Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirect


  • This topic is locked This topic is locked
39 replies to this topic

#1 KannanM

KannanM

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 30 August 2011 - 04:48 AM

Hi

I am facing the problem of browser redirect from last quarter of 2010

Approached bleeping computers and followed the instructions, my problem was not solved completely, after various option like running various options and guidelines including running of combofix several times in jan/feb 2011
meantime, because of my other works, i have not proceeded in removal of infection for last 4 or 5 months

i thought of making a final attemept before any formatting, which i donot like

Hence i need your help in fixing the redirect problem

As Mr Gringo advice i have given below the attachements

today i have done the following


Ran the defogger
Ran DDS and disabled

Ran RK unhookerLE

I have attached all the filres as requested

Please help me to solve redirect problem

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/23/2007 12:06:44 AM
System Uptime: 8/30/2011 1:43:38 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5KPL-AM/PS
Processor: Intel® Core™2 CPU 4300 @ 1.80GHz | Socket 775 | 1814/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 49 GiB total, 20.727 GiB free.
D: is FIXED (NTFS) - 49 GiB total, 4.555 GiB free.
E: is FIXED (NTFS) - 49 GiB total, 15.068 GiB free.
F: is FIXED (NTFS) - 86 GiB total, 13.609 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Packet Scheduler Miniport
Device ID: ROOT\MS_PSCHEDMP\0003
Manufacturer: Microsoft
Name: Packet Scheduler Miniport #4
PNP Device ID: ROOT\MS_PSCHEDMP\0003
Service: PSched
.
==== System Restore Points ===================
.
RP1234: 6/27/2011 5:29:34 PM - Software Distribution Service 3.0
RP1235: 6/29/2011 10:45:48 AM - System Checkpoint
RP1236: 6/29/2011 12:05:10 PM - Software Distribution Service 3.0
RP1237: 6/30/2011 3:10:48 PM - System Checkpoint
RP1238: 7/1/2011 9:33:12 PM - Software Distribution Service 3.0
RP1239: 7/3/2011 12:28:48 PM - System Checkpoint
RP1240: 7/5/2011 10:18:50 AM - System Checkpoint
RP1241: 7/6/2011 10:24:45 PM - Software Distribution Service 3.0
RP1242: 7/8/2011 10:55:56 AM - Software Distribution Service 3.0
RP1243: 7/8/2011 11:02:43 AM - Software Distribution Service 3.0
RP1244: 7/9/2011 1:11:54 PM - Software Distribution Service 3.0
RP1245: 7/11/2011 10:30:31 AM - Software Distribution Service 3.0
RP1246: 7/12/2011 12:36:14 PM - Software Distribution Service 3.0
RP1247: 7/13/2011 11:13:03 PM - System Checkpoint
RP1248: 7/13/2011 11:48:18 PM - Software Distribution Service 3.0
RP1249: 7/15/2011 10:22:14 AM - Software Distribution Service 3.0
RP1250: 7/17/2011 11:11:09 AM - System Checkpoint
RP1251: 7/18/2011 10:49:00 AM - Software Distribution Service 3.0
RP1252: 7/19/2011 10:56:51 AM - Software Distribution Service 3.0
RP1253: 7/20/2011 12:12:55 PM - System Checkpoint
RP1254: 7/21/2011 5:18:14 PM - System Checkpoint
RP1255: 7/22/2011 7:37:27 PM - Software Distribution Service 3.0
RP1256: 7/23/2011 9:17:52 PM - System Checkpoint
RP1257: 7/24/2011 9:52:53 PM - System Checkpoint
RP1258: 7/26/2011 2:48:37 PM - Software Distribution Service 3.0
RP1259: 7/27/2011 8:39:54 PM - System Checkpoint
RP1260: 7/29/2011 11:28:30 AM - System Checkpoint
RP1261: 8/2/2011 10:11:56 AM - System Checkpoint
RP1262: 8/2/2011 10:59:17 AM - Software Distribution Service 3.0
RP1263: 8/3/2011 12:20:13 PM - System Checkpoint
RP1264: 8/4/2011 11:44:40 AM - Software Distribution Service 3.0
RP1265: 8/8/2011 12:18:26 PM - System Checkpoint
RP1266: 8/11/2011 12:10:37 PM - Software Distribution Service 3.0
RP1267: 8/11/2011 9:29:01 PM - Software Distribution Service 3.0
RP1268: 8/12/2011 9:00:49 PM - Software Distribution Service 3.0
RP1269: 8/13/2011 4:45:16 PM - Software Distribution Service 3.0
RP1270: 8/14/2011 11:15:33 PM - Software Distribution Service 3.0
RP1271: 8/17/2011 11:46:28 AM - Software Distribution Service 3.0
RP1272: 8/19/2011 10:29:38 AM - Software Distribution Service 3.0
RP1273: 8/20/2011 11:00:36 AM - Software Distribution Service 3.0
RP1274: 8/22/2011 11:02:01 AM - Software Distribution Service 3.0
RP1275: 8/23/2011 12:29:12 PM - Software Distribution Service 3.0
RP1276: 8/24/2011 2:08:42 PM - Software Distribution Service 3.0
RP1277: 8/25/2011 10:48:38 AM - Software Distribution Service 3.0
RP1278: 8/27/2011 4:17:51 PM - Software Distribution Service 3.0
RP1279: 8/29/2011 10:01:36 AM - Software Distribution Service 3.0
RP1280: 8/30/2011 1:55:00 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Acrobat 7.0 Professional
Adobe Acrobat 7.1.0 Professional
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS
Adobe Photoshop CS3
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AGEIA PhysX v7.05.05
APC PowerChute Personal Edition
Aspell English Dictionary-0.50-2
Attansic Giga Ethernet Utility
Attansic L2 Fast Ethernet Driver
AusLogics Registry Defrag
AutoUpdate
Blue Coat K9 Web Protection 4.2.123
BlueSoleil
BodyWorks 6.0
BSE Mkt Watch 1.0.0.9
CCleaner
Class X Biology Food Production and Management CBT
Class X Chemistry-Organic
Class X Physics Energy
Creative Restore Defaults
Disc2Phone
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Dorling Kindersley Application Database v1.4
ESET Online Scanner v3
Eyewitness Encyclopedia of Science 2.0
Foxit Reader
FoxyTunes for Firefox
Freeware PDF Unlocker
GNU Aspell 0.50-3
Google Notebook for Internet Explorer
HCC Lite
HDView for Firefox
HDView for Internet Explorer
HiJackThis
honestech TVR
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
hp LaserJet 1010 Series
iLearn ILT
Intel® Graphics Media Accelerator Driver
InterVideo WinDVD 8
Intrain
Java Auto Updater
Java™ 6 Update 23
K-Lite Codec Pack 3.1.0 Full
Kamban Software 3.0
Macromedia Flash MX 2004
Malwarebytes' Anti-Malware
Memory Stick File Rescue
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio 6.0 Enterprise Edition
Microsoft Web Publishing Wizard 1.53
Microsoft Windows Journal Viewer
Mozilla Firefox 6.0 (x86 en-US)
Mp3tag v2.39
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
MyPhoneExplorer
Natural Color Expert
Nero 7 Premium
neroxml
Networking Essentials Introduction CBT
Nokia Connectivity Cable Driver
Norton PC Checkup
OGA Notifier 2.0.0048.0
OpenAL
Opera 9.60
PC Inspector smart recovery
PDF Settings
Picasa 3
PostgreSQL 8.0
psqlODBC
Python 2.1
QuickTime
QuickTime for Windows (32-bit)
RealPlayer
REALTEK GbE & FE Ethernet PCI NIC Driver
Realtek High Definition Audio Driver
ScanSoft OmniPage Pro 14.0
Science Smart
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Sony Ericsson Device Data
Sony Ericsson Drivers
Sony Ericsson PC Suite
Sony Ericsson Software
Sound Blaster Live! Web 2K/XP
Spybot - Search & Destroy
Spyware Doctor 6.0
SpywareBlaster 4.4
SyncBack
Transcend StoreJet elite 2.0
Turbo C++ 3.0
Universal Editor 0.8
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Outlook 2007 Junk Email Filter (KB2586924)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoLAN VLC media player 0.8.6h
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebEx Meeting Manager for Mozilla Firefox/Netscape Navigator
WebFldrs XP
Winamp
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
WinRAR archiver
WordWeb
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
8/27/2011 4:06:03 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: NaturalColor
8/27/2011 4:04:33 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 002618C0D4BD has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
8/24/2011 12:34:13 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Run by Administrator at 13:55:55 on 2011-08-30
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.178 [GMT 5.5:30]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\DRIVERS\WtSrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: &Google Notebook: {ccccccd3-666f-4f81-8b69-745de9f6d897} - c:\program files\google\google notebook\gnotes1.0.2.19--1531692703.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: Google Notebook: {ccccccdb-4ddb-4703-95d4-dd2c526397bf} - c:\program files\google\google notebook\gnotes1.0.2.19--1531692703.dll
TB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No File
TB: {981FE6A8-260C-4930-960F-C3BC82746CB0} - No File
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [WordWeb] "c:\program files\wordweb\wweb32.exe" -startup
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Note this (Google Notebook) - c:\program files\google\google notebook\gnotes1.0.2.19--1531692703.dll/gn_menu1.html
IE: Note this item (Google Notebook) - c:\program files\google\google notebook\gnotes1.0.2.19--1531692703.dll/gn_menu2.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\www.update
Trusted Zone: skillport.com
Trusted Zone: skillsoft.com
Trusted Zone: windowsupdate.com\download
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1F028E25-D615-4A01-825A-166B876F2E01} : NameServer = 208.67.222.123,208.67.220.123
TCP: Interfaces\{1F028E25-D615-4A01-825A-166B876F2E01} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5A1F8B5D-8091-4AC6-8D19-30FE396D86CF} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5F2A17F7-6BCC-428D-A554-482B0380F3C3} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\lk92sqvq.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\lk92sqvq.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\lk92sqvq.default\extensions\{463f6ca5-ee3c-4be1-b7e6-7fee11953374}\platform\winnt\components\FoxyTunes.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\lk92sqvq.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc_fireftp.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\lk92sqvq.default\extensions\piclens@cooliris.com\components\cooliris.dll
FF - plugin: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\lk92sqvq.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft research\hdview for firefox\nphdview.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-9-10 130936]
R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2011-6-11 86544]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 165648]
R2 713xTVCard;SAA7130 TV Card;c:\windows\system32\drivers\SAA713x.sys [2007-6-30 289280]
R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\blue coat k9 web protection\k9filter.exe [2009-1-14 1575184]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup\engine\2.0.8.13\SymcPCCULaunchSvc.exe [2010-12-24 120248]
R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\norton pc checkup\engine\2.0.8.13\ccSvcHst.exe [2010-12-24 126392]
R2 WDMTVTuner;Universal WDM TV Tuner;c:\windows\system32\drivers\WDMTuner.sys [2007-6-30 26880]
S1 mferkdk;VSCore mferkdk;\??\c:\program files\mcafee\virusscan enterprise\mferkdk.sys --> c:\program files\mcafee\virusscan enterprise\mferkdk.sys [?]
S1 MpKsl222307cf;MpKsl222307cf;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e34c5061-465b-4949-a698-2e5c96c4bfac}\mpksl222307cf.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e34c5061-465b-4949-a698-2e5c96c4bfac}\MpKsl222307cf.sys [?]
S1 MpKsl2e993ab4;MpKsl2e993ab4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c0d74eb6-7721-41ba-850e-0266513c8f0b}\mpksl2e993ab4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c0d74eb6-7721-41ba-850e-0266513c8f0b}\MpKsl2e993ab4.sys [?]
S1 MpKsl86323afe;MpKsl86323afe;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8c30115c-4ca6-4fa1-bfb8-e7b38041dafd}\mpksl86323afe.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8c30115c-4ca6-4fa1-bfb8-e7b38041dafd}\MpKsl86323afe.sys [?]
S1 MpKslcc35c8d0;MpKslcc35c8d0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{56a017f1-cd33-40fd-8b0f-8cd17737b4c2}\mpkslcc35c8d0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{56a017f1-cd33-40fd-8b0f-8cd17737b4c2}\MpKslcc35c8d0.sys [?]
S1 MpKslf53452b4;MpKslf53452b4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{824e7b43-f8a2-4e7f-8fba-0ca5f72da18a}\mpkslf53452b4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{824e7b43-f8a2-4e7f-8fba-0ca5f72da18a}\MpKslf53452b4.sys [?]
S1 NaturalColor;NaturalColor;c:\windows\system32\drivers\mtictwl.sys --> c:\windows\system32\drivers\MTictwl.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-7-22 1684736]
S3 BTIAUSB;Generic Bluetooth Device;c:\windows\system32\drivers\btiausb.sys [2008-7-30 23808]
S3 BTPROT;Generic Bluetooth Filter;c:\windows\system32\drivers\btprot.sys [2008-8-2 453120]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [2007-12-16 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [2007-12-16 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [2007-12-16 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [2007-12-16 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [2007-12-16 98568]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-9-10 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-9-10 1095560]
S4 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2007-9-16 104000]
.
=============== Created Last 30 ================
.
2011-08-30 08:25:06 7152464 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d10ba76d-7bc6-4652-bd3b-1ca49f04d8a3}\mpengine.dll
2011-08-13 11:15:43 6881616 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
2011-08-11 14:40:43 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 14:24:39 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
==================== Find3M ====================
.
2011-08-18 06:08:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-10 21:41:02 86544 ----a-w- c:\windows\system32\drivers\bckd.sys
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 13:58:30.03 ===============


defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:52 on 30/08/2011 (Administrator)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-




BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:22 AM

Posted 30 August 2011 - 07:20 AM

Hello KannanM

I would like you to give me as much detail about what is going on with the computer so we can decide what needs to be done





I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 KannanM

KannanM
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 30 August 2011 - 10:34 PM

Hi
Ran combo fix
log file is attached
But no use
redirect is happening immidatley after opening the firefox
you and me aware that combo fix is not fixing the redirect of my computer
i remember i have ran combofix more than 5-6 times but in vain
let us try some new things to get rid of this redirect issue

