Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No IP address, think something is wrong with IPSEC


  • This topic is locked This topic is locked
15 replies to this topic

#1 peggyr1

peggyr1

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 23 December 2011 - 04:52 AM

Love this forum, has helped me tremendously, I always fix the laptops of the guys at the office....until now....

My sons Lenovo laptop had a nasty virus so I removed it using the standard methods I have used before. I used Rkill to stop the processes, MB to remove and it looked like the virus was gone. I also tried combofix but it said something about being limited.

The wireless network connection looks great...only thing is, there is NO IP. I go to the command prompt to do the ipconfig, and I get the error, Windows IP Configuration
An internal error occurred: The request is not supported.
Please contact Microsoft Product Support Services for further help.
Additional information: Unable to query host name.

I spent an entire night (and morning) trying different solutions for repairing TCP problems thru google results, but nothing worked. I now think there is a corrupted registry key because the IPSEC key is not where it is supposed to be. There is a key called .ipsec, but it has very little in it. I do not know how to even attempt to fix it manually without some good assistance.

System restores do NOT work. Even in safe mode. I may be able to restore the system files from a Jan 2010 backup he did (Through the Lenovo recovery app) but it tells me I will have to reinstall apps which will be a nightmare. He also has a ton of data, pictures, videos, cpa class notes, etc that we would really like to keep intact.

My question is, is there a way to repair the registry without too much of a nightmare? I am very willing to edit it but I need to have confidence in what I am doing by having someone lead me through it. I hope I have done the following logs correctly, I am a newbie POSTING on this forum, but have read them and solved dozens of problems by just reading. I saw something about fix.bat but want to make sure I am instructed to do that first.

(I did the DDS stuff ok but the GMER file would only output to a .log file and when I try to attach that it tells me that's too big to attach here. If theres a way to save it to a smaller .txt file please let me know how to do it.)

Thank you!

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Run by Andrew Rubidoux at 23:37:05 on 2011-12-22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3032.2261 [GMT -8:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Lenovo\PMDriver\PMSveH.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\tcpsvcs.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.cbssports.com/mlb/scoreboard
uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\prxtbZyn2.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\prxtbZyn2.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\prxtbZyn2.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [Google Update] "c:\documents and settings\andrew rubidoux\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [PMHandler] c:\progra~1\lenovo\pmdriver\PMHandler.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [TPWAUDAP] c:\program files\lenovo\hotkey\TpWAudAp.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
mRun: [LPManager] c:\progra~1\lenovo\lenovo~2\LPMGR.exe
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatchTray10.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
StartupFolder: c:\docume~1\andrew~1\startm~1\programs\startup\mlbtvn~1.lnk - c:\documents and settings\andrew rubidoux\local settings\application data\autobahn\mlb-nexdef-autobahn.exe
StartupFolder: c:\docume~1\andrew~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\status~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxps://secure.netlinksolution.com/includes/icaweb.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - hxxp://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {707ABFC2-1D27-4A10-A6E4-6BE6BDF9FB11} - hxxp://rubidoux.is-a-geek.com:1024/UltraMJCamX.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} - hxxp://192.168.2.8/xplugLite.cab
DPF: {E1B26101-23FB-4855-9171-F79F29CC7728} - hxxp://192.168.2.30:81/UltraCamX.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - c:\program files\navnetapp\ComUtilities.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: tphotkey - c:\program files\lenovo\hotkey\tphklock.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\andrew rubidoux\application data\mozilla\firefox\profiles\y04uzr63.default\
FF - prefs.js: browser.startup.homepage - hxxp://losangeles.angels.mlb.com/index.jsp?c_id=ana
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [2006-5-24 10240]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2008-5-9 46144]
R2 FNF5SVC;Fn+F5 Service;c:\program files\lenovo\hotkey\FnF5svc.exe [2008-9-10 54560]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2008-11-24 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\lenovo\rescue and recovery\UpdateMonitor.exe [2008-5-9 360448]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-6-8 24652]
R3 easytether;easytether;c:\windows\system32\drivers\easytthr.sys [2010-7-11 10496]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2009-4-2 110080]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2008-2-22 37312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-26 136176]
S2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2008-7-21 14336]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\roxio\digital home 10\RoxioUpnpService10.exe [2008-4-25 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2008-4-25 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2008-4-25 166384]
S2 SessionLauncher;SessionLauncher;c:\docume~1\admini~1\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\admini~1\locals~1\temp\dx9\SessionLauncher.exe [?]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2011-1-4 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2011-1-4 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2011-1-4 20096]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2011-1-4 25088]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\lgandadb.sys [2011-1-4 25728]
S3 AVPsys;AVPsys;c:\windows\system32\drivers\cdaudio.sys [2001-8-17 18688]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-26 136176]
S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2009-4-2 81296]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\roxio\digital home 10\RoxioUPnPRenderer10.exe [2008-4-25 313840]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-4-25 1120752]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-7-21 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-12-22 02:30:01 219648 ----a-w- c:\windows\PEV.exe
2011-12-22 02:30:01 161792 ----a-w- c:\windows\SWREG.exe
2011-12-22 02:30:00 98816 ----a-w- c:\windows\sed.exe
2011-12-19 10:10:29 18944 -c----w- c:\windows\system32\dllcache\simptcp.dll
2011-12-19 10:10:29 18944 ------w- c:\windows\system32\simptcp.dll
2011-12-19 10:10:28 35328 -c----w- c:\windows\system32\dllcache\iprip.dll
2011-12-19 10:10:28 35328 ------w- c:\windows\system32\iprip.dll
2011-12-19 08:07:27 -------- d-----w- c:\documents and settings\all users\application data\Zeon
2011-12-19 07:26:02 -------- d-----w- C:\ERDNT
2011-12-19 07:12:01 -------- d-----w- c:\documents and settings\andrew rubidoux\application data\Zeon
.
==================== Find3M ====================
.
2011-12-19 08:17:44 361600 ------w- c:\windows\system32\drivers\tcpip.sys
2011-11-15 03:47:58 414368 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 23:37:48.93 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:09 AM

