver (WDM) -- C:\WINDOWS\system32\drivers\sy03bus.sys (MCCI)
DRV - (sy03mdfl) -- C:\WINDOWS\system32\drivers\sy03mdfl.sys (MCCI Corporation)
DRV - (sanyoser) -- C:\WINDOWS\system32\drivers\sanyoser.sys (SANYO Electric Co.,Ltd.)
DRV - (sanyomdm) -- C:\WINDOWS\system32\drivers\sanyomdm.sys (SANYO Electric Co.,Ltd.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (StyleXPHelper) -- C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe (Windows ® 2000 DDK provider)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (libusb0) -- C:\WINDOWS\system32\drivers\libusb0.sys ()
DRV - (Msikbd2k) -- C:\WINDOWS\system32\drivers\Msikbd2k.sys (Netropa Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?hl=en"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.7
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.23.0.5
FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.4
FF - prefs.js..extensions.enabledItems: {66E978CD-981F-47DF-AC42-E3CF417C1467}:0.4.3
FF - prefs.js..extensions.enabledItems: {07CB5D19-3FD4-4A8F-B6AA-8D660F256539}:1.9.1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110704
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPAPIX: C:\Program Files\Common Files\fluxDVD\APIX\NPAPIX.dll ()
FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPFluxBrowserHelper: C:\Program Files\Common Files\fluxDVD\BrowserIntegration\NPFluxBrowserHelper.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Brian\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Brian\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Brian\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Brian\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Brian\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{400F0BDB-6C49-43A4-BE1F-76D7327A604D}: C:\Program Files\Common Files\fluxDVD\Download Manager\Mozilla [2008/05/09 09:12:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/10/27 22:56:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{07CB5D19-3FD4-4A8F-B6AA-8D660F256539}: C:\Documents and Settings\Brian\Local Settings\Application Data\{07CB5D19-3FD4-4A8F-B6AA-8D660F256539} [2010/10/04 04:13:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/20 11:12:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/17 16:11:57 | 000,000,000 | ---D | M]

[2009/06/28 21:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Extensions
[2009/06/28 21:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/08/28 21:02:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions
[2011/03/02 02:56:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/11/05 01:14:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{3112ca9c-de6d-4884-a869-9855de680400}
[2008/11/05 01:14:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2011/03/02 02:56:25 | 000,000,000 | ---D | M] (New Tab Homepage) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}
[2008/11/05 01:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{8d443e84-8d17-4211-948d-d033289ab0b4}
[2011/03/02 02:56:39 | 000,000,000 | ---D | M] (MR Tech Toolkit) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
[2011/08/24 11:12:03 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2008/12/16 00:06:05 | 000,000,000 | ---D | M] ("SIRIUS Player") -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{A8208118-F761-47E2-A01F-4FB22AE08B5E}
[2011/08/24 18:41:07 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/24 18:41:02 | 000,000,000 | ---D | M] (Easy YouTube Video Downloader) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2011/08/24 18:41:05 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/08/24 18:41:04 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011/08/24 18:41:29 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2008/11/05 01:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{e8cba685-830c-1283-6314-a6ae605cc7be}
[2011/08/24 18:41:02 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\DeviceDetection@logitech.com
[2011/03/02 02:56:25 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\en-US@dictionaries.addons.mozilla.org
[2011/08/24 18:41:20 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\firebug@software.joehewitt.com
[2008/02/07 23:16:51 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\moveplayer@movenetworks.com
[2008/11/05 01:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\nasanightlaunch@example.com
[2011/08/28 21:02:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/11/05 01:14:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de680400}
[2010/10/04 04:13:41 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\BRIAN\LOCAL SETTINGS\APPLICATION DATA\{07CB5D19-3FD4-4A8F-B6AA-8D660F256539}
[2008/11/23 02:36:40 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2004/07/02 16:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\components\np32asw.dll
[2004/07/02 16:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32asw.dll
[2007/03/02 08:17:24 | 000,095,200 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPAPIX.dll
[2007/01/17 06:18:04 | 000,095,200 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPFluxBrowserHelper.dll
[2007/12/19 07:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2007/07/02 10:42:20 | 000,103,064 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPMPDRM.dll
[2006/01/18 15:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2007/12/24 11:17:52 | 000,159,744 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll

O1 HOSTS File: ([2011/08/24 16:42:01 | 000,436,516 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15024 more lines...
O3 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O4 - HKLM..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe (Netropa Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006..\Run: [F.lux] C:\Documents and Settings\Brian\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 475
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 1
O7 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Brian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Brian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Documents and Settings\Brian\Desktop\asia_4yo2.
[2011/08/29 21:03:27 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe
[2011/08/29 12:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\ConceptDraw Project 5
[2011/08/29 12:50:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\CSOdessa
[2011/08/28 16:14:06 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF14978.exe
[2011/08/28 16:14:06 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011/08/27 00:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ConceptDraw Office
[2011/08/27 00:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\ConceptDraw Office
[2011/08/27 00:31:34 | 074,727,288 | ---- | C] (CS Odessa ) -- C:\Documents and Settings\Brian\Desktop\ConceptDrawMINDMAP.exe
[2011/08/24 14:08:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2011/08/24 14:08:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2011/08/24 12:26:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/08/24 12:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/08/24 12:23:49 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2011/08/24 11:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/08/24 11:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Hitman Pro 3.5
[2011/08/24 11:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/08/23 10:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\SUPERAntiSpyware.com
[2011/08/23 10:58:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/08/23 09:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2011/08/23 09:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2011/08/23 09:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2011/08/23 09:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2011/08/23 09:03:40 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2011/08/23 09:03:39 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2011/08/23 09:03:38 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2011/08/23 09:03:35 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\REGEDIT.COM
[2011/08/23 09:03:35 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2011/08/23 09:03:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TASKMGR.COM
[2011/08/23 09:03:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2011/08/23 09:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2011/08/23 09:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MicroWorld
[2011/08/22 12:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\MyPublisher
[2011/08/22 12:11:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\MyPublisher
[2011/08/20 14:43:44 | 000,607,017 | R--- | C] (Swearware) -- C:\Documents and Settings\Brian\Desktop\dds.scr
[2011/08/20 12:53:29 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/08/19 11:38:48 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/08/19 11:38:11 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/08/18 11:31:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\COLLECTION
[2011/08/18 10:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2011/08/18 10:28:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2011/08/18 10:28:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Local Settings\Application Data\Downloaded Installations
[2011/08/18 10:17:18 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011/08/17 19:18:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Free M4a to MP3 Converter
[2011/08/13 00:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/08/12 23:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\My Documents\My Print Creations
[2011/08/11 18:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Start Menu\Programs\HiJackThis
[2011/08/10 20:57:23 | 004,170,159 | R--- | C] (Swearware) -- C:\Documents and Settings\Brian\Desktop\ComboFix.exe
[2004/11/24 13:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Brian\Desktop\asia_4yo2.
[2011/08/29 21:06:13 | 000,527,572 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/29 21:06:12 | 000,113,350 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/29 21:03:28 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe
[2011/08/29 21:01:46 | 000,000,269 | ---- | M] () -- C:\WINDOWS\MSIOSD.INI
[2011/08/29 21:01:34 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/08/29 21:01:32 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/29 21:01:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/29 21:01:17 | 2138,505,216 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/29 20:43:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/29 20:42:13 | 000,684,297 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\unhide.exe
[2011/08/29 20:28:42 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/29 20:22:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4119021893-1412818554-2018904512-1006UA.job
[2011/08/29 12:49:45 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office MINDMAP.lnk
[2011/08/29 12:49:45 | 000,001,902 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office PROJECT.lnk
[2011/08/29 12:49:45 | 000,001,884 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office PRO.lnk
[2011/08/29 09:13:59 | 030,036,434 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\MFT150_Chapter_01_invitation_2.rm
[2011/08/29 09:12:29 | 005,217,450 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\MFT150_Chapter_01_invitation_.rm
[2011/08/29 06:22:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4119021893-1412818554-2018904512-1006Core.job
[2011/08/28 23:42:03 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2011/08/28 23:38:30 | 000,000,311 | ---- | M] () -- C:\WINDOWS\MMKEYBD.INI
[2011/08/28 16:13:58 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF14978.exe
[2011/08/27 00:31:22 | 072,769,436 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\ConceptDrawMINDMAP.zip
[2011/08/26 17:00:22 | 000,114,237 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\377527761_ieEH3h_122_209lo.jpg
[2011/08/25 19:07:24 | 000,623,409 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\img0149vt.jpg
[2011/08/24 16:42:01 | 000,436,516 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/08/24 16:41:49 | 000,436,516 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110824-164201.backup
[2011/08/24 15:09:29 | 000,013,259 | ---- | M] () -- C:\Documents and Settings\Brian\My Documents\pinfect.zip
[2011/08/24 13:45:36 | 000,000,056 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2011/08/24 12:26:06 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/08/24 12:23:49 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2011/08/24 11:19:54 | 000,023,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/08/23 09:10:48 | 000,000,736 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110824-164149.backup
[2011/08/23 09:08:30 | 007,393,989 | ---- | M] () -- C:\WINDOWS\REGBK00.ZIP
[2011/08/23 09:03:39 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2011/08/23 09:03:38 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2011/08/23 09:03:37 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2011/08/23 09:03:21 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\MWAVSCAN.lnk
[2011/08/22 12:11:55 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MyPublisher.lnk
[2011/08/21 23:06:52 | 000,036,731 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\296204_10150783310890601_804285600_20594638_2741279_n.jpg
[2011/08/20 15:08:47 | 000,294,216 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\gmer.zip
[2011/08/20 14:43:44 | 000,607,017 | R--- | M] (Swearware) -- C:\Documents and Settings\Brian\Desktop\dds.scr
[2011/08/19 11:49:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/18 11:25:59 | 001,463,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/17 19:18:40 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Free M4a to MP3 Converter.lnk
[2011/08/17 19:18:40 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\Free M4a to MP3 Converter.lnk
[2011/08/17 19:18:40 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\My Music Tools.lnk
[2011/08/17 19:02:04 | 000,032,132 | ---- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/08/17 12:52:12 | 000,435,637 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.57906975
[2011/08/13 01:28:20 | 000,000,970 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/08/13 00:06:10 | 004,170,159 | R--- | M] (Swearware) -- C:\Documents and Settings\Brian\Desktop\ComboFix.exe
[2011/08/12 23:10:21 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\HiJackThis.lnk
[2011/08/11 18:37:11 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\HijackThis.msi
[2011/08/04 17:31:39 | 000,000,045 | ---- | M] () -- C:\TEST.XML
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/29 20:42:13 | 000,684,297 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\unhide.exe
[2011/08/29 12:49:45 | 000,001,902 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office PROJECT.lnk
[2011/08/29 12:49:45 | 000,001,884 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office PRO.lnk
[2011/08/29 09:13:49 | 030,036,434 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\MFT150_Chapter_01_invitation_2.rm
[2011/08/29 09:12:27 | 005,217,450 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\MFT150_Chapter_01_invitation_.rm
[2011/08/27 00:35:03 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office MINDMAP.lnk
[2011/08/27 00:28:16 | 072,769,436 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\ConceptDrawMINDMAP.zip
[2011/08/26 17:00:21 | 000,114,237 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\377527761_ieEH3h_122_209lo.jpg
[2011/08/25 19:07:23 | 000,623,409 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\img0149vt.jpg
[2011/08/24 17:06:08 | 2138,505,216 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/24 11:19:54 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/08/23 10:58:53 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/08/23 10:06:59 | 000,013,259 | ---- | C] () -- C:\Documents and Settings\Brian\My Documents\pinfect.zip
[2011/08/23 09:07:36 | 007,393,989 | ---- | C] () -- C:\WINDOWS\REGBK00.ZIP
[2011/08/23 09:04:01 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2011/08/23 09:03:21 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\MWAVSCAN.lnk
[2011/08/22 12:11:55 | 000,000,948 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MyPublisher.lnk
[2011/08/22 12:11:55 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MyPublisher.lnk
[2011/08/21 23:06:51 | 000,036,731 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\296204_10150783310890601_804285600_20594638_2741279_n.jpg
[2011/08/20 15:09:16 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\gmer.exe
[2011/08/20 15:08:46 | 000,294,216 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\gmer.zip
[2011/08/17 19:18:40 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Free M4a to MP3 Converter.lnk
[2011/08/17 19:18:40 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\Free M4a to MP3 Converter.lnk
[2011/08/17 19:18:40 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\My Music Tools.lnk
[2011/08/11 18:37:45 | 000,002,447 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\HiJackThis.lnk
[2011/08/11 18:37:10 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\HijackThis.msi
[2011/04/19 04:49:28 | 000,032,132 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/14 21:42:09 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\kodakpcd.ini
[2010/12/15 20:22:18 | 002,217,088 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2010/12/15 20:22:18 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2010/12/15 20:22:18 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2010/12/15 20:22:18 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2010/12/15 20:22:18 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2010/12/14 17:29:45 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/14 17:29:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/14 17:29:45 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/14 17:29:45 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/14 17:29:45 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/09 00:00:45 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/12/09 00:00:45 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/04 01:18:38 | 000,000,778 | ---- | C] () -- C:\WINDOWS\acutiwoj.dll
[2010/12/04 01:16:49 | 000,000,778 | ---- | C] () -- C:\WINDOWS\ivilakefup.dll
[2010/12/04 01:12:40 | 000,000,778 | ---- | C] () -- C:\WINDOWS\ufobitukix.dll
[2010/10/02 06:26:58 | 000,000,110 | ---- | C] () -- C:\WINDOWS\Video Converter Standard.ini
[2010/10/02 05:18:52 | 000,000,118 | ---- | C] () -- C:\WINDOWS\pro Video Converter Standard.ini
[2010/10/02 05:15:24 | 000,000,009 | ---- | C] () -- C:\WINDOWS\System32\Video Converter Standard56.dat
[2010/08/17 15:46:11 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010/07/04 23:32:46 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/07/04 23:32:43 | 000,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll
[2010/06/04 19:31:32 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Jtuluniwul.dat
[2010/06/04 19:31:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Cnuqobeyey.bin
[2010/05/28 17:35:35 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Musician.INI
[2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 16:56:06 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/13 23:39:00 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\kyvgsz.dat
[2010/05/11 02:06:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/07 20:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 20:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/05/02 18:35:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsihtame.sys
[2010/04/06 09:58:55 | 000,016,096 | -HS- | C] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\3F17kB
[2010/04/06 09:58:55 | 000,016,096 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3F17kB
[2009/12/29 21:35:56 | 003,190,784 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009/12/29 21:35:56 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2009/12/29 21:35:56 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2009/12/29 21:35:56 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2009/12/29 21:35:56 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2009/12/29 21:35:56 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2009/12/29 21:35:56 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2009/12/29 21:35:56 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2009/12/29 21:35:56 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2009/12/29 21:35:56 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2009/12/29 21:35:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2009/12/29 21:35:56 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2009/12/29 21:35:56 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2009/12/29 21:35:56 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2009/12/29 21:35:56 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2009/12/29 21:35:56 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2009/12/29 21:35:56 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2009/12/29 21:35:56 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/10/31 21:00:57 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/05/15 03:21:56 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\libusb0.sys
[2009/05/15 03:20:02 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ps3sixaxis_en.exe
[2008/06/13 03:30:49 | 000,002,223 | ---- | C] () -- C:\WINDOWS\GIFCON.INI
[2008/05/16 00:04:46 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/08 00:35:37 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2008/05/08 00:33:10 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2008/05/08 00:33:09 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/05/04 11:08:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\CPUINFO2.DLL
[2008/03/20 03:26:32 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/02/03 23:04:14 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\fusioncache.dat
[2008/01/24 05:20:42 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2007/11/19 21:51:03 | 000,000,125 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/10/11 02:56:18 | 000,001,783 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/10/05 19:21:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\PureEdgeAPI.ini
[2007/10/05 19:21:08 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\MSQOLE.DLL
[2007/09/28 02:39:18 | 000,002,055 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/09/17 16:17:16 | 000,028,672 | ---- | C] () -- C:\WINDOWS\Nhksrv.exe
[2007/09/17 16:17:16 | 000,028,672 | ---- | C] () -- C:\WINDOWS\MMKeybd.dll
[2007/09/17 16:17:16 | 000,000,311 | ---- | C] () -- C:\WINDOWS\MMKEYBD.INI
[2007/09/17 16:17:16 | 000,000,269 | ---- | C] () -- C:\WINDOWS\MSIOSD.INI
[2007/09/17 16:17:13 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2007/09/16 22:45:44 | 000,080,812 | ---- | C] () -- C:\WINDOWS\HPHins08.dat
[2007/09/16 22:45:44 | 000,003,987 | ---- | C] () -- C:\WINDOWS\hphmdl08.dat
[2007/08/09 06:26:44 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2007/06/26 21:36:27 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/25 14:58:12 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/05/25 14:58:12 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\4A2379A7BF.sys
[2007/05/11 20:08:46 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/11/02 10:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006/05/27 17:32:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/27 17:25:46 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/05/27 17:24:00 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/05/27 17:20:06 | 000,000,970 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/05/27 17:16:38 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/05/27 17:12:31 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/05/27 16:49:54 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/05/27 16:49:38 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/05/27 16:49:38 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006/05/27 16:49:34 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/05/27 16:49:26 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/06/02 01:01:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2005/04/09 17:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/10/03 11:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 13:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 12:57:15 | 001,463,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 12:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 12:51:20 | 000,527,572 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 12:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 12:51:20 | 000,113,350 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 12:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 12:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 12:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 12:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 12:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 12:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 12:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 12:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/02/11 14:22:58 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\CDVPreviewEx.dll

========== Custom Scans ==========


< %TEMP%\smtmp\*.* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2615E8F1

< End of report >

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:04 PM

Posted 29 August 2011 - 09:33 PM

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
ComboFix /nombr
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 bdmski

bdmski
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 30 August 2011 - 07:05 AM

I'm splitting into two posts because it said it was too long. Hope that's okay. =]