ComboFix 11-08-30.02 - Administrator 08/31/2011 8:24.6.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.480 [GMT 5.5:30]
Running from: d:\mr\31-03-2012\download\BrowserHijack-clean-PhaseII\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\windows\gendel32.exe
c:\windows\iun6002.exe
c:\windows\system32\comct332.ocx
.
.
((((((((((((((((((((((((( Files Created from 2011-07-28 to 2011-08-31 )))))))))))))))))))))))))))))))
.
.
2011-08-31 02:42 . 2011-08-31 02:42 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ECD0351C-E56E-4843-9EA8-32EFF6A839D6}\MpKslaefe2394.sys
2011-08-30 08:37 . 2011-08-12 02:44 7152464 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ECD0351C-E56E-4843-9EA8-32EFF6A839D6}\mpengine.dll
2011-08-13 11:16 . 2011-08-13 11:16 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\PCHealth
2011-08-13 11:15 . 2011-07-13 03:39 6881616 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-08-11 14:40 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 14:24 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-18 06:08 . 2011-07-08 05:26 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-12 02:44 . 2011-02-10 17:20 7152464 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-15 13:29 . 2008-09-20 08:05 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-09-20 08:05 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2008-09-20 08:05 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-04 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-10 21:41 . 2011-06-10 21:41 86544 ----a-w- c:\windows\system32\drivers\bckd.sys
2011-06-02 14:02 . 2008-09-20 08:05 1858944 ----a-w- c:\windows\system32\win32k.sys
2007-04-19 12:12 . 2007-04-19 12:12 45056 ----a-w- c:\program files\mozilla firefox\plugins\atmccli.dll
2011-08-18 06:04 . 2011-03-23 05:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-01-15_10.41.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-13 14:47 . 2011-05-13 14:47 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
+ 2011-05-13 14:15 . 2011-05-13 14:15 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-13 14:15 . 2011-05-13 14:15 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-13 14:15 . 2011-05-13 14:15 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-13 14:15 . 2011-05-13 14:15 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-13 14:15 . 2011-05-13 14:15 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-13 14:15 . 2011-05-13 14:15 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-13 14:15 . 2011-05-13 14:15 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-13 14:15 . 2011-05-13 14:15 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-13 14:15 . 2011-05-13 14:15 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
+ 2011-05-13 19:36 . 2011-05-13 19:36 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-13 19:53 . 2011-05-13 19:53 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
+ 2011-05-13 13:07 . 2011-05-13 13:07 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2011-08-31 02:42 . 2011-08-31 02:42 16384 c:\windows\temp\Perflib_Perfdata_2cc.dat
+ 2007-01-29 08:58 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
- 2007-01-29 08:58 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
- 2011-01-15 09:00 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
+ 2011-01-15 09:00 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
- 2004-08-04 12:00 . 2011-01-15 10:09 72544 c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2011-08-11 16:07 72544 c:\windows\system32\perfc009.dat
- 2004-08-04 12:00 . 2010-11-06 00:26 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 66560 c:\windows\system32\mshtmled.dll
- 2006-11-07 15:33 . 2010-11-06 00:26 55296 c:\windows\system32\msfeedsbs.dll
+ 2006-11-07 15:33 . 2011-06-23 18:36 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-26 05:47 . 2007-08-07 08:07 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
- 2007-08-26 05:47 . 2007-08-07 08:07 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
+ 2011-02-02 13:35 . 2011-02-02 13:35 77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
- 2007-08-26 05:47 . 2007-08-07 08:06 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 25600 c:\windows\system32\jsproxy.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 12:00 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 45568 c:\windows\system32\dnsrslvr.dll
+ 2010-02-05 21:03 . 2011-06-23 18:36 12800 c:\windows\system32\dllcache\xpshims.dll
- 2010-02-05 21:03 . 2010-11-06 00:26 12800 c:\windows\system32\dllcache\xpshims.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2007-06-27 14:34 . 2010-11-06 00:26 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-06-27 14:34 . 2011-06-23 18:36 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
- 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2009-12-14 07:08 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-01-15 08:47 . 2007-04-02 18:26 19456 c:\windows\system32\dllcache\agt040d.dll
+ 2011-01-15 08:47 . 2007-04-02 18:25 19456 c:\windows\system32\dllcache\agt0401.dll
+ 2008-09-20 08:05 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll
- 2008-09-20 08:05 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
+ 2010-10-10 07:40 . 2011-05-02 06:17 87699 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2011-04-26 06:51 . 2011-04-26 06:51 98304 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2011-04-26 06:07 . 2011-04-26 06:07 73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2011-04-26 06:07 . 2011-04-26 06:07 64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll
+ 2011-04-26 07:00 . 2011-04-26 07:00 68536 c:\windows\system32\Adobe\Director\SWDNLD.EXE
+ 2011-04-06 07:10 . 1995-08-14 04:00 86848 c:\windows\system\VBDB16.DLL
+ 2011-04-06 07:10 . 1996-01-11 04:00 12976 c:\windows\system\SCP.DLL
+ 2008-10-12 06:44 . 1996-01-11 04:00 51712 c:\windows\system\OLE2PROX.DLL
+ 2011-04-06 07:10 . 1995-08-14 04:00 15936 c:\windows\system\MSJETINT.DLL
+ 2011-04-06 07:10 . 1995-08-14 04:00 11232 c:\windows\system\MSJETERR.DLL
+ 2011-04-06 07:10 . 1995-08-14 04:00 45680 c:\windows\system\GSWDLL16.DLL
+ 2010-10-31 06:26 . 1996-08-23 15:11 27632 c:\windows\system\CTL3DV2.DLL
+ 2011-01-15 08:47 . 2007-04-02 18:26 19456 c:\windows\msagent\intl\agt040d.dll
+ 2011-01-15 08:47 . 2007-04-02 18:25 19456 c:\windows\msagent\intl\agt0401.dll
+ 2011-07-08 05:26 . 2011-07-08 05:26 19968 c:\windows\Installer\41aee.msi
+ 2007-06-24 07:41 . 2011-08-11 16:04 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2007-06-24 07:41 . 2011-01-13 07:11 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2007-06-24 07:41 . 2011-01-13 07:11 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2007-06-24 07:41 . 2011-01-13 07:11 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-06-05 11:33 . 2011-06-17 06:44 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-06-05 11:33 . 2010-12-18 12:28 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 12800 c:\windows\ie8updates\KB2530548-IE8\xpshims.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 66560 c:\windows\ie8updates\KB2530548-IE8\mshtmled.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 55296 c:\windows\ie8updates\KB2530548-IE8\msfeedsbs.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 43520 c:\windows\ie8updates\KB2530548-IE8\licmgr10.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 25600 c:\windows\ie8updates\KB2530548-IE8\jsproxy.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 12800 c:\windows\ie8updates\KB2497640-IE8\xpshims.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 66560 c:\windows\ie8updates\KB2497640-IE8\mshtmled.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 55296 c:\windows\ie8updates\KB2497640-IE8\msfeedsbs.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 43520 c:\windows\ie8updates\KB2497640-IE8\licmgr10.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 25600 c:\windows\ie8updates\KB2497640-IE8\jsproxy.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll
+ 2011-06-20 15:10 . 2011-06-20 15:10 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1492e9393417d6e91b5ddc746b5ef320\UIAutomationProvider.ni.dll
+ 2011-08-15 11:44 . 2011-08-15 11:44 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\343c52b741531ce9ae874ea7508831a7\System.Windows.Presentation.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\246110974e3c48733458819b07464b23\System.Web.DynamicData.Design.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-06-20 15:14 . 2011-06-20 15:14 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\177a17af98d803ab79006d6785706462\System.AddIn.Contract.ni.dll
+ 2011-08-11 16:26 . 2011-08-11 16:26 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\40ee65aacd9d7472cd6f8dddbfca604b\PresentationFontCache.ni.exe
+ 2011-08-11 16:25 . 2011-08-11 16:25 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\12c424eed7ee0e9c017bf72ff09eb78c\PresentationCFFRasterizer.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f9c514544c8e23220493cd42a0e20678\Microsoft.Vsa.ni.dll
+ 2011-06-20 15:14 . 2011-06-20 15:14 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
+ 2011-06-20 15:14 . 2011-06-20 15:14 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
+ 2011-06-20 15:13 . 2011-06-20 15:13 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
+ 2011-06-20 15:13 . 2011-06-20 15:13 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-04-15 13:31 . 2008-04-14 00:11 45568 c:\windows\$NtUninstallKB2509553$\dnsrslvr.dll
+ 2011-07-13 18:22 . 2010-12-09 14:30 33280 c:\windows\$NtUninstallKB2507938$\csrsrv.dll
+ 2011-02-10 13:04 . 2009-12-14 07:08 33280 c:\windows\$NtUninstallKB2476687$\csrsrv.dll
+ 2011-03-02 16:30 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2011-03-02 16:30 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2011-07-13 18:19 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2555917\update\spcustom.dll
+ 2011-07-13 18:19 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2555917\spmsg.dll
+ 2011-06-17 06:42 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893\update\spcustom.dll
+ 2011-06-17 06:42 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893\spmsg.dll
+ 2011-06-16 18:42 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544521-IE8\update\spcustom.dll
+ 2011-06-16 18:42 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544521-IE8\spmsg.dll
+ 2011-06-29 06:36 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2541763\update\spcustom.dll
+ 2011-06-29 06:36 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2541763\spmsg.dll
+ 2011-06-17 06:42 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276\update\spcustom.dll
+ 2011-06-17 06:42 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276\spmsg.dll
+ 2011-06-16 18:43 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2535512\update\spcustom.dll
+ 2011-06-16 18:43 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2535512\spmsg.dll
+ 2011-06-17 14:13 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2530548-IE8\update\spcustom.dll
+ 2011-06-17 14:13 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2530548-IE8\spmsg.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 12800 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\xpshims.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 66560 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtmled.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 55296 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeedsbs.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 43520 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\licmgr10.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 25600 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\jsproxy.dll
+ 2011-03-24 13:11 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2524375\update\spcustom.dll
+ 2011-03-24 13:11 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2524375\spmsg.dll
+ 2011-04-15 13:33 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2511455\update\spcustom.dll
+ 2011-04-15 13:33 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2511455\spmsg.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2510531-IE8\update\spcustom.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2510531-IE8\spmsg.dll
+ 2011-04-15 13:31 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2509553\update\spcustom.dll
+ 2011-04-15 13:31 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2509553\spmsg.dll
+ 2009-04-20 17:06 . 2009-04-20 17:06 45568 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsrslvr.dll
+ 2011-04-15 13:33 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2508429\update\spcustom.dll
+ 2011-04-15 13:33 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2508429\spmsg.dll
+ 2011-04-15 13:35 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2508272\update\spcustom.dll
+ 2011-04-15 13:35 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2508272\spmsg.dll
+ 2011-07-13 18:22 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll
+ 2011-07-13 18:22 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507938\spmsg.dll
+ 2011-04-26 11:02 . 2011-04-26 11:02 33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll
+ 2011-04-15 13:34 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507618\update\spcustom.dll
+ 2011-04-15 13:34 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507618\spmsg.dll
+ 2011-04-15 13:41 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2506223\update\spcustom.dll
+ 2011-04-15 13:41 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2506223\spmsg.dll
+ 2011-04-15 13:32 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2506212\update\spcustom.dll
+ 2011-04-15 13:32 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2506212\spmsg.dll
+ 2011-06-17 06:43 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2503665\update\spcustom.dll
+ 2011-06-17 06:43 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2503665\spmsg.dll
+ 2011-04-15 13:35 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2503658\update\spcustom.dll
+ 2011-04-15 13:35 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2503658\spmsg.dll
+ 2011-04-15 13:40 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2497640-IE8\update\spcustom.dll
+ 2011-04-15 13:40 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2497640-IE8\spmsg.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 12800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\xpshims.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 66560 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtmled.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 55296 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeedsbs.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 43520 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\licmgr10.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 25600 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\jsproxy.dll
+ 2011-04-15 13:43 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485663\update\spcustom.dll
+ 2011-04-15 13:43 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485663\spmsg.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485376\update\spcustom.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485376\spmsg.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2483185\update\spcustom.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2483185\spmsg.dll
+ 2011-02-10 13:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2482017-IE8\update\spcustom.dll
+ 2011-02-10 13:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2482017-IE8\spmsg.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 12800 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\xpshims.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 66560 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtmled.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 55296 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeedsbs.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 43520 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\licmgr10.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 25600 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\jsproxy.dll
+ 2011-03-09 07:11 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
+ 2011-03-09 07:11 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2481109\spmsg.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
+ 2011-03-09 07:14 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-09 07:14 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479628\update\spcustom.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479628\spmsg.dll
+ 2011-02-10 13:08 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478971\update\spcustom.dll
+ 2011-02-10 13:08 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478971\spmsg.dll
+ 2011-02-10 13:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478960\update\spcustom.dll
+ 2011-02-10 13:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478960\spmsg.dll
+ 2011-02-10 13:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476687\update\spcustom.dll
+ 2011-02-10 13:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476687\spmsg.dll
+ 2010-12-09 14:29 . 2010-12-09 14:29 33280 c:\windows\$hf_mig$\KB2476687\SP3QFE\csrsrv.dll
+ 2011-06-17 06:43 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll
+ 2011-06-17 06:43 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476490\spmsg.dll
+ 2011-02-10 13:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2393802\update\spcustom.dll
+ 2011-02-10 05:35 . 2010-12-09 15:15 16896 c:\windows\$hf_mig$\KB2393802\update\mpsyschk.dll
+ 2011-02-10 13:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2393802\spmsg.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-02-04 07:46 . 2011-02-17 12:32 5120 c:\windows\system32\xpsp4res.dll
- 2010-02-04 07:46 . 2010-08-26 12:52 5120 c:\windows\system32\xpsp4res.dll
- 2010-09-23 13:14 . 2010-09-23 13:14 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-04-26 06:52 . 2011-04-26 06:52 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-04-06 07:10 . 1995-08-14 04:00 2920 c:\windows\system\VBAJET.DLL
+ 2011-04-06 07:04 . 1995-08-14 04:00 5120 c:\windows\system\STKIT416.DLL
- 2007-09-16 10:45 . 2010-12-15 07:08 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2011-01-15 10:09 . 2011-01-15 10:09 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-04-15 13:33 . 2010-08-26 12:52 5120 c:\windows\$NtUninstallKB2508429$\xpsp4res.dll
+ 2011-02-17 12:32 . 2011-02-17 12:32 5120 c:\windows\$hf_mig$\KB2508429\SP3QFE\xpsp4res.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-05-13 19:47 . 2011-05-13 19:47 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-13 19:42 . 2011-05-13 19:42 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-13 19:41 . 2011-05-13 19:41 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
+ 2004-08-04 12:00 . 2011-03-04 06:37 420864 c:\windows\system32\vbscript.dll
- 2004-08-04 12:00 . 2009-03-07 23:04 105984 c:\windows\system32\url.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 105984 c:\windows\system32\url.dll
+ 2004-08-04 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-04 12:00 . 2011-01-21 14:44 439296 c:\windows\system32\shimgvw.dll
+ 2008-09-20 08:05 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll
+ 2004-08-04 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\sbe.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 270848 c:\windows\system32\sbe.dll
- 2004-08-04 12:00 . 2011-01-15 10:09 444794 c:\windows\system32\perfh009.dat
+ 2004-08-04 12:00 . 2011-08-11 16:07 444794 c:\windows\system32\perfh009.dat
- 2008-09-20 08:05 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll
+ 2008-09-20 08:05 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 206848 c:\windows\system32\occache.dll
+ 2008-09-20 08:05 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll
- 2004-08-04 12:00 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2004-08-04 12:00 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
- 2007-06-22 18:31 . 2008-04-14 00:12 677888 c:\windows\system32\mstsc.exe
+ 2007-06-22 18:31 . 2011-01-27 11:57 677888 c:\windows\system32\mstsc.exe
+ 2004-08-04 12:00 . 2011-06-23 18:36 611840 c:\windows\system32\mstime.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 611840 c:\windows\system32\mstime.dll
+ 2006-11-07 15:33 . 2011-06-23 18:36 602112 c:\windows\system32\msfeeds.dll
- 2006-11-07 15:33 . 2010-11-06 00:26 602112 c:\windows\system32\msfeeds.dll