Posted 23 December 2011 - 09:14 PM

Please post the ComboFix Log(s) (located at c:\comboFix.txt)


then please run the following programs

(download to a working computer > transfer over via USB)

  • Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click Scan

  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.


NEXT


Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 peggyr1

peggyr1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 23 December 2011 - 10:29 PM

First of all...thank you so much for helping me.

ComboFix 09-07-21.05 - Andrew Rubidoux 12/21/2011 18:30.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3032.2469 [GMT -8:00]
Running from: E:\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-373381873-1170518952-2135494268-500
c:\recycler\S-1-5-21-373381873-1170518952-2135494268-500\desktop.ini
c:\recycler\S-1-5-21-373381873-1170518952-2135494268-500\INFO2
c:\windows\COUPON~1.OCX
c:\windows\CouponPrinter.ocx
c:\windows\Downloaded Program Files\popcaploader.dll
c:\windows\Downloaded Program Files\popcaploader.inf

.
((((((((((((((((((((((((( Files Created from 2011-11-22 to 2011-12-22 )))))))))))))))))))))))))))))))
.

2011-12-19 10:10 . 2008-04-14 12:00 18944 -c----w- c:\windows\system32\dllcache\simptcp.dll
2011-12-19 10:10 . 2008-04-14 12:00 18944 ------w- c:\windows\system32\simptcp.dll
2011-12-19 10:10 . 2008-04-14 12:00 35328 -c----w- c:\windows\system32\dllcache\iprip.dll
2011-12-19 10:10 . 2008-04-14 12:00 35328 ------w- c:\windows\system32\iprip.dll
2011-12-19 08:07 . 2011-12-19 08:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Zeon
2011-12-19 07:26 . 2011-12-21 09:13 -------- d-----w- C:\ERDNT
2011-12-19 07:12 . 2011-12-19 07:12 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\Zeon
2011-12-19 07:11 . 2011-12-19 07:11 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\ScanSoft
2011-12-09 03:57 . 2011-12-09 06:32 76288 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko5.dll
2011-12-09 03:57 . 2011-12-09 06:32 77312 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko6.dll
2011-12-09 03:57 . 2011-12-09 06:32 76800 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko9.dll
2011-12-09 03:57 . 2011-12-09 06:32 76800 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko8.dll
2011-12-09 03:57 . 2011-12-09 06:32 76800 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko7.dll
2011-12-09 03:57 . 2011-12-09 06:32 101376 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko19.dll
2011-11-23 00:24 . 2011-11-23 00:24 296504 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\plugins\npgoogletalk.dll
2011-11-23 00:23 . 2011-11-23 00:23 4735032 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
2011-11-22 23:45 . 2011-11-22 23:45 3734536 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\plugins\Google Talk Plugin Extras\d3dx9_36.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-21 09:24 . 2009-08-24 00:57 -------- d-----w- c:\program files\Windows Live SkyDrive
2011-12-21 09:24 . 2009-05-28 06:30 -------- d-----w- c:\program files\SystemRequirementsLab
2011-12-21 09:24 . 2009-05-31 02:43 -------- d-----r- c:\program files\Skype
2011-12-21 09:23 . 2009-06-13 18:22 -------- d-----w- c:\program files\PWUnmask
2011-12-21 09:23 . 2009-08-24 02:39 -------- d-----w- c:\program files\Microsoft Works
2011-12-21 09:23 . 2009-04-02 22:28 -------- d-----w- c:\program files\Lenovo Registration
2011-12-21 09:22 . 2009-08-24 02:27 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller
2011-12-21 09:22 . 2009-04-02 22:25 -------- d-----w- c:\program files\Common Files\SureThing Shared
2011-12-21 09:22 . 2009-04-02 22:25 -------- d-----w- c:\program files\Common Files\Sonic Shared
2011-12-21 09:22 . 2009-12-31 23:02 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2011-12-21 09:22 . 2009-05-31 02:43 -------- d-----w- c:\program files\Common Files\Skype
2011-12-21 09:21 . 2009-04-02 22:11 -------- d-----w- c:\program files\Apoint2K
2011-12-21 09:15 . 2010-03-06 05:06 -------- d-----w- c:\program files\Zynga
2011-12-21 09:15 . 2009-04-02 22:09 -------- d-----w- c:\program files\Windows Media Connect 2
2011-12-21 09:15 . 2011-03-18 15:03 -------- d-----w- c:\program files\Windows Desktop Search