ComboFix 11-08-30.01 - Brian 08/30/2011 6:48.8.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1519 [GMT -5:00]
Running from: c:\documents and settings\Brian\My Documents\other\fix\ComboFix.exe
Command switches used :: /nombr
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Brian\Application Data\PriceGong
c:\documents and settings\Brian\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Brian\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Brian\Local Settings\Application Data\{07CB5D19-3FD4-4A8F-B6AA-8D660F256539}
c:\documents and settings\Brian\Local Settings\Application Data\{07CB5D19-3FD4-4A8F-B6AA-8D660F256539}\chrome.manifest
c:\documents and settings\Brian\Local Settings\Application Data\{07CB5D19-3FD4-4A8F-B6AA-8D660F256539}\chrome\content\_cfg.js
c:\documents and settings\Brian\Local Settings\Application Data\{07CB5D19-3FD4-4A8F-B6AA-8D660F256539}\chrome\content\overlay.xul
c:\documents and settings\Brian\Local Settings\Application Data\{07CB5D19-3FD4-4A8F-B6AA-8D660F256539}\install.rdf
c:\documents and settings\Brian\My Documents\11.pdf
c:\documents and settings\Brian\My Documents\12.pdf
c:\documents and settings\Brian\My Documents\13.pdf
c:\documents and settings\Brian\Recent\Thumbs.db
c:\windows\regedit.com
c:\windows\system32\paypal.url
c:\windows\system32\taskmgr.com
c:\windows\system32\Thumbs.db
c:\windows\system32\winx.url
.
.
((((((((((((((((((((((((( Files Created from 2011-07-28 to 2011-08-30 )))))))))))))))))))))))))))))))
.
.
2011-08-30 11:46 . 2011-08-30 11:45 389120 ----a-w- c:\windows\system32\CF9211.exe
2011-08-29 17:51 . 2011-08-29 17:51 -------- d-----w- c:\documents and settings\Brian\Application Data\ConceptDraw Project 5
2011-08-29 17:50 . 2011-08-29 17:50 -------- d-----w- c:\documents and settings\Brian\Application Data\CSOdessa
2011-08-28 21:14 . 2011-08-28 21:13 389120 ----a-w- c:\windows\system32\CF14978.exe
2011-08-27 05:34 . 2011-08-29 17:48 -------- d-----w- c:\program files\ConceptDraw Office
2011-08-24 19:08 . 2011-08-24 19:08 -------- d---a-w- c:\windows\rundll16.exe
2011-08-24 19:08 . 2011-08-24 19:08 -------- d---a-w- c:\windows\logo1_.exe
2011-08-24 17:25 . 2011-08-24 17:26 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-24 17:23 . 2011-08-24 17:23 12872 ----a-w- c:\windows\system32\bootdelete.exe
2011-08-24 16:19 . 2011-08-24 16:19 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-08-24 16:19 . 2011-08-24 16:19 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-08-24 16:19 . 2011-08-24 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2011-08-23 15:59 . 2011-08-23 15:59 -------- d-----w- c:\documents and settings\Brian\Application Data\SUPERAntiSpyware.com
2011-08-23 15:58 . 2011-08-23 15:58 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-08-23 14:05 . 2011-08-23 14:05 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-23 14:05 . 2011-08-23 14:05 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-23 14:05 . 2011-08-23 14:05 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-23 14:05 . 2011-08-23 14:05 -------- d---a-w- c:\windows\logo_1.exe
2011-08-23 14:03 . 2011-08-23 14:03 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-23 14:03 . 2011-08-23 14:03 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-23 14:03 . 2011-08-23 14:03 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-23 14:03 . 2008-04-14 00:12 135680 ----a-w- c:\windows\system32\T.COM
2011-08-23 14:03 . 2008-04-14 00:12 146432 ----a-w- c:\windows\R.COM
2011-08-23 14:03 . 2011-08-23 14:03 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-23 14:03 . 2011-08-23 14:03 -------- d-----w- c:\documents and settings\All Users\Application Data\MicroWorld
2011-08-22 17:11 . 2011-08-22 17:11 -------- d-----w- c:\program files\MyPublisher
2011-08-22 17:11 . 2011-08-22 17:11 -------- d-----w- c:\documents and settings\Brian\Application Data\MyPublisher
2011-08-20 17:53 . 2011-08-20 17:53 -------- d-----w- C:\TDSSKiller_Quarantine
2011-08-19 16:38 . 2011-06-24 14:10 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-19 16:38 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-18 15:30 . 2011-08-18 15:43 -------- d-----w- c:\program files\Pinnacle
2011-08-18 15:28 . 2011-08-18 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle
2011-08-18 15:28 . 2011-08-18 15:28 -------- d-----w- c:\documents and settings\Brian\Local Settings\Application Data\Downloaded Installations
2011-08-18 15:17 . 2011-08-18 15:17 -------- d-----w- c:\program files\Pando Networks
2011-08-13 06:37 . 2011-08-13 17:05 -------- d-----w- c:\documents and settings\Administrator
2011-08-11 23:37 . 2011-08-11 23:37 388096 ----a-r- c:\documents and settings\Brian\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-23 14:08 . 2011-08-23 14:07 7393989 ----a-w- c:\windows\REGBK00.ZIP
2011-07-15 13:29 . 2006-05-27 21:48 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-10 17:51 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-07 00:52 . 2008-09-29 02:16 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-07 00:52 . 2008-09-29 02:16 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-24 14:10 . 2004-08-10 18:01 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:18 . 2004-08-10 17:51 667136 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:18 . 2004-08-10 17:51 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-06-21 18:18 . 2004-08-10 17:51 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-06-21 12:58 . 2004-08-10 17:51 369664 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-10 17:51 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-02 14:02 . 2004-08-10 17:51 1858944 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2010-05-15_08.50.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-19 03:51 . 2011-04-19 03:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll
+ 2007-11-07 10:19 . 2007-11-07 10:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
+ 2008-07-29 14:07 . 2008-07-29 14:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 14:07 . 2008-07-29 14:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2006-12-02 05:46 . 2006-12-02 05:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2011-05-14 01:17 . 2011-05-14 01:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
+ 2009-07-12 04:32 . 2009-07-12 04:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-12 04:32 . 2009-07-12 04:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-12 04:32 . 2009-07-12 04:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-12 04:32 . 2009-07-12 04:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-12 04:32 . 2009-07-12 04:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-12 04:32 . 2009-07-12 04:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-12 04:32 . 2009-07-12 04:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-12 04:32 . 2009-07-12 04:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-12 04:32 . 2009-07-12 04:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2006-06-05 23:28 . 2006-06-05 23:28 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80KOR.dll
+ 2006-06-05 23:28 . 2006-06-05 23:28 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80JPN.dll
+ 2006-06-05 23:28 . 2006-06-05 23:28 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80ITA.dll
+ 2006-06-05 23:28 . 2006-06-05 23:28 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80FRA.dll
+ 2006-06-05 23:28 . 2006-06-05 23:28 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80ESP.dll
+ 2006-06-05 23:28 . 2006-06-05 23:28 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80ENU.dll
+ 2006-06-05 23:28 . 2006-06-05 23:28 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80DEU.dll
+ 2006-06-05 23:28 . 2006-06-05 23:28 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80CHT.dll
+ 2006-06-05 23:28 . 2006-06-05 23:28 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_8e53b5fe\mfc80CHS.dll
+ 2006-12-02 05:26 . 2006-12-02 05:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2011-05-14 06:06 . 2011-05-14 06:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-14 06:23 . 2011-05-14 06:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
+ 2009-07-12 09:07 . 2009-07-12 09:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 09:19 . 2009-07-12 09:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2006-06-05 23:47 . 2006-06-05 23:47 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfcm80u.dll
+ 2006-06-05 23:47 . 2006-06-05 23:47 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfcm80.dll
+ 2006-12-02 03:56 . 2006-12-02 03:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2011-05-13 23:37 . 2011-05-13 23:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2009-07-12 03:41 . 2009-07-12 03:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2011-08-30 02:01 . 2011-08-30 02:01 16384 c:\windows\TEMP\Perflib_Perfdata_76c.dat
+ 2006-10-19 05:47 . 2009-01-31 04:35 38400 c:\windows\system32\wpdshextres.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 38400 c:\windows\system32\wpdshextres.dll
+ 2006-10-19 04:00 . 2009-01-31 01:21 17408 c:\windows\system32\wpdshextautoplay.exe
- 2006-10-19 04:00 . 2006-10-19 04:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2006-05-27 21:50 . 2009-01-31 04:35 63488 c:\windows\system32\wpdmtpus.dll
- 2006-05-27 21:50 . 2006-10-19 05:47 63488 c:\windows\system32\wpdmtpus.dll
+ 2006-05-27 21:50 . 2009-01-31 04:35 35840 c:\windows\system32\wpdconns.dll
- 2006-05-27 21:50 . 2006-10-19 05:47 35840 c:\windows\system32\wpdconns.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 99840 c:\windows\system32\wmpshell.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 37376 c:\windows\system32\wmdmps.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 37376 c:\windows\system32\wmdmps.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 33792 c:\windows\system32\wmdmlog.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 33792 c:\windows\system32\wmdmlog.dll
+ 2007-03-26 09:00 . 2007-03-26 09:00 88824 c:\windows\system32\vxblock.dll
+ 2010-06-17 17:04 . 2008-04-14 00:12 53760 c:\windows\system32\vfwwdm32.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 37888 c:\windows\system32\url.dll
+ 2004-08-10 17:51 . 2011-06-21 18:18 37888 c:\windows\system32\url.dll
+ 2007-01-29 08:58 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
+ 2006-05-27 22:08 . 2006-03-08 19:49 69723 c:\windows\system32\SynTPFcs.dll
- 2006-05-27 22:08 . 2005-11-29 09:58 69723 c:\windows\system32\SynTPFcs.dll
- 2006-05-27 22:08 . 2005-11-29 10:01 81920 c:\windows\system32\SynTPCo2.dll
+ 2006-05-27 22:08 . 2006-03-08 19:51 81920 c:\windows\system32\SynTPCo2.dll
+ 2006-05-27 22:08 . 2006-03-08 19:38 94299 c:\windows\system32\SynTPAPI.dll
- 2006-05-27 22:08 . 2005-11-29 09:41 94299 c:\windows\system32\SynTPAPI.dll
- 2006-05-27 22:08 . 2005-11-29 09:40 82014 c:\windows\system32\SynCOM.dll
+ 2006-05-27 22:08 . 2006-03-08 19:37 82014 c:\windows\system32\SynCOM.dll
+ 2010-12-19 12:16 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
- 2010-01-26 03:38 . 2007-11-30 11:18 17272 c:\windows\system32\spmsg.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 25088 c:\windows\system32\shfolder.dll
+ 2004-08-10 17:51 . 2004-08-04 08:56 25088 c:\windows\system32\shfolder.dll
+ 2010-12-16 01:22 . 2010-07-15 16:44 86408 c:\windows\system32\setupempdrv03.exe
+ 2010-06-17 17:14 . 2008-04-14 00:12 23552 c:\windows\system32\ReinstallBackups\0036\DriverFiles\i386\wdmaud.drv
+ 2010-06-17 17:14 . 2008-04-13 18:45 60032 c:\windows\system32\ReinstallBackups\0036\DriverFiles\i386\USBAUDIO.sys
+ 2010-06-17 17:14 . 2008-04-13 18:45 49408 c:\windows\system32\ReinstallBackups\0036\DriverFiles\i386\stream.sys
+ 2010-06-17 17:14 . 2008-04-13 18:45 60160 c:\windows\system32\ReinstallBackups\0036\DriverFiles\i386\drmk.sys
+ 2010-06-17 17:13 . 2008-04-14 00:12 53760 c:\windows\system32\ReinstallBackups\0035\DriverFiles\i386\vfwwdm32.dll
+ 2010-06-17 17:13 . 2008-04-14 00:12 16896 c:\windows\system32\ReinstallBackups\0035\DriverFiles\i386\msyuv.dll
+ 2010-06-17 17:13 . 2008-04-14 00:11 47616 c:\windows\system32\ReinstallBackups\0035\DriverFiles\i386\iyuv_32.dll
+ 2010-06-17 17:13 . 2008-04-13 18:45 32128 c:\windows\system32\ReinstallBackups\0034\DriverFiles\i386\usbccgp.sys
+ 2010-06-02 13:57 . 2005-10-15 01:50 53248 c:\windows\system32\ReinstallBackups\0033\DriverFiles\oemdspif.dll
+ 2010-06-02 13:57 . 2005-10-15 01:49 94208 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxtray.exe
+ 2010-06-02 13:57 . 2005-10-15 01:46 57344 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxsrvc.dll
+ 2010-06-02 13:57 . 2005-10-15 01:50 94208 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxext.exe
+ 2010-06-02 13:57 . 2005-10-15 01:50 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxexps.dll
+ 2010-06-02 13:57 . 2005-10-15 01:46 86016 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxdo.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuTRK.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuTHA.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuSVE.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuRUS.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuPTG.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuPTB.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuPLK.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuNOR.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuNLD.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuKOR.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuJPN.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuITA.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuHUN.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuHEB.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuFRC.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuFRA.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuFIN.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuESP.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuENG.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuELL.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuDEU.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuDAN.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuCSY.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuCHT.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuCHS.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuARB.dll
+ 2010-06-02 13:57 . 2005-10-15 01:51 40960 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmuARA.dll
+ 2010-06-02 13:57 . 2005-10-15 02:06 36990 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmrnt5.dll
+ 2010-06-02 13:57 . 2005-10-15 02:06 49152 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmrem.dll
+ 2010-06-02 13:57 . 2005-10-15 02:06 61440 c:\windows\system32\ReinstallBackups\0033\DriverFiles\iAlmCoIn.dll
+ 2010-06-02 13:57 . 2005-10-15 01:46 77824 c:\windows\system32\ReinstallBackups\0033\DriverFiles\hkcmd.exe
+ 2010-06-02 13:57 . 2005-10-15 01:45 73728 c:\windows\system32\ReinstallBackups\0033\DriverFiles\hccutils.dll
+ 2010-05-15 09:01 . 2005-11-29 09:58 82011 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynTPLpr.exe
+ 2010-05-15 09:01 . 2005-11-29 09:58 69723 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynTPFcs.dll
+ 2010-05-15 09:01 . 2005-11-29 09:41 41064 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynTPCOM.dll
+ 2010-05-15 09:01 . 2005-11-29 09:41 94299 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynTPAPI.dll
+ 2010-05-15 09:01 . 2005-11-29 09:40 82014 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynCOM.dll
+ 2010-05-15 09:01 . 2005-11-29 10:01 81920 c:\windows\system32\ReinstallBackups\0032\DriverFiles\InstNT.exe
+ 2010-05-15 09:01 . 2008-04-13 18:39 23040 c:\windows\system32\ReinstallBackups\0032\DriverFiles\i386\mouclass.sys
+ 2010-05-15 09:01 . 2008-04-13 19:18 52480 c:\windows\system32\ReinstallBackups\0032\DriverFiles\i386\i8042prt.sys
+ 2007-03-29 16:56 . 2007-03-29 16:56 64760 c:\windows\system32\pxinsa64.exe
- 2006-05-27 22:24 . 2007-03-07 23:51 64760 c:\windows\system32\pxinsa64.exe
+ 2007-03-29 16:56 . 2007-03-29 16:56 66296 c:\windows\system32\pxcpya64.exe
+ 2009-12-30 02:35 . 2009-12-30 02:35 60273 c:\windows\system32\pthreadGC2.dll
+ 2009-11-06 05:17 . 2009-11-06 05:17 11600 c:\windows\system32\mui\0409\mscorees.dll
- 2004-08-04 05:56 . 2008-04-14 00:12 16896 c:\windows\system32\msyuv.dll
+ 2004-08-04 05:56 . 2008-04-14 00:12 16896 c:\windows\system32\msyuv.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 27136 c:\windows\system32\mspmsnsv.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2011-04-19 09:49 . 2011-08-18 00:02 32132 c:\windows\system32\mlfcache.dat
- 2004-08-10 17:51 . 2006-10-19 05:47 11264 c:\windows\system32\LAPRXY.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 11264 c:\windows\system32\LAPRXY.dll
+ 2010-12-09 05:31 . 2010-12-09 05:31 10111 c:\windows\system32\Lang\TradChin.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 12247 c:\windows\system32\Lang\Thai.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 13560 c:\windows\system32\Lang\SWEDISH.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 15409 c:\windows\system32\Lang\Spanish.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 15050 c:\windows\system32\Lang\Russian.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 14634 c:\windows\system32\Lang\Portuguese_Default.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 13746 c:\windows\system32\Lang\Portuguese_Brazilian.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 13431 c:\windows\system32\Lang\Polish.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 11498 c:\windows\system32\Lang\Korean.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 13345 c:\windows\system32\Lang\Japanese.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 15718 c:\windows\system32\Lang\Italian.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 13966 c:\windows\system32\Lang\Greek.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 14873 c:\windows\system32\Lang\German.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 15325 c:\windows\system32\Lang\French.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 12032 c:\windows\system32\Lang\English.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 14470 c:\windows\system32\Lang\Dutch.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 13831 c:\windows\system32\Lang\Danish.bin