- 2004-08-04 12:00 . 2010-09-18 06:53 974848 c:\windows\system32\mfc42u.dll
+ 2004-08-04 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\mfc42u.dll
+ 2004-08-04 12:00 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 136568 c:\windows\system32\Macromed\Shockwave 10\SCC.dll
- 2007-08-26 05:47 . 2007-08-07 07:58 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll
- 2007-08-26 05:47 . 2007-08-07 08:05 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 471040 c:\windows\system32\Macromed\Shockwave 10\Control.dll
+ 2011-08-18 06:08 . 2011-08-18 06:08 243360 c:\windows\system32\Macromed\Flash\FlashUtil10v_Plugin.exe
+ 2011-08-18 06:00 . 2011-08-18 06:00 243360 c:\windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe
+ 2011-08-18 06:00 . 2011-08-18 06:00 328864 c:\windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.dll
- 2008-09-20 08:05 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2008-09-20 08:05 . 2010-12-20 17:26 730112 c:\windows\system32\lsasrv.dll
+ 2004-08-04 12:00 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll
- 2004-08-04 12:00 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
+ 2004-08-04 12:00 . 2011-03-04 06:37 726528 c:\windows\system32\jscript.dll
- 2004-08-04 12:00 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll
- 2007-06-22 18:32 . 2010-06-09 07:43 692736 c:\windows\system32\inetcomm.dll
+ 2007-06-22 18:32 . 2011-05-02 15:31 692736 c:\windows\system32\inetcomm.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-04 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\ie4uinit.exe
+ 2004-08-04 12:00 . 2011-06-23 12:05 173568 c:\windows\system32\ie4uinit.exe
+ 2004-08-04 12:00 . 2011-02-09 13:53 186880 c:\windows\system32\encdec.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 186880 c:\windows\system32\encdec.dll
+ 2008-09-20 08:05 . 2011-02-17 13:18 357888 c:\windows\system32\drivers\srv.sys
+ 2008-09-20 08:05 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
+ 2009-06-18 13:18 . 2011-04-18 07:48 165648 c:\windows\system32\drivers\MpFilter.sys
- 2008-09-20 08:05 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2008-09-20 08:05 . 2011-02-16 13:22 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-04 12:00 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
- 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2010-06-18 17:45 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 916480 c:\windows\system32\dllcache\wininet.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 916480 c:\windows\system32\dllcache\wininet.dll
+ 2007-06-22 18:32 . 2011-04-30 03:01 758784 c:\windows\system32\dllcache\vgx.dll
+ 2008-09-20 08:05 . 2011-03-04 06:37 420864 c:\windows\system32\dllcache\vbscript.dll
- 2004-08-04 12:00 . 2009-03-07 23:04 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 105984 c:\windows\system32\dllcache\url.dll
+ 2008-10-15 10:42 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2011-01-21 14:44 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
+ 2009-06-25 08:25 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
+ 2010-12-20 17:32 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 206848 c:\windows\system32\dllcache\occache.dll
+ 2010-02-04 07:35 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
+ 2011-06-16 18:39 . 2011-04-21 13:37 105472 c:\windows\system32\dllcache\mup.sys
+ 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
- 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 611840 c:\windows\system32\dllcache\mstime.dll
- 2007-06-27 14:34 . 2010-11-06 00:26 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-06-27 14:34 . 2011-06-23 18:36 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-11-13 04:42 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
- 2004-08-04 12:00 . 2010-09-18 06:53 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2004-08-04 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2011-01-15 09:48 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
- 2010-02-04 07:35 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2010-02-04 07:35 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2011-01-27 11:57 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
- 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2009-06-25 08:25 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-09-20 08:05 . 2011-03-04 06:37 726528 c:\windows\system32\dllcache\jscript.dll
- 2008-09-20 08:05 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-08-14 05:43 . 2011-05-02 15:31 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2008-08-14 05:43 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2010-02-05 21:03 . 2010-11-06 00:26 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2010-02-05 21:03 . 2011-06-23 18:36 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-11 06:30 . 2011-06-23 18:36 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-06-11 06:30 . 2010-11-06 00:26 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-04 12:00 . 2010-11-06 00:26 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-04 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-04 12:00 . 2011-06-23 12:05 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2008-09-20 08:05 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2008-06-20 11:40 . 2011-02-16 13:22 138496 c:\windows\system32\dllcache\afd.sys
+ 2004-08-04 12:00 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll
- 2010-09-23 13:13 . 2010-09-23 13:13 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2011-04-26 06:51 . 2011-04-26 06:51 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2011-04-26 07:00 . 2011-04-26 07:00 469944 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1159620.exe
- 2010-09-20 12:56 . 2010-09-20 12:56 136568 c:\windows\system32\Adobe\Shockwave 11\SCC.dll
+ 2011-04-26 06:07 . 2011-04-26 06:07 136568 c:\windows\system32\Adobe\Shockwave 11\SCC.dll
+ 2011-04-26 06:53 . 2011-04-26 06:53 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
- 2010-09-23 13:14 . 2010-09-23 13:14 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2011-04-26 06:52 . 2011-04-26 06:52 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
- 2010-09-23 13:13 . 2010-09-23 13:13 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2011-04-26 06:53 . 2011-04-26 06:53 880640 c:\windows\system32\Adobe\Shockwave 11\gi.dll
- 2010-09-23 13:13 . 2010-09-23 13:13 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2011-04-26 06:51 . 2011-04-26 06:51 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2011-04-26 07:00 . 2011-04-26 07:00 215992 c:\windows\system32\Adobe\Director\SwDir.dll
+ 2011-04-26 06:52 . 2011-04-26 06:52 135168 c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2011-04-06 07:04 . 1995-08-14 04:00 935632 c:\windows\system\VB40016.DLL
+ 2008-10-12 06:44 . 1996-01-11 04:00 177824 c:\windows\system\TYPELIB.DLL
+ 2008-10-12 06:44 . 1996-01-11 04:00 157696 c:\windows\system\STORAGE.DLL
+ 2008-10-12 06:44 . 1996-01-11 04:00 152976 c:\windows\system\OLE2NLS.DLL
+ 2008-10-12 06:44 . 1996-01-11 04:00 164960 c:\windows\system\OLE2DISP.DLL
+ 2008-10-12 06:44 . 1996-01-11 04:00 304640 c:\windows\system\OLE2.DLL
+ 2011-04-06 07:04 . 1995-08-14 04:00 536048 c:\windows\system\OC25.DLL
+ 2011-04-06 07:10 . 1995-08-14 04:00 995136 c:\windows\system\MSAJT200.DLL
+ 2011-04-06 07:10 . 1995-08-14 04:00 276880 c:\windows\system\GSW16.EXE
+ 2011-04-06 07:10 . 1996-01-11 04:00 231936 c:\windows\system\GRDKRN16.DLL
+ 2011-04-06 07:10 . 1996-01-11 04:00 543584 c:\windows\system\DAO2516.DLL
+ 2008-10-12 06:44 . 1996-01-11 04:00 109056 c:\windows\system\COMPOBJ.DLL
+ 2004-06-16 21:02 . 2004-06-16 21:02 372736 c:\windows\Resources\Themes\Royale\Shell\NormalColor\ShellStyle.dll
+ 2011-03-25 00:45 . 2011-03-25 00:45 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2010-05-11 01:10 . 2010-05-11 01:10 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-03-25 00:45 . 2011-03-25 00:45 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-03-25 00:45 . 2011-03-25 00:45 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2010-05-11 01:10 . 2010-05-11 01:10 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-03-17 14:33 . 2011-03-17 14:33 308736 c:\windows\Installer\709d7b.msp
+ 2011-06-17 06:41 . 2011-06-17 06:41 467456 c:\windows\Installer\709d0e.msi
+ 2011-08-13 11:16 . 2011-08-13 11:16 785920 c:\windows\Installer\676299.msi
+ 2011-08-13 11:15 . 2011-08-13 11:15 483840 c:\windows\Installer\676271.msi
+ 2011-08-13 11:15 . 2011-08-13 11:15 301056 c:\windows\Installer\676266.msi
- 2007-06-24 07:41 . 2011-01-13 07:11 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2007-06-24 07:41 . 2011-01-13 07:11 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2007-06-24 07:41 . 2011-01-13 07:11 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2007-06-24 07:41 . 2011-01-13 07:11 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2007-06-24 07:41 . 2011-01-13 07:11 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2007-06-24 07:41 . 2011-01-13 07:11 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2007-06-24 07:41 . 2011-01-13 07:11 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2007-09-16 10:45 . 2010-12-15 07:08 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-09-16 10:45 . 2011-08-11 16:01 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-02-14 00:34 . 2009-02-14 00:34 625520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEWEBSERVICES.DLL
+ 2009-02-12 09:49 . 2009-02-12 09:49 688512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEWEBPLATFORMSERVICES.DLL
+ 2009-03-05 23:03 . 2009-03-05 23:03 961888 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEUTIL.DLL
+ 2009-02-14 00:33 . 2009-02-14 00:33 337264 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVE.EXE
+ 2011-08-11 16:00 . 2011-04-25 16:11 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll
+ 2011-08-11 16:00 . 2009-03-07 23:04 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll
+ 2011-08-11 16:00 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
+ 2011-08-11 16:00 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
+ 2011-08-11 16:00 . 2011-04-25 16:11 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
+ 2011-08-11 16:00 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
+ 2011-06-16 18:42 . 2009-03-07 23:03 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
+ 2011-06-16 18:42 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2011-06-16 18:42 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2011-06-17 14:13 . 2011-02-22 23:06 916480 c:\windows\ie8updates\KB2530548-IE8\wininet.dll
+ 2011-06-17 14:13 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2530548-IE8\spuninst\updspapi.dll
+ 2011-06-17 14:13 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2530548-IE8\spuninst\spuninst.exe
+ 2011-06-17 14:13 . 2011-02-22 23:06 206848 c:\windows\ie8updates\KB2530548-IE8\occache.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 611840 c:\windows\ie8updates\KB2530548-IE8\mstime.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 602112 c:\windows\ie8updates\KB2530548-IE8\msfeeds.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 247808 c:\windows\ie8updates\KB2530548-IE8\ieproxy.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 184320 c:\windows\ie8updates\KB2530548-IE8\iepeers.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 743424 c:\windows\ie8updates\KB2530548-IE8\iedvtool.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 387584 c:\windows\ie8updates\KB2530548-IE8\iedkcs32.dll
+ 2011-06-17 14:13 . 2011-02-18 11:49 173568 c:\windows\ie8updates\KB2530548-IE8\ie4uinit.exe
+ 2011-04-15 07:03 . 2010-03-10 06:15 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2011-04-15 07:03 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
+ 2011-04-15 07:03 . 2009-12-09 05:53 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 916480 c:\windows\ie8updates\KB2497640-IE8\wininet.dll
+ 2011-04-15 13:40 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2497640-IE8\spuninst\updspapi.dll
+ 2011-04-15 13:40 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2497640-IE8\spuninst\spuninst.exe
+ 2011-04-15 13:39 . 2010-12-20 23:59 206848 c:\windows\ie8updates\KB2497640-IE8\occache.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 611840 c:\windows\ie8updates\KB2497640-IE8\mstime.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 602112 c:\windows\ie8updates\KB2497640-IE8\msfeeds.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 247808 c:\windows\ie8updates\KB2497640-IE8\ieproxy.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 184320 c:\windows\ie8updates\KB2497640-IE8\iepeers.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 743424 c:\windows\ie8updates\KB2497640-IE8\iedvtool.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 387584 c:\windows\ie8updates\KB2497640-IE8\iedkcs32.dll
+ 2011-04-15 13:39 . 2010-12-20 12:55 173568 c:\windows\ie8updates\KB2497640-IE8\ie4uinit.exe
+ 2011-02-10 13:04 . 2010-11-06 00:26 916480 c:\windows\ie8updates\KB2482017-IE8\wininet.dll
+ 2011-02-10 13:04 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll
+ 2011-02-10 13:04 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe
+ 2011-02-10 13:04 . 2010-11-06 00:26 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll
+ 2011-02-10 13:04 . 2010-11-03 12:26 173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe
+ 2008-11-13 04:42 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-08-15 07:28 . 2011-08-15 07:28 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe
+ 2011-08-11 16:29 . 2011-08-11 16:29 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961\WindowsFormsIntegration.ni.dll
+ 2011-06-20 15:10 . 2011-06-20 15:10 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll
+ 2011-08-11 16:29 . 2011-08-11 16:29 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\431e918aee8da919f5b9e3a5195ccf93\UIAutomationClient.ni.dll
+ 2011-06-20 13:29 . 2011-06-20 13:29 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP287.tmp\PresentationFramework.Aero.dll
+ 2011-08-15 11:44 . 2011-08-15 11:44 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\System.Web.Routing.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54\System.Web.Extensions.Design.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\2314ff800782dc85224e69e802a073f7\System.Web.Entity.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c\System.Web.Entity.Design.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c5c96400424b85536443623f96f64581\System.Web.DynamicData.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
+ 2011-08-15 11:41 . 2011-08-15 11:41 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Net.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad\System.Management.Instrumentation.ni.dll
+ 2011-08-15 07:27 . 2011-08-15 07:27 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll
+ 2011-08-15 07:27 . 2011-08-15 07:27 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
+ 2011-08-11 16:29 . 2011-08-11 16:29 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\822c996e6ad4901219b7de399a6f78bf\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8\System.Data.Services.Design.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6\System.Data.Services.Client.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead\System.Data.Entity.Design.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b\System.Data.DataSetExtensions.ni.dll
+ 2011-08-15 11:41 . 2011-08-15 11:41 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\585e68739b2a8aff61ee6b2786513245\System.Configuration.Install.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fbf6ef12d1456058acde29f2640092fb\System.AddIn.ni.dll
+ 2011-08-15 07:28 . 2011-08-15 07:28 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe
+ 2011-08-15 07:28 . 2011-08-15 07:28 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll
+ 2011-08-15 07:28 . 2011-08-15 07:28 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575a6beb3a416bd480b98a7\ServiceModelReg.ni.exe
+ 2011-08-11 16:27 . 2011-08-11 16:27 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f52e48f55258d0a04fbab3a1f93752e9\PresentationFramework.Classic.ni.dll
+ 2011-08-11 16:27 . 2011-08-11 16:27 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\cf812b99f587ab514afb36fa9d4c1567\PresentationFramework.Aero.ni.dll
+ 2011-08-11 16:27 . 2011-08-11 16:28 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b7795999cc67f3a6cec40f5b24005e00\PresentationFramework.Luna.ni.dll
+ 2011-08-11 16:28 . 2011-08-11 16:28 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09f5af61ea2af04eb32c04b3091ffc86\PresentationFramework.Royale.ni.dll
+ 2011-08-15 07:28 . 2011-08-15 07:28 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe
+ 2011-08-15 07:28 . 2011-08-15 07:28 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-15 11:41 . 2011-08-15 11:41 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
+ 2011-08-15 11:41 . 2011-08-15 11:41 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-15 11:41 . 2011-08-15 11:41 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
+ 2011-08-15 11:41 . 2011-08-15 11:41 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-06-20 15:14 . 2011-06-20 15:14 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
+ 2011-08-15 07:28 . 2011-08-15 07:28 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe
+ 2011-08-15 07:27 . 2011-08-15 07:27 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetMMCExt.ni.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-03-02 16:30 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971029$\spuninst\updspapi.dll
+ 2011-03-02 16:30 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971029$\spuninst\spuninst.exe
+ 2011-03-02 16:30 . 2008-04-14 00:12 135168 c:\windows\$NtUninstallKB971029$\shsvcs.dll
+ 2011-07-13 18:19 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2555917$\spuninst\updspapi.dll
+ 2011-07-13 18:19 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2555917$\spuninst\spuninst.exe
+ 2011-06-17 06:42 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2544893$\spuninst\updspapi.dll
+ 2011-06-17 06:42 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2544893$\spuninst\spuninst.exe
+ 2011-06-17 06:42 . 2011-03-07 05:33 692736 c:\windows\$NtUninstallKB2544893$\inetcomm.dll
+ 2011-06-29 06:36 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2541763$\spuninst\updspapi.dll
+ 2011-06-29 06:36 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2541763$\spuninst\spuninst.exe
+ 2011-06-29 06:36 . 2010-06-30 12:31 149504 c:\windows\$NtUninstallKB2541763$\schannel.dll
+ 2011-06-17 06:42 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2536276$\spuninst\updspapi.dll
+ 2011-06-17 06:42 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2536276$\spuninst\spuninst.exe
+ 2011-06-17 06:42 . 2011-02-17 13:18 455936 c:\windows\$NtUninstallKB2536276$\mrxsmb.sys
+ 2011-06-16 18:43 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2535512$\spuninst\updspapi.dll
+ 2011-06-16 18:43 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2535512$\spuninst\spuninst.exe
+ 2011-06-16 18:43 . 2008-04-13 19:17 105344 c:\windows\$NtUninstallKB2535512$\mup.sys
+ 2011-03-24 13:11 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2524375$\spuninst\updspapi.dll
+ 2011-03-24 13:11 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2524375$\spuninst\spuninst.exe
+ 2011-04-15 13:33 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2511455$\spuninst\updspapi.dll
+ 2011-04-15 13:33 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2511455$\spuninst\spuninst.exe
+ 2011-04-15 13:33 . 2010-02-24 13:11 455680 c:\windows\$NtUninstallKB2511455$\mrxsmb.sys
+ 2011-04-15 13:31 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2509553$\spuninst\updspapi.dll
+ 2011-04-15 13:31 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2509553$\spuninst\spuninst.exe
+ 2011-04-15 13:31 . 2008-06-20 17:46 245248 c:\windows\$NtUninstallKB2509553$\mswsock.dll
+ 2011-04-15 13:31 . 2008-06-20 17:46 147968 c:\windows\$NtUninstallKB2509553$\dnsapi.dll
+ 2011-04-15 13:31 . 2008-08-14 10:04 138496 c:\windows\$NtUninstallKB2509553$\afd.sys
+ 2011-04-15 13:33 . 2010-08-26 13:39 357248 c:\windows\$NtUninstallKB2508429$\srv.sys
+ 2011-04-15 13:33 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2508429$\spuninst\updspapi.dll
+ 2011-04-15 13:33 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2508429$\spuninst\spuninst.exe
+ 2011-04-15 13:35 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2508272$\spuninst\updspapi.dll