2011-12-21 09:15 . 2010-07-24 20:06 -------- d-----w- c:\program files\WileyCPA
2011-12-21 09:15 . 2011-02-24 03:05 -------- d-----w- c:\program files\TimeLeft3
2011-12-21 09:15 . 2010-11-09 03:33 -------- d-----w- c:\program files\Rhapsody
2011-12-21 09:15 . 2010-07-07 04:47 -------- d-----w- c:\program files\Power Mp3 Recorder Cutter
2011-12-21 09:15 . 2011-07-22 14:02 -------- d-----w- c:\program files\Password Recovery Pro Demo
2011-12-21 09:14 . 2010-03-08 06:59 -------- d-----w- c:\program files\Microsoft Silverlight
2011-12-21 09:14 . 2010-01-09 04:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-21 09:14 . 2010-04-27 02:53 -------- d-----w- c:\program files\Look@LAN
2011-12-21 09:14 . 2011-04-28 03:09 -------- d-----w- c:\program files\FileZilla FTP Client
2011-12-21 09:14 . 2011-02-24 03:09 -------- d-----w- c:\program files\CountDown
2011-12-21 09:14 . 2010-11-15 04:54 -------- d-----w- c:\program files\Coupons
2011-12-21 09:14 . 2010-07-07 04:49 -------- d-----w- c:\program files\Easy MP3 Cutter
2011-12-21 09:14 . 2010-04-09 06:27 -------- d-----w- c:\program files\CountDown!
2011-12-21 09:14 . 2011-05-18 06:40 -------- d-----w- c:\program files\Common Files\Software Update Utility
2011-12-21 09:14 . 2010-12-31 02:06 -------- d-----w- c:\program files\AIM
2011-12-21 09:12 . 2011-03-18 15:04 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\Windows Desktop Search
2011-12-21 09:12 . 2009-05-28 06:30 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\SystemRequirementsLab
2011-12-21 09:12 . 2009-05-31 02:44 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\Skype
2011-12-21 09:12 . 2010-07-07 04:47 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\Power Mp3 Cutter
2011-12-21 09:12 . 2010-01-29 06:36 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\PC-FAX TX
2011-12-21 09:12 . 2010-02-01 03:07 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\ICAClient
2011-12-21 09:12 . 2010-05-01 06:24 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\Facebook
2011-12-21 09:12 . 2010-04-20 16:35 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\E-centives
2011-12-21 09:12 . 2010-07-24 19:55 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{6772A430-494E-4FEF-85DB-1617E4DDC579}
2011-12-21 09:12 . 2009-04-02 22:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2011-12-21 09:12 . 2011-01-05 01:45 -------- d-----w- c:\documents and settings\All Users\Application Data\LGMOBILEAX
2011-12-19 08:17 . 2008-07-21 22:50 361600 ------w- c:\windows\system32\drivers\tcpip.sys
2011-11-16 03:40 . 2010-04-27 05:55 -------- d-----w- c:\program files\Google
2011-11-28 05:17 . 2011-04-16 20:01 134104 ------w- c:\program files\mozilla firefox\components\browsercomps.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\prxtbZyn2.dll" [2011-05-09 176936]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
2011-05-09 09:49 176936 ------w- c:\program files\Zynga\prxtbZyn2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\prxtbZyn2.dll" [2011-05-09 176936]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7B13EC3E-999A-4B70-B9CB-2617B8323822}"= "c:\program files\Zynga\prxtbZyn2.dll" [2011-05-09 176936]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-17 3872080]
"Google Update"="c:\documents and settings\Andrew Rubidoux\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2011-06-03 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2008-09-23 83240]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2008-03-11 54560]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-10-17 1368064]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-11-24 487424]
"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-04-26 120368]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2008-04-25 244208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-25 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-25 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-25 136192]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 49152]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-10 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-10 46368]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-27 413696]