+ 2010-12-09 05:31 . 2010-12-09 05:31 11842 c:\windows\system32\Lang\Arabic.bin
- 2004-08-04 05:56 . 2008-04-14 00:11 47616 c:\windows\system32\iyuv_32.dll
+ 2004-08-04 05:56 . 2008-04-14 00:11 47616 c:\windows\system32\iyuv_32.dll
+ 2006-05-27 21:49 . 2005-10-15 01:49 94208 c:\windows\system32\igfxtray.exe
+ 2006-05-27 21:49 . 2005-10-15 01:50 40960 c:\windows\system32\igfxexps(6).dll
+ 2006-05-27 21:49 . 2005-10-15 01:50 40960 c:\windows\system32\igfxexps(5).dll
+ 2006-05-27 21:49 . 2005-10-15 01:50 40960 c:\windows\system32\igfxexps(4).dll
+ 2006-05-27 21:49 . 2005-10-15 01:50 40960 c:\windows\system32\igfxexps(3).dll
+ 2006-05-27 21:49 . 2005-10-15 01:50 40960 c:\windows\system32\igfxexps(2).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 36990 c:\windows\system32\ialmrnt5(21).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 36990 c:\windows\system32\ialmrnt5(20).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 36990 c:\windows\system32\ialmrnt5(19).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 36990 c:\windows\system32\ialmrnt5(18).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 36990 c:\windows\system32\ialmrnt5(17).dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 26624 c:\windows\system32\ff_wmv9.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 38400 c:\windows\system32\ff_unrar.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 79872 c:\windows\system32\ff_tremor.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 97280 c:\windows\system32\ff_realaac.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 40960 c:\windows\system32\ff_liba52.dll
+ 2010-12-16 01:22 . 2010-07-15 16:44 14848 c:\windows\system32\EuEpmGdi.dll
+ 2010-12-16 01:22 . 2010-07-15 16:44 13192 c:\windows\system32\epmntdrv.sys
+ 2008-07-30 05:10 . 2010-07-05 04:32 73752 c:\windows\system32\dxva2.dll
+ 2011-04-18 00:45 . 2011-02-18 23:36 41984 c:\windows\system32\DRVSTORE\usbaapl_05A32DBD3911A2EF4222EF5BE7BB535FAB37D6C4\usbaapl.sys
+ 2011-04-18 00:45 . 2010-04-20 02:29 18432 c:\windows\system32\DRVSTORE\netaapl_8A27A03003759CB01567E831096473C330131D64\netaapl.sys
+ 2011-04-18 00:53 . 2009-05-18 20:17 26600 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
+ 2010-06-17 17:04 . 2008-04-13 18:46 19200 c:\windows\system32\drivers\WSTCODEC.SYS
+ 2006-05-27 21:50 . 2009-01-31 01:20 38528 c:\windows\system32\drivers\wpdusb.sys
- 2006-05-27 21:50 . 2006-10-19 04:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2010-06-17 17:04 . 2008-04-13 18:45 60032 c:\windows\system32\drivers\USBAUDIO.sys
+ 2010-06-17 17:04 . 2008-04-13 18:46 15232 c:\windows\system32\drivers\StreamIP.sys
+ 2010-06-17 17:04 . 2008-04-13 18:46 11136 c:\windows\system32\drivers\SLIP.sys
- 2005-04-25 07:03 . 2007-03-07 23:51 43528 c:\windows\system32\drivers\pxhelp20.sys
+ 2007-03-29 11:00 . 2007-03-29 11:00 43528 c:\windows\system32\drivers\pxhelp20.sys
+ 2010-06-17 17:04 . 2008-04-13 18:46 10880 c:\windows\system32\drivers\NdisIP.sys
+ 2010-06-17 17:04 . 2008-04-13 18:46 85248 c:\windows\system32\drivers\NABTSFEC.sys
+ 2010-05-14 22:04 . 2010-05-14 22:04 23904 c:\windows\system32\drivers\lvuvcflt.sys
+ 2010-05-08 01:43 . 2010-05-08 01:43 25824 c:\windows\system32\drivers\LVPr2Mon.sys
+ 2010-05-08 01:46 . 2010-05-08 01:46 14168 c:\windows\system32\drivers\iKeyLFT2.dll
+ 2006-09-19 21:44 . 2009-05-18 20:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2004-08-04 03:59 . 2008-05-02 10:49 62976 c:\windows\system32\drivers\cdrom.sys
- 2004-08-04 03:59 . 2008-04-13 18:40 62976 c:\windows\system32\drivers\cdrom.sys
+ 2010-06-17 17:04 . 2008-04-13 18:46 17024 c:\windows\system32\drivers\CCDECODE.sys
+ 2010-10-07 19:23 . 2010-10-07 19:23 91424 c:\windows\system32\dnssd.dll
+ 2010-06-17 17:04 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2004-08-10 17:51 . 2009-01-31 04:34 99840 c:\windows\system32\dllcache\wmpshell.dll
+ 2004-08-10 18:02 . 2009-01-31 04:30 64512 c:\windows\system32\dllcache\wmplayer.exe
+ 2004-08-10 18:02 . 2009-01-31 04:34 96256 c:\windows\system32\dllcache\wmpband.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 37376 c:\windows\system32\dllcache\wmdmps.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 37376 c:\windows\system32\dllcache\wmdmps.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 33792 c:\windows\system32\dllcache\wmdmlog.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 33792 c:\windows\system32\dllcache\wmdmlog.dll
+ 2010-06-17 17:04 . 2008-04-14 00:12 53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2010-06-17 17:04 . 2008-04-13 18:45 60032 c:\windows\system32\dllcache\usbaudio.sys
+ 2011-06-21 18:18 . 2011-06-21 18:18 37888 c:\windows\system32\dllcache\url.dll
+ 2010-06-17 17:04 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2010-06-17 17:04 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys
+ 2010-06-17 17:04 . 2008-04-13 18:46 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2010-06-17 17:04 . 2008-04-13 18:46 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2004-08-04 05:56 . 2008-04-14 00:12 16896 c:\windows\system32\dllcache\msyuv.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 27136 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 27136 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 11264 c:\windows\system32\dllcache\LAPRXY.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 11264 c:\windows\system32\dllcache\LAPRXY.dll
+ 2004-08-04 05:56 . 2008-04-14 00:11 47616 c:\windows\system32\dllcache\iyuv_32.dll
- 2009-02-20 08:10 . 2009-02-20 08:10 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-02-20 08:10 . 2011-06-21 18:18 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2011-04-26 11:07 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-02-15 02:12 . 2008-05-02 10:49 62976 c:\windows\system32\dllcache\cdrom.sys
+ 2010-06-17 17:04 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-10 17:50 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll
+ 2011-05-28 12:36 . 2011-05-28 12:36 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-28 12:36 . 2011-05-28 12:36 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-05-28 12:36 . 2011-05-28 12:36 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-12-09 05:00 . 2006-08-01 23:02 49152 c:\windows\system32\ChCfg.exe
+ 2004-02-11 19:22 . 2004-02-11 19:22 77824 c:\windows\system32\CDVPreviewEx.dll
+ 2004-08-10 17:50 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
- 2008-07-30 03:16 . 2008-07-30 03:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-08 06:48 . 2010-04-08 06:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-03-23 12:31 . 2010-03-23 12:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2009-06-25 02:56 . 2009-06-25 02:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2010-04-01 18:42 . 2010-04-01 18:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2010-03-31 21:51 . 2010-03-31 21:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-14 02:58 . 2007-04-14 02:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-14 02:57 . 2007-04-14 02:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-03-31 21:51 . 2010-03-31 21:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-14 02:57 . 2007-04-14 02:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-03-31 21:51 . 2010-03-31 21:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-03-31 22:32 . 2010-03-31 22:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-14 03:30 . 2007-04-14 03:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-21 00:19 . 2003-02-21 00:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-03-31 22:32 . 2010-03-31 22:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-06-17 17:16 . 2010-06-17 17:16 29696 c:\windows\Installer\d201d5a.msi
+ 2010-06-17 17:16 . 2010-06-17 17:16 27136 c:\windows\Installer\d201d53.msi
+ 2010-06-17 17:12 . 2010-06-17 17:12 23552 c:\windows\Installer\d201d22.msi
+ 2010-06-17 17:12 . 2010-06-17 17:12 27136 c:\windows\Installer\d201d13.msi
+ 2010-09-16 22:57 . 2010-09-16 22:57 23040 c:\windows\Installer\725c5.msi
+ 2010-09-16 22:57 . 2010-09-16 22:57 23040 c:\windows\Installer\725bb.msi
+ 2010-09-16 22:57 . 2010-09-16 22:57 24576 c:\windows\Installer\725b1.msi
+ 2010-09-16 22:57 . 2010-09-16 22:57 23552 c:\windows\Installer\7259b.msi
+ 2010-09-16 22:57 . 2010-09-16 22:57 23552 c:\windows\Installer\72587.msi
+ 2010-09-16 22:56 . 2010-09-16 22:56 59392 c:\windows\Installer\72573.msi
+ 2010-09-16 22:56 . 2010-09-16 22:56 28672 c:\windows\Installer\72566.msi
+ 2011-08-05 12:38 . 2011-08-05 12:38 22016 c:\windows\Installer\33eda33.msi
+ 2010-07-04 03:32 . 2010-07-04 03:32 49664 c:\windows\Installer\28667371.msi
+ 2011-08-29 17:49 . 2011-08-29 17:49 73728 c:\windows\Installer\{D32FA1FF-78EC-4FFB-B339-F6CEFCA1EFE5}\NewShortcut41_CDA8C3A20D1549D2A380692728F034C1.exe
+ 2011-08-29 17:49 . 2011-08-29 17:49 73728 c:\windows\Installer\{D32FA1FF-78EC-4FFB-B339-F6CEFCA1EFE5}\NewShortcut4_9D7B6F21910E4E2DB205F34E5267A982.exe
+ 2011-08-29 17:49 . 2011-08-29 17:49 61440 c:\windows\Installer\{D32FA1FF-78EC-4FFB-B339-F6CEFCA1EFE5}\NewShortcut22_527D6200C3EC4DB9AE843CE3F34DE116.exe
+ 2011-08-29 17:49 . 2011-08-29 17:49 69632 c:\windows\Installer\{D32FA1FF-78EC-4FFB-B339-F6CEFCA1EFE5}\NewShortcut21_4C099DA6E2CB415298ED5DB5DAB6AF3B.exe
+ 2011-08-29 17:49 . 2011-08-29 17:49 69632 c:\windows\Installer\{D32FA1FF-78EC-4FFB-B339-F6CEFCA1EFE5}\NewShortcut2_75DDCF6CC17D4C3EB28A1EF3248DCFF2.exe
+ 2011-08-29 17:49 . 2011-08-29 17:49 22382 c:\windows\Installer\{D32FA1FF-78EC-4FFB-B339-F6CEFCA1EFE5}\ARPPRODUCTICON.exe
+ 2011-04-18 00:48 . 2011-04-18 00:48 27136 c:\windows\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
+ 2011-05-28 12:38 . 2011-05-28 12:38 65536 c:\windows\Installer\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2011-08-27 05:35 . 2011-08-27 05:35 61440 c:\windows\Installer\{B2CAEE2E-F84B-4B6E-A3A5-D3E9C05BC8F3}\NewShortcut22_527D6200C3EC4DB9AE843CE3F34DE116.exe
+ 2010-09-30 05:37 . 2010-09-30 05:37 27136 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2010-09-30 05:37 . 2010-09-30 05:37 12288 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-07-04 03:35 . 2011-06-18 18:18 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-09-25 12:25 . 2010-09-25 12:25 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2011-02-15 02:12 . 2008-05-02 10:49 62976 c:\windows\Driver Cache\i386\cdrom.sys
+ 2010-06-15 00:41 . 2010-06-15 00:41 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_d5dc5861\System.Drawing.Design.dll
+ 2010-06-15 00:41 . 2010-06-15 00:41 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_082823e0\CustomMarshalers.dll
+ 2011-07-07 05:52 . 2011-07-07 05:52 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\cd01c68863fb8316b8436218b1c0fad0\UIAutomationProvider.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\6d2f063528656fef76ecf8da389e7b67\System.Windows.Presentation.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3b71c5fc2f512d3c8f60f519fb156bdb\System.Web.DynamicData.Design.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-07-07 06:46 . 2011-07-07 06:46 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\177a17af98d803ab79006d6785706462\System.AddIn.Contract.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3eaa4798c874dbe85ab6b0e1b9d2eaab\PresentationFontCache.ni.exe
+ 2011-08-19 16:52 . 2011-08-19 16:52 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\568a85dcae0927bee17eba4d9b8f0155\PresentationCFFRasterizer.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f9c514544c8e23220493cd42a0e20678\Microsoft.Vsa.ni.dll
+ 2011-07-07 06:45 . 2011-07-07 06:45 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
+ 2011-07-07 06:45 . 2011-07-07 06:45 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
+ 2011-07-07 06:45 . 2011-07-07 06:45 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
+ 2011-07-07 06:45 . 2011-07-07 06:45 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
- 2010-01-27 03:17 . 2010-01-27 03:17 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-06-15 00:39 . 2010-06-15 00:39 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2010-01-26 03:46 . 2010-01-26 03:46 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2010-01-27 03:17 . 2010-01-27 03:17 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-06-15 00:41 . 2010-06-15 00:41 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-12-19 12:15 . 2004-09-15 17:28 86016 c:\windows\$NtUninstallwmp11$\wmpshell.dll
+ 2010-12-19 12:15 . 2004-09-15 17:28 73728 c:\windows\$NtUninstallwmp11$\wmplayer.exe
+ 2010-12-19 12:15 . 2004-09-15 17:28 28672 c:\windows\$NtUninstallwmp11$\wmpenc.exe
+ 2010-12-19 12:15 . 2004-09-15 17:28 77824 c:\windows\$NtUninstallwmp11$\wmpband.dll
+ 2010-06-15 00:33 . 2009-02-20 08:10 81920 c:\windows\$NtUninstallKB982381$\ieencode.dll
+ 2010-05-27 02:10 . 2008-10-23 10:06 62976 c:\windows\$NtUninstallKB981793$\tzchange.exe
+ 2010-05-27 02:10 . 2010-04-22 22:21 16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll
+ 2010-06-15 00:40 . 2008-04-14 00:11 65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2011-02-15 02:14 . 2008-04-13 18:40 62976 c:\windows\$NtUninstallKB932716-v2$\cdrom.sys
+ 2011-06-18 18:17 . 2010-04-16 16:09 81920 c:\windows\$NtUninstallKB2530548$\ieencode.dll
+ 2011-07-23 05:35 . 2008-04-14 00:11 32256 c:\windows\$NtUninstallKB2507938$\csrsrv.dll
+ 2010-06-15 00:33 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982381\update\spcustom.dll
+ 2010-06-15 00:33 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB982381\spmsg.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 81920 c:\windows\$hf_mig$\KB982381\SP3QFE\ieencode.dll
+ 2010-06-15 00:41 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980218\update\spcustom.dll
+ 2010-06-15 00:41 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980218\spmsg.dll
+ 2010-06-15 00:41 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB980195\update\spcustom.dll
+ 2010-06-15 00:41 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB980195\spmsg.dll
+ 2010-06-15 00:40 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979559\update\spcustom.dll
+ 2010-06-15 00:40 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB979559\spmsg.dll
+ 2010-06-15 00:40 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll
+ 2010-06-15 00:40 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB979482\spmsg.dll
+ 2010-03-05 14:52 . 2010-03-05 14:52 65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll
+ 2010-05-17 01:23 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-05-17 01:23 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978542\spmsg.dll
+ 2010-06-15 00:39 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll
+ 2010-06-15 00:39 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975562\spmsg.dll
+ 2011-07-23 05:32 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2555917\update\spcustom.dll
+ 2011-07-23 05:32 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2555917\spmsg.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893\update\spcustom.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893\spmsg.dll
+ 2011-06-18 18:15 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544521\update\spcustom.dll
+ 2011-06-18 18:15 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544521\spmsg.dll
+ 2011-07-08 02:32 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2541763\update\spcustom.dll
+ 2011-07-08 02:32 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2541763\spmsg.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276\update\spcustom.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276\spmsg.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2535512\update\spcustom.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2535512\spmsg.dll
+ 2011-06-18 18:18 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2530548\update\spcustom.dll
+ 2011-06-18 18:18 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2530548\spmsg.dll
+ 2011-04-25 14:46 . 2011-04-25 14:46 81920 c:\windows\$hf_mig$\KB2530548\SP3QFE\ieencode.dll
+ 2011-07-23 05:35 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll
+ 2011-07-23 05:35 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507938\spmsg.dll
+ 2011-04-26 11:02 . 2011-04-26 11:02 33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll
+ 2011-06-18 18:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2503665\update\spcustom.dll
+ 2011-06-18 18:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2503665\spmsg.dll
+ 2011-06-18 18:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll
+ 2011-06-18 18:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476490\spmsg.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2004-08-10 17:51 . 2009-01-31 04:35 4096 c:\windows\system32\wmvdmoe2.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\wmvdmoe2.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\wmvdmod.dll
+ 2004-08-10 17:51 . 2009-01-31 04:35 4096 c:\windows\system32\wmvdmod.dll
+ 2006-05-27 21:50 . 2009-01-31 04:34 4096 c:\windows\system32\WMVADVE.DLL
- 2006-05-27 21:50 . 2006-10-19 05:47 4096 c:\windows\system32\WMVADVE.DLL
+ 2006-05-27 21:50 . 2009-01-31 04:34 4096 c:\windows\system32\WMVADVD.dll
- 2006-05-27 21:50 . 2006-10-19 05:47 4096 c:\windows\system32\WMVADVD.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\wmsdmoe2.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 4096 c:\windows\system32\wmsdmoe2.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 4096 c:\windows\system32\wmsdmod.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\wmsdmod.dll
+ 2006-05-27 21:50 . 2009-02-03 04:01 8704 c:\windows\system32\wdfmgr.exe
- 2006-05-27 21:50 . 2006-10-19 05:58 8704 c:\windows\system32\wdfmgr.exe
+ 2006-05-27 21:50 . 2009-01-31 04:34 4096 c:\windows\system32\wdfapi.dll
- 2006-05-27 21:50 . 2006-10-19 05:47 4096 c:\windows\system32\wdfapi.dll