+ 2011-04-15 13:35 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2508272$\spuninst\spuninst.exe
+ 2011-07-13 18:22 . 2010-06-18 17:45 293376 c:\windows\$NtUninstallKB2507938$\winsrv.dll
+ 2011-07-13 18:22 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2507938$\spuninst\updspapi.dll
+ 2011-07-13 18:22 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2507938$\spuninst\spuninst.exe
+ 2011-04-15 13:34 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2507618$\spuninst\updspapi.dll
+ 2011-04-15 13:34 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2507618$\spuninst\spuninst.exe
+ 2011-04-15 13:34 . 2011-01-07 14:09 290048 c:\windows\$NtUninstallKB2507618$\atmfd.dll
+ 2011-04-15 13:41 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2506223$\spuninst\updspapi.dll
+ 2011-04-15 13:41 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2506223$\spuninst\spuninst.exe
+ 2011-04-15 13:32 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2506212$\spuninst\updspapi.dll
+ 2011-04-15 13:32 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2506212$\spuninst\spuninst.exe
+ 2011-04-15 13:32 . 2010-09-18 06:53 974848 c:\windows\$NtUninstallKB2506212$\mfc42u.dll
+ 2011-04-15 13:32 . 2010-09-18 06:53 974848 c:\windows\$NtUninstallKB2506212$\mfc42.dll
+ 2011-06-17 06:43 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2503665$\spuninst\updspapi.dll
+ 2011-06-17 06:43 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2503665$\spuninst\spuninst.exe
+ 2011-06-17 06:43 . 2008-10-16 14:43 138496 c:\windows\$NtUninstallKB2503665$\afd.sys
+ 2011-04-15 13:35 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2503658$\spuninst\updspapi.dll
+ 2011-04-15 13:35 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2503658$\spuninst\spuninst.exe
+ 2011-04-15 13:35 . 2010-06-09 07:43 692736 c:\windows\$NtUninstallKB2503658$\inetcomm.dll
+ 2011-04-15 13:43 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2485663$\spuninst\updspapi.dll
+ 2011-04-15 13:43 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2485663$\spuninst\spuninst.exe
+ 2011-02-10 13:07 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2485376$\spuninst\updspapi.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2485376$\spuninst\spuninst.exe
+ 2011-02-10 13:07 . 2010-10-28 13:13 290048 c:\windows\$NtUninstallKB2485376$\atmfd.dll
+ 2011-02-10 13:07 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2483185$\spuninst\updspapi.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2483185$\spuninst\spuninst.exe
+ 2011-02-10 13:07 . 2008-04-14 00:12 438272 c:\windows\$NtUninstallKB2483185$\shimgvw.dll
+ 2011-03-09 07:11 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2481109$\spuninst\updspapi.dll
+ 2011-03-09 07:11 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2481109$\spuninst\spuninst.exe
+ 2011-03-09 07:11 . 2008-04-14 00:12 677888 c:\windows\$NtUninstallKB2481109$\mstsc.exe
+ 2011-03-09 07:14 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2479943$\spuninst\updspapi.dll
+ 2011-03-09 07:14 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2479943$\spuninst\spuninst.exe
+ 2011-03-09 07:14 . 2008-04-14 00:12 270848 c:\windows\$NtUninstallKB2479943$\sbe.dll
+ 2011-03-09 07:14 . 2008-04-14 00:11 186880 c:\windows\$NtUninstallKB2479943$\encdec.dll
+ 2011-02-10 13:07 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2479628$\spuninst\updspapi.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2479628$\spuninst\spuninst.exe
+ 2011-02-10 13:08 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2478971$\spuninst\updspapi.dll
+ 2011-02-10 13:08 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2478971$\spuninst\spuninst.exe
+ 2011-02-10 13:08 . 2009-06-25 08:25 301568 c:\windows\$NtUninstallKB2478971$\kerberos.dll
+ 2011-02-10 13:03 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2478960$\spuninst\updspapi.dll
+ 2011-02-10 13:03 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2478960$\spuninst\spuninst.exe
+ 2011-02-10 13:03 . 2009-06-25 08:25 730112 c:\windows\$NtUninstallKB2478960$\lsasrv.dll
+ 2011-02-10 13:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2476687$\spuninst\updspapi.dll
+ 2011-02-10 13:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2476687$\spuninst\spuninst.exe
+ 2011-06-17 06:43 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2476490$\spuninst\updspapi.dll
+ 2011-06-17 06:43 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2476490$\spuninst\spuninst.exe
+ 2011-06-17 06:43 . 2008-04-14 00:12 551936 c:\windows\$NtUninstallKB2476490$\oleaut32.dll
+ 2011-04-15 13:39 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2412687$\spuninst\updspapi.dll
+ 2011-04-15 13:39 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2412687$\spuninst\spuninst.exe
+ 2011-02-10 13:02 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2393802$\spuninst\updspapi.dll
+ 2011-02-10 13:02 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2393802$\spuninst\spuninst.exe
+ 2011-02-10 13:02 . 2009-02-09 12:10 714752 c:\windows\$NtUninstallKB2393802$\ntdll.dll
+ 2011-03-02 16:30 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-03-02 16:30 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-03-02 16:30 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2011-07-13 18:19 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll
+ 2011-07-13 18:19 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2555917\update\update.exe
+ 2011-07-13 18:19 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2555917\spuninst.exe
+ 2011-06-17 06:42 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893\update\updspapi.dll
+ 2011-06-17 06:42 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893\update\update.exe
+ 2011-06-17 06:42 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893\spuninst.exe
+ 2011-06-17 06:17 . 2011-05-02 15:30 692736 c:\windows\$hf_mig$\KB2544893\SP3QFE\inetcomm.dll
+ 2011-06-16 18:42 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544521-IE8\update\updspapi.dll
+ 2011-06-16 18:42 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544521-IE8\update\update.exe
+ 2011-06-16 18:42 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544521-IE8\spuninst.exe
+ 2011-06-16 18:13 . 2011-04-30 02:59 758784 c:\windows\$hf_mig$\KB2544521-IE8\SP3QFE\vgx.dll
+ 2011-06-29 06:36 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2541763\update\updspapi.dll
+ 2011-06-29 06:36 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2541763\update\update.exe
+ 2011-06-29 06:36 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2541763\spuninst.exe
+ 2011-04-29 17:23 . 2011-04-29 17:23 151552 c:\windows\$hf_mig$\KB2541763\SP3QFE\schannel.dll
+ 2011-06-17 06:42 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276\update\updspapi.dll
+ 2011-06-17 06:42 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276\update\update.exe
+ 2011-06-17 06:42 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276\spuninst.exe
+ 2011-06-17 06:21 . 2011-04-29 16:47 457856 c:\windows\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys
+ 2011-06-16 18:43 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2535512\update\updspapi.dll
+ 2011-06-16 18:43 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2535512\update\update.exe
+ 2011-06-16 18:43 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2535512\spuninst.exe
+ 2011-06-16 18:39 . 2011-04-21 13:52 105472 c:\windows\$hf_mig$\KB2535512\SP3QFE\mup.sys
+ 2011-06-17 14:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2530548-IE8\update\updspapi.dll
+ 2011-06-17 14:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2530548-IE8\update\update.exe
+ 2011-06-17 14:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2530548-IE8\spuninst.exe
+ 2011-06-17 13:50 . 2011-04-25 16:09 919552 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 206848 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\occache.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 611840 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mstime.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 602112 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeeds.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 247808 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieproxy.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 184320 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iepeers.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 743424 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedvtool.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 387584 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedkcs32.dll
+ 2011-06-17 13:50 . 2011-04-25 11:37 173568 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ie4uinit.exe
+ 2011-03-24 13:11 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2524375\update\updspapi.dll
+ 2011-03-24 13:11 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2524375\update\update.exe
+ 2011-03-24 13:11 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2524375\spuninst.exe
+ 2011-04-15 13:33 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2511455\update\updspapi.dll
+ 2011-04-15 13:33 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2511455\update\update.exe
+ 2011-04-15 13:33 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2511455\spuninst.exe
+ 2011-04-15 13:08 . 2011-02-17 13:19 457472 c:\windows\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys
+ 2011-04-15 07:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2510531-IE8\update\updspapi.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2510531-IE8\update\update.exe
+ 2011-04-15 07:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2510531-IE8\spuninst.exe
+ 2011-04-15 07:00 . 2011-03-04 06:35 420864 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\vbscript.dll
+ 2011-04-15 07:00 . 2011-03-04 06:35 726528 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\jscript.dll
+ 2011-04-15 13:31 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2509553\update\updspapi.dll
+ 2011-04-15 13:31 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2509553\update\update.exe
+ 2011-04-15 13:31 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2509553\spuninst.exe
+ 2008-06-20 11:16 . 2008-06-20 11:16 225856 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys
+ 2008-06-20 11:59 . 2008-06-20 11:59 361600 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
+ 2008-06-20 17:43 . 2008-06-20 17:43 245248 c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
+ 2011-03-03 06:53 . 2011-03-03 06:53 149504 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsapi.dll
+ 2008-10-16 15:07 . 2008-10-16 15:07 138496 c:\windows\$hf_mig$\KB2509553\SP3QFE\afd.sys
+ 2011-04-15 13:33 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508429\update\updspapi.dll
+ 2011-04-15 13:33 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508429\update\update.exe
+ 2011-04-15 13:33 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508429\spuninst.exe
+ 2011-02-17 13:19 . 2011-02-17 13:19 357888 c:\windows\$hf_mig$\KB2508429\SP3QFE\srv.sys
+ 2011-04-15 13:35 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508272\update\updspapi.dll
+ 2011-04-15 13:35 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508272\update\update.exe
+ 2011-04-15 13:35 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508272\spuninst.exe
+ 2011-07-13 18:22 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll
+ 2011-07-13 18:22 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507938\update\update.exe
+ 2011-07-13 18:22 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507938\spuninst.exe
+ 2011-04-26 11:02 . 2011-04-26 11:02 293376 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
+ 2011-04-15 13:34 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507618\update\updspapi.dll
+ 2011-04-15 13:34 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507618\update\update.exe
+ 2011-04-15 13:34 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507618\spuninst.exe
+ 2011-02-15 13:05 . 2011-02-15 13:05 290432 c:\windows\$hf_mig$\KB2507618\SP3QFE\atmfd.dll
+ 2011-04-15 13:41 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506223\update\updspapi.dll
+ 2011-04-15 13:41 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506223\update\update.exe
+ 2011-04-15 13:41 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506223\spuninst.exe
+ 2011-04-15 13:32 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506212\update\updspapi.dll
+ 2011-04-15 13:32 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506212\update\update.exe
+ 2011-04-15 13:32 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506212\spuninst.exe
+ 2011-02-08 13:32 . 2011-02-08 13:32 974848 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42u.dll
+ 2011-02-08 13:32 . 2011-02-08 13:32 978944 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42.dll
+ 2011-06-17 06:43 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503665\update\updspapi.dll
+ 2011-06-17 06:43 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503665\update\update.exe
+ 2011-06-17 06:43 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503665\spuninst.exe
+ 2011-06-17 04:42 . 2011-02-16 13:25 138496 c:\windows\$hf_mig$\KB2503665\SP3QFE\afd.sys
+ 2011-04-15 13:35 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503658\update\updspapi.dll
+ 2011-04-15 13:35 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503658\update\update.exe
+ 2011-04-15 13:35 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503658\spuninst.exe
+ 2011-03-07 05:31 . 2011-03-07 05:31 692736 c:\windows\$hf_mig$\KB2503658\SP3QFE\inetcomm.dll
+ 2011-04-15 13:40 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2497640-IE8\update\updspapi.dll
+ 2011-04-15 13:40 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2497640-IE8\update\update.exe
+ 2011-04-15 13:40 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2497640-IE8\spuninst.exe
+ 2011-04-15 13:12 . 2011-02-22 23:27 919552 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 206848 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\occache.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 611840 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mstime.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 602112 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeeds.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 247808 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieproxy.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 184320 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iepeers.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 743424 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedvtool.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 387584 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedkcs32.dll
+ 2011-04-15 13:12 . 2011-02-22 12:08 173568 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ie4uinit.exe
+ 2011-04-15 13:43 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485663\update\updspapi.dll
+ 2011-04-15 13:43 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485663\update\update.exe
+ 2011-04-15 13:43 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485663\spuninst.exe
+ 2011-02-10 13:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485376\update\updspapi.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485376\update\update.exe
+ 2011-02-10 13:07 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485376\spuninst.exe
+ 2011-01-07 14:09 . 2011-01-07 14:09 290048 c:\windows\$hf_mig$\KB2485376\SP3QFE\atmfd.dll
+ 2011-02-10 13:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2483185\update\updspapi.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2483185\update\update.exe
+ 2011-02-10 13:07 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2483185\spuninst.exe
+ 2011-01-21 14:42 . 2011-01-21 14:42 439808 c:\windows\$hf_mig$\KB2483185\SP3QFE\shimgvw.dll
+ 2011-02-10 13:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2482017-IE8\update\updspapi.dll
+ 2011-02-10 13:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2482017-IE8\update\update.exe
+ 2011-02-10 13:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2482017-IE8\spuninst.exe
+ 2011-02-10 05:32 . 2010-12-20 23:58 919552 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 206848 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\occache.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 611840 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mstime.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 602112 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeeds.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 247808 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieproxy.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 184320 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iepeers.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 743424 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iedvtool.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 387584 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iedkcs32.dll
+ 2011-02-10 05:32 . 2010-12-20 12:48 173568 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ie4uinit.exe
+ 2011-03-09 07:11 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-03-09 07:11 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-03-09 07:11 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-03-09 07:14 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-09 07:14 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-09 07:14 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-02-10 13:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479628\update\updspapi.dll
+ 2011-02-10 13:07 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479628\update\update.exe
+ 2011-02-10 13:07 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479628\spuninst.exe
+ 2011-02-10 13:08 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478971\update\updspapi.dll
+ 2011-02-10 13:08 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478971\update\update.exe
+ 2011-02-10 13:08 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478971\spuninst.exe
+ 2010-12-22 12:32 . 2010-12-22 12:32 301568 c:\windows\$hf_mig$\KB2478971\SP3QFE\kerberos.dll
+ 2011-02-10 13:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478960\update\updspapi.dll
+ 2011-02-10 13:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478960\update\update.exe
+ 2011-02-10 13:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478960\spuninst.exe
+ 2010-12-20 17:24 . 2010-12-20 17:24 730112 c:\windows\$hf_mig$\KB2478960\SP3QFE\lsasrv.dll
+ 2011-02-10 13:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476687\update\updspapi.dll
+ 2011-02-10 13:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476687\update\update.exe
+ 2011-02-10 13:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476687\spuninst.exe
+ 2011-06-17 06:43 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
+ 2011-06-17 06:43 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
+ 2011-06-17 06:43 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
+ 2010-12-20 17:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
+ 2011-02-10 13:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2393802\update\updspapi.dll
+ 2011-02-10 13:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2393802\update\update.exe
+ 2011-02-10 13:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2393802\spuninst.exe
+ 2011-02-10 05:35 . 2010-12-09 15:15 718336 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
+ 2011-04-15 13:11 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2011-05-13 14:34 . 2011-05-13 14:34 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
+ 2011-05-13 14:34 . 2011-05-13 14:34 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
+ 2011-01-26 15:21 . 2011-01-13 09:41 5890896 c:\windows\Temp09E3F085-F850-C561-564A-90F1853AE6C8-Signatures\mpengine.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36 1212416 c:\windows\system32\urlmon.dll
- 2004-08-04 12:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
+ 2004-08-04 12:00 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
+ 2008-09-20 08:05 . 2010-12-09 13:42 2148864 c:\windows\system32\ntoskrnl.exe
+ 2008-09-20 08:05 . 2010-12-09 13:07 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2007-06-22 18:31 . 2011-02-02 07:58 2067456 c:\windows\system32\mstscax.dll