c:\documents and settings\Andrew Rubidoux\Start Menu\Programs\Startup\
MLB.TV NexDef Plug-in.lnk - c:\documents and settings\Andrew Rubidoux\Local Settings\Application Data\Autobahn\mlb-nexdef-autobahn.exe [2011-3-16 15502336]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2009-12-31 1150976]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2008-08-08 10:14 28672 ------w- c:\program files\Lenovo\HOTKEY\tphklock.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [5/24/2006 11:48 AM 10240]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [5/9/2008 5:50 PM 46144]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [1/11/2008 5:50 PM 30312]
R2 FNF5SVC;Fn+F5 Service;c:\program files\Lenovo\HOTKEY\FnF5svc.exe [9/10/2008 10:49 PM 54560]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [11/24/2008 3:34 PM 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [5/9/2008 5:50 PM 360448]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/8/2009 4:18 PM 24652]
R3 easytether;easytether;c:\windows\system32\drivers\easytthr.sys [7/11/2010 12:19 PM 10496]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [4/2/2009 2:18 PM 110080]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [4/2/2009 2:13 PM 81296]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2/22/2008 3:54 PM 37312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/26/2010 9:55 PM 136176]
S2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [7/21/2008 2:50 PM 14336]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\Roxio\Digital Home 10\RoxioUpnpService10.exe [4/25/2008 8:18 AM 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [4/25/2008 8:16 AM 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [4/25/2008 8:15 AM 166384]
S2 SessionLauncher;SessionLauncher;c:\docume~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe [?]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [1/4/2011 5:51 PM 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [1/4/2011 5:51 PM 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [1/4/2011 5:51 PM 20096]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [1/4/2011 5:51 PM 25088]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\lgandadb.sys [1/4/2011 5:51 PM 25728]
S3 AVPsys;AVPsys;c:\windows\system32\drivers\cdaudio.sys [8/17/2001 5:52 AM 18688]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/26/2010 9:55 PM 136176]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [12/10/2010 7:29 PM 29293408]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [4/25/2008 8:18 AM 313840]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [4/25/2008 8:15 AM 1120752]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [7/21/2008 2:50 PM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b2dd3306-4afb-11de-b80c-0022fa94a318}]
\Shell\AutoRun\command - E:\w9hw8.exe
\Shell\open\Command - E:\w9hw8.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2011-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-27 05:55]