+ 2006-05-27 21:50 . 2009-02-03 04:01 8704 c:\windows\system32\uwdf.exe
- 2006-05-27 21:50 . 2006-10-19 05:58 8704 c:\windows\system32\uwdf.exe
+ 2001-08-18 03:36 . 2001-08-18 05:36 8192 c:\windows\system32\tsbyuv.dll
- 2001-08-18 03:36 . 2004-08-04 10:00 8192 c:\windows\system32\tsbyuv.dll
+ 2010-06-17 17:14 . 2008-04-14 00:11 4096 c:\windows\system32\ReinstallBackups\0036\DriverFiles\i386\ksuser.dll
+ 2010-06-17 17:13 . 2004-08-04 10:00 8192 c:\windows\system32\ReinstallBackups\0035\DriverFiles\i386\tsbyuv.dll
+ 2010-06-17 17:13 . 2008-04-14 00:11 4096 c:\windows\system32\ReinstallBackups\0035\DriverFiles\i386\ksuser.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 4096 c:\windows\system32\MPG4DMOD.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\MPG4DMOD.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 4096 c:\windows\system32\MP43DMOD.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2010-12-09 05:31 . 2010-12-09 05:31 9484 c:\windows\system32\Lang\SimChin.bin
+ 2009-12-30 02:35 . 2009-12-30 02:35 7680 c:\windows\system32\ff_vfw.dll
+ 2010-12-16 01:22 . 2010-07-15 16:44 8456 c:\windows\system32\EuGdiDrv.sys
+ 2010-06-17 17:05 . 2008-04-13 18:39 5504 c:\windows\system32\drivers\MSTEE.sys
- 2007-05-13 01:36 . 2007-03-07 23:51 9464 c:\windows\system32\drivers\cdralw2k.sys
+ 2007-02-02 11:00 . 2007-02-02 11:00 9464 c:\windows\system32\drivers\cdralw2k.sys
- 2007-05-13 01:36 . 2007-03-07 23:51 9336 c:\windows\system32\drivers\cdr4_xp.sys
+ 2007-02-02 11:00 . 2007-02-02 11:00 9336 c:\windows\system32\drivers\cdr4_xp.sys
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2004-08-10 17:51 . 2009-01-31 04:35 4096 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2004-08-10 17:51 . 2009-01-31 04:35 4096 c:\windows\system32\dllcache\wmvdmod.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\dllcache\wmvdmod.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 4096 c:\windows\system32\dllcache\wmsdmoe2.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\dllcache\wmsdmoe2.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 4096 c:\windows\system32\dllcache\wmsdmod.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 4096 c:\windows\system32\dllcache\wmsdmod.dll
+ 2001-08-18 03:36 . 2001-08-18 05:36 8192 c:\windows\system32\dllcache\tsbyuv.dll
+ 2010-06-17 17:05 . 2008-04-13 18:39 5504 c:\windows\system32\dllcache\mstee.sys
+ 2004-08-10 17:51 . 2009-01-31 04:33 7168 c:\windows\system32\dllcache\asferror.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 7168 c:\windows\system32\asferror.dll
+ 2011-08-29 17:49 . 2011-08-29 17:49 4846 c:\windows\Installer\{D32FA1FF-78EC-4FFB-B339-F6CEFCA1EFE5}\NewShortcut1_59342A70702A48C68C9FE44DC6DC4B96.exe
+ 2011-08-27 05:35 . 2011-08-27 05:35 4846 c:\windows\Installer\{B2CAEE2E-F84B-4B6E-A3A5-D3E9C05BC8F3}\NewShortcut1_59342A70702A48C68C9FE44DC6DC4B96.exe
+ 2010-09-30 05:37 . 2010-09-30 05:37 4096 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2010-01-27 03:18 . 2010-01-27 03:18 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-02-14 06:38 . 2011-02-14 06:38 3072 c:\windows\assembly\GAC_32\policy.1.0.EastmanKodakCompany.EasyShare\1.0.0.2__e736f44e197b3380\policy.1.0.EastmanKodakCompany.EasyShare.dll
+ 2010-12-19 12:15 . 2004-09-15 17:28 8192 c:\windows\$NtUninstallwmp11$\asferror.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 11:54 . 2008-07-29 11:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2006-12-02 03:54 . 2006-12-02 03:54 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
- 2006-12-02 05:54 . 2006-12-02 05:54 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
- 2006-12-02 05:54 . 2006-12-02 05:54 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-02 03:54 . 2006-12-02 03:54 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
- 2006-12-02 05:54 . 2006-12-02 05:54 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-02 03:54 . 2006-12-02 03:54 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2011-05-14 06:17 . 2011-05-14 06:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 06:12 . 2011-05-14 06:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 06:11 . 2011-05-14 06:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
+ 2009-07-12 09:12 . 2009-07-12 09:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 09:09 . 2009-07-12 09:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 09:08 . 2009-07-12 09:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2010-05-14 22:05 . 2010-05-14 22:05 146016 c:\windows\twain_32\QuickCam\lvWIAext.dll
+ 2010-07-05 04:32 . 2010-07-05 04:32 130048 c:\windows\system32\xvidvfw.dll
+ 2008-08-16 21:24 . 1999-11-19 08:00 284032 c:\windows\system32\XceedZip.dll
- 2006-05-27 21:50 . 2006-10-19 05:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-05-27 21:50 . 2009-01-31 04:35 356352 c:\windows\system32\wpdsp.dll
+ 2006-10-19 05:47 . 2009-01-31 04:35 133632 c:\windows\system32\WPDShServiceObj.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2006-05-27 21:50 . 2009-01-31 04:35 154624 c:\windows\system32\wpdmtp.dll
- 2006-05-27 21:50 . 2006-10-19 05:47 154624 c:\windows\system32\wpdmtp.dll
+ 2006-05-27 21:50 . 2009-01-31 04:35 629760 c:\windows\system32\wpd_ci.dll
- 2006-05-27 21:50 . 2006-10-19 05:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-10-19 05:47 . 2009-01-31 04:35 656896 c:\windows\system32\WMVXENCD.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 656896 c:\windows\system32\WMVXENCD.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2006-10-19 05:47 . 2009-01-31 04:35 767488 c:\windows\system32\WMVSENCD.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 604160 c:\windows\system32\WMSPDMOD.dll
+ 2006-05-27 21:50 . 2009-01-31 04:34 204288 c:\windows\system32\wmpsrcwp.dll
+ 2009-01-31 04:34 . 2009-01-31 04:34 130048 c:\windows\system32\wmpps.dll
+ 2009-01-31 04:34 . 2009-01-31 04:34 613376 c:\windows\system32\wmpmde.dll
+ 2009-01-31 04:34 . 2009-01-31 04:34 295936 c:\windows\system32\wmpeffects.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 283648 c:\windows\system32\wmpdxm.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 211456 c:\windows\system32\wmpasf.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 938496 c:\windows\system32\WMNetMgr.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 157184 c:\windows\system32\wmidx.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 157184 c:\windows\system32\wmidx.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 227328 c:\windows\system32\wmerror.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2006-10-19 05:47 . 2009-01-31 04:34 535040 c:\windows\system32\wmdrmsdk.dll
- 2006-05-27 21:50 . 2006-10-19 05:47 348672 c:\windows\system32\wmdrmnet.dll
+ 2006-05-27 21:50 . 2009-01-31 04:34 348672 c:\windows\system32\wmdrmnet.dll
+ 2006-05-27 21:50 . 2009-01-31 04:34 429056 c:\windows\system32\wmdrmdev.dll
- 2006-05-27 21:50 . 2006-10-19 05:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 222208 c:\windows\system32\WMASF.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 222208 c:\windows\system32\wmasf.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 757248 c:\windows\system32\WMADMOD.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 757248 c:\windows\system32\WMADMOD.dll
+ 2004-08-10 17:51 . 2008-04-14 15:48 220160 c:\windows\system32\uxtheme.dll
+ 2004-08-10 17:51 . 2011-06-21 18:18 633344 c:\windows\system32\urlmon.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 200704 c:\windows\system32\TomsMoComp_ff.dll
+ 2006-05-27 22:08 . 2006-03-08 19:38 114688 c:\windows\system32\SynCtrl.dll
- 2006-05-27 22:08 . 2005-11-29 09:41 114688 c:\windows\system32\SynCtrl.dll
+ 2004-08-10 17:51 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll
+ 2010-12-09 05:00 . 2006-10-18 10:53 147456 c:\windows\system32\RtlCPAPI.dll
+ 2007-11-17 05:59 . 2011-08-13 17:06 550376 c:\windows\system32\Restore\rstrlog.dat
+ 2010-06-17 17:14 . 2008-04-13 19:19 146048 c:\windows\system32\ReinstallBackups\0036\DriverFiles\i386\portcls.sys
+ 2010-06-17 17:14 . 2008-04-13 19:16 141056 c:\windows\system32\ReinstallBackups\0036\DriverFiles\i386\ks.sys
+ 2010-06-17 17:13 . 2008-04-13 18:46 121984 c:\windows\system32\ReinstallBackups\0035\DriverFiles\i386\usbvideo.sys
+ 2010-06-17 17:13 . 2008-04-14 00:12 294912 c:\windows\system32\ReinstallBackups\0035\DriverFiles\i386\msh263.drv
+ 2010-06-17 17:13 . 2008-04-13 19:16 141056 c:\windows\system32\ReinstallBackups\0035\DriverFiles\i386\ks.sys
+ 2010-06-02 13:57 . 2005-10-15 01:59 524288 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igldev32.dll
+ 2010-06-02 13:57 . 2005-10-15 01:50 114688 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxzoom.exe
+ 2010-06-02 13:57 . 2005-10-15 01:46 159744 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxsrvc.exe
+ 2010-06-02 13:57 . 2005-10-15 01:49 147456 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxpph.dll
+ 2010-06-02 13:57 . 2005-10-15 01:50 114688 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxpers.exe
+ 2010-06-02 13:57 . 2005-10-15 01:45 135168 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxdev.dll
+ 2010-06-02 13:57 . 2005-10-15 01:49 446464 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxcfg.exe
+ 2010-06-02 13:57 . 2005-10-15 01:51 114688 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmudlg.exe
+ 2010-06-02 13:57 . 2005-10-15 02:06 118395 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmdnt5.dll
+ 2010-06-02 13:57 . 2005-10-15 02:06 213274 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmdev5.dll
+ 2010-06-02 13:57 . 2005-10-15 02:14 901242 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmdd5.dll
+ 2010-05-15 09:01 . 2005-11-29 09:59 221184 c:\windows\system32\ReinstallBackups\0032\DriverFiles\Tutorial.exe
+ 2010-05-15 09:01 . 2005-11-29 09:35 163840 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynZMetr.exe
+ 2010-05-15 09:01 . 2005-11-29 09:56 761947 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynTPEnh.exe
+ 2010-05-15 09:01 . 2005-11-29 09:36 191936 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynTP.sys
+ 2010-05-15 09:01 . 2005-11-29 09:35 147456 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynMood.exe
+ 2010-05-15 09:01 . 2005-11-29 09:59 557056 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynISDLL.dll
+ 2010-05-15 09:01 . 2005-11-29 09:41 114688 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynCtrl.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 211456 c:\windows\system32\qasf.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 211456 c:\windows\system32\qasf.dll
+ 2007-04-05 01:08 . 2007-04-05 01:08 158456 c:\windows\system32\pxwma.dll
- 2005-05-05 18:48 . 2007-03-07 23:51 379640 c:\windows\system32\pxwave.dll
+ 2007-04-05 01:08 . 2007-04-05 01:08 379640 c:\windows\system32\PxWave.dll
- 2005-05-05 18:49 . 2007-03-07 23:51 187128 c:\windows\system32\pxmas.dll
+ 2007-04-05 01:08 . 2007-04-05 01:08 187128 c:\windows\system32\PxMas.dll
+ 2007-03-29 16:56 . 2007-03-29 16:56 118520 c:\windows\system32\pxinsi64.exe
+ 2007-03-23 09:02 . 2007-03-23 09:02 518904 c:\windows\system32\pxdrv.dll
+ 2007-03-29 16:56 . 2007-03-29 16:56 120056 c:\windows\system32\pxcpyi64.exe
- 2007-05-13 01:36 . 2007-03-07 23:51 129784 c:\windows\system32\pxafs.dll
+ 2007-04-05 01:08 . 2007-04-05 01:08 129784 c:\windows\system32\PxAFS.DLL
+ 2007-04-05 01:08 . 2007-04-05 01:08 551672 c:\windows\system32\Px.dll
+ 2009-12-30 02:37 . 2009-12-30 02:37 823296 c:\windows\system32\ppsynthesis.dll
+ 2006-10-19 05:47 . 2009-01-31 04:34 199168 c:\windows\system32\PortableDeviceWMDRM.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-19 05:47 . 2009-01-31 04:34 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-19 05:47 . 2009-01-31 04:34 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-19 05:47 . 2009-01-31 04:34 101888 c:\windows\system32\PortableDeviceClassExtension.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-19 05:47 . 2009-01-31 04:34 254976 c:\windows\system32\PortableDeviceApi.dll
+ 2008-09-24 07:12 . 2008-05-28 07:13 425472 c:\windows\system32\photometadatahandler.dll
+ 2004-08-10 17:51 . 2011-08-30 02:06 527572 c:\windows\system32\perfh009.dat
+ 2004-08-10 17:51 . 2011-08-30 02:06 113350 c:\windows\system32\perfc009.dat
- 2004-08-10 17:51 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll
+ 2004-08-10 17:51 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
+ 2010-07-04 18:59 . 2009-08-07 02:23 215920 c:\windows\system32\muweb.dll
+ 2010-07-04 18:59 . 2009-08-07 02:23 274288 c:\windows\system32\mucltui.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 321536 c:\windows\system32\mswmdm.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 321536 c:\windows\system32\mswmdm.dll
+ 2004-08-10 17:51 . 2011-06-21 18:18 532480 c:\windows\system32\mstime.dll
- 2004-08-10 17:51 . 2008-04-14 00:12 532480 c:\windows\system32\mstime.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 414720 c:\windows\system32\msscp.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 175616 c:\windows\system32\mspmsp.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 175616 c:\windows\system32\mspmsp.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 179712 c:\windows\system32\msnetobj.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 179712 c:\windows\system32\msnetobj.dll
+ 2004-08-10 17:51 . 2011-06-21 18:18 449536 c:\windows\system32\mshtmled.dll
- 2004-08-04 05:56 . 2008-04-14 00:12 294912 c:\windows\system32\msh263.drv
+ 2004-08-04 05:56 . 2008-04-14 00:12 294912 c:\windows\system32\msh263.drv
+ 2006-10-02 23:28 . 2006-10-02 23:28 312128 c:\windows\system32\msdelta.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-10-19 05:47 . 2009-01-31 04:33 259072 c:\windows\system32\MPG4DECD.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-19 05:47 . 2009-01-31 04:33 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-19 05:47 . 2009-01-31 04:33 259072 c:\windows\system32\MP43DECD.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 259072 c:\windows\system32\MP43DECD.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 212992 c:\windows\system32\MFPLAT.dll
+ 2006-10-19 05:47 . 2009-01-31 04:33 212992 c:\windows\system32\MFPLAT.dll
+ 2010-10-26 04:49 . 2010-10-26 04:49 232912 c:\windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe
+ 2010-05-14 22:03 . 2010-05-14 22:03 539232 c:\windows\system32\LVUI2RC.dll
+ 2010-05-14 22:03 . 2010-05-14 22:03 543328 c:\windows\system32\LVUI2.dll
+ 2010-05-14 21:59 . 2010-05-14 21:59 416352 c:\windows\system32\lvcodec2.dll
+ 2010-05-14 21:59 . 2010-05-14 21:59 203360 c:\windows\system32\lvci1301783.dll
+ 2010-06-17 17:12 . 2010-05-08 01:47 114520 c:\windows\system32\logishrd\LVPrcInj01.dll
+ 2010-05-14 21:56 . 2010-05-14 21:56 102744 c:\windows\system32\LogiDPPApp.exe
+ 2004-08-10 17:51 . 2009-01-31 01:37 100864 c:\windows\system32\logagent.exe
- 2004-08-10 17:51 . 2006-10-19 04:03 100864 c:\windows\system32\logagent.exe
+ 2009-12-30 02:35 . 2009-12-30 02:35 405504 c:\windows\system32\libmplayer.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 114688 c:\windows\system32\libmpeg2_ff.dll
+ 2004-08-10 18:02 . 2011-05-02 15:31 692736 c:\windows\system32\inetcomm.dll
+ 2011-02-15 02:12 . 2008-05-02 13:25 465920 c:\windows\system32\imapi2fs.dll
+ 2011-02-15 02:12 . 2008-05-02 13:25 317952 c:\windows\system32\imapi2.dll
- 2006-05-27 22:01 . 2005-10-15 01:45 135168 c:\windows\system32\igfxres.dll
+ 2010-06-02 14:00 . 2005-10-15 01:45 135168 c:\windows\system32\igfxres.dll
+ 2006-05-27 21:49 . 2005-10-15 01:50 114688 c:\windows\system32\igfxpers.exe
- 2004-08-10 17:51 . 2008-04-14 00:11 251904 c:\windows\system32\iepeers.dll
+ 2004-08-10 17:51 . 2011-06-21 18:18 251904 c:\windows\system32\iepeers.dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 118395 c:\windows\system32\ialmdnt5(21).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 118395 c:\windows\system32\ialmdnt5(20).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 118395 c:\windows\system32\ialmdnt5(19).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 118395 c:\windows\system32\ialmdnt5(18).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 118395 c:\windows\system32\ialmdnt5(17).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 213274 c:\windows\system32\ialmdev5(21).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 213274 c:\windows\system32\ialmdev5(20).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 213274 c:\windows\system32\ialmdev5(19).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 213274 c:\windows\system32\ialmdev5(18).dll
+ 2006-05-27 21:49 . 2005-10-15 02:06 213274 c:\windows\system32\ialmdev5(17).dll
+ 2006-05-27 21:49 . 2005-10-15 02:14 901242 c:\windows\system32\ialmdd5(21).dll
+ 2006-05-27 21:49 . 2005-10-15 02:14 901242 c:\windows\system32\ialmdd5(20).dll
+ 2006-05-27 21:49 . 2005-10-15 02:14 901242 c:\windows\system32\ialmdd5(19).dll
+ 2006-05-27 21:49 . 2005-10-15 02:14 901242 c:\windows\system32\ialmdd5(18).dll
+ 2006-05-27 21:49 . 2005-10-15 02:14 901242 c:\windows\system32\ialmdd5(17).dll
- 2006-10-04 02:47 . 2008-04-17 21:12 107368 c:\windows\system32\GEARAspi.dll
+ 2006-10-04 02:47 . 2008-04-17 19:12 107368 c:\windows\system32\GEARAspi.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 511488 c:\windows\system32\ff_x264.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 143360 c:\windows\system32\ff_theora.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 122880 c:\windows\system32\ff_samplerate.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 118784 c:\windows\system32\ff_libmad.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 245760 c:\windows\system32\ff_libfaad2.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 155648 c:\windows\system32\ff_libdts.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 221184 c:\windows\system32\ff_kernelDeint.dll
+ 2010-07-05 04:32 . 2010-07-05 04:32 207360 c:\windows\system32\evrprop.dll
+ 2008-07-30 05:10 . 2010-07-05 04:32 493080 c:\windows\system32\evr.dll
+ 2011-04-18 00:53 . 2008-04-17 19:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspi.dll