+ 2004-08-04 12:00 . 2011-07-25 15:17 5969920 c:\windows\system32\mshtml.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 1495040 c:\windows\system32\Macromed\Shockwave 10\dirapiX.dll
+ 2008-10-05 03:24 . 2011-08-18 06:08 6277280 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2006-10-17 06:27 . 2011-06-23 18:36 1991680 c:\windows\system32\iertutil.dll
- 2006-10-17 06:27 . 2010-11-06 00:26 1991680 c:\windows\system32\iertutil.dll
+ 2011-04-13 22:40 . 2011-04-13 22:40 4284416 c:\windows\system32\GPhotos.scr
+ 2007-06-23 02:25 . 2011-07-14 04:56 1644624 c:\windows\system32\FNTCACHE.DAT
+ 2008-10-15 10:41 . 2011-06-02 14:02 1858944 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-04 12:00 . 2011-06-23 18:36 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2010-02-04 07:35 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-02-04 07:35 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-07 13:32 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2010-02-04 07:35 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2004-08-04 12:00 . 2011-07-25 15:17 5969920 c:\windows\system32\dllcache\mshtml.dll
+ 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2007-06-27 14:34 . 2011-06-23 18:36 1991680 c:\windows\system32\dllcache\iertutil.dll
- 2007-06-27 14:34 . 2010-11-06 00:26 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2011-04-26 06:44 . 2011-04-26 06:44 1019904 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2011-04-26 06:07 . 2011-04-26 06:07 2314416 c:\windows\system32\Adobe\Shockwave 11\gt.exe
- 2010-09-23 13:08 . 2010-09-23 13:08 1802240 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2011-04-26 06:46 . 2011-04-26 06:46 1802240 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2011-03-25 00:45 . 2011-03-25 00:45 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2008-07-25 05:47 . 2008-07-25 05:47 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2010-03-23 00:02 . 2010-03-23 00:02 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-04-28 16:20 . 2011-04-28 16:20 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-03-25 00:45 . 2011-03-25 00:45 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2010-05-11 01:10 . 2010-05-11 01:10 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-03-25 00:45 . 2011-03-25 00:45 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-06-21 06:31 . 2011-06-21 06:31 4991488 c:\windows\Installer\db620d.msp
+ 2011-05-23 08:45 . 2011-05-23 08:45 3617792 c:\windows\Installer\db61f3.msp
+ 2010-11-20 18:03 . 2010-11-20 18:03 1980928 c:\windows\Installer\a285e.msp
+ 2011-04-29 06:57 . 2011-04-29 06:57 4158464 c:\windows\Installer\77ea2e.msp
+ 2011-04-28 00:12 . 2011-04-28 00:12 4990976 c:\windows\Installer\77ea15.msp
+ 2011-04-27 05:44 . 2011-04-27 05:44 5520384 c:\windows\Installer\77e9fc.msp
+ 2011-04-29 07:34 . 2011-04-29 07:34 5053440 c:\windows\Installer\77e9e5.msp
+ 2011-04-29 07:01 . 2011-04-29 07:01 9006080 c:\windows\Installer\709d63.msp
+ 2011-04-29 06:58 . 2011-04-29 06:58 1995264 c:\windows\Installer\709d4a.msp
+ 2011-04-27 14:21 . 2011-04-27 14:21 6825472 c:\windows\Installer\709d24.msp
+ 2011-05-01 18:36 . 2011-05-01 18:36 2705920 c:\windows\Installer\6aa742.msp
+ 2011-07-27 02:12 . 2011-07-27 02:12 4985856 c:\windows\Installer\6aa738.msp
+ 2011-07-26 08:20 . 2011-07-26 08:20 5522432 c:\windows\Installer\6aa71f.msp
+ 2011-01-17 10:36 . 2011-01-17 10:36 5518848 c:\windows\Installer\62c51.msp
+ 2011-01-11 12:22 . 2011-01-11 12:22 3360768 c:\windows\Installer\62c3a.msp
+ 2011-03-17 14:35 . 2011-03-17 14:35 4989440 c:\windows\Installer\23655e.msp
+ 2011-05-20 12:01 . 2011-05-20 12:01 5518848 c:\windows\Installer\202b13.msp
+ 2011-05-17 12:58 . 2011-05-17 12:58 6862848 c:\windows\Installer\202afc.msp
+ 2011-04-29 07:03 . 2011-04-29 07:03 8173568 c:\windows\Installer\202ae4.msp
+ 2011-01-18 18:06 . 2011-01-18 18:06 2687488 c:\windows\Installer\1f14e26.msp
+ 2011-02-16 08:24 . 2011-02-16 08:24 4992000 c:\windows\Installer\1ae79f.msp
+ 2011-02-22 05:02 . 2011-02-22 05:02 5520384 c:\windows\Installer\1ae786.msp
+ 2011-01-11 12:23 . 2011-01-11 12:23 1763328 c:\windows\Installer\1ae76f.msp
+ 2011-01-27 09:19 . 2011-01-27 09:19 6825472 c:\windows\Installer\17cdf1.msp
+ 2011-01-11 12:19 . 2011-01-11 12:19 9003008 c:\windows\Installer\17cdda.msp
+ 2011-04-05 07:22 . 2011-04-05 07:22 5519872 c:\windows\Installer\17cda9.msp
+ 2010-11-20 18:02 . 2010-11-20 18:02 4165120 c:\windows\Installer\17cd92.msp
+ 2011-03-17 14:31 . 2011-03-17 14:31 9563648 c:\windows\Installer\17cd6a.msp
+ 2011-03-03 05:55 . 2011-03-03 05:55 5051904 c:\windows\Installer\17cd51.msp
+ 2011-01-11 12:20 . 2011-01-11 12:20 8177152 c:\windows\Installer\17cd3a.msp
- 2007-06-24 07:41 . 2011-01-13 07:11 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2007-06-24 07:41 . 2011-01-13 07:11 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2007-06-24 07:41 . 2011-08-11 16:04 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-02-14 00:33 . 2009-02-14 00:33 3070832 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEDOCUMENTSHARETOOL.DLL
+ 2011-08-11 16:00 . 2011-04-25 16:11 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-08-11 16:00 . 2011-05-30 22:19 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
+ 2011-08-11 16:00 . 2011-04-25 16:11 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 1210880 c:\windows\ie8updates\KB2530548-IE8\urlmon.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 5962240 c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 1991680 c:\windows\ie8updates\KB2530548-IE8\iertutil.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 1210880 c:\windows\ie8updates\KB2497640-IE8\urlmon.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 5961216 c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 1991680 c:\windows\ie8updates\KB2497640-IE8\iertutil.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 1210880 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 5959168 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 1991680 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll
+ 2010-02-04 07:35 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-02-04 07:35 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-07 13:32 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-02-04 07:35 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-08-11 16:26 . 2011-08-11 16:26 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsBase.ni.dll
+ 2011-08-11 16:29 . 2011-08-11 16:29 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\162600dde59fbaa0c048a949158ecba3\UIAutomationClientsideProviders.ni.dll
+ 2011-08-11 16:25 . 2011-08-11 16:25 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
+ 2011-08-11 16:29 . 2011-08-11 16:29 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
+ 2011-08-15 11:44 . 2011-08-15 11:44 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\22229a30650a9afbac984e1093898b13\System.WorkflowServices.ni.dll
+ 2011-08-15 11:44 . 2011-08-15 11:44 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a\System.Workflow.Runtime.ni.dll
+ 2011-08-15 11:44 . 2011-08-15 11:44 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e\System.Workflow.ComponentModel.ni.dll
+ 2011-08-15 11:44 . 2011-08-15 11:44 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\ab4b50c7c789e46a485903365765fde8\System.Workflow.Activities.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll
+ 2011-08-11 16:29 . 2011-08-11 16:29 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e1208f0d981c420fc59f806bfbaa713b\System.Speech.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69\System.ServiceModel.Web.ni.dll
+ 2011-08-15 07:27 . 2011-08-15 07:27 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
+ 2011-08-11 16:29 . 2011-08-11 16:29 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\90b444d02047ef27921153d46967ef0e\System.Printing.ni.dll
+ 2011-08-15 07:27 . 2011-08-15 07:27 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll
+ 2011-08-11 16:29 . 2011-08-11 16:29 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll
+ 2011-08-11 16:28 . 2011-08-11 16:28 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
+ 2011-08-15 11:41 . 2011-08-15 11:41 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\c1b9b8ce390548dcca661a5e6a908408\System.Data.Services.ni.dll
+ 2011-08-11 16:28 . 2011-08-11 16:28 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\571af34939797a7c1cd05b0b925a45bf\System.Data.Linq.ni.dll
+ 2011-08-15 11:42 . 2011-08-15 11:42 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\2b58cc071d6bf0c741e91f86c09de5d7\System.Data.Entity.ni.dll
+ 2011-08-11 16:28 . 2011-08-11 16:28 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll
+ 2011-08-11 16:28 . 2011-08-11 16:28 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24ab0cacc77e8696ceff3157942a2de4\ReachFramework.ni.dll
+ 2011-08-11 16:28 . 2011-08-11 16:28 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fac1ca86f4fea17de40d7fdaba38563e\PresentationUI.ni.dll
+ 2011-08-11 16:25 . 2011-08-11 16:25 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b187becbc388c4ce7f33ede4da76e7b1\PresentationBuildTasks.ni.dll
+ 2011-08-15 11:41 . 2011-08-15 11:41 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
+ 2011-08-15 07:28 . 2011-08-15 07:28 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\345abd035c9378667b1cac54c1f21c97\Microsoft.JScript.ni.dll
+ 2011-08-15 11:41 . 2011-08-15 11:41 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-15 11:41 . 2011-08-15 11:41 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
+ 2011-08-15 07:28 . 2011-08-15 07:28 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-08-11 16:06 . 2011-08-11 16:06 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-01-15 10:09 . 2011-01-15 10:09 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-07-13 18:19 . 2011-03-03 13:21 1857920 c:\windows\$NtUninstallKB2555917$\win32k.sys
+ 2011-04-15 13:41 . 2010-12-31 13:10 1854976 c:\windows\$NtUninstallKB2506223$\win32k.sys
+ 2011-02-10 13:07 . 2010-07-27 06:30 8462336 c:\windows\$NtUninstallKB2483185$\shell32.dll
+ 2011-03-09 07:11 . 2009-06-10 03:49 2066432 c:\windows\$NtUninstallKB2481109$\mstscax.dll
+ 2011-02-10 13:07 . 2010-10-26 13:25 1853312 c:\windows\$NtUninstallKB2479628$\win32k.sys
+ 2011-02-10 13:02 . 2010-04-27 13:59 2146304 c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
+ 2011-02-10 13:02 . 2010-04-27 13:05 2024448 c:\windows\$NtUninstallKB2393802$\ntkrpamp.exe
+ 2011-02-10 13:02 . 2010-04-27 13:05 2024448 c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
+ 2011-02-10 13:02 . 2010-04-27 13:59 2146304 c:\windows\$NtUninstallKB2393802$\ntkrnlmp.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2011-06-02 14:07 . 2011-06-02 14:07 1867904 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys
+ 2011-06-17 13:50 . 2011-04-25 16:09 1213952 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\urlmon.dll
+ 2011-06-17 13:50 . 2011-05-30 22:17 5967360 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 1992192 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iertutil.dll
+ 2011-03-03 13:27 . 2011-03-03 13:27 1866880 c:\windows\$hf_mig$\KB2506223\SP3QFE\win32k.sys
+ 2011-04-15 13:12 . 2011-02-22 23:27 1212928 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\urlmon.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 5964800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
+ 2011-04-15 13:12 . 2011-02-22 23:27 1992192 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iertutil.dll
+ 2011-01-21 14:42 . 2011-01-21 14:42 8463360 c:\windows\$hf_mig$\KB2483185\SP3QFE\shell32.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 1211904 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\urlmon.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 5962240 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 1992192 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iertutil.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2010-12-31 13:14 . 2010-12-31 13:14 1864064 c:\windows\$hf_mig$\KB2479628\SP3QFE\win32k.sys
+ 2011-02-10 05:35 . 2010-12-09 13:43 2192768 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
+ 2011-02-10 05:35 . 2010-12-09 13:09 2027008 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe
+ 2010-12-09 13:09 . 2010-12-09 13:09 2069376 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
+ 2011-02-10 05:35 . 2010-12-09 13:47 2148864 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe
+ 2007-06-22 23:55 . 2011-08-11 16:01 52390856 c:\windows\system32\MRT.exe
+ 2006-11-07 15:33 . 2011-06-23 18:36 11081728 c:\windows\system32\ieframe.dll
+ 2007-06-27 14:34 . 2011-06-23 18:36 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-02-24 09:45 . 2011-02-24 09:45 11551232 c:\windows\Installer\a2845.msp
+ 2011-03-02 16:30 . 2011-03-02 16:30 20308992 c:\windows\Installer\a0059.msp
+ 2011-04-21 16:48 . 2011-04-21 16:48 20314624 c:\windows\Installer\8c2899.msp
+ 2011-04-22 14:11 . 2011-04-22 14:11 11507712 c:\windows\Installer\77ea4b.msp
+ 2011-06-17 06:43 . 2011-06-17 06:43 20333056 c:\windows\Installer\709d32.msp
+ 2011-03-27 21:57 . 2011-03-27 21:57 15456256 c:\windows\Installer\1f14e35.msp
+ 2011-02-24 04:08 . 2011-02-24 04:08 10984448 c:\windows\Installer\17cdc1.msp
+ 2011-02-11 15:17 . 2011-02-11 15:17 12028928 c:\windows\Installer\17cd78.msp
+ 2011-08-11 16:00 . 2011-04-26 04:41 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-06-17 14:13 . 2011-02-22 23:06 11080704 c:\windows\ie8updates\KB2530548-IE8\ieframe.dll
+ 2011-04-15 13:39 . 2010-12-20 23:59 11080704 c:\windows\ie8updates\KB2497640-IE8\ieframe.dll
+ 2011-02-10 13:04 . 2010-11-06 00:26 11080704 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll
+ 2011-08-11 16:29 . 2011-08-11 16:29 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
+ 2011-08-15 11:43 . 2011-08-15 11:43 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
+ 2011-08-15 07:27 . 2011-08-15 07:27 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll
+ 2011-08-11 16:29 . 2011-08-11 16:29 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038c8e2e41415657db8fc\System.Design.ni.dll
+ 2011-08-11 16:27 . 2011-08-11 16:27 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll
+ 2011-08-11 16:26 . 2011-08-11 16:26 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03eca57419c4f0e884092ee\PresentationCore.ni.dll
+ 2011-06-20 15:07 . 2011-06-20 15:07 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
+ 2011-06-17 13:50 . 2011-04-25 16:09 11083776 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll
+ 2011-02-22 23:27 . 2011-02-22 23:27 11082752 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieframe.dll
+ 2011-02-10 05:32 . 2010-12-20 23:58 11082752 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-14 141336]
"RTHDCPL"="RTHDCPL.EXE" [2009-07-28 18671104]
"WordWeb"="c:\program files\WordWeb\wweb32.exe" [2009-11-08 65216]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):00
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GammaTray.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\GammaTray.lnk
backup=c:\windows\pss\GammaTray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2008-04-22 20:38 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2007-06-25 03:17 1057064 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
2007-06-25 03:17 1629480 -c--a-w- c:\program files\Nero\Nero 7\InCD\NBHGui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MagicTuneEngine"=2 (0x2)
"InCDsrv"=2 (0x2)
"gusvc"=3 (0x3)
"Xdrive Service"=2 (0x2)
"mozybackup"=2 (0x2)
"Adobe LM Service"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Microsoft Visual Studio\\COMMON\\Tools\\VS-Ent98\\Vanalyzr\\VARPC.EXE"=
"c:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Teleca Shared\\Generic.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [9/10/2009 11:36 AM 130936]
R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [6/11/2011 3:11 AM 86544]
R1 MpKslaefe2394;MpKslaefe2394;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ECD0351C-E56E-4843-9EA8-32EFF6A839D6}\MpKslaefe2394.sys [8/31/2011 8:12 AM 28752]
R2 713xTVCard;SAA7130 TV Card;c:\windows\system32\drivers\SAA713x.sys [6/30/2007 10:48 PM 289280]
R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\Blue Coat K9 Web Protection\k9filter.exe [1/14/2009 5:09 AM 1575184]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe [12/24/2010 10:05 AM 120248]
R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe [12/24/2010 10:05 AM 126392]
R2 WDMTVTuner;Universal WDM TV Tuner;c:\windows\system32\drivers\WDMTuner.sys [6/30/2007 10:48 PM 26880]
S1 MpKsl222307cf;MpKsl222307cf;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E34C5061-465B-4949-A698-2E5C96C4BFAC}\MpKsl222307cf.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E34C5061-465B-4949-A698-2E5C96C4BFAC}\MpKsl222307cf.sys [?]
S1 MpKsl2e993ab4;MpKsl2e993ab4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C0D74EB6-7721-41BA-850E-0266513C8F0B}\MpKsl2e993ab4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C0D74EB6-7721-41BA-850E-0266513C8F0B}\MpKsl2e993ab4.sys [?]
S1 MpKsl86323afe;MpKsl86323afe;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C30115C-4CA6-4FA1-BFB8-E7B38041DAFD}\MpKsl86323afe.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C30115C-4CA6-4FA1-BFB8-E7B38041DAFD}\MpKsl86323afe.sys [?]
S1 MpKslcc35c8d0;MpKslcc35c8d0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{56A017F1-CD33-40FD-8B0F-8CD17737B4C2}\MpKslcc35c8d0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{56A017F1-CD33-40FD-8B0F-8CD17737B4C2}\MpKslcc35c8d0.sys [?]
S1 MpKslf53452b4;MpKslf53452b4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{824E7B43-F8A2-4E7F-8FBA-0CA5F72DA18A}\MpKslf53452b4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{824E7B43-F8A2-4E7F-8FBA-0CA5F72DA18A}\MpKslf53452b4.sys [?]
S1 NaturalColor;NaturalColor;c:\windows\system32\drivers\MTictwl.sys --> c:\windows\system32\drivers\MTictwl.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [7/22/2010 12:30 PM 1684736]
S3 BTIAUSB;Generic Bluetooth Device;c:\windows\system32\drivers\btiausb.sys [7/30/2008 9:04 AM 23808]
S3 BTPROT;Generic Bluetooth Filter;c:\windows\system32\drivers\btprot.sys [8/2/2008 10:22 AM 453120]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [12/16/2007 8:53 PM 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [12/16/2007 8:59 PM 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [12/16/2007 8:59 PM 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [12/16/2007 8:59 PM 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [12/16/2007 8:59 PM 98568]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [9/10/2009 11:22 AM 348752]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLAEFE2394
*Deregistered* - mchInjDrv
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-31 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 10:09]
.
2010-12-22 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 09:37]
.
2011-08-31 c:\windows\Tasks\User_Feed_Synchronization-{8ED1C37F-BA64-435D-A387-32AE8AD58BA8}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 23:01]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Note this (Google Notebook) - c:\program files\Google\Google Notebook\gnotes1.0.2.19--1531692703.dll/gn_menu1.html
IE: Note this item (Google Notebook) - c:\program files\Google\Google Notebook\gnotes1.0.2.19--1531692703.dll/gn_menu2.html
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\www.update
Trusted Zone: skillport.com
Trusted Zone: skillsoft.com
Trusted Zone: windowsupdate.com\download
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1F028E25-D615-4A01-825A-166B876F2E01}: NameServer = 208.67.222.123,208.67.220.123
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-MagicRotation - c:\program files\MagicRotation\MagicPvt.exe
AddRemove-Backup_1.0_1.0 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-31 08:38
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCCUJobMgr]
"ImagePath"="\"c:\program files\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Engine\2.0.8.13\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-484763869-854245398-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b1,13,97,4c,2f,3e,36,4e,9a,9c,7b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b1,13,97,4c,2f,3e,36,4e,9a,9c,7b,\
.
Completion time: 2011-08-31 08:41:52
ComboFix-quarantined-files.txt 2011-08-31 03:11
ComboFix2.txt 2011-01-18 05:45
ComboFix3.txt 2011-01-15 10:45
ComboFix4.txt 2011-01-15 03:37
ComboFix5.txt 2011-08-31 02:53
.
Pre-Run: 22,233,198,592 bytes free
Post-Run: 23,685,869,568 bytes free
.
- - End Of File - - 1533AAFC8BA945C6C3F2FC23373E17CB