2011-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-27 05:55]

2011-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1304309932-1563542103-2976120065-1008Core.job
- c:\documents and settings\Andrew Rubidoux\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-29 23:15]

2011-12-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1304309932-1563542103-2976120065-1008UA.job
- c:\documents and settings\Andrew Rubidoux\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-29 23:15]

2011-12-19 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PCDR5\pcdr5cuiw32.exe [2008-12-12 23:32]

2011-12-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1304309932-1563542103-2976120065-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 19:33]

2011-12-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1304309932-1563542103-2976120065-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 19:33]
.
- - - - ORPHANS REMOVED - - - -

Notify-TPSvc - TPSvc.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.cbssports.com/mlb/scoreboard
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - c:\program files\NavNetApp\ComUtilities.dll
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - hxxp://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
DPF: {707ABFC2-1D27-4A10-A6E4-6BE6BDF9FB11} - hxxp://rubidoux.is-a-geek.com:1024/UltraMJCamX.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} - hxxp://192.168.2.8/xplugLite.cab
DPF: {E1B26101-23FB-4855-9171-F79F29CC7728} - hxxp://192.168.2.30:81/UltraCamX.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FF - ProfilePath - c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\
FF - prefs.js: browser.startup.homepage - hxxp://losangeles.angels.mlb.com/index.jsp?c_id=ana
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\program files\Mozilla Firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\Andrew Rubidoux\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\Andrew Rubidoux\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-21 18:33
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\$NtUninstallKB22193$:SummaryInformation 0 bytes hidden from API

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.ipsec]
"ImagePath"="\*"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1304309932-1563542103-2976120065-1008\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5C4D2EC1-E2D9-FFFC-A8F0-336713882354}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iagpdgifojaohbdokh"=hex:69,61,66,69,69,68,63,6c,62,70,66,69,68,6c,6c,62,67,62,
00,00
"haaonhnmnighdbkf"=hex:69,61,66,69,69,68,63,6c,62,70,66,69,68,6c,6c,62,67,62,
00,00

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(528)
c:\program files\Lenovo\HOTKEY\tphklock.dll
c:\windows\system32\netprovcredman.dll
c:\windows\system32\igfxdev.dll
.
Completion time: 2011-12-22 18:37
ComboFix-quarantined-files.txt 2011-12-22 02:37

Pre-Run: 10,371,104,768 bytes free
Post-Run: 11,199,873,024 bytes free

293 --- E O F --- 2011-03-24 15:49

#4 peggyr1

peggyr1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 23 December 2011 - 10:35 PM

aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2011-12-23 19:18:01
-----------------------------
19:18:01.375 OS Version: Windows 5.1.2600 Service Pack 3
19:18:01.375 Number of processors: 2 586 0x170A
19:18:01.375 ComputerName: ANDREWS1 UserName:
19:18:02.140 Initialize success
19:18:38.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:18:38.984 Disk 0 Vendor: ST925082 3.AA Size: 238475MB BusType: 3
19:18:39.171 Disk 0 MBR read successfully
19:18:39.203 Disk 0 MBR scan
19:18:39.203 Disk 0 unknown MBR code
19:18:39.281 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 234376 MB offset 2048
19:18:39.375 Disk 0 Partition 2 00 12 Compaq diag MSDOS5.0 4097 MB offset 480004096
19:18:39.468 Disk 0 scanning sectors +488394752
19:18:39.812 Disk 0 scanning C:\WINDOWS\system32\drivers
19:19:12.234 Service scanning
19:19:12.484 Service .ipsec \* **LOCKED** 123
19:19:13.171 Modules scanning
19:19:46.593 Disk 0 trace - called modules:
19:19:46.609 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:19:46.625 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad43030]
19:19:46.625 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8ac8e028]
19:19:46.625 Scan finished successfully
19:21:54.671 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Andrew Rubidoux\Desktop\MBR.dat"
19:21:54.687 The log file has been saved successfully to "C:\Documents and Settings\Andrew Rubidoux\Desktop\aswMBR.txt"



~~~~~~~~~~~~~~~~~~~~~~~~~~~


lastly, the fss.txt file....

Farbar Service Scanner
Ran by Andrew Rubidoux (administrator) on 23-12-2011 at 19:24:00
Microsoft Windows XP Professional Service Pack 3 (X86)
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.

IpSec Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open IpSec registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open IpSec registry key. The service key does not exist.


Connection Status:
==============
Localhost is blocked.
There is no connection to network.
Attempt to access Google IP returned error: Other errors
Attempt to access Yahoo IP returend error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2008-07-21 14:49] - [2008-10-16 06:43] - 0138496 ____N (Microsoft Corporation) 7618D5218F2A614672EC61A80D854A37

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) NetBT(5) PSched(7) Tcpip(3) Tcpip6(9)
0x080000000400000001000000020000000300000005000000060000000700000009000000

**** End of log ****

Attached Files

  • Attached File  MBR.zip   494bytes   0 downloads


#5 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:09 AM

Posted 23 December 2011 - 10:41 PM

Hi

Please re-run Farbar Service Scanner

type the following into the search box

.ipsec
ipsec


now press the Export Service button

post the resulting log

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#6 peggyr1

peggyr1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 23 December 2011 - 11:06 PM

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\.ipsec]
"Type"=dword:00000001
"Start"=dword:00000003
"ImagePath"="\\*"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ipsec]
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ipsec\0000]
"Service"="IPSec"
"Legacy"=dword:00000001
"ConfigFlags"=dword:00000000
"Class"="LegacyDriver"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"DeviceDesc"="IPSEC driver"
"Capabilities"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ipsec\0000\LogConf]

#7 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:09 AM

Posted 23 December 2011 - 11:32 PM

Hi

Please do the following:

Go to > Start > run > copy/paste the following command into the run box > OK

swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Enum\Root" /E /GE:F

Now do the following:



Click WinKey + R to open a run box > type notepad into the open run box > OK > this will open Notepad

Click Format and make certain that Word Wrap is NOT checked.

Copy/Paste the text inside of the code box into the open Notepad


Reg fix edited as it was designed specifically for this user

Now go to File > and click Save As,
From the drop down menu at the top of the box choose Desktop as the location to save this file.
Go down to the File Name box and type in fixme.reg as the file name, then choose All Files as the save as file type.
Then click the save button.

Once you have clicked the save button, close Notepad.

You should now see a file on your desktop that looks like this:

Posted Image

Locate the fixme.reg icon on your desktop and double click it, an information box will pop up asking if you want to merge the information in the file into the registry, click YES.

Once the file has run, the information will have merged with your registry so you can delete fixme.reg from your desktop as you won't be needing it any more.



Now do the following:


Go to > Start > run > copy/paste the following command into the run box > OK

swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Enum\Root" /E /RE:F