+ 2004-08-10 17:51 . 2009-01-31 04:33 991744 c:\windows\system32\drmv2clt.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 991744 c:\windows\system32\drmv2clt.dll
- 2006-10-19 04:00 . 2006-10-19 04:00 249856 c:\windows\system32\drmupgds.exe
+ 2006-10-19 04:00 . 2009-01-31 01:23 249856 c:\windows\system32\drmupgds.exe
- 2006-10-19 05:47 . 2006-10-19 05:47 671232 c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
+ 2006-10-19 05:47 . 2009-01-31 04:35 671232 c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
+ 2006-05-27 22:08 . 2006-03-08 19:35 191872 c:\windows\system32\drivers\SynTP.sys
+ 2004-08-10 17:51 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
+ 2010-05-14 22:02 . 2010-05-14 22:02 276448 c:\windows\system32\drivers\lvrs.sys
+ 2010-05-14 22:02 . 2010-05-14 22:02 114784 c:\windows\system32\drivers\lvpopflt.sys
- 2004-08-10 17:50 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-10 17:50 . 2011-02-16 13:22 138496 c:\windows\system32\drivers\afd.sys
+ 2010-10-07 19:23 . 2010-10-07 19:23 197920 c:\windows\system32\dnssdX.dll
+ 2010-10-07 19:23 . 2010-10-07 19:23 107808 c:\windows\system32\dns-sd.exe
+ 2004-08-10 17:51 . 2009-01-31 04:34 604160 c:\windows\system32\dllcache\WMSPDMOD.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 283648 c:\windows\system32\dllcache\wmpdxm.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 211456 c:\windows\system32\dllcache\wmpasf.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 938496 c:\windows\system32\dllcache\WMNetMgr.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 157184 c:\windows\system32\dllcache\wmidx.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 157184 c:\windows\system32\dllcache\wmidx.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 227328 c:\windows\system32\dllcache\wmerror.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 222208 c:\windows\system32\dllcache\WMASF.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 222208 c:\windows\system32\dllcache\WMASF.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 757248 c:\windows\system32\dllcache\WMADMOD.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 757248 c:\windows\system32\dllcache\WMADMOD.dll
+ 2011-04-26 11:07 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2008-04-21 06:44 . 2011-06-21 18:18 667136 c:\windows\system32\dllcache\wininet.dll
+ 2011-06-14 17:38 . 2011-04-29 19:07 852480 c:\windows\system32\dllcache\vgx.dll
+ 2008-06-26 08:15 . 2011-06-21 18:18 633344 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-10 17:51 . 2009-01-31 01:40 317440 c:\windows\system32\dllcache\unregmp2.exe
+ 2008-12-05 06:54 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 211456 c:\windows\system32\dllcache\qasf.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 211456 c:\windows\system32\dllcache\qasf.dll
+ 2010-12-20 17:32 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2011-06-14 17:39 . 2011-04-21 13:37 105472 c:\windows\system32\dllcache\mup.sys
- 2004-08-10 17:51 . 2006-10-19 05:47 321536 c:\windows\system32\dllcache\mswmdm.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 321536 c:\windows\system32\dllcache\mswmdm.dll
+ 2011-04-25 14:47 . 2011-06-21 18:18 532480 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 414720 c:\windows\system32\dllcache\msscp.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 175616 c:\windows\system32\dllcache\mspmsp.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 175616 c:\windows\system32\dllcache\mspmsp.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 179712 c:\windows\system32\dllcache\msnetobj.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 179712 c:\windows\system32\dllcache\msnetobj.dll
+ 2011-04-25 14:47 . 2011-06-21 18:18 449536 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-11-12 02:05 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2004-08-10 18:02 . 2009-01-31 04:33 243712 c:\windows\system32\dllcache\mpvis.dll
+ 2004-08-10 17:51 . 2009-01-31 01:37 100864 c:\windows\system32\dllcache\logagent.exe
- 2004-08-10 17:51 . 2006-10-19 04:03 100864 c:\windows\system32\dllcache\logagent.exe
+ 2008-08-20 22:07 . 2011-05-02 15:31 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2011-02-15 02:12 . 2008-05-02 13:25 465920 c:\windows\system32\dllcache\imapi2fs.dll
+ 2011-02-15 02:12 . 2008-05-02 13:25 317952 c:\windows\system32\dllcache\imapi2.dll
+ 2010-04-16 16:09 . 2011-06-21 18:18 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 991744 c:\windows\system32\dllcache\drmv2clt.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 991744 c:\windows\system32\dllcache\drmv2clt.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 229376 c:\windows\system32\dllcache\cewmdm.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 229376 c:\windows\system32\dllcache\cewmdm.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 542720 c:\windows\system32\dllcache\blackbox.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 542720 c:\windows\system32\dllcache\blackbox.dll
+ 2010-04-20 05:30 . 2010-04-20 05:30 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2008-06-20 11:40 . 2011-02-16 13:22 138496 c:\windows\system32\dllcache\afd.sys
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2010-05-14 21:55 . 2010-05-14 21:55 290648 c:\windows\system32\DevManagerCore.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 229376 c:\windows\system32\cewmdm.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 229376 c:\windows\system32\cewmdm.dll
+ 2010-05-08 01:43 . 2010-05-08 01:43 515416 c:\windows\system32\capicom.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 542720 c:\windows\system32\blackbox.dll
+ 2004-08-10 17:51 . 2009-01-31 04:33 542720 c:\windows\system32\blackbox.dll
+ 2011-01-27 08:21 . 2008-04-14 00:12 218624 c:\windows\system32\BAKuxtheme.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 741376 c:\windows\system32\audxlib.dll
+ 2006-05-27 21:50 . 2009-01-31 04:33 276992 c:\windows\system32\audiodev.dll
- 2006-05-27 21:50 . 2006-10-19 05:47 276992 c:\windows\system32\audiodev.dll
+ 2004-08-10 17:50 . 2010-04-20 05:30 285696 c:\windows\system32\atmfd.dll
- 2004-08-10 17:50 . 2008-04-14 00:09 285696 c:\windows\system32\atmfd.dll
+ 2010-12-09 05:00 . 2007-04-16 23:28 577536 c:\windows\soundman.exe
+ 2008-09-24 07:13 . 2008-04-14 15:48 220160 c:\windows\ServicePackFiles\i386\uxtheme.dll
+ 2010-04-08 06:48 . 2010-04-08 06:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2010-04-08 06:48 . 2010-04-08 06:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
- 2008-07-30 03:16 . 2008-07-30 03:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-03-23 12:31 . 2010-03-23 12:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 19:22 . 2010-02-09 19:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 19:17 . 2008-07-25 19:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2011-03-25 11:15 . 2011-03-25 11:15 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-03-25 11:15 . 2011-03-25 11:15 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-03-25 11:15 . 2011-03-25 11:15 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2009-08-08 07:51 . 2009-08-08 07:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2007-04-14 02:58 . 2007-04-14 02:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 21:51 . 2010-03-31 21:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-14 02:56 . 2007-04-14 02:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2010-03-31 21:49 . 2010-03-31 21:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 03:30 . 2007-04-14 03:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-03-31 22:32 . 2010-03-31 22:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-06-18 18:19 . 2011-06-18 18:19 223744 c:\windows\Installer\ddbf804.msi
+ 2011-06-18 18:16 . 2011-06-18 18:16 467456 c:\windows\Installer\ddbf7d7.msi
+ 2010-06-17 17:14 . 2010-06-17 17:14 240640 c:\windows\Installer\d201d29.msi
+ 2010-06-17 17:12 . 2010-06-17 17:12 119296 c:\windows\Installer\d201d1b.msi
+ 2011-08-12 03:23 . 2011-08-12 03:23 332288 c:\windows\Installer\c4cbd5.msi
+ 2010-12-16 02:26 . 2010-12-16 02:26 228352 c:\windows\Installer\4a64512.msi
+ 2010-02-25 07:14 . 2010-02-25 07:14 543232 c:\windows\Installer\400d7002.msp
+ 2011-04-18 00:44 . 2011-04-18 00:44 811520 c:\windows\Installer\1ccc02f3.msi
+ 2011-08-29 17:49 . 2011-08-29 17:49 131072 c:\windows\Installer\{D32FA1FF-78EC-4FFB-B339-F6CEFCA1EFE5}\NewShortcut31_E6683CBB4F2A4D068A3B3E49B5013F8B.exe
+ 2011-08-29 17:49 . 2011-08-29 17:49 131072 c:\windows\Installer\{D32FA1FF-78EC-4FFB-B339-F6CEFCA1EFE5}\NewShortcut3_31FC9821C30B4A79865A62D527836333.exe
+ 2011-08-27 05:35 . 2011-08-27 05:35 131072 c:\windows\Installer\{B2CAEE2E-F84B-4B6E-A3A5-D3E9C05BC8F3}\NewShortcut31_E6683CBB4F2A4D068A3B3E49B5013F8B.exe
+ 2011-08-27 05:35 . 2011-08-27 05:35 131072 c:\windows\Installer\{B2CAEE2E-F84B-4B6E-A3A5-D3E9C05BC8F3}\NewShortcut3_31FC9821C30B4A79865A62D527836333.exe
+ 2011-08-27 05:35 . 2011-08-27 05:35 131072 c:\windows\Installer\{B2CAEE2E-F84B-4B6E-A3A5-D3E9C05BC8F3}\ARPPRODUCTICON.exe
+ 2010-09-30 05:37 . 2010-09-30 05:37 135168 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2010-09-30 05:37 . 2010-09-30 05:37 282624 c:\windows\Installer\{90170409-6000-11D3-8CFE-0150048383C9}\fpicon.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-03-20 08:25 . 2008-03-20 08:25 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-03-20 08:25 . 2011-08-19 16:46 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2011-04-18 00:54 . 2011-04-18 00:54 380928 c:\windows\Installer\{2A697B53-0DE3-42DA-B41D-C3F804B1C538}\iTunesIco.exe
+ 2004-08-10 17:51 . 2009-01-31 01:40 317440 c:\windows\inf\unregmp2.exe
+ 2008-11-12 02:05 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-06-15 00:41 . 2010-06-15 00:41 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7abf4e01\System.Drawing.dll
+ 2010-06-15 00:42 . 2010-06-15 00:42 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c241d257\System.Drawing.Design.dll
+ 2010-06-15 00:42 . 2010-06-15 00:42 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_09914418\CustomMarshalers.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe
+ 2011-08-19 16:54 . 2011-08-19 16:54 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\5258a98d02d261deff04fe7c01756de1\WindowsFormsIntegration.ni.dll
+ 2011-07-07 05:52 . 2011-07-07 05:52 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll
+ 2011-08-19 16:54 . 2011-08-19 16:54 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\e257ffb9a80f695a9c66dc984b7a0c8b\UIAutomationClient.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\fe9090a703fdca6566e58528888d106a\System.Web.Routing.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f2c8a6f53b3538187a9dc6ca071d8a12\System.Web.Extensions.Design.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\82b6ce08dc7034c602a1f7e69b554cbf\System.Web.Entity.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\dce49b76bfd7bc2ff12d116ee6bca8d9\System.Web.Entity.Design.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a4e47d1ba150f32b5d9381ea51fc0bd4\System.Web.DynamicData.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\2f8db7be269f78cee37999de2ff5d7f9\System.Web.Abstractions.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Net.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad\System.Management.Instrumentation.ni.dll
+ 2011-08-19 16:55 . 2011-08-19 16:55 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll
+ 2011-08-19 16:55 . 2011-08-19 16:55 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
+ 2011-08-19 16:54 . 2011-08-19 16:54 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\822c996e6ad4901219b7de399a6f78bf\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8\System.Data.Services.Design.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6\System.Data.Services.Client.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\22b65630b837e3634f3c53012300579e\System.Data.Entity.Design.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b\System.Data.DataSetExtensions.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\585e68739b2a8aff61ee6b2786513245\System.Configuration.Install.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fbf6ef12d1456058acde29f2640092fb\System.AddIn.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe
+ 2011-08-19 16:56 . 2011-08-19 16:56 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\159d1c6b25a546c6590e76c6d781ac51\ServiceModelReg.ni.exe
+ 2011-08-19 16:53 . 2011-08-19 16:53 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a647d89794ea70ef602821a9cc0c4c16\PresentationFramework.Classic.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3da10f64cd4f977f21a69a36fd61604b\PresentationFramework.Aero.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\27ebe1e5cfa3355e61ea2da0834417d8\PresentationFramework.Royale.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\17cec33b553f5de6cd4373fa82db99b0\PresentationFramework.Luna.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe
+ 2011-08-19 16:56 . 2011-08-19 16:56 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-07-07 06:45 . 2011-07-07 06:45 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe
+ 2011-08-19 16:55 . 2011-08-19 16:55 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\3c0f34ce18f345bd8031329763a38709\AspNetMMCExt.ni.dll
- 2010-01-27 03:17 . 2010-01-27 03:17 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-01-27 03:17 . 2010-01-27 03:17 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-15 00:39 . 2010-06-15 00:39 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-06-15 00:39 . 2010-06-15 00:39 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-06-15 00:39 . 2010-06-15 00:39 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2010-01-26 03:46 . 2010-01-26 03:46 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-01-27 03:17 . 2010-01-27 03:17 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-02-15 02:19 . 2011-02-15 02:19 258048 c:\windows\assembly\GAC_32\EastmanKodakCompany.EasyShare\2.0.4523.7930__e736f44e197b3380\EastmanKodakCompany.EasyShare.dll
+ 2011-02-14 06:38 . 2011-02-14 06:38 282624 c:\windows\assembly\GAC_32\EastmanKodakCompany.EasyShare\1.0.2698.25402__e736f44e197b3380\EastmanKodakCompany.EasyShare.dll
+ 2010-12-09 04:59 . 2006-07-31 19:19 315392 c:\windows\alcupd.exe
+ 2010-12-09 04:59 . 2006-07-31 19:27 217088 c:\windows\alcrmv.exe
+ 2010-12-19 12:15 . 2004-09-15 17:28 175104 c:\windows\$NtUninstallwmp11$\wmpsrcwp.dll
+ 2010-12-19 12:15 . 2009-07-13 17:08 286720 c:\windows\$NtUninstallwmp11$\wmpdxm.dll
+ 2010-12-19 12:15 . 2004-09-15 17:28 135168 c:\windows\$NtUninstallwmp11$\wmpasf.dll
+ 2010-12-19 12:15 . 2004-09-15 17:27 122880 c:\windows\$NtUninstallwmp11$\wmlaunch.exe
+ 2010-12-19 12:15 . 2004-09-15 17:27 189440 c:\windows\$NtUninstallwmp11$\wmerror.dll
+ 2010-12-19 12:15 . 2004-09-15 17:27 192512 c:\windows\$NtUninstallwmp11$\unregmp2.exe
+ 2010-12-19 12:15 . 2008-02-13 20:52 371424 c:\windows\$NtUninstallwmp11$\spuninst\updspapi.dll
+ 2010-12-19 12:15 . 2008-02-13 20:52 213216 c:\windows\$NtUninstallwmp11$\spuninst\spuninst.exe
+ 2010-12-19 12:15 . 2004-09-15 17:27 819200 c:\windows\$NtUninstallwmp11$\setup_wm.exe
+ 2010-12-19 12:15 . 2004-09-15 17:27 344064 c:\windows\$NtUninstallwmp11$\mpvis.dll
+ 2010-12-19 12:16 . 2006-09-26 01:58 379184 c:\windows\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll
+ 2010-12-19 12:16 . 2006-09-26 01:58 221488 c:\windows\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe
+ 2010-06-15 00:33 . 2009-02-20 08:10 666112 c:\windows\$NtUninstallKB982381$\wininet.dll
+ 2010-06-15 00:33 . 2009-02-20 08:10 619520 c:\windows\$NtUninstallKB982381$\urlmon.dll
+ 2010-06-15 00:33 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB982381$\spuninst\updspapi.dll
+ 2010-06-15 00:33 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB982381$\spuninst\spuninst.exe
+ 2010-06-15 00:33 . 2008-04-14 00:11 251904 c:\windows\$NtUninstallKB982381$\iepeers.dll
+ 2010-05-27 02:10 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB981793$\spuninst\updspapi.dll
+ 2010-05-27 02:10 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB981793$\spuninst\spuninst.exe
+ 2010-06-15 00:41 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB980218$\spuninst\updspapi.dll
+ 2010-06-15 00:41 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB980218$\spuninst\spuninst.exe
+ 2010-06-15 00:41 . 2008-04-14 00:09 285696 c:\windows\$NtUninstallKB980218$\atmfd.dll
+ 2010-06-15 00:41 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB980195$\spuninst\updspapi.dll
+ 2010-06-15 00:41 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB980195$\spuninst\spuninst.exe
+ 2010-06-15 00:40 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979559$\spuninst\updspapi.dll
+ 2010-06-15 00:40 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB979559$\spuninst\spuninst.exe
+ 2010-06-15 00:40 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979482$\spuninst\updspapi.dll
+ 2010-06-15 00:40 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB979482$\spuninst\spuninst.exe
+ 2010-06-15 00:40 . 2007-07-28 06:11 382840 c:\windows\$NtUninstallKB978695_WM9$\spuninst\updspapi.dll
+ 2010-06-15 00:40 . 2007-07-28 06:11 231288 c:\windows\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe
+ 2010-05-17 01:23 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978542$\spuninst\updspapi.dll
+ 2010-05-17 01:23 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978542$\spuninst\spuninst.exe
+ 2010-05-17 01:23 . 2008-04-11 19:04 691712 c:\windows\$NtUninstallKB978542$\inetcomm.dll
+ 2010-06-15 00:39 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975562$\spuninst\updspapi.dll
+ 2010-06-15 00:39 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB975562$\spuninst\spuninst.exe
+ 2011-02-15 02:15 . 2007-11-30 12:39 382840 c:\windows\$NtUninstallKB945060-v3$\spuninst\updspapi.dll
+ 2011-02-15 02:15 . 2007-11-30 12:39 231288 c:\windows\$NtUninstallKB945060-v3$\spuninst\spuninst.exe
+ 2011-02-15 02:15 . 2008-04-14 00:12 412160 c:\windows\$NtUninstallKB945060-v3$\photometadatahandler.dll
+ 2011-02-15 02:14 . 2007-11-30 11:18 382840 c:\windows\$NtUninstallKB932716-v2$\spuninst\updspapi.dll
+ 2011-02-15 02:14 . 2007-11-30 11:18 231288 c:\windows\$NtUninstallKB932716-v2$\spuninst\spuninst.exe
+ 2011-07-23 05:32 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2555917$\spuninst\updspapi.dll
+ 2011-07-23 05:32 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2555917$\spuninst\spuninst.exe
+ 2011-06-18 18:16 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2544893$\spuninst\updspapi.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2544893$\spuninst\spuninst.exe
+ 2011-06-18 18:16 . 2010-01-29 15:01 691712 c:\windows\$NtUninstallKB2544893$\inetcomm.dll
+ 2011-06-18 18:15 . 2008-04-14 00:12 851968 c:\windows\$NtUninstallKB2544521$\vgx.dll
+ 2011-06-18 18:15 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2544521$\spuninst\updspapi.dll
+ 2011-06-18 18:15 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2544521$\spuninst\spuninst.exe
+ 2011-07-08 02:32 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2541763$\spuninst\updspapi.dll
+ 2011-07-08 02:32 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2541763$\spuninst\spuninst.exe
+ 2011-07-08 02:32 . 2009-06-25 08:25 147456 c:\windows\$NtUninstallKB2541763$\schannel.dll
+ 2011-06-18 18:16 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2536276$\spuninst\updspapi.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2536276$\spuninst\spuninst.exe
+ 2011-06-18 18:16 . 2008-10-24 11:21 455296 c:\windows\$NtUninstallKB2536276$\mrxsmb.sys
+ 2011-06-18 18:16 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2535512$\spuninst\updspapi.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2535512$\spuninst\spuninst.exe
+ 2011-06-18 18:16 . 2008-04-13 19:17 105344 c:\windows\$NtUninstallKB2535512$\mup.sys
+ 2011-06-18 18:17 . 2010-04-16 16:09 667136 c:\windows\$NtUninstallKB2530548$\wininet.dll
+ 2011-06-18 18:17 . 2010-04-16 16:09 627712 c:\windows\$NtUninstallKB2530548$\urlmon.dll
+ 2011-06-18 18:18 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2530548$\spuninst\updspapi.dll
+ 2011-06-18 18:18 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2530548$\spuninst\spuninst.exe
+ 2011-06-18 18:17 . 2008-04-14 00:12 532480 c:\windows\$NtUninstallKB2530548$\mstime.dll
+ 2011-06-18 18:17 . 2008-04-14 00:11 449024 c:\windows\$NtUninstallKB2530548$\mshtmled.dll
+ 2011-06-18 18:17 . 2010-04-16 16:09 251904 c:\windows\$NtUninstallKB2530548$\iepeers.dll
+ 2011-07-23 05:35 . 2008-04-14 00:12 293376 c:\windows\$NtUninstallKB2507938$\winsrv.dll
+ 2011-07-23 05:35 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2507938$\spuninst\updspapi.dll
+ 2011-07-23 05:35 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2507938$\spuninst\spuninst.exe
+ 2011-06-18 18:17 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2503665$\spuninst\updspapi.dll
+ 2011-06-18 18:17 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2503665$\spuninst\spuninst.exe
+ 2011-06-18 18:17 . 2008-08-14 10:04 138496 c:\windows\$NtUninstallKB2503665$\afd.sys
+ 2011-06-18 18:17 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2476490$\spuninst\updspapi.dll
+ 2011-06-18 18:17 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2476490$\spuninst\spuninst.exe
+ 2011-06-18 18:17 . 2008-04-14 00:12 551936 c:\windows\$NtUninstallKB2476490$\oleaut32.dll
+ 2010-06-15 00:33 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB982381\update\updspapi.dll
+ 2010-06-15 00:33 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB982381\update\update.exe
+ 2010-06-15 00:33 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB982381\spuninst.exe
+ 2010-04-16 16:01 . 2010-04-16 16:01 668672 c:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll
+ 2010-04-16 16:01 . 2010-04-16 16:01 628736 c:\windows\$hf_mig$\KB982381\SP3QFE\urlmon.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 251904 c:\windows\$hf_mig$\KB982381\SP3QFE\iepeers.dll
+ 2010-06-15 00:41 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980218\update\updspapi.dll
+ 2010-06-15 00:41 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980218\update\update.exe
+ 2010-06-15 00:41 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB980218\spuninst.exe
+ 2010-04-20 05:37 . 2010-04-20 05:37 285824 c:\windows\$hf_mig$\KB980218\SP3QFE\atmfd.dll
+ 2010-06-15 00:41 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB980195\update\updspapi.dll
+ 2010-06-15 00:41 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB980195\update\update.exe
+ 2010-06-15 00:41 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB980195\spuninst.exe
+ 2010-06-15 00:40 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979559\update\updspapi.dll
+ 2010-06-15 00:40 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979559\update\update.exe
+ 2010-06-15 00:40 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB979559\spuninst.exe
+ 2010-06-15 00:40 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979482\update\updspapi.dll
+ 2010-06-15 00:40 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979482\update\update.exe
+ 2010-06-15 00:40 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB979482\spuninst.exe
+ 2010-05-17 01:23 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-05-17 01:23 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-05-17 01:23 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-01-29 14:53 . 2010-01-29 14:53 691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
+ 2010-06-15 00:39 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
+ 2010-06-15 00:39 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-06-15 00:39 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975562\spuninst.exe
+ 2011-07-23 05:32 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll
+ 2011-07-23 05:32 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2555917\update\update.exe
+ 2011-07-23 05:32 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2555917\spuninst.exe
+ 2011-06-18 18:16 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893\update\updspapi.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893\update\update.exe
+ 2011-06-18 18:16 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893\spuninst.exe
+ 2011-06-14 17:39 . 2011-05-02 15:30 692736 c:\windows\$hf_mig$\KB2544893\SP3QFE\inetcomm.dll
+ 2011-06-18 18:15 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544521\update\updspapi.dll
+ 2011-06-18 18:15 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544521\update\update.exe
+ 2011-06-18 18:15 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544521\spuninst.exe
+ 2011-06-14 17:38 . 2011-04-29 19:02 852480 c:\windows\$hf_mig$\KB2544521\SP3QFE\vgx.dll
+ 2011-07-08 02:32 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2541763\update\updspapi.dll
+ 2011-07-08 02:32 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2541763\update\update.exe
+ 2011-07-08 02:32 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2541763\spuninst.exe
+ 2011-04-29 17:23 . 2011-04-29 17:23 151552 c:\windows\$hf_mig$\KB2541763\SP3QFE\schannel.dll
+ 2011-06-18 18:16 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276\update\updspapi.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276\update\update.exe
+ 2011-06-18 18:16 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276\spuninst.exe
+ 2011-06-14 17:39 . 2011-04-29 16:47 457856 c:\windows\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys
+ 2011-06-18 18:16 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2535512\update\updspapi.dll
+ 2011-06-18 18:16 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2535512\update\update.exe
+ 2011-06-18 18:16 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2535512\spuninst.exe
+ 2011-06-14 17:39 . 2011-04-21 13:52 105472 c:\windows\$hf_mig$\KB2535512\SP3QFE\mup.sys