regards
kannan

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:22 AM

Posted 30 August 2011 - 10:50 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 KannanM

KannanM
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 31 August 2011 - 05:04 AM

Hi

thanks for the quick reply

meantime, after combofix run, when we reboot the computer, we are not able to access the internet
other functions of the computer are seems to be normal


in the morning we cant able to open any website...

in the next reboot facebook is opening and yahoomail... gmail opened once and now its not opening.

the following error occurs:

internet explorer cannot display the webpage.

while trying to open gmail.. this error occurs

http address is not valid.

you quick soultion is required, because, in the next couple of days are holidays in india, and we may surf lot


can you please guide how to make browsing possible with out any errors

regards

kannan




#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:22 AM

Posted 31 August 2011 - 05:59 AM

Hello


rerun combofix and let me know if you have same problem



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 KannanM

KannanM
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 01 September 2011 - 11:47 AM

Hi
Thanks
i have done the following
Re ran combofix
it got updated itself
when running intermediate steps, windows memeory error appeared on the screen
i have not clikced yes or cancel
combix ran completely and gave log
the same is pasted here
i am able to browse now
i am typing this mail in the same computer
later as per your other suggestion ran tds killer also
ran and no issues found
reprot is attache
after all this i have seen one redirect when opening firefox
my humble suggestion is some infection mask itself very well and send redirect
let us try with some new tool, or other method not done so far or new thought / idea to remove the infection

combo fix log

ComboFix 11-09-01.02 - Administrator 09/01/2011 21:32:24.7.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.380 [GMT 5.5:30]
Running from: d:\mr\31-03-2012\download\BrowserHijack-clean-PhaseII\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\bwUnin-6.1.4.61-8876480L.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-08-01 to 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 15:56 . 2011-09-01 15:56 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A781A532-33B0-4645-BAAB-45312A8F70A9}\MpKsl3db6e6ac.sys
2011-09-01 12:27 . 2011-08-12 02:44 7152464 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A781A532-33B0-4645-BAAB-45312A8F70A9}\mpengine.dll
2011-08-13 11:16 . 2011-08-13 11:16 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\PCHealth
2011-08-13 11:15 . 2011-07-13 03:39 6881616 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-08-11 14:40 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 14:24 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-18 06:08 . 2011-07-08 05:26 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-12 02:44 . 2011-02-10 17:20 7152464 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-15 13:29 . 2008-09-20 08:05 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-09-20 08:05 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2008-09-20 08:05 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-04 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-10 21:41 . 2011-06-10 21:41 86544 ----a-w- c:\windows\system32\drivers\bckd.sys
2007-04-19 12:12 . 2007-04-19 12:12 45056 ----a-w- c:\program files\mozilla firefox\plugins\atmccli.dll
2011-08-18 06:04 . 2011-03-23 05:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-08-31_03.08.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-01 15:56 . 2011-09-01 15:56 16384 c:\windows\temp\Perflib_Perfdata_284.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-14 141336]
"RTHDCPL"="RTHDCPL.EXE" [2009-07-28 18671104]
"WordWeb"="c:\program files\WordWeb\wweb32.exe" [2009-11-08 65216]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):00
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GammaTray.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\GammaTray.lnk
backup=c:\windows\pss\GammaTray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2008-04-22 20:38 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2007-06-25 03:17 1057064 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
2007-06-25 03:17 1629480 -c--a-w- c:\program files\Nero\Nero 7\InCD\NBHGui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MagicTuneEngine"=2 (0x2)
"InCDsrv"=2 (0x2)
"gusvc"=3 (0x3)
"Xdrive Service"=2 (0x2)
"mozybackup"=2 (0x2)
"Adobe LM Service"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Microsoft Visual Studio\\COMMON\\Tools\\VS-Ent98\\Vanalyzr\\VARPC.EXE"=
"c:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Teleca Shared\\Generic.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [9/10/2009 11:36 AM 130936]
R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [6/11/2011 3:11 AM 86544]
R1 MpKsl3db6e6ac;MpKsl3db6e6ac;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A781A532-33B0-4645-BAAB-45312A8F70A9}\MpKsl3db6e6ac.sys [9/1/2011 9:26 PM 28752]
R2 713xTVCard;SAA7130 TV Card;c:\windows\system32\drivers\SAA713x.sys [6/30/2007 10:48 PM 289280]
R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\Blue Coat K9 Web Protection\k9filter.exe [1/14/2009 5:09 AM 1575184]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe [12/24/2010 10:05 AM 120248]
R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe [12/24/2010 10:05 AM 126392]
R2 WDMTVTuner;Universal WDM TV Tuner;c:\windows\system32\drivers\WDMTuner.sys [6/30/2007 10:48 PM 26880]
S1 MpKsl222307cf;MpKsl222307cf;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E34C5061-465B-4949-A698-2E5C96C4BFAC}\MpKsl222307cf.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E34C5061-465B-4949-A698-2E5C96C4BFAC}\MpKsl222307cf.sys [?]
S1 MpKsl2e993ab4;MpKsl2e993ab4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C0D74EB6-7721-41BA-850E-0266513C8F0B}\MpKsl2e993ab4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C0D74EB6-7721-41BA-850E-0266513C8F0B}\MpKsl2e993ab4.sys [?]
S1 MpKsl86323afe;MpKsl86323afe;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C30115C-4CA6-4FA1-BFB8-E7B38041DAFD}\MpKsl86323afe.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C30115C-4CA6-4FA1-BFB8-E7B38041DAFD}\MpKsl86323afe.sys [?]
S1 MpKslcc35c8d0;MpKslcc35c8d0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{56A017F1-CD33-40FD-8B0F-8CD17737B4C2}\MpKslcc35c8d0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{56A017F1-CD33-40FD-8B0F-8CD17737B4C2}\MpKslcc35c8d0.sys [?]
S1 MpKslf53452b4;MpKslf53452b4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{824E7B43-F8A2-4E7F-8FBA-0CA5F72DA18A}\MpKslf53452b4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{824E7B43-F8A2-4E7F-8FBA-0CA5F72DA18A}\MpKslf53452b4.sys [?]
S1 NaturalColor;NaturalColor;c:\windows\system32\drivers\MTictwl.sys --> c:\windows\system32\drivers\MTictwl.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [7/22/2010 12:30 PM 1684736]
S3 BTIAUSB;Generic Bluetooth Device;c:\windows\system32\drivers\btiausb.sys [7/30/2008 9:04 AM 23808]
S3 BTPROT;Generic Bluetooth Filter;c:\windows\system32\drivers\btprot.sys [8/2/2008 10:22 AM 453120]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [12/16/2007 8:53 PM 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [12/16/2007 8:59 PM 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [12/16/2007 8:59 PM 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [12/16/2007 8:59 PM 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [12/16/2007 8:59 PM 98568]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [9/10/2009 11:22 AM 348752]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL3DB6E6AC
*Deregistered* - mchInjDrv
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 10:09]
.
2010-12-22 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 09:37]
.
2011-09-01 c:\windows\Tasks\User_Feed_Synchronization-{8ED1C37F-BA64-435D-A387-32AE8AD58BA8}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 23:01]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Note this (Google Notebook) - c:\program files\Google\Google Notebook\gnotes1.0.2.19--1531692703.dll/gn_menu1.html
IE: Note this item (Google Notebook) - c:\program files\Google\Google Notebook\gnotes1.0.2.19--1531692703.dll/gn_menu2.html
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\www.update
Trusted Zone: skillport.com
Trusted Zone: skillsoft.com
Trusted Zone: windowsupdate.com\download
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1F028E25-D615-4A01-825A-166B876F2E01}: NameServer = 208.67.222.123,208.67.220.123
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-01 21:44
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCCUJobMgr]
"ImagePath"="\"c:\program files\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Engine\2.0.8.13\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-484763869-854245398-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b1,13,97,4c,2f,3e,36,4e,9a,9c,7b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b1,13,97,4c,2f,3e,36,4e,9a,9c,7b,\
.
Completion time: 2011-09-01 21:48:09
ComboFix-quarantined-files.txt 2011-09-01 16:18
ComboFix2.txt 2011-08-31 03:11
ComboFix3.txt 2011-01-18 05:45
ComboFix4.txt 2011-01-15 10:45
ComboFix5.txt 2011-09-01 16:01
.
Pre-Run: 24,218,746,880 bytes free
Post-Run: 24,237,744,128 bytes free
.
- - End Of File - - C331F78E210F2484476EE250946F3701

tds killer log

2011/09/01 22:01:04.0328 2308 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/09/01 22:01:05.0234 2308 ================================================================================
2011/09/01 22:01:05.0234 2308 SystemInfo:
2011/09/01 22:01:05.0234 2308
2011/09/01 22:01:05.0234 2308 OS Version: 5.1.2600 ServicePack: 3.0
2011/09/01 22:01:05.0234 2308 Product type: Workstation
2011/09/01 22:01:05.0234 2308 ComputerName: RADHA
2011/09/01 22:01:05.0234 2308 UserName: Administrator
2011/09/01 22:01:05.0234 2308 Windows directory: C:\WINDOWS
2011/09/01 22:01:05.0234 2308 System windows directory: C:\WINDOWS
2011/09/01 22:01:05.0234 2308 Processor architecture: Intel x86
2011/09/01 22:01:05.0234 2308 Number of processors: 2
2011/09/01 22:01:05.0234 2308 Page size: 0x1000
2011/09/01 22:01:05.0234 2308 Boot type: Normal boot
2011/09/01 22:01:05.0234 2308 ================================================================================
2011/09/01 22:01:06.0703 2308 Initialize success
2011/09/01 22:01:35.0171 1464 ================================================================================
2011/09/01 22:01:35.0171 1464 Scan started
2011/09/01 22:01:35.0171 1464 Mode: Manual;
2011/09/01 22:01:35.0171 1464 ================================================================================
2011/09/01 22:01:35.0828 1464 713xTVCard (9f08d38b3e255f5bbb97ad3936425faf) C:\WINDOWS\system32\DRIVERS\SAA713x.sys
2011/09/01 22:01:35.0937 1464 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/01 22:01:35.0984 1464 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/01 22:01:36.0046 1464 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/01 22:01:36.0093 1464 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/01 22:01:36.0281 1464 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/09/01 22:01:36.0500 1464 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/01 22:01:36.0531 1464 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/01 22:01:36.0578 1464 AtcL002 (83ef26c44c53581bdb67866b922aed93) C:\WINDOWS\system32\DRIVERS\l251x86.sys
2011/09/01 22:01:36.0656 1464 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/01 22:01:36.0687 1464 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/01 22:01:36.0734 1464 bckd (7cfd6d37aba7006148abbf4f629b2d2a) C:\WINDOWS\system32\drivers\bckd.sys
2011/09/01 22:01:36.0812 1464 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/01 22:01:36.0859 1464 BlueletAudio (0744aa40fe6fa9c471fa59ccb5ca1f73) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
2011/09/01 22:01:36.0937 1464 BlueletSCOAudio (01d1832f2b13dfaf7384884f7c3e0124) C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
2011/09/01 22:01:36.0984 1464 BT (51eff72092088948933298c12ed23fd1) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
2011/09/01 22:01:37.0078 1464 Btcsrusb (3efdd3cc9118f6290398d94a72458b00) C:\WINDOWS\system32\Drivers\btcusb.sys
2011/09/01 22:01:37.0140 1464 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/09/01 22:01:37.0187 1464 BTHidEnum (e69d9e7854095a9c81acee40d766fe2d) C:\WINDOWS\system32\DRIVERS\vbtenum.sys
2011/09/01 22:01:37.0265 1464 BTHidMgr (a9164c2a39bd917b9f42ae087560ac3d) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
2011/09/01 22:01:37.0312 1464 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
2011/09/01 22:01:37.0359 1464 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/09/01 22:01:37.0421 1464 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/09/01 22:01:37.0453 1464 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/09/01 22:01:37.0484 1464 BTIAUSB (decb9dc9082d2bfb15b6010a94b48c40) C:\WINDOWS\system32\DRIVERS\btiausb.sys
2011/09/01 22:01:37.0593 1464 BTNetFilter (78a033933af2cac043a445ff1db876b8) C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
2011/09/01 22:01:37.0703 1464 BTPROT (fda982f929c6fb8da98bd27e96f0e618) C:\WINDOWS\system32\DRIVERS\btprot.sys
2011/09/01 22:01:37.0890 1464 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/01 22:01:37.0937 1464 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/01 22:01:38.0000 1464 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/01 22:01:38.0046 1464 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/01 22:01:38.0078 1464 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/01 22:01:38.0140 1464 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/09/01 22:01:38.0218 1464 ctac32k (4b6096745f72b4fd36514617e2ea5d37) C:\WINDOWS\system32\drivers\ctac32k.sys
2011/09/01 22:01:38.0296 1464 ctaud2k (3576ec792347ed15699f6d830e0f5437) C:\WINDOWS\system32\drivers\ctaud2k.sys
2011/09/01 22:01:38.0390 1464 ctljystk (71007bd2e1e26927fe3e4eb00c0beedf) C:\WINDOWS\system32\DRIVERS\ctljystk.sys
2011/09/01 22:01:38.0453 1464 ctprxy2k (097d42574e3c6d98cd5a2ee7647fa6bf) C:\WINDOWS\system32\drivers\ctprxy2k.sys
2011/09/01 22:01:38.0484 1464 ctsfm2k (c58a2507ef62b20b9bd670c666088b50) C:\WINDOWS\system32\drivers\ctsfm2k.sys
2011/09/01 22:01:38.0671 1464 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/01 22:01:38.0734 1464 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/01 22:01:38.0781 1464 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/01 22:01:38.0828 1464 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/01 22:01:38.0859 1464 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/01 22:01:38.0906 1464 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
2011/09/01 22:01:38.0937 1464 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
2011/09/01 22:01:38.0984 1464 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
2011/09/01 22:01:39.0062 1464 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/01 22:01:39.0109 1464 emu10k (01f83e1b5dce05f5cb7d99113ca9e890) C:\WINDOWS\system32\drivers\emu10k1m.sys
2011/09/01 22:01:39.0171 1464 emu10k1 (7ffa171cce6a8bfc774862a578ba39a2) C:\WINDOWS\system32\drivers\ctlfacem.sys
2011/09/01 22:01:39.0234 1464 emupia (a9d94b89372f3f9609a1a5eec631a260) C:\WINDOWS\system32\drivers\emupia2k.sys
2011/09/01 22:01:39.0312 1464 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/01 22:01:39.0359 1464 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/09/01 22:01:39.0375 1464 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/01 22:01:39.0406 1464 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/09/01 22:01:39.0468 1464 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/01 22:01:39.0500 1464 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/01 22:01:39.0515 1464 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/01 22:01:39.0562 1464 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/09/01 22:01:39.0593 1464 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/01 22:01:39.0656 1464 ha10kx2k (dc9847cdc43665ed4cc780947516209c) C:\WINDOWS\system32\drivers\ha10kx2k.sys
2011/09/01 22:01:39.0781 1464 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/01 22:01:39.0828 1464 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
2011/09/01 22:01:39.0843 1464 HidBth (7bd2de4c85eb4241eed57672b16a7d8d) C:\WINDOWS\system32\DRIVERS\hidbth.sys
2011/09/01 22:01:39.0906 1464 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/01 22:01:40.0000 1464 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/01 22:01:40.0078 1464 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/01 22:01:40.0250 1464 ialm (9acb03875cfe068d5cc0e98fb2cf7017) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/09/01 22:01:40.0453 1464 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/01 22:01:40.0515 1464 InCDfs (580a81790cd0a48d85da322267da7ac4) C:\WINDOWS\system32\drivers\InCDFs.sys
2011/09/01 22:01:40.0531 1464 InCDPass (aaa2789d2ce21b31be9406ba1ceb7285) C:\WINDOWS\system32\drivers\InCDPass.sys
2011/09/01 22:01:40.0562 1464 InCDrec (4d022577e9072b5d22e0a383a7806bbb) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/09/01 22:01:40.0593 1464 incdrm (c258e57321a3c3737f4fa815fa69ee0b) C:\WINDOWS\system32\drivers\InCDRm.sys
2011/09/01 22:01:40.0765 1464 IntcAzAudAddService (c89535b2d7b42fe402ac4b20d9908249) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/09/01 22:01:40.0968 1464 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/01 22:01:41.0000 1464 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/01 22:01:41.0046 1464 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/01 22:01:41.0109 1464 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/01 22:01:41.0140 1464 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/01 22:01:41.0171 1464 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/01 22:01:41.0187 1464 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/01 22:01:41.0234 1464 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/01 22:01:41.0265 1464 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/01 22:01:41.0296 1464 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/01 22:01:41.0328 1464 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/01 22:01:41.0390 1464 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/01 22:01:41.0421 1464 L8042Kbd (d88846f9f4f27ae9be584a6e5b6b8753) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
2011/09/01 22:01:41.0453 1464 L8042mou (bea61fda2103f6f51b14eb0872e8a050) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
2011/09/01 22:01:41.0562 1464 LMouKE (cab504e38fced9a56d87d838e9ba13e9) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
2011/09/01 22:01:41.0656 1464 lvmvdrv (f52f3e700910518e3eb7a8b493ba2086) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
2011/09/01 22:01:41.0796 1464 LVPrcMon (4fd5a6335fb4fc1f758088b2f90613fe) C:\WINDOWS\system32\drivers\LVPrcMon.sys
2011/09/01 22:01:41.0937 1464 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/01 22:01:41.0968 1464 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/01 22:01:42.0062 1464 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/09/01 22:01:42.0156 1464 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/01 22:01:42.0203 1464 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/01 22:01:42.0234 1464 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/01 22:01:42.0281 1464 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2011/09/01 22:01:42.0453 1464 MpKsl7ac62cbe (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A967230C-2A66-4503-9F57-51A031B962F6}\MpKsl7ac62cbe.sys
2011/09/01 22:01:42.0593 1464 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/01 22:01:42.0640 1464 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/01 22:01:42.0687 1464 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/01 22:01:42.0734 1464 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/01 22:01:42.0781 1464 msloop (64e8b7c65eb4796939c0f64f8170821b) C:\WINDOWS\system32\DRIVERS\loop.sys
2011/09/01 22:01:42.0828 1464 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/01 22:01:42.0859 1464 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/01 22:01:42.0921 1464 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/01 22:01:42.0953 1464 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/01 22:01:43.0000 1464 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
2011/09/01 22:01:43.0062 1464 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/01 22:01:43.0109 1464 n558 (88705dc61b9275b82e48904d53031f5b) C:\WINDOWS\system32\Drivers\n558.sys
2011/09/01 22:01:43.0156 1464 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/01 22:01:43.0218 1464 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/01 22:01:43.0281 1464 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/01 22:01:43.0312 1464 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/01 22:01:43.0359 1464 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/01 22:01:43.0375 1464 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/01 22:01:43.0421 1464 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/01 22:01:43.0453 1464 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/01 22:01:43.0484 1464 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/01 22:01:43.0531 1464 nmwcd (c82f4cc10ad315b6d6bcb14d0a7cad66) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/09/01 22:01:43.0562 1464 nmwcdc (60ef5f5621d7832f00a3f190a0c905e2) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/09/01 22:01:43.0625 1464 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/01 22:01:43.0656 1464 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/01 22:01:43.0734 1464 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/01 22:01:43.0765 1464 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/01 22:01:43.0812 1464 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/01 22:01:43.0890 1464 ossrv (f29184bdc81c398b6027a67ff6a19895) C:\WINDOWS\system32\drivers\ctoss2k.sys
2011/09/01 22:01:44.0015 1464 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/01 22:01:44.0031 1464 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/01 22:01:44.0078 1464 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/01 22:01:44.0125 1464 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/01 22:01:44.0203 1464 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/01 22:01:44.0234 1464 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/01 22:01:44.0281 1464 PCTCore (aa9cfa67850893fbb168b9c4e4c86952) C:\WINDOWS\system32\drivers\PCTCore.sys
2011/09/01 22:01:44.0390 1464 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/01 22:01:44.0437 1464 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/01 22:01:44.0453 1464 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/01 22:01:44.0515 1464 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/01 22:01:44.0656 1464 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/01 22:01:44.0703 1464 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/01 22:01:44.0750 1464 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/01 22:01:44.0781 1464 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/01 22:01:44.0812 1464 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/01 22:01:44.0843 1464 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/01 22:01:44.0875 1464 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/01 22:01:44.0921 1464 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/01 22:01:44.0984 1464 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/01 22:01:45.0046 1464 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/09/01 22:01:45.0093 1464 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/09/01 22:01:45.0156 1464 RTL8023xp (c8b370b2b520ac1b8bc66203fcec73db) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2011/09/01 22:01:45.0281 1464 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/09/01 22:01:45.0312 1464 RTLE8023xp (b0e1648aae1e59bdd0854af07a605399) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/09/01 22:01:45.0375 1464 s115bus (e1ab463b36a7ef31d8a73a97a9b57afa) C:\WINDOWS\system32\DRIVERS\s115bus.sys
2011/09/01 22:01:45.0406 1464 s115mdfl (e24113fc13b8737c94cf4e3415488c76) C:\WINDOWS\system32\DRIVERS\s115mdfl.sys
2011/09/01 22:01:45.0453 1464 s115mdm (4029e49e7c673aa0670bd206b0af1b5b) C:\WINDOWS\system32\DRIVERS\s115mdm.sys
2011/09/01 22:01:45.0515 1464 s115mgmt (eb02ab4ca8bccecfde236cad8fc6e135) C:\WINDOWS\system32\DRIVERS\s115mgmt.sys
2011/09/01 22:01:45.0546 1464 s115obex (089869db9ffd2ac807fa87fe82ac7761) C:\WINDOWS\system32\DRIVERS\s115obex.sys
2011/09/01 22:01:45.0593 1464 s125bus (06847aa6f3a9bf7c44134d00a2e578c0) C:\WINDOWS\system32\DRIVERS\s125bus.sys
2011/09/01 22:01:45.0640 1464 s125mdfl (f83f88e1b125308fb5015ea0349502b0) C:\WINDOWS\system32\DRIVERS\s125mdfl.sys
2011/09/01 22:01:45.0687 1464 s125mdm (402a97756c14940ad6ae5169c2fb105e) C:\WINDOWS\system32\DRIVERS\s125mdm.sys
2011/09/01 22:01:45.0734 1464 s125mgmt (82b14c51de76825ec769a6374e4c57d6) C:\WINDOWS\system32\DRIVERS\s125mgmt.sys
2011/09/01 22:01:45.0765 1464 s125obex (bedfc5707c356fd073bf1a4afe442d91) C:\WINDOWS\system32\DRIVERS\s125obex.sys
2011/09/01 22:01:45.0812 1464 s716bus (d7a84ef8f953a2d704580e4e73e00011) C:\WINDOWS\system32\DRIVERS\s716bus.sys
2011/09/01 22:01:45.0859 1464 s716mdfl (c5b509cdeeb733efafadc2d93bc77712) C:\WINDOWS\system32\DRIVERS\s716mdfl.sys
2011/09/01 22:01:45.0906 1464 s716mdm (dc3dec64860878540b374dc7d15d921f) C:\WINDOWS\system32\DRIVERS\s716mdm.sys
2011/09/01 22:01:45.0953 1464 s716mgmt (047fd555d897333ad9f61b1d4cc7c114) C:\WINDOWS\system32\DRIVERS\s716mgmt.sys
2011/09/01 22:01:45.0984 1464 s716nd5 (2858193e91eef964e41b6a032e1e4418) C:\WINDOWS\system32\DRIVERS\s716nd5.sys
2011/09/01 22:01:46.0000 1464 s716obex (cc6c212585891614cc2059ba48d27a86) C:\WINDOWS\system32\DRIVERS\s716obex.sys
2011/09/01 22:01:46.0046 1464 s716unic (aaaeeba9fa0ecb0de6bba59f955cdefb) C:\WINDOWS\system32\DRIVERS\s716unic.sys
2011/09/01 22:01:46.0109 1464 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/01 22:01:46.0156 1464 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/01 22:01:46.0187 1464 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/01 22:01:46.0218 1464 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/01 22:01:46.0281 1464 sfman (0b1a5e9cacb5cdd54a2815107bd7c772) C:\WINDOWS\system32\drivers\sfmanm.sys
2011/09/01 22:01:46.0328 1464 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/01 22:01:46.0375 1464 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2011/09/01 22:01:46.0437 1464 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/01 22:01:46.0468 1464 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/01 22:01:46.0515 1464 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/01 22:01:46.0562 1464 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/01 22:01:46.0593 1464 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/01 22:01:46.0609 1464 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/01 22:01:46.0750 1464 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/01 22:01:46.0812 1464 TClass2k (535fb6fe9b756b4e3203de3e3842fa04) C:\WINDOWS\system32\DRIVERS\TClass2k.sys
2011/09/01 22:01:46.0890 1464 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/01 22:01:46.0937 1464 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/01 22:01:46.0968 1464 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/01 22:01:47.0000 1464 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/01 22:01:47.0093 1464 UCTblHid (019d314a69789e377a92b8b279c8e12b) C:\WINDOWS\system32\DRIVERS\UCTblHid.sys
2011/09/01 22:01:47.0156 1464 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/01 22:01:47.0234 1464 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/01 22:01:47.0281 1464 upperdev (bb16932a4189e82d6c455042c11849b6) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/09/01 22:01:47.0312 1464 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/01 22:01:47.0359 1464 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/01 22:01:47.0421 1464 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/01 22:01:47.0453 1464 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/01 22:01:47.0484 1464 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/09/01 22:01:47.0546 1464 UsbserFilt (e748d50b3b2ec7f40a2ba67fb094cf01) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/09/01 22:01:47.0609 1464 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/01 22:01:47.0640 1464 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/01 22:01:47.0687 1464 VComm (9ebee4a060c5364a31aeaa04eac2af1e) C:\WINDOWS\system32\DRIVERS\VComm.sys
2011/09/01 22:01:47.0718 1464 VcommMgr (d1ddff84dc3060456c8bc0c47af8cbb2) C:\WINDOWS\system32\Drivers\VcommMgr.sys
2011/09/01 22:01:47.0796 1464 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/01 22:01:47.0843 1464 VHidMinidrv (2e3422dd80d1e37e42fae7653e59c7e9) C:\WINDOWS\system32\drivers\VHIDMini.sys
2011/09/01 22:01:47.0937 1464 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/01 22:01:47.0984 1464 W700bus (b57979148638f84e54b6441f085f2584) C:\WINDOWS\system32\DRIVERS\W700bus.sys
2011/09/01 22:01:48.0015 1464 W700obex (725aed977f8b8155d8f3a424e435be63) C:\WINDOWS\system32\DRIVERS\W700obex.sys
2011/09/01 22:01:48.0062 1464 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/01 22:01:48.0109 1464 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/09/01 22:01:48.0171 1464 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/01 22:01:48.0218 1464 WDMTVTuner (c422f2ebed42889e3e918b72645edcea) C:\WINDOWS\system32\drivers\WDMTuner.sys
2011/09/01 22:01:48.0312 1464 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/09/01 22:01:48.0343 1464 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/01 22:01:48.0406 1464 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/01 22:01:48.0437 1464 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/01 22:01:48.0500 1464 zebrceb (e66cd8bd0308c9c5403ec8eee9e01011) C:\WINDOWS\system32\DRIVERS\zebrceb.sys
2011/09/01 22:01:48.0578 1464 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/09/01 22:01:48.0656 1464 Boot (0x1200) (b3e93f601f9e38f409caea2a9f30f568) \Device\Harddisk0\DR0\Partition0
2011/09/01 22:01:48.0671 1464 Boot (0x1200) (1646409dc125ec76498759a80712bd02) \Device\Harddisk0\DR0\Partition1
2011/09/01 22:01:48.0687 1464 Boot (0x1200) (c90a6331f4b6eb96f4c098d48e0d52b0) \Device\Harddisk0\DR0\Partition2
2011/09/01 22:01:48.0703 1464 Boot (0x1200) (503bc8d41ca7177789364e1bef34904e) \Device\Harddisk0\DR0\Partition3
2011/09/01 22:01:48.0718 1464 ================================================================================
2011/09/01 22:01:48.0718 1464 Scan finished
2011/09/01 22:01:48.0718 1464 ================================================================================
2011/09/01 22:01:48.0718 2508 Detected object count: 0
2011/09/01 22:01:48.0718 2508 Actual detected object count: 0