reboot and see if you now connect

if you can > re-run ComboFix > allow it to update if it requests to do so

post the resulting log


If still unable to connect > re-run Farbar Service scanner, then run the following


Please download Load Order and save it to your desktop.

  • Unzip Load Order > extract the program to your Desktop
  • Double click on the Load Order icon to run it
  • click on the copy button on the bottom right of the window, a copy of the log will be saved to your clipboard
  • Now open Notepad > right click anywhere in Notepad and select paste
  • The contents of the clipboard will now be pasted into Notepad
  • Please post the contents of Notepad into your next reply

Edited by CatByte, 25 December 2011 - 12:43 PM.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#8 peggyr1

peggyr1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 24 December 2011 - 12:42 AM

Okay did all the above, but still cannot get the ip address. Still get that same result when I type ipconfig at the command prompt.
I do have a question...you state to "copy/paste the following command into the run box > OK" which I don't quite understand. I went ahead and put the commands you had into the run box and not onto a command prompt window. I hope that was what you wanted. I didn't see anything about typing "CMD" to get to a command prompt, so I hope typing those commands into the small run box was right.

Here is the last combofix log...

ComboFix 09-07-21.05 - Andrew Rubidoux 12/23/2011 21:11.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3032.2437 [GMT -8:00]
Running from: F:\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((( Files Created from 2011-11-24 to 2011-12-24 )))))))))))))))))))))))))))))))
.

2011-12-19 10:10 . 2008-04-14 12:00 18944 -c----w- c:\windows\system32\dllcache\simptcp.dll
2011-12-19 10:10 . 2008-04-14 12:00 18944 ------w- c:\windows\system32\simptcp.dll
2011-12-19 10:10 . 2008-04-14 12:00 35328 -c----w- c:\windows\system32\dllcache\iprip.dll
2011-12-19 10:10 . 2008-04-14 12:00 35328 ------w- c:\windows\system32\iprip.dll
2011-12-19 08:07 . 2011-12-19 08:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Zeon
2011-12-19 07:26 . 2011-12-21 09:13 -------- d-----w- C:\ERDNT
2011-12-19 07:12 . 2011-12-19 07:12 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\Zeon
2011-12-19 07:11 . 2011-12-19 07:11 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\ScanSoft
2011-12-09 03:57 . 2011-12-09 06:32 76288 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko5.dll
2011-12-09 03:57 . 2011-12-09 06:32 77312 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko6.dll
2011-12-09 03:57 . 2011-12-09 06:32 76800 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko9.dll
2011-12-09 03:57 . 2011-12-09 06:32 76800 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko8.dll
2011-12-09 03:57 . 2011-12-09 06:32 76800 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko7.dll
2011-12-09 03:57 . 2011-12-09 06:32 101376 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko19.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-21 09:24 . 2009-08-24 00:57 -------- d-----w- c:\program files\Windows Live SkyDrive
2011-12-21 09:24 . 2009-05-28 06:30 -------- d-----w- c:\program files\SystemRequirementsLab
2011-12-21 09:24 . 2009-05-31 02:43 -------- d-----r- c:\program files\Skype
2011-12-21 09:23 . 2009-06-13 18:22 -------- d-----w- c:\program files\PWUnmask
2011-12-21 09:23 . 2009-08-24 02:39 -------- d-----w- c:\program files\Microsoft Works
2011-12-21 09:23 . 2009-04-02 22:28 -------- d-----w- c:\program files\Lenovo Registration
2011-12-21 09:22 . 2009-08-24 02:27 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller
2011-12-21 09:22 . 2009-04-02 22:25 -------- d-----w- c:\program files\Common Files\SureThing Shared
2011-12-21 09:22 . 2009-04-02 22:25 -------- d-----w- c:\program files\Common Files\Sonic Shared
2011-12-21 09:22 . 2009-12-31 23:02 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2011-12-21 09:22 . 2009-05-31 02:43 -------- d-----w- c:\program files\Common Files\Skype
2011-12-21 09:21 . 2009-04-02 22:11 -------- d-----w- c:\program files\Apoint2K
2011-12-21 09:15 . 2010-03-06 05:06 -------- d-----w- c:\program files\Zynga
2011-12-21 09:15 . 2009-04-02 22:09 -------- d-----w- c:\program files\Windows Media Connect 2
2011-12-21 09:15 . 2011-03-18 15:03 -------- d-----w- c:\program files\Windows Desktop Search
2011-12-21 09:15 . 2010-07-24 20:06 -------- d-----w- c:\program files\WileyCPA
2011-12-21 09:15 . 2011-02-24 03:05 -------- d-----w- c:\program files\TimeLeft3
2011-12-21 09:15 . 2010-11-09 03:33 -------- d-----w- c:\program files\Rhapsody
2011-12-21 09:15 . 2010-07-07 04:47 -------- d-----w- c:\program files\Power Mp3 Recorder Cutter
2011-12-21 09:15 . 2011-07-22 14:02 -------- d-----w- c:\program files\Password Recovery Pro Demo
2011-12-21 09:14 . 2010-03-08 06:59 -------- d-----w- c:\program files\Microsoft Silverlight