+ 2011-06-18 18:18 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2530548\update\updspapi.dll
+ 2011-06-18 18:18 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2530548\update\update.exe
+ 2011-06-18 18:18 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2530548\spuninst.exe
+ 2011-04-25 14:46 . 2011-04-25 14:46 668672 c:\windows\$hf_mig$\KB2530548\SP3QFE\wininet.dll
+ 2011-04-25 14:46 . 2011-04-25 14:46 630784 c:\windows\$hf_mig$\KB2530548\SP3QFE\urlmon.dll
+ 2011-04-25 14:46 . 2011-04-25 14:46 532480 c:\windows\$hf_mig$\KB2530548\SP3QFE\mstime.dll
+ 2011-04-25 14:46 . 2011-04-25 14:46 449536 c:\windows\$hf_mig$\KB2530548\SP3QFE\mshtmled.dll
+ 2011-04-25 14:46 . 2011-04-25 14:46 251904 c:\windows\$hf_mig$\KB2530548\SP3QFE\iepeers.dll
+ 2011-07-23 05:35 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll
+ 2011-07-23 05:35 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507938\update\update.exe
+ 2011-07-23 05:35 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507938\spuninst.exe
+ 2011-04-26 11:02 . 2011-04-26 11:02 293376 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
+ 2011-06-18 18:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503665\update\updspapi.dll
+ 2011-06-18 18:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503665\update\update.exe
+ 2011-06-18 18:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503665\spuninst.exe
+ 2011-06-14 17:39 . 2011-02-16 13:25 138496 c:\windows\$hf_mig$\KB2503665\SP3QFE\afd.sys
+ 2011-06-18 18:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
+ 2011-06-18 18:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
+ 2011-06-18 18:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
+ 2010-12-20 17:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 16:05 . 2008-07-29 16:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2011-05-14 01:04 . 2011-05-14 01:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
+ 2011-05-14 01:04 . 2011-05-14 01:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
+ 2009-07-12 04:46 . 2009-07-12 04:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-12 04:46 . 2009-07-12 04:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2006-06-05 23:47 . 2006-06-05 23:47 1080320 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfc80u.dll
+ 2006-06-05 23:47 . 2006-06-05 23:47 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfc80.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-10-19 05:47 . 2009-01-31 04:35 2603008 c:\windows\system32\WpdShext.dll
+ 2006-10-19 05:47 . 2009-01-31 04:35 1382912 c:\windows\system32\WMVSDECD.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-10-19 05:47 . 2009-01-31 04:35 1575424 c:\windows\system32\WMVENCOD.dll
- 2006-10-19 05:47 . 2006-10-19 05:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2006-10-19 05:47 . 2009-01-31 04:35 1543680 c:\windows\system32\WMVDECOD.dll
+ 2004-08-10 17:51 . 2010-04-06 11:52 2462720 c:\windows\system32\wmvcore.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 1329152 c:\windows\system32\WMSPDMOE.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 1329152 c:\windows\system32\WMSPDMOE.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 8231936 c:\windows\system32\wmploc.dll
+ 2006-05-27 21:50 . 2009-01-31 04:34 1661952 c:\windows\system32\wmpencen.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 1117696 c:\windows\system32\WMADMOE.dll
+ 2004-08-10 17:51 . 2011-06-21 18:18 1510400 c:\windows\system32\shdocvw.dll
+ 2010-06-02 13:57 . 2005-10-15 01:57 2310144 c:\windows\system32\ReinstallBackups\0033\DriverFiles\iglicd32.dll
+ 2010-06-02 13:57 . 2005-10-15 01:49 1503232 c:\windows\system32\ReinstallBackups\0033\DriverFiles\igfxress.dll
+ 2010-06-02 13:57 . 2005-10-15 02:15 1302812 c:\windows\system32\ReinstallBackups\0033\DriverFiles\ialmnt5.sys
+ 2010-05-15 09:01 . 2005-11-29 09:44 6135899 c:\windows\system32\ReinstallBackups\0032\DriverFiles\SynTPCpl.dll
+ 2004-08-10 17:51 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll
+ 2007-04-05 01:08 . 2007-04-05 01:08 1628920 c:\windows\system32\PxSFS.DLL
- 2005-01-26 19:39 . 2007-03-07 23:51 1628920 c:\windows\system32\pxsfs.dll
+ 2004-08-10 17:51 . 2011-06-27 14:43 3084800 c:\windows\system32\mshtml.dll
+ 2009-02-03 02:15 . 2010-10-26 04:49 5969360 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-12-30 02:35 . 2009-12-30 02:35 3190784 c:\windows\system32\libavcodec.dll
+ 2004-08-10 17:57 . 2011-08-18 16:25 1463520 c:\windows\system32\FNTCACHE.DAT
+ 2011-04-18 00:45 . 2011-02-18 23:36 4184352 c:\windows\system32\DRVSTORE\usbaapl_05A32DBD3911A2EF4222EF5BE7BB535FAB37D6C4\usbaaplrc.dll
+ 2011-04-18 00:45 . 2010-04-20 02:29 1461992 c:\windows\system32\DRVSTORE\netaapl_8A27A03003759CB01567E831096473C330131D64\wdfcoinstaller01009.dll
+ 2010-05-14 22:04 . 2010-05-14 22:04 6842592 c:\windows\system32\drivers\lvuvc.sys
+ 2010-12-09 05:00 . 2008-09-24 18:40 4122368 c:\windows\system32\drivers\alcxwdm.sys
+ 2004-08-10 17:51 . 2010-04-06 11:52 2462720 c:\windows\system32\dllcache\wmvcore.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 1329152 c:\windows\system32\dllcache\WMSPDMOE.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 1329152 c:\windows\system32\dllcache\WMSPDMOE.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 8231936 c:\windows\system32\dllcache\wmploc.dll
- 2004-08-10 17:51 . 2006-10-19 05:47 1117696 c:\windows\system32\dllcache\WMADMOE.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 1117696 c:\windows\system32\dllcache\WMADMOE.dll
+ 2008-10-15 06:26 . 2011-06-02 14:02 1858944 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-26 08:15 . 2011-06-21 18:18 1510400 c:\windows\system32\dllcache\shdocvw.dll
+ 2004-08-10 18:02 . 2009-01-31 01:40 1669632 c:\windows\system32\dllcache\setup_wm.exe
+ 2008-05-07 05:12 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2009-08-13 03:28 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-13 03:28 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-04-21 06:44 . 2011-06-27 14:43 3084800 c:\windows\system32\dllcache\mshtml.dll
+ 2010-04-16 16:09 . 2011-06-21 18:18 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2004-08-10 17:50 . 2011-06-21 18:18 1025024 c:\windows\system32\browseui.dll
- 2004-08-10 17:50 . 2008-04-14 00:11 1025024 c:\windows\system32\browseui.dll
+ 2010-12-16 01:22 . 2010-10-28 20:23 2217088 c:\windows\system32\BootMan.exe
+ 2010-04-08 06:48 . 2010-04-08 06:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2011-03-25 11:15 . 2011-03-25 11:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2008-07-25 19:17 . 2008-07-25 19:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2010-03-23 12:32 . 2010-03-23 12:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2008-11-25 12:59 . 2008-11-25 12:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-04-29 02:50 . 2011-04-29 02:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-03-25 11:15 . 2011-03-25 11:15 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-03-25 11:15 . 2011-03-25 11:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-04-01 18:42 . 2010-04-01 18:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 03:35 . 2007-04-14 03:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 03:35 . 2007-04-14 03:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-04-01 18:42 . 2010-04-01 18:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-14 02:57 . 2007-04-14 02:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 21:50 . 2010-03-31 21:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 21:50 . 2010-03-31 21:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-04-01 18:42 . 2010-04-01 18:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2007-04-14 02:50 . 2007-04-14 02:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-05-20 22:31 . 2011-05-20 22:31 5518848 c:\windows\Installer\ddbf7ed.msp
+ 2011-08-27 05:35 . 2011-08-27 05:35 2337792 c:\windows\Installer\be787eb.msi
+ 2010-09-30 05:37 . 2010-09-30 05:37 3035648 c:\windows\Installer\5df76.msi
+ 2011-01-19 04:36 . 2011-01-19 04:36 2687488 c:\windows\Installer\59198ca.msp
+ 2011-05-02 05:06 . 2011-05-02 05:06 2705920 c:\windows\Installer\535af08.msp
+ 2011-07-26 18:50 . 2011-07-26 18:50 5522432 c:\windows\Installer\535aefe.msp
+ 2011-08-11 23:37 . 2011-08-11 23:37 1094656 c:\windows\Installer\43895.msi
+ 2010-04-12 05:17 . 2010-04-12 05:17 2607104 c:\windows\Installer\400d7010.msp
+ 2010-04-12 05:17 . 2010-04-12 05:17 4210688 c:\windows\Installer\400d700f.msp
+ 2011-08-29 17:49 . 2011-08-29 17:49 2759680 c:\windows\Installer\2d3964f.msi
+ 2011-04-18 00:54 . 2011-04-18 00:54 5448704 c:\windows\Installer\1ccc0d6b.msi
+ 2011-04-18 00:50 . 2011-04-18 00:50 9472000 c:\windows\Installer\1ccc0a4c.msi
+ 2011-04-18 00:48 . 2011-04-18 00:48 1554944 c:\windows\Installer\1ccc07a6.msi
+ 2011-04-18 00:45 . 2011-04-18 00:45 3085312 c:\windows\Installer\1ccc033b.msi
+ 2011-04-18 00:45 . 2011-04-18 00:45 1984000 c:\windows\Installer\1ccc0305.msi
+ 2007-01-28 11:41 . 2007-01-28 11:41 3030528 c:\windows\Installer\1960b7.msi
+ 2007-01-28 11:40 . 2007-01-28 11:40 1778176 c:\windows\Installer\1960a1.msi
+ 2007-01-28 11:39 . 2007-01-28 11:39 1759744 c:\windows\Installer\196091.msi
+ 2007-01-28 11:39 . 2007-01-28 11:39 1758720 c:\windows\Installer\196089.msi
+ 2007-01-28 11:38 . 2007-01-28 11:38 1954304 c:\windows\Installer\196081.msi
+ 2007-01-28 11:38 . 2007-01-28 11:38 1826816 c:\windows\Installer\196079.msi
+ 2007-01-28 11:37 . 2007-01-28 11:37 1726976 c:\windows\Installer\196060.msi
+ 2007-01-28 11:37 . 2007-01-28 11:37 1891840 c:\windows\Installer\196058.msi
+ 2007-01-28 11:35 . 2007-01-28 11:35 1730048 c:\windows\Installer\19604f.msi
+ 2007-01-28 11:34 . 2007-01-28 11:34 1761792 c:\windows\Installer\196047.msi
+ 2007-01-28 11:34 . 2007-01-28 11:34 1735680 c:\windows\Installer\19603f.msi
+ 2007-01-28 11:33 . 2007-01-28 11:33 1744384 c:\windows\Installer\196037.msi
+ 2007-01-28 11:33 . 2007-01-28 11:33 1842688 c:\windows\Installer\19602f.msi
+ 2007-01-28 11:32 . 2007-01-28 11:32 2159104 c:\windows\Installer\196026.msi
+ 2007-01-28 11:31 . 2007-01-28 11:31 1715712 c:\windows\Installer\19601e.msi
+ 2007-01-28 11:31 . 2007-01-28 11:31 1728000 c:\windows\Installer\196015.msi
+ 2007-01-28 11:30 . 2007-01-28 11:30 1761792 c:\windows\Installer\196000.msi
+ 2007-01-28 11:30 . 2007-01-28 11:30 1753088 c:\windows\Installer\195ff8.msi
+ 2007-01-28 11:29 . 2007-01-28 11:29 1720832 c:\windows\Installer\195ff0.msi
+ 2007-01-28 11:29 . 2007-01-28 11:29 2595840 c:\windows\Installer\195fe8.msi
+ 2007-01-28 11:27 . 2007-01-28 11:27 1826304 c:\windows\Installer\195fe0.msi
+ 2007-01-28 11:26 . 2007-01-28 11:26 1716736 c:\windows\Installer\195fd8.msi
+ 2007-01-28 11:25 . 2007-01-28 11:25 1775104 c:\windows\Installer\195fd0.msi
+ 2010-06-15 00:41 . 2010-06-15 00:41 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_f8669580\System.dll
+ 2010-06-15 00:42 . 2010-06-15 00:42 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_7f53d30d\System.dll
+ 2010-06-15 00:42 . 2010-06-15 00:42 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_efffb297\System.Xml.dll
+ 2010-06-15 00:41 . 2010-06-15 00:41 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b3cd7214\System.Xml.dll
+ 2010-06-15 00:41 . 2010-06-15 00:41 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_d577c18b\System.Windows.Forms.dll
+ 2010-06-15 00:42 . 2010-06-15 00:42 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_c0d2b917\System.Windows.Forms.dll
+ 2010-06-15 00:42 . 2010-06-15 00:42 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_8bd2d6c0\System.Drawing.dll
+ 2010-06-15 00:41 . 2010-06-15 00:41 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7810551f\System.Design.dll
+ 2010-06-15 00:42 . 2010-06-15 00:42 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_4c4cb4be\System.Design.dll
+ 2010-06-15 00:42 . 2010-06-15 00:42 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a0ae428b\mscorlib.dll
+ 2010-06-15 00:42 . 2010-06-15 00:42 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_972fd3f9\mscorlib.dll
+ 2011-08-19 16:52 . 2011-08-19 16:52 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cc50d1188f7e12a11a6231eeb8799aca\WindowsBase.ni.dll
+ 2011-08-19 16:54 . 2011-08-19 16:54 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\f5652ba5526abf5e85bd28ae12064d0c\UIAutomationClientsideProviders.ni.dll
+ 2010-06-15 00:39 . 2010-06-15 00:39 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP847.tmp\System.dll
+ 2011-08-19 16:52 . 2011-08-19 16:52 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
+ 2011-08-19 16:54 . 2011-08-19 16:54 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\b0fdec85cc8dfeed1ab4ee6e04e1a0f5\System.WorkflowServices.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6cf13707db60bac9b841baa641f86b80\System.Workflow.Runtime.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\02188299d3b7b309628fb22f85e6a7cd\System.Workflow.ComponentModel.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\2ee5d9b43124bf8beca58b5d2a2452d0\System.Workflow.Activities.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\057868c68b7f0d238b0795198ba1f6c1\System.Web.Services.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\c88c6644180e2b36268f82bcb064015b\System.Web.Mobile.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ffe9bbd091c76ca341f991ea7db028b2\System.Web.Extensions.ni.dll
+ 2011-08-19 16:54 . 2011-08-19 16:54 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e1208f0d981c420fc59f806bfbaa713b\System.Speech.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\6e12911d48a93a8f97ff829b31927895\System.ServiceModel.Web.ni.dll
+ 2011-08-19 16:55 . 2011-08-19 16:55 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
+ 2011-08-19 16:54 . 2011-08-19 16:54 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\b90e76e8481fa9042f79f07d5638bbad\System.Printing.ni.dll
+ 2011-08-19 16:55 . 2011-08-19 16:55 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\057ffacc710921a87fc42d8058b1739f\System.IdentityModel.ni.dll
+ 2011-08-19 16:54 . 2011-08-19 16:54 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\bca250783a8dbc43113922f314b53694\System.Data.Services.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\571af34939797a7c1cd05b0b925a45bf\System.Data.Linq.ni.dll
+ 2011-08-19 16:57 . 2011-08-19 16:57 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\2b58cc071d6bf0c741e91f86c09de5d7\System.Data.Entity.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\878c127817ce41019fe76f225b8a5e40\ReachFramework.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\d2fcd351a8602da2f01174cbd5d39ad5\PresentationUI.ni.dll
+ 2011-08-19 16:52 . 2011-08-19 16:52 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b187becbc388c4ce7f33ede4da76e7b1\PresentationBuildTasks.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\19207d46721ff3d8005e3ea4f39bb0d2\Microsoft.VisualBasic.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\345abd035c9378667b1cac54c1f21c97\Microsoft.JScript.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-01-27 03:17 . 2010-01-27 03:17 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-06-15 00:39 . 2010-06-15 00:39 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-01-27 03:17 . 2010-01-27 03:17 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-01-27 03:17 . 2010-01-27 03:17 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-01-27 03:18 . 2010-01-27 03:18 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-08-19 16:51 . 2011-08-19 16:51 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-06-15 00:41 . 2010-06-15 00:41 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2007-07-11 00:18 . 2007-07-11 00:18 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-06-15 00:41 . 2010-06-15 00:41 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-07-11 00:18 . 2007-07-11 00:18 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-12-19 12:15 . 2004-09-15 17:28 3371008 c:\windows\$NtUninstallwmp11$\wmploc.dll
+ 2010-12-19 12:15 . 2004-09-15 17:28 1589760 c:\windows\$NtUninstallwmp11$\wmpencen.dll
+ 2010-12-19 12:15 . 2009-07-13 17:08 5537792 c:\windows\$NtUninstallwmp11$\wmp.dll
+ 2010-06-15 00:33 . 2009-03-02 23:04 1499136 c:\windows\$NtUninstallKB982381$\shdocvw.dll
+ 2010-06-15 00:33 . 2009-02-20 08:11 3068416 c:\windows\$NtUninstallKB982381$\mshtml.dll
+ 2010-06-15 00:33 . 2008-04-14 00:11 1025024 c:\windows\$NtUninstallKB982381$\browseui.dll
+ 2010-06-15 00:40 . 2009-02-09 11:13 1846784 c:\windows\$NtUninstallKB979559$\win32k.sys
+ 2010-06-15 00:40 . 2006-10-19 05:47 2450944 c:\windows\$NtUninstallKB978695_WM9$\wmvcore.dll
+ 2010-05-17 01:23 . 2009-07-10 13:27 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-06-15 00:39 . 2008-12-20 22:14 1288192 c:\windows\$NtUninstallKB975562$\quartz.dll
+ 2011-07-23 05:32 . 2010-05-02 05:22 1851264 c:\windows\$NtUninstallKB2555917$\win32k.sys
+ 2011-06-18 18:17 . 2010-04-16 16:09 1509888 c:\windows\$NtUninstallKB2530548$\shdocvw.dll
+ 2011-06-18 18:17 . 2010-04-16 16:09 3073024 c:\windows\$NtUninstallKB2530548$\mshtml.dll
+ 2011-06-18 18:17 . 2010-04-16 16:09 1025024 c:\windows\$NtUninstallKB2530548$\browseui.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 1509888 c:\windows\$hf_mig$\KB982381\SP3QFE\shdocvw.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 3073536 c:\windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 1025024 c:\windows\$hf_mig$\KB982381\SP3QFE\browseui.dll
+ 2010-05-02 06:34 . 2010-05-02 06:34 1860352 c:\windows\$hf_mig$\KB979559\SP3QFE\win32k.sys
+ 2010-01-29 14:53 . 2010-01-29 14:53 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2010-02-05 18:29 . 2010-02-05 18:29 1291776 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll
+ 2011-06-02 14:07 . 2011-06-02 14:07 1867904 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys
+ 2011-04-25 14:46 . 2011-04-25 14:46 1510400 c:\windows\$hf_mig$\KB2530548\SP3QFE\shdocvw.dll
+ 2011-04-25 14:46 . 2011-04-25 14:46 3080192 c:\windows\$hf_mig$\KB2530548\SP3QFE\mshtml.dll
+ 2011-04-25 14:46 . 2011-04-25 14:46 1025024 c:\windows\$hf_mig$\KB2530548\SP3QFE\browseui.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 10838528 c:\windows\system32\wmp.dll
+ 2010-12-09 05:00 . 2006-12-08 23:20 10528768 c:\windows\system32\RTLCPL.exe
+ 2009-08-14 04:26 . 2011-08-19 16:46 52390856 c:\windows\system32\MRT.exe
+ 2010-05-14 21:56 . 2010-05-14 21:56 10830680 c:\windows\system32\LogiDPP.dll
+ 2004-08-10 17:51 . 2009-01-31 04:34 10838528 c:\windows\system32\dllcache\wmp.dll
+ 2010-04-03 02:29 . 2010-04-03 02:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2011-06-18 18:18 . 2011-06-18 18:18 20333056 c:\windows\Installer\ddbf7fb.msp
+ 2010-11-16 03:53 . 2010-11-16 03:53 20303872 c:\windows\Installer\76238a3c.msp
+ 2011-03-28 08:27 . 2011-03-28 08:27 15456256 c:\windows\Installer\59198d9.msp
+ 2010-04-02 19:30 . 2010-04-02 19:30 17456640 c:\windows\Installer\400d7042.msp
+ 2010-04-12 05:17 . 2010-04-12 05:17 14599680 c:\windows\Installer\400d7020.msp
+ 2010-07-04 03:34 . 2010-07-04 03:34 20242432 c:\windows\Installer\28667382.msp
+ 2010-07-04 03:32 . 2010-07-04 03:32 15710720 c:\windows\Installer\28667379.msp
+ 2011-05-24 00:57 . 2011-05-24 00:57 20314624 c:\windows\Installer\19bf17ec.msp
+ 2011-08-19 16:54 . 2011-08-19 16:54 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
+ 2011-08-19 16:58 . 2011-08-19 16:58 11797504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\63f5b8736f62753562c1b2d00fb7db79\System.Web.ni.dll
+ 2011-08-19 16:56 . 2011-08-19 16:56 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\69425da84ecc21432f89aa12bcb78634\System.ServiceModel.ni.dll
+ 2011-08-19 16:54 . 2011-08-19 16:54 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\00e2e9afaf87e58a08afe88497a1fa71\System.Design.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5b6ffaf9a36d0317bd82667950ff2456\PresentationFramework.ni.dll
+ 2011-08-19 16:53 . 2011-08-19 16:53 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\488244923615ed4c984427085a4ed73e\PresentationCore.ni.dll
+ 2011-07-07 05:48 . 2011-07-07 05:48 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"STYLEXP"="c:\program files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 1372160]
"F.lux"="c:\documents and settings\Brian\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-01-31 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"DellTouch"="c:\windows\MMKeybd.exe" [2002-01-17 163840]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-28 185872]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-15 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-15 114688]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoWinKeys"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\adobearm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-02 18:05 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
2008-09-26 19:02 2356088 ----a-r- c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellTouch]
2002-01-17 06:49 163840 ----a-w- c:\windows\MMKeybd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2004-12-06 06:05 127035 ----a-w- c:\windows\system32\dla\tfswctrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-02-23 21:19 53248 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-06-16 14:18 136176 ----atw- c:\documents and settings\Brian\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-12 06:12 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08]
2005-06-17 08:26 49152 ----a-w- c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-10-15 01:46 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 15:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 15:44 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 22:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
2010-05-08 01:35 165208 ----a-w- c:\program files\Logitech\LWS\Webcam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\masqform.exe]
2005-07-04 16:50 643072 ----a-w- c:\program files\PureEdge\Viewer 6.5\masqform.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-30 00:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-11-23 07:36 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-08-12 23:31 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-10-28 03:54 185872 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\BitPim\\bitpimw.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Documents and Settings\\Brian\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"49353:TCP"= 49353:TCP:emule TCP
"41704:TCP"= 41704:TCP:emule UDP
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 6:38 PM 116608]
R2 Nhksrv;Netropa NHK Server;c:\windows\Nhksrv.exe [9/17/2007 4:17 PM 28672]
R3 Msikbd2k;DellTouch;c:\windows\system32\drivers\Msikbd2k.sys [9/17/2007 4:17 PM 6656]
S2 gupdate1ca1ba53a39e1bc;Google Update Service (gupdate1ca1ba53a39e1bc);c:\program files\Google\Update\GoogleUpdate.exe [8/12/2009 6:32 PM 133104]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [12/15/2010 8:22 PM 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [12/15/2010 8:22 PM 8456]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8/12/2009 6:32 PM 133104]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [5/15/2009 3:21 AM 33792]
S3 sanyomdm;SANYO Composite USB Driver;c:\windows\system32\drivers\sanyomdm.sys [6/6/2008 12:07 AM 90240]
S3 sanyoser;SANYO Serial Port Driver;c:\windows\system32\drivers\sanyoser.sys [6/6/2008 12:07 AM 90240]
S3 sy03bus;SANYO USB Composite Device SY03 driver (WDM);c:\windows\system32\drivers\sy03bus.sys [6/6/2008 12:08 AM 83080]
S3 sy03mdfl;SANYO USB Modem SY03 Filter;c:\windows\system32\drivers\sy03mdfl.sys [6/6/2008 12:08 AM 15112]
S3 sy03mdm;SANYO USB Modem SY03 Drivers;c:\windows\system32\drivers\sy03mdm.sys [6/6/2008 12:08 AM 108424]
S3 sy03serd;SANYO USB Modem SY03 Diagnostic Serial Port (WDM);c:\windows\system32\drivers\sy03serd.sys [6/6/2008 12:08 AM 88712]
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-12 23:30]
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-12 23:32]
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-12 23:32]
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4119021893-1412818554-2018904512-1006Core.job
- c:\documents and settings\Brian\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-16 14:18]
.
2011-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4119021893-1412818554-2018904512-1006UA.job
- c:\documents and settings\Brian\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-16 14:18]
.
2006-06-13 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-08-10 00:12]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/webhp?hl=en
FF - prefs.js: network.proxy.type - 0
FF - Ext: New Tab Homepage: {66E978CD-981F-47DF-AC42-E3CF417C1467} - %profile%\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: MR Tech Toolkit: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC} - %profile%\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - (no file)
SafeBoot-52304294.sys
MSConfigStartUp-ALLUpdate - c:\program files\OpenSubtitlesPlayer\ALLUpdate.exe
MSConfigStartUp-ArcSoft Connection Service - c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSConfigStartUp-Pando Media Booster - c:\program files\Pando Networks\Media Booster\PMB.exe
MSConfigStartUp-Qfukiwuhuqerofib - c:\windows\spavev2.dll
MSConfigStartUp-Spyware Protection - c:\documents and settings\Brian\Application Data\defender.exe
MSConfigStartUp-Ukumaw - c:\windows\uvosaxovesebevax.dll
AddRemove-TOP Video Converter Standard_is1 - c:\program files\TOP Software\TOP Video Converter Standard\unins000.exe
AddRemove-Tweak-XP Pro 4 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-30 06:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(764)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Completion time: 2011-08-30 06:59:31
ComboFix-quarantined-files.txt 2011-08-30 11:59
ComboFix2.txt 2010-10-02 23:34
ComboFix3.txt 2010-07-09 09:29
ComboFix4.txt 2010-06-26 07:28
ComboFix5.txt 2010-12-14 22:29
.
Pre-Run: 16,966,656,000 bytes free
Post-Run: 17,324,429,312 bytes free
.
- - End Of File - - 74C1A29CC2518D7749A066F55AE067C5