regards
kannan

#8 KannanM

KannanM
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 01 September 2011 - 12:15 PM

Hi
Please refer my post sent earlier
it is having log of combo-fix and tds killer
now whenever i try to log Google group sites - redirect is more and connection interruption occurs both in Firefox and ie
even i am not able to upload Google web album through Picasso 3, with out opening browser
it is the infection related to Google sites
with this clue can we guess the infection and try some method so that the infection is killed
thanks
regards
kannan

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:22 AM

Posted 01 September 2011 - 12:37 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTListIt.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 KannanM

KannanM
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 02 September 2011 - 01:43 AM

Hi
ran otl
here is the log
OTL logfile created on: 9/2/2011 12:04:08 PM - Run 3
OTL by OldTimer - Version 3.2.27.0 Folder = D:\mr\31-03-2012\download\BrowserHijack-clean-PhaseII
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.11 Mb Total Physical Memory | 168.85 Mb Available Physical Memory | 16.65% Memory free
1.87 Gb Paging File | 0.98 Gb Available in Paging File | 52.33% Paging File free
Paging file location(s): C:\pagefile.sys 1000 1522 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 22.59 Gb Free Space | 46.26% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 4.55 Gb Free Space | 9.31% Space Free | Partition Type: NTFS
Drive E: | 48.83 Gb Total Space | 15.07 Gb Free Space | 30.86% Space Free | Partition Type: NTFS
Drive F: | 86.39 Gb Total Space | 13.61 Gb Free Space | 15.75% Space Free | Partition Type: NTFS

Computer Name: RADHA | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\mr\31-03-2012\download\BrowserHijack-clean-PhaseII\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe (Blue Coat Systems, Inc.)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe (Symantec Corporation)
PRC - C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe (2BrightSparks)
PRC - C:\Program Files\WordWeb\wweb32.exe (WordWeb Software)
PRC - C:\Program Files\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\WINDOWS\system32\drivers\WTSrv.exe (Tablet Driver)
PRC - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
PRC - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\gecko6\WINNT_x86-msvc\SSSLauncher.dll ()
MOD - C:\Program Files\WordWeb\WUCNT.dll ()
MOD - C:\Program Files\Spyware Doctor\NetworkLayer\PCTCFHook.dll ()
MOD - C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll ()
MOD - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
MOD - C:\WINDOWS\system32\HPBHEALR.DLL ()


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (bckwfs) -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe (Blue Coat Systems, Inc.)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (Norton PC Checkup Application Launcher) -- C:\Program Files\Norton PC Checkup\Engine\2.0.8.13\SymcPCCULaunchSvc.exe (Symantec Corporation)
SRV - (PCCUJobMgr) -- C:\Program Files\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe (Symantec Corporation)
SRV - (sdCoreService) -- C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (Macromedia Licensing Service) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (InCDsrv) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe (Nero AG)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (McAfeeFramework) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
SRV - (WinTabService) -- C:\WINDOWS\system32\drivers\WTSrv.exe (Tablet Driver)
SRV - (BlueSoleil Hid Service) -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
SRV - (APC UPS Service) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe (American Power Conversion Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\hpzipm12.exe (HP)
SRV - (Visual Studio Analyzer RPC bridge) -- C:\Program Files\Microsoft Visual Studio\COMMON\Tools\VS-Ent98\Vanalyzr\VARPC.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (MpKsl8670d7d4) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A967230C-2A66-4503-9F57-51A031B962F6}\MpKsl8670d7d4.sys (Microsoft Corporation)
DRV - (bckd) -- C:\WINDOWS\system32\drivers\bckd.sys (Blue Coat Systems, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (BTPROT) -- C:\WINDOWS\system32\drivers\btprot.sys (iAnywhere Solutions)
DRV - (BTIAUSB) -- C:\WINDOWS\system32\drivers\btiausb.sys (iAnywhere Solutions)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Windows ® Codename Longhorn DDK provider)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Windows ® Codename Longhorn DDK provider)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (AtcL002) -- C:\WINDOWS\system32\drivers\l251x86.sys (Atheros Communications, Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (n558) -- C:\WINDOWS\system32\drivers\n558.sys ()
DRV - (incdrm) -- C:\WINDOWS\system32\drivers\InCDRm.sys (Nero AG)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDPass.sys (Nero AG)
DRV - (InCDfs) -- C:\WINDOWS\system32\drivers\InCDfs.sys (Nero AG)
DRV - (lvmvdrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s125mgmt.sys (MCCI Corporation)
DRV - (s125obex) -- C:\WINDOWS\system32\drivers\s125obex.sys (MCCI Corporation)
DRV - (s125mdm) -- C:\WINDOWS\system32\drivers\s125mdm.sys (MCCI Corporation)
DRV - (s125mdfl) -- C:\WINDOWS\system32\drivers\s125mdfl.sys (MCCI Corporation)
DRV - (s125bus) Sony Ericsson Device 125 driver (WDM) -- C:\WINDOWS\system32\drivers\s125bus.sys (MCCI Corporation)
DRV - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s115mgmt.sys (MCCI Corporation)
DRV - (s115obex) -- C:\WINDOWS\system32\drivers\s115obex.sys (MCCI Corporation)
DRV - (s115mdm) -- C:\WINDOWS\system32\drivers\s115mdm.sys (MCCI Corporation)
DRV - (s115mdfl) -- C:\WINDOWS\system32\drivers\s115mdfl.sys (MCCI Corporation)
DRV - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\WINDOWS\system32\drivers\s115bus.sys (MCCI Corporation)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech Inc.)
DRV - (L8042mou) -- C:\WINDOWS\system32\drivers\L8042mou.Sys (Logitech Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech Inc.)
DRV - (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM) -- C:\WINDOWS\system32\drivers\s716unic.sys (MCCI Corporation)
DRV - (s716obex) -- C:\WINDOWS\system32\drivers\s716obex.sys (MCCI Corporation)
DRV - (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS) -- C:\WINDOWS\system32\drivers\s716nd5.sys (MCCI Corporation)
DRV - (s716mdm) -- C:\WINDOWS\system32\drivers\s716mdm.sys (MCCI Corporation)
DRV - (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s716mgmt.sys (MCCI Corporation)
DRV - (s716mdfl) -- C:\WINDOWS\system32\drivers\s716mdfl.sys (MCCI Corporation)
DRV - (s716bus) Sony Ericsson Device 716 driver (WDM) -- C:\WINDOWS\system32\drivers\s716bus.sys (MCCI Corporation)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation)
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation)
DRV - (713xTVCard) -- C:\WINDOWS\system32\drivers\SAA713x.sys (Philips Semiconductors)
DRV - (WDMTVTuner) -- C:\WINDOWS\system32\drivers\WDMTuner.sys (Philips Semiconductors)
DRV - (BTNetFilter) -- C:\Program Files\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys ()
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation)
DRV - (W700obex) -- C:\WINDOWS\system32\drivers\W700obex.sys (MCCI)
DRV - (W700bus) Sony Ericsson W700 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\W700bus.sys (MCCI)
DRV - (zebrceb) Sony Ericsson Cable Emulation Bus (WDM) -- C:\WINDOWS\system32\drivers\zebrceb.sys (MCCI)
DRV - (BT) -- C:\WINDOWS\system32\drivers\BtNetDrv.sys (IVT Corporation)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (LVPrcMon) -- C:\WINDOWS\system32\drivers\LVPrcMon.sys ()
DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation)
DRV - (TClass2k) -- C:\WINDOWS\system32\drivers\TClass2k.sys (Tablet Driver)
DRV - (Tablet2k) -- C:\WINDOWS\System32\Drivers\Tablet2k.sys (Windows ® 2000 DDK provider)
DRV - (UCTblHid) -- C:\WINDOWS\system32\drivers\UCTblHid.sys (Tablet Driver)
DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys ()
DRV - (VHidMinidrv) -- C:\WINDOWS\system32\drivers\VHIDMini.sys (IVT Corporation)
DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (msloop) -- C:\WINDOWS\system32\drivers\loop.sys (Microsoft Corporation)
DRV - (sfman) Creative SoundFont Manager Driver (WDM) -- C:\WINDOWS\system32\drivers\sfmanm.sys (Creative Technology Ltd.)
DRV - (emu10k1) Creative Interface Manager Driver (WDM) -- C:\WINDOWS\system32\drivers\ctlfacem.sys (Creative Technology Ltd.)
DRV - (emu10k) Creative SB Live! (WDM) -- C:\WINDOWS\system32\drivers\emu10k1m.sys (Creative Technology Ltd.)
DRV - (ctljystk) -- C:\WINDOWS\system32\drivers\ctljystk.sys (Creative Technology Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://localhost:9100/proxy.pac

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://localhost:9100/proxy.pac

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-484763869-854245398-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-484763869-854245398-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-484763869-854245398-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-484763869-854245398-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-484763869-854245398-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-484763869-854245398-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-484763869-854245398-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.1
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13
FF - prefs.js..extensions.enabledItems: {C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}:2.3.54
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.8.0
FF - prefs.js..extensions.enabledItems: {e1170235-2845-420c-acc3-42261a29dd46}:4.0.1
FF - prefs.js..extensions.enabledItems: {9D23D0AA-D8F5-11DA-B3FC-0928ABF316DD}:3.0.5
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44026
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.2
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.106
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:3.4
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22.5
FF - prefs.js..extensions.enabledItems: {B9C8BE50-7105-4ec6-8FB4-4935C0671648}:0.5.995
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {c33c5b47-69c8-45a4-a5e0-af85bbe628dd}:1.6.1.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.1.1
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.9.3
FF - prefs.js..extensions.enabledItems: secureLogin@blueimp.net:0.9.7
FF - prefs.js..extensions.enabledItems: firefox-extension@shareaholic.com:2.2.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1.1
FF - prefs.js..extensions.enabledItems: timetrack@usablehack.com:1.2.5
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.autoconfig_url: "http://localhost:9100/proxy.pac"
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files\Microsoft Research\HDView for Firefox [2008/09/12 09:59:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/08/31 22:23:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/18 11:34:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 11:16:05 | 000,000,000 | ---D | M]