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:04 PM

Posted 30 August 2011 - 08:47 AM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTListIt.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 bdmski

bdmski
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 30 August 2011 - 09:33 PM

Here is the log you requested, and as always thank you for your help and time =]

OTL logfile created on: 8/30/2011 9:09:01 PM - Run 2
OTL by OldTimer - Version 3.2.26.7 Folder = C:\Documents and Settings\Brian\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 59.75% Memory free
2.58 Gb Paging File | 2.03 Gb Available in Paging File | 78.54% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.74 Gb Total Space | 16.11 Gb Free Space | 41.60% Space Free | Partition Type: NTFS
Drive D: | 13.70 Gb Total Space | 5.66 Gb Free Space | 41.28% Space Free | Partition Type: NTFS
Drive F: | 831.24 Gb Total Space | 515.56 Gb Free Space | 62.02% Space Free | Partition Type: NTFS
Drive X: | 100.24 Gb Total Space | 99.80 Gb Free Space | 99.56% Space Free | Partition Type: FAT32

Computer Name: BRIANSLAPTOP | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Brian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe (SprintNextel)
PRC - C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
PRC - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
PRC - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\WINDOWS\MMKeybd.exe (Netropa Corp.)
PRC - C:\WINDOWS\Nhksrv.exe ()
PRC - C:\Program Files\Netropa\OSD.exe (Netropa Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Mozilla Firefox\js3250.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\WINDOWS\system32\pdf995mon.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll ()
MOD - C:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll ()
MOD - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
MOD - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - C:\WINDOWS\Nhksrv.exe ()
MOD - C:\WINDOWS\system32\msiosd32.dll ()


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (Access Utility Service) -- C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe (SprintNextel)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (StyleXPService) -- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
SRV - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (Nhksrv) -- C:\WINDOWS\Nhksrv.exe ()


========== Driver Services (SafeList) ==========

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (epmntdrv) -- C:\WINDOWS\system32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\WINDOWS\system32\EuGdiDrv.sys ()
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech Webcam 300(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (cpuz132) -- C:\WINDOWS\system32\drivers\cpuz132_x32.sys (Windows ® Codename Longhorn DDK provider)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (dsunidrv) -- C:\WINDOWS\system32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (sy03mdm) -- C:\WINDOWS\system32\drivers\sy03mdm.sys (MCCI)
DRV - (sy03serd) SANYO USB Modem SY03 Diagnostic Serial Port (WDM) -- C:\WINDOWS\system32\drivers\sy03serd.sys (MCCI)
DRV - (sy03bus) SANYO USB Composite Device SY03 driver (WDM) -- C:\WINDOWS\system32\drivers\sy03bus.sys (MCCI)
DRV - (sy03mdfl) -- C:\WINDOWS\system32\drivers\sy03mdfl.sys (MCCI Corporation)
DRV - (sanyoser) -- C:\WINDOWS\system32\drivers\sanyoser.sys (SANYO Electric Co.,Ltd.)
DRV - (sanyomdm) -- C:\WINDOWS\system32\drivers\sanyomdm.sys (SANYO Electric Co.,Ltd.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (StyleXPHelper) -- C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe (Windows ® 2000 DDK provider)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (libusb0) -- C:\WINDOWS\system32\drivers\libusb0.sys ()
DRV - (Msikbd2k) -- C:\WINDOWS\system32\drivers\Msikbd2k.sys (Netropa Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?hl=en"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.7
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.23.0.5
FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.4
FF - prefs.js..extensions.enabledItems: {66E978CD-981F-47DF-AC42-E3CF417C1467}:0.4.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110704
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPAPIX: C:\Program Files\Common Files\fluxDVD\APIX\NPAPIX.dll ()
FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPFluxBrowserHelper: C:\Program Files\Common Files\fluxDVD\BrowserIntegration\NPFluxBrowserHelper.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Brian\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Brian\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Brian\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Brian\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Brian\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{400F0BDB-6C49-43A4-BE1F-76D7327A604D}: C:\Program Files\Common Files\fluxDVD\Download Manager\Mozilla [2008/05/09 09:12:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/10/27 22:56:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/20 11:12:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/17 16:11:57 | 000,000,000 | ---D | M]

[2009/06/28 21:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Extensions
[2009/06/28 21:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/08/29 21:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions
[2011/03/02 02:56:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/11/05 01:14:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{3112ca9c-de6d-4884-a869-9855de680400}
[2008/11/05 01:14:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2011/03/02 02:56:25 | 000,000,000 | ---D | M] (New Tab Homepage) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}
[2008/11/05 01:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{8d443e84-8d17-4211-948d-d033289ab0b4}
[2011/03/02 02:56:39 | 000,000,000 | ---D | M] (MR Tech Toolkit) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
[2011/08/24 11:12:03 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2008/12/16 00:06:05 | 000,000,000 | ---D | M] ("SIRIUS Player") -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{A8208118-F761-47E2-A01F-4FB22AE08B5E}
[2011/08/24 18:41:07 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/24 18:41:02 | 000,000,000 | ---D | M] (Easy YouTube Video Downloader) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2011/08/24 18:41:05 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/08/24 18:41:04 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011/08/24 18:41:29 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2008/11/05 01:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\{e8cba685-830c-1283-6314-a6ae605cc7be}
[2011/08/24 18:41:02 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\DeviceDetection@logitech.com
[2011/03/02 02:56:25 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\en-US@dictionaries.addons.mozilla.org
[2011/08/24 18:41:20 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\firebug@software.joehewitt.com
[2008/02/07 23:16:51 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\moveplayer@movenetworks.com
[2008/11/05 01:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\sxuqcvj3.default\extensions\nasanightlaunch@example.com
[2011/08/29 21:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/11/05 01:14:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de680400}
[2008/11/23 02:36:40 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2004/07/02 16:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\components\np32asw.dll
[2004/07/02 16:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32asw.dll
[2007/03/02 08:17:24 | 000,095,200 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPAPIX.dll
[2007/01/17 06:18:04 | 000,095,200 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPFluxBrowserHelper.dll
[2007/12/19 07:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2007/07/02 10:42:20 | 000,103,064 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPMPDRM.dll
[2006/01/18 15:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2007/12/24 11:17:52 | 000,159,744 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll

O1 HOSTS File: ([2011/08/30 06:56:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe (Netropa Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006..\Run: [F.lux] C:\Documents and Settings\Brian\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 1
O7 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4119021893-1412818554-2018904512-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Brian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Brian\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Documents and Settings\Brian\Desktop\asia_4yo2.
[2011/08/30 06:46:02 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF9211.exe
[2011/08/29 21:03:27 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe
[2011/08/29 12:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\ConceptDraw Project 5
[2011/08/29 12:50:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\CSOdessa
[2011/08/28 16:14:06 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF14978.exe
[2011/08/27 00:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ConceptDraw Office
[2011/08/27 00:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\ConceptDraw Office
[2011/08/27 00:31:34 | 074,727,288 | ---- | C] (CS Odessa ) -- C:\Documents and Settings\Brian\Desktop\ConceptDrawMINDMAP.exe
[2011/08/24 14:08:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2011/08/24 14:08:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2011/08/24 12:26:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/08/24 12:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/08/24 12:23:49 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2011/08/24 11:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/08/24 11:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Hitman Pro 3.5
[2011/08/24 11:19:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/08/23 10:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\SUPERAntiSpyware.com
[2011/08/23 10:58:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/08/23 09:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2011/08/23 09:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2011/08/23 09:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2011/08/23 09:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2011/08/23 09:03:40 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2011/08/23 09:03:39 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2011/08/23 09:03:38 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2011/08/23 09:03:35 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2011/08/23 09:03:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2011/08/23 09:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2011/08/23 09:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MicroWorld
[2011/08/22 12:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\MyPublisher
[2011/08/22 12:11:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Application Data\MyPublisher
[2011/08/20 14:43:44 | 000,607,017 | R--- | C] (Swearware) -- C:\Documents and Settings\Brian\Desktop\dds.scr
[2011/08/20 12:53:29 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/08/19 11:38:48 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/08/19 11:38:11 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/08/18 11:31:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\COLLECTION
[2011/08/18 10:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2011/08/18 10:28:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2011/08/18 10:28:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Local Settings\Application Data\Downloaded Installations
[2011/08/18 10:17:18 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011/08/17 19:18:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Free M4a to MP3 Converter
[2011/08/13 00:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/08/12 23:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\My Documents\My Print Creations
[2011/08/11 18:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Brian\Start Menu\Programs\HiJackThis
[2011/08/10 20:57:23 | 004,170,159 | R--- | C] (Swearware) -- C:\Documents and Settings\Brian\Desktop\ComboFix.exe
[2004/11/24 13:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Brian\Desktop\asia_4yo2.
[2011/08/30 20:43:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/30 20:22:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4119021893-1412818554-2018904512-1006UA.job
[2011/08/30 19:53:19 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brian\Desktop\OTL.exe
[2011/08/30 13:25:01 | 000,000,269 | ---- | M] () -- C:\WINDOWS\MSIOSD.INI
[2011/08/30 12:22:21 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/08/30 06:56:10 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/08/30 06:45:53 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF9211.exe
[2011/08/30 06:43:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/30 06:22:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4119021893-1412818554-2018904512-1006Core.job
[2011/08/29 21:06:13 | 000,527,572 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/29 21:06:12 | 000,113,350 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/29 21:01:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/29 21:01:17 | 2138,505,216 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/29 20:42:13 | 000,684,297 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\unhide.exe
[2011/08/29 20:28:42 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/29 12:49:45 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office MINDMAP.lnk
[2011/08/29 12:49:45 | 000,001,902 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office PROJECT.lnk
[2011/08/29 12:49:45 | 000,001,884 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office PRO.lnk
[2011/08/29 09:13:59 | 030,036,434 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\MFT150_Chapter_01_invitation_2.rm
[2011/08/29 09:12:29 | 005,217,450 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\MFT150_Chapter_01_invitation_.rm
[2011/08/28 23:42:03 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2011/08/28 23:38:30 | 000,000,311 | ---- | M] () -- C:\WINDOWS\MMKEYBD.INI
[2011/08/28 16:13:58 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF14978.exe
[2011/08/27 00:31:22 | 072,769,436 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\ConceptDrawMINDMAP.zip
[2011/08/25 19:07:24 | 000,623,409 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\img0149vt.jpg
[2011/08/24 16:41:49 | 000,436,516 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110824-164201.backup
[2011/08/24 13:45:36 | 000,000,056 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2011/08/24 12:26:06 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/08/24 12:23:49 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2011/08/24 11:19:54 | 000,023,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/08/23 09:10:48 | 000,000,736 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110824-164149.backup
[2011/08/23 09:08:30 | 007,393,989 | ---- | M] () -- C:\WINDOWS\REGBK00.ZIP
[2011/08/23 09:03:39 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2011/08/23 09:03:38 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2011/08/23 09:03:37 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2011/08/23 09:03:21 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\MWAVSCAN.lnk
[2011/08/21 23:06:52 | 000,036,731 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\296204_10150783310890601_804285600_20594638_2741279_n.jpg
[2011/08/20 15:08:47 | 000,294,216 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\gmer.zip
[2011/08/20 14:43:44 | 000,607,017 | R--- | M] (Swearware) -- C:\Documents and Settings\Brian\Desktop\dds.scr
[2011/08/19 11:49:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/18 11:25:59 | 001,463,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/17 19:18:40 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Free M4a to MP3 Converter.lnk
[2011/08/17 19:18:40 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\Free M4a to MP3 Converter.lnk
[2011/08/17 19:18:40 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\My Music Tools.lnk
[2011/08/17 19:02:04 | 000,032,132 | ---- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/08/17 12:52:12 | 000,435,637 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.57906975
[2011/08/13 01:28:20 | 000,000,970 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/08/13 00:06:10 | 004,170,159 | R--- | M] (Swearware) -- C:\Documents and Settings\Brian\Desktop\ComboFix.exe
[2011/08/12 23:10:21 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\HiJackThis.lnk
[2011/08/11 18:37:11 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Brian\Desktop\HijackThis.msi
[2011/08/04 17:31:39 | 000,000,045 | ---- | M] () -- C:\TEST.XML
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/29 20:42:13 | 000,684,297 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\unhide.exe
[2011/08/29 12:49:45 | 000,001,902 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office PROJECT.lnk
[2011/08/29 12:49:45 | 000,001,884 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office PRO.lnk
[2011/08/29 09:13:49 | 030,036,434 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\MFT150_Chapter_01_invitation_2.rm
[2011/08/29 09:12:27 | 005,217,450 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\MFT150_Chapter_01_invitation_.rm
[2011/08/27 00:35:03 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ConceptDraw Office MINDMAP.lnk
[2011/08/27 00:28:16 | 072,769,436 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\ConceptDrawMINDMAP.zip
[2011/08/25 19:07:23 | 000,623,409 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\img0149vt.jpg
[2011/08/24 17:06:08 | 2138,505,216 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/24 11:19:54 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/08/23 10:58:53 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/08/23 09:07:36 | 007,393,989 | ---- | C] () -- C:\WINDOWS\REGBK00.ZIP
[2011/08/23 09:04:01 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2011/08/23 09:03:21 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\MWAVSCAN.lnk
[2011/08/22 12:11:55 | 000,000,948 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MyPublisher.lnk
[2011/08/21 23:06:51 | 000,036,731 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\296204_10150783310890601_804285600_20594638_2741279_n.jpg
[2011/08/20 15:09:16 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\gmer.exe
[2011/08/20 15:08:46 | 000,294,216 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\gmer.zip
[2011/08/17 19:18:40 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Free M4a to MP3 Converter.lnk
[2011/08/17 19:18:40 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\Free M4a to MP3 Converter.lnk
[2011/08/17 19:18:40 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\My Music Tools.lnk
[2011/08/11 18:37:45 | 000,002,447 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\HiJackThis.lnk
[2011/08/11 18:37:10 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Brian\Desktop\HijackThis.msi
[2011/04/19 04:49:28 | 000,032,132 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/14 21:42:09 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\kodakpcd.ini
[2010/12/15 20:22:18 | 002,217,088 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2010/12/15 20:22:18 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2010/12/15 20:22:18 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2010/12/15 20:22:18 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2010/12/15 20:22:18 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2010/12/14 17:29:45 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/14 17:29:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/14 17:29:45 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/14 17:29:45 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/14 17:29:45 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/09 00:00:45 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010/12/09 00:00:45 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/04 01:18:38 | 000,000,778 | ---- | C] () -- C:\WINDOWS\acutiwoj.dll
[2010/12/04 01:16:49 | 000,000,778 | ---- | C] () -- C:\WINDOWS\ivilakefup.dll
[2010/12/04 01:12:40 | 000,000,778 | ---- | C] () -- C:\WINDOWS\ufobitukix.dll
[2010/10/02 06:26:58 | 000,000,110 | ---- | C] () -- C:\WINDOWS\Video Converter Standard.ini
[2010/10/02 05:18:52 | 000,000,118 | ---- | C] () -- C:\WINDOWS\pro Video Converter Standard.ini
[2010/10/02 05:15:24 | 000,000,009 | ---- | C] () -- C:\WINDOWS\System32\Video Converter Standard56.dat
[2010/08/17 15:46:11 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010/07/04 23:32:46 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/07/04 23:32:43 | 000,207,360 | ---- | C] () -- C:\WINDOWS\System32\evrprop.dll
[2010/06/04 19:31:32 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Jtuluniwul.dat
[2010/06/04 19:31:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Cnuqobeyey.bin
[2010/05/28 17:35:35 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Musician.INI
[2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 16:56:06 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/13 23:39:00 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\kyvgsz.dat
[2010/05/11 02:06:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/07 20:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 20:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010/05/02 18:35:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsihtame.sys
[2010/04/06 09:58:55 | 000,016,096 | -HS- | C] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\3F17kB
[2010/04/06 09:58:55 | 000,016,096 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3F17kB
[2009/12/29 21:35:56 | 003,190,784 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009/12/29 21:35:56 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2009/12/29 21:35:56 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2009/12/29 21:35:56 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2009/12/29 21:35:56 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2009/12/29 21:35:56 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2009/12/29 21:35:56 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2009/12/29 21:35:56 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2009/12/29 21:35:56 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2009/12/29 21:35:56 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2009/12/29 21:35:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2009/12/29 21:35:56 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2009/12/29 21:35:56 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2009/12/29 21:35:56 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2009/12/29 21:35:56 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2009/12/29 21:35:56 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2009/12/29 21:35:56 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2009/12/29 21:35:56 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/10/31 21:00:57 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/05/15 03:21:56 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\libusb0.sys
[2009/05/15 03:20:02 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ps3sixaxis_en.exe
[2008/06/13 03:30:49 | 000,002,223 | ---- | C] () -- C:\WINDOWS\GIFCON.INI
[2008/05/16 00:04:46 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/08 00:35:37 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2008/05/08 00:33:10 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2008/05/08 00:33:09 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2008/05/04 11:08:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\CPUINFO2.DLL
[2008/03/20 03:26:32 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/02/03 23:04:14 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\fusioncache.dat
[2008/01/24 05:20:42 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2007/11/19 21:51:03 | 000,000,125 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/10/11 02:56:18 | 000,001,783 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/10/05 19:21:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\PureEdgeAPI.ini
[2007/10/05 19:21:08 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\MSQOLE.DLL
[2007/09/28 02:39:18 | 000,002,055 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/09/17 16:17:16 | 000,028,672 | ---- | C] () -- C:\WINDOWS\Nhksrv.exe
[2007/09/17 16:17:16 | 000,028,672 | ---- | C] () -- C:\WINDOWS\MMKeybd.dll
[2007/09/17 16:17:16 | 000,000,311 | ---- | C] () -- C:\WINDOWS\MMKEYBD.INI
[2007/09/17 16:17:16 | 000,000,269 | ---- | C] () -- C:\WINDOWS\MSIOSD.INI
[2007/09/17 16:17:13 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2007/09/16 22:45:44 | 000,080,812 | ---- | C] () -- C:\WINDOWS\HPHins08.dat
[2007/09/16 22:45:44 | 000,003,987 | ---- | C] () -- C:\WINDOWS\hphmdl08.dat
[2007/08/09 06:26:44 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2007/06/26 21:36:27 | 000,083,968 | ---- | C] () -- C:\Documents and Settings\Brian\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/25 14:58:12 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/05/25 14:58:12 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\4A2379A7BF.sys
[2007/05/11 20:08:46 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/11/02 10:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006/05/27 17:32:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/27 17:25:46 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/05/27 17:24:00 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/05/27 17:20:06 | 000,000,970 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/05/27 17:16:38 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/05/27 17:12:31 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/05/27 16:49:54 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/05/27 16:49:38 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/05/27 16:49:38 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006/05/27 16:49:34 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/05/27 16:49:26 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/06/02 01:01:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2005/04/09 17:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/10/03 11:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 13:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 12:57:15 | 001,463,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 12:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 12:51:20 | 000,527,572 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 12:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 12:51:20 | 000,113,350 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 12:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 12:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 12:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 12:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 12:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 12:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 12:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 12:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/02/11 14:22:58 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\CDVPreviewEx.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2615E8F1

< End of report >

Edited by bdmski, 30 August 2011 - 09:35 PM.


#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:04 PM

Posted 30 August 2011 - 10:21 PM

Hello

I want you to run this custem OTL script for me and then let me know how things are after you finish.

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :otl
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found
    FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
    O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
    @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2615E8F1
    [2010/12/04 01:18:38 | 000,000,778 | ---- | C] () -- C:\WINDOWS\acutiwoj.dll
    [2010/12/04 01:16:49 | 000,000,778 | ---- | C] () -- C:\WINDOWS\ivilakefup.dll
    [2010/12/04 01:12:40 | 000,000,778 | ---- | C] () -- C:\WINDOWS\ufobitukix.dll
    [2010/06/04 19:31:32 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Jtuluniwul.dat
    [2010/06/04 19:31:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Cnuqobeyey.bin
    :Files
    ipconfig /flushdns /c
    :Commands
    [PURITY] 
    [EMPTYTEMP]
    [EMPTYFLASH]
    [RESETHOSTS] 
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 bdmski

bdmski
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 31 August 2011 - 12:22 AM

Here is the log you requested:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@viewpoint.com/VMP\ deleted successfully.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:2615E8F1 deleted successfully.
C:\WINDOWS\acutiwoj.dll moved successfully.
C:\WINDOWS\ivilakefup.dll moved successfully.
C:\WINDOWS\ufobitukix.dll moved successfully.
C:\WINDOWS\Jtuluniwul.dat moved successfully.
C:\WINDOWS\Cnuqobeyey.bin moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Brian\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Brian\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41 bytes

User: All Users

User: Brian
->Temp folder emptied: 1374526 bytes
->Temporary Internet Files folder emptied: 235582 bytes
->Java cache emptied: 89886145 bytes
->FireFox cache emptied: 53546289 bytes
->Flash cache emptied: 4142347 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->Flash cache emptied: 41 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 442435 bytes
->Flash cache emptied: 962 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49286 bytes
->Java cache emptied: 23429 bytes
->Flash cache emptied: 17800 bytes

User: Owner
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2675729 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 145.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Brian
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: Owner

Total Flash Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.26.7 log created on 08312011_000920

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:04 PM

Posted 31 August 2011 - 05:50 AM

How are things doing now?



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 bdmski

bdmski
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 31 August 2011 - 10:37 AM

Thank you so much for your time and help. I really aprechiate it. Things look better, haven't had any google redirects yet and combofix definately worked. Is there anything you recomend installing to help prevent this from happening again? Like a free protection software? thanks again!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users