[2008/08/03 08:48:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2011/09/01 22:23:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions
[2011/08/03 11:26:06 | 000,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011/07/14 10:44:30 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2009/09/10 11:16:00 | 000,000,000 | ---D | M] (Advanced Dork:) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{31E65147-5A53-4e52-8A64-FF7EBFA36D76}
[2011/07/29 11:28:41 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2009/09/10 11:16:57 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/09/12 21:50:54 | 000,000,000 | ---D | M] (CookieSafe) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{9D23D0AA-D8F5-11DA-B3FC-0928ABF316DD}
[2011/07/14 10:44:31 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/11/26 10:10:52 | 000,000,000 | ---D | M] (HP Detect) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2011/08/19 10:23:10 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2010/03/12 23:57:34 | 000,000,000 | ---D | M] ("Gmail Space") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}
[2011/08/19 10:23:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/03/12 23:58:48 | 000,000,000 | ---D | M] (Answers) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}
[2010/03/12 23:57:07 | 000,000,000 | ---D | M] (Clipmarks) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46}
[2009/03/21 12:52:48 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2008/10/25 22:10:35 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2008/10/10 12:05:45 | 000,000,000 | ---D | M] (Mouse Gestures Redox) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}
[2010/05/23 15:15:33 | 000,000,000 | ---D | M] ("Better Gmail 2") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\bettergmail2@ginatrapani.org
[2011/03/12 20:35:57 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\elemhidehelper@adblockplus.org
[2011/02/14 11:15:05 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\fastdial@telega.phpnet.us
[2011/08/25 12:29:40 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\foxmarks@kei.com
[2011/08/11 12:49:14 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\foxyproxy@eric.h.jung
[2010/12/29 11:29:43 | 000,000,000 | ---D | M] (Read It Later) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\isreaditlater@ideashower.com
[2008/09/10 23:09:32 | 000,000,000 | ---D | M] (Google Notebook) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\notebook@google.com
[2011/08/18 11:35:06 | 000,000,000 | ---D | M] (Cooliris) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\piclens@cooliris.com
[2009/09/10 11:17:18 | 000,000,000 | ---D | M] (TimeTracker) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\extensions\timetrack@usablehack.com
[2008/08/21 12:16:52 | 000,004,997 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lk92sqvq.default\searchplugins\linkedin.xml
[2011/03/23 11:16:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/29 11:52:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/05 22:29:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/27 06:15:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{89506680-E3F4-484C-A2C0-ED711D481EDA}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{C33C5B47-69C8-45A4-A5E0-AF85BBE628DD}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{CE6E6E3B-84DD-4CAC-9F63-8D2AE4F30A4B}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\AUTOFILLFORMS@BLUEIMP.NET.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\FIREFOX-EXTENSION@SHAREAHOLIC.COM.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\LK92SQVQ.DEFAULT\EXTENSIONS\SECURELOGIN@BLUEIMP.NET.XPI
[2010/07/29 11:51:57 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/02/06 19:03:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/08/18 11:34:54 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/04/19 17:42:28 | 000,045,056 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\atmccli.dll
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/03/21 12:51:34 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2008/09/15 11:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2010/01/01 13:30:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/01 21:44:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (&Google Notebook) - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1531692703.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Google Notebook) - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1531692703.dll ()
O3 - HKU\S-1-5-21-484763869-854245398-839522115-500\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-484763869-854245398-839522115-500\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-484763869-854245398-839522115-500\..\Toolbar\WebBrowser: (Google Notebook) - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1531692703.dll ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WordWeb] C:\Program Files\WordWeb\wweb32.exe (WordWeb Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-484763869-854245398-839522115-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-484763869-854245398-839522115-500\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-21-484763869-854245398-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-484763869-854245398-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-484763869-854245398-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-484763869-854245398-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Note this (Google Notebook) - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1531692703.dll ()
O8 - Extra context menu item: Note this item (Google Notebook) - C:\Program Files\Google\Google Notebook\gnotes1.0.2.19--1531692703.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKU\S-1-5-21-484763869-854245398-839522115-500\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites)
O15 - HKU\S-1-5-21-484763869-854245398-839522115-500\..Trusted Domains: microsoft.com ([www.update] http in Trusted sites)
O15 - HKU\S-1-5-21-484763869-854245398-839522115-500\..Trusted Domains: skillport.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-484763869-854245398-839522115-500\..Trusted Domains: skillsoft.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-484763869-854245398-839522115-500\..Trusted Domains: windowsupdate.com ([download] * in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mintu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F028E25-D615-4A01-825A-166B876F2E01}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F028E25-D615-4A01-825A-166B876F2E01}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A1F8B5D-8091-4AC6-8D19-30FE396D86CF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F2A17F7-6BCC-428D-A554-482B0380F3C3}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/23 00:04:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/18 11:37:49 | 003,089,056 | ---- | C] (Adobe Systems, Inc.) -- C:\Documents and Settings\Administrator\Desktop\install_flash_player.exe
[2011/08/13 16:46:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\PCHealth
[2011/08/11 20:10:43 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/08/11 19:54:39 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2008/08/26 09:17:27 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[6 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/02 12:06:07 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8ED1C37F-BA64-435D-A387-32AE8AD58BA8}.job
[2011/09/02 11:53:33 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/09/02 11:51:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/02 11:48:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/02 11:48:21 | 1063,440,384 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/01 21:44:50 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/09/01 18:27:49 | 000,009,124 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\imagesCAG6U5X0.jpg
[2011/08/18 11:38:32 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/08/18 11:37:59 | 003,089,056 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Administrator\Desktop\install_flash_player.exe
[2011/08/14 00:05:41 | 000,170,496 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/13 16:46:19 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/08/11 21:37:09 | 000,444,794 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/11 21:37:09 | 000,072,544 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/11 21:34:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/08 21:13:53 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\Administrator\default.pls

========== Files Created - No Company Name ==========

[2011/09/01 18:31:23 | 000,009,124 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\imagesCAG6U5X0.jpg
[2011/08/13 23:51:32 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/01/13 12:44:04 | 000,781,040 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/11 10:28:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/01/11 10:28:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/01/11 10:28:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/01/11 10:28:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/01/11 10:28:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/10/31 11:56:04 | 000,001,305 | ---- | C] () -- C:\WINDOWS\openhelp.ini
[2010/10/31 11:56:04 | 000,000,232 | ---- | C] () -- C:\WINDOWS\TCW.INI
[2010/10/31 11:55:21 | 000,000,200 | ---- | C] () -- C:\WINDOWS\OWL.INI
[2010/10/31 11:55:10 | 000,000,049 | ---- | C] () -- C:\WINDOWS\workshop.ini
[2010/10/23 13:18:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2010/07/22 11:25:17 | 000,027,257 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010/07/22 11:23:38 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2010/07/18 01:54:04 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/02/16 11:24:54 | 000,000,911 | ---- | C] () -- C:\WINDOWS\VIEWER.INI
[2009/02/14 19:38:05 | 000,000,013 | ---- | C] () -- C:\WINDOWS\OrgCbt.dat
[2009/02/14 19:29:06 | 000,000,015 | ---- | C] () -- C:\WINDOWS\XPHY.dat
[2009/01/26 17:24:49 | 000,000,180 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
[2008/11/08 21:32:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/10/13 19:30:07 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/10/13 19:30:07 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/10/13 19:30:06 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/10/12 12:26:07 | 000,000,282 | ---- | C] () -- C:\WINDOWS\EReg077.dat
[2008/10/12 12:20:52 | 000,125,392 | ---- | C] () -- C:\WINDOWS\bw6uinst.exe
[2008/09/27 15:18:46 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2008/09/27 15:18:23 | 000,081,920 | ---- | C] () -- C:\WINDOWS\DelCBT.exe
[2008/08/26 10:14:54 | 000,000,119 | ---- | C] () -- C:\WINDOWS\NNS.INI
[2008/08/26 09:35:29 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000001-00000000-00000001-00001102-00000002-80271102}.dat
[2008/08/26 09:35:29 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000001-00001102-00000002-80271102}.dat
[2008/08/26 09:17:58 | 000,000,128 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2008/08/26 09:17:57 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2008/08/26 09:17:56 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2008/08/26 09:17:29 | 000,179,669 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2008/08/26 09:17:29 | 000,164,044 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2008/08/26 09:17:29 | 000,113,373 | ---- | C] () -- C:\WINDOWS\System32\ctbasicw.dat
[2008/08/26 09:17:29 | 000,113,273 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2008/08/26 09:17:29 | 000,044,055 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2008/08/26 09:17:29 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2008/08/26 09:17:29 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008/08/26 09:17:28 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2008/08/26 09:17:28 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2008/08/26 09:17:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2008/08/26 09:17:28 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2008/07/12 22:53:52 | 000,001,111 | ---- | C] () -- C:\WINDOWS\EntPack.ini
[2008/07/12 22:53:52 | 000,000,445 | ---- | C] () -- C:\WINDOWS\EntPack.dat
[2008/06/09 23:40:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\Spell32.dll
[2008/04/05 21:12:46 | 000,000,185 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2008/04/01 23:26:43 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2008/02/10 11:34:43 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bfp.dat
[2008/02/08 19:09:10 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/01/29 06:34:27 | 000,000,430 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/01/27 11:45:22 | 000,168,207 | ---- | C] () -- C:\WINDOWS\System32\Unstall.exe
[2008/01/27 11:39:51 | 000,000,496 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007/12/24 18:43:50 | 000,000,056 | ---- | C] () -- C:\WINDOWS\PreAnntt.INI
[2007/12/24 11:02:04 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2007/12/18 16:50:26 | 000,000,147 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI
[2007/10/29 17:06:22 | 000,009,251 | ---- | C] () -- C:\WINDOWS\24GAMES.INI
[2007/10/28 19:12:45 | 000,401,408 | R--- | C] () -- C:\WINDOWS\713xRMT.exe
[2007/10/07 15:25:25 | 000,000,514 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2007/10/02 18:49:37 | 000,000,018 | ---- | C] () -- C:\WINDOWS\ntessl1.dat
[2007/10/01 14:43:36 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007/09/23 20:24:39 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2007/09/23 11:15:02 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/09/16 16:15:56 | 000,000,807 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/09/16 10:47:58 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2007/09/09 12:23:05 | 000,000,462 | ---- | C] () -- C:\WINDOWS\ORS.INI
[2007/08/26 20:45:15 | 000,001,030 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\.googlewebacchosts
[2007/08/26 20:05:04 | 000,044,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\EyeOneDp.sys
[2007/08/25 15:40:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/08/15 14:04:03 | 000,000,182 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/08/15 07:27:18 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\n558.sys
[2007/08/04 15:44:40 | 000,170,496 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/03 21:19:23 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2007/08/03 20:42:46 | 000,017,437 | ---- | C] () -- C:\WINDOWS\hplj1010.ini
[2007/08/03 20:24:16 | 000,003,744 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/07/26 08:23:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/06/30 23:06:15 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2007/06/30 22:49:36 | 000,352,256 | R--- | C] () -- C:\WINDOWS\713xRMTMon.exe
[2007/06/23 07:58:34 | 000,004,339 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/06/23 07:55:49 | 001,644,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/06/23 00:14:47 | 000,200,704 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll
[2007/06/23 00:09:58 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/06/23 00:09:57 | 000,018,946 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/06/23 00:09:49 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/06/23 00:06:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/06/23 00:02:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/05/11 17:27:58 | 002,107,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2007/02/20 13:59:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/02/20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/02/20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/02/20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/02/20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/02/20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/02/20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/02/20 13:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/02/20 13:59:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/02/20 12:24:46 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2006/04/14 09:14:12 | 000,014,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2005/12/09 15:37:42 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2005/10/14 17:09:48 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2005/08/16 05:18:32 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\PcHook.DLL
[2005/08/16 05:18:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lhtool.exe
[2005/08/16 05:18:19 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\UCMfg.exe
[2005/08/16 05:18:19 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ucinst32.dll
[2005/07/30 07:21:32 | 000,011,988 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2005/05/11 11:15:44 | 000,154,989 | ---- | C] () -- C:\WINDOWS\System32\libpq.dll
[2004/10/26 01:44:12 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/10/26 01:44:02 | 000,843,776 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2004/08/04 17:30:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 17:30:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 17:30:00 | 000,444,794 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 17:30:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 17:30:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 17:30:00 | 000,072,544 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 17:30:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 17:30:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 17:30:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 17:30:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 17:30:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 17:30:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/04/27 09:45:24 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\libintl-2.dll
[2003/08/29 14:46:40 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2003/01/31 18:41:30 | 000,916,849 | ---- | C] () -- C:\WINDOWS\System32\libiconv-2.dll
[1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL
[1998/05/18 00:00:00 | 000,014,017 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.INI
[1998/04/24 00:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:22 AM

Posted 02 September 2011 - 08:18 AM

Hello

I want you to run this custem OTL script for me and then let me know how things are after you finish.

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :otl
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2  
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://localhost:9100/proxy.pac
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://localhost:9100/proxy.pac
    FF - prefs.js..network.proxy.autoconfig_url: "http://localhost:9100/proxy.pac"
    :Files
    ipconfig /flushdns /c
    :Commands
    [PURITY] 
    [EMPTYTEMP]
    [EMPTYFLASH]
    [RESETHOSTS] 
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 KannanM

KannanM
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 03 September 2011 - 02:53 AM

Hi
done as instructed
here is the log

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL not found.
Prefs.js: "http://localhost:9100/proxy.pac" removed from network.proxy.autoconfig_url
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Administrator\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Administrator\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 641980 bytes
->Temporary Internet Files folder emptied: 10055066 bytes
->Java cache emptied: 3435300 bytes
->FireFox cache emptied: 596897985 bytes
->Opera cache emptied: 124263781 bytes
->Flash cache emptied: 9285 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33038 bytes

User: NetworkService
->Temp folder emptied: 10744 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: user
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7817 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 701.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: user
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.20.4 log created on 09032011_130429

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
what are the next steps

regards
kannan

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:22 AM

Posted 03 September 2011 - 02:54 PM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 KannanM

KannanM
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 05 September 2011 - 01:07 AM

Hi
i have done as insturcted
i have not done fix mbr, but i was enabled during the scan
log is attached

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-09-05 11:11:43
-----------------------------
11:11:43.484 OS Version: Windows 5.1.2600 Service Pack 3
11:11:43.484 Number of processors: 2 586 0xF02
11:11:43.484 ComputerName: RADHA UserName:
11:11:43.859 Initialize success
11:18:05.156 AVAST engine defs: 11090401
11:18:30.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
11:18:30.125 Disk 0 Vendor: ST3250310AS 3.AAA Size: 238475MB BusType: 3
11:18:32.140 Disk 0 MBR read successfully
11:18:32.140 Disk 0 MBR scan
11:18:32.203 Disk 0 Windows XP default MBR code
11:18:32.218 Disk 0 scanning sectors +488376000
11:18:32.406 Disk 0 scanning C:\WINDOWS\system32\drivers
11:18:57.296 Service scanning
11:18:58.171 Service MpKslc57df937 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{56EDA641-E95F-46B6-887C-608E635284DE}\MpKslc57df937.sys **LOCKED** 32
11:18:58.359 Service Tablet2k C:\WINDOWS\"%SystemRoot%\System32\Drivers\Tablet2k.sys" **LOCKED** 123
11:18:58.937 Modules scanning
11:19:03.109 Disk 0 trace - called modules:
11:19:03.125 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
11:19:03.125 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8754cab8]
11:19:03.125 3 CLASSPNP.SYS[f74fefd7] -> nt!IofCallDriver -> \Device\00000098[0x875059e8]
11:19:03.125 5 ACPI.sys[f7395620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8754e940]
11:19:03.656 AVAST engine scan C:\WINDOWS
11:19:32.312 AVAST engine scan C:\WINDOWS\system32
11:22:37.421 AVAST engine scan C:\WINDOWS\system32\drivers
11:23:03.578 AVAST engine scan C:\Documents and Settings\Administrator
11:31:03.578 AVAST engine scan C:\Documents and Settings\All Users
11:32:03.203 Scan finished successfully
11:34:39.937 Disk 0 MBR has been saved successfully to "D:\mr\31-03-2012\download\BrowserHijack-clean-PhaseII\MBR.dat"
11:34:40.015 The log file has been saved successfully to "D:\mr\31-03-2012\download\BrowserHijack-clean-PhaseII\20110905-aswMBR.txt"


regards
kannan

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:22 AM

Posted 05 September 2011 - 01:15 AM

Hello


that looks good


Please download maxlook, saving the file to your desktop.
Double click maxlook.exe to run it. Note - you must run it only once!

1.Restart your computer.
2.Before Windows loads, you will be prompted to choose which Operating System to start.
3.Use the up and down arrow key to select Microsoft Windows Recovery Console
4.You must enter which Windows installation to log onto. Type 1 and press 'Enter'.
5.At the C:\Windows prompt, type the following bolded entries, and press 'Enter' (note the spaces):
batch look.bat
Posted Image

You will see 1 file copied many times then return to the x:\windows> prompt.
Type Exit to restart your computer then logon in normal mode.

Click Start >> Run and then type the following in the run box

maxlook -sig

(note the space before the - sign)
It will produce looklog.txt on the desktop and open it.
Please post the results here.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users