2011-12-21 09:14 . 2010-01-09 04:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-21 09:14 . 2010-04-27 02:53 -------- d-----w- c:\program files\Look@LAN
2011-12-21 09:14 . 2011-04-28 03:09 -------- d-----w- c:\program files\FileZilla FTP Client
2011-12-21 09:14 . 2011-02-24 03:09 -------- d-----w- c:\program files\CountDown
2011-12-21 09:14 . 2010-11-15 04:54 -------- d-----w- c:\program files\Coupons
2011-12-21 09:14 . 2010-07-07 04:49 -------- d-----w- c:\program files\Easy MP3 Cutter
2011-12-21 09:14 . 2010-04-09 06:27 -------- d-----w- c:\program files\CountDown!
2011-12-21 09:14 . 2011-05-18 06:40 -------- d-----w- c:\program files\Common Files\Software Update Utility
2011-12-21 09:14 . 2010-12-31 02:06 -------- d-----w- c:\program files\AIM
2011-12-21 09:12 . 2011-03-18 15:04 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\Windows Desktop Search
2011-12-21 09:12 . 2009-05-28 06:30 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\SystemRequirementsLab
2011-12-21 09:12 . 2009-05-31 02:44 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\Skype
2011-12-21 09:12 . 2010-07-07 04:47 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\Power Mp3 Cutter
2011-12-21 09:12 . 2010-01-29 06:36 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\PC-FAX TX
2011-12-21 09:12 . 2010-02-01 03:07 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\ICAClient
2011-12-21 09:12 . 2010-05-01 06:24 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\Facebook
2011-12-21 09:12 . 2010-04-20 16:35 -------- d-----w- c:\documents and settings\Andrew Rubidoux\Application Data\E-centives
2011-12-21 09:12 . 2010-07-24 19:55 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{6772A430-494E-4FEF-85DB-1617E4DDC579}
2011-12-21 09:12 . 2009-04-02 22:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2011-12-21 09:12 . 2011-01-05 01:45 -------- d-----w- c:\documents and settings\All Users\Application Data\LGMOBILEAX
2011-12-19 08:17 . 2008-07-21 22:50 361600 ------w- c:\windows\system32\drivers\tcpip.sys
2011-11-23 00:24 . 2011-11-23 00:24 296504 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\plugins\npgoogletalk.dll
2011-11-23 00:23 . 2011-11-23 00:23 4735032 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
2011-11-22 23:45 . 2011-11-22 23:45 3734536 ------w- c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\plugins\Google Talk Plugin Extras\d3dx9_36.dll
2011-11-16 03:40 . 2010-04-27 05:55 -------- d-----w- c:\program files\Google
2011-11-28 05:17 . 2011-04-16 20:01 134104 ------w- c:\program files\mozilla firefox\components\browsercomps.dll
.

((((((((((((((((((((((((((((( SnapShot@2011-12-22_02.33.51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-24 05:02 . 2011-12-24 05:02 16384 c:\windows\Temp\Perflib_Perfdata_8e8.dat
+ 2008-07-21 21:59 . 2008-04-14 12:00 11776 c:\windows\system32\dllcache\xolehlp.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 91648 c:\windows\system32\dllcache\xactsrv.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 50688 c:\windows\system32\dllcache\wstdecod.dll
+ 2009-04-02 22:07 . 2008-04-14 08:16 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 11264 c:\windows\system32\dllcache\wshrm.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 11776 c:\windows\system32\dllcache\wshisn.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 36864 c:\windows\system32\dllcache\wshcon.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 13824 c:\windows\system32\dllcache\wowfaxui.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 52224 c:\windows\system32\dllcache\wmitimep.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 55808 c:\windows\system32\dllcache\wmiscmgr.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 41472 c:\windows\system32\dllcache\wmipsess.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\wmiprop.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 62464 c:\windows\system32\dllcache\wmipjobj.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 61952 c:\windows\system32\dllcache\wmipiprt.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 75264 c:\windows\system32\dllcache\wmipicmp.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 61440 c:\windows\system32\dllcache\wmimsg.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 60928 c:\windows\system32\dllcache\wmicookr.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 88576 c:\windows\system32\dllcache\wmiaprpl.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 45568 c:\windows\system32\dllcache\wmi2xml.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 51200 c:\windows\system32\dllcache\wmerrenu.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 25088 c:\windows\system32\dllcache\wisc10.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 17408 c:\windows\system32\dllcache\winshfhc.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\winmgmtr.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 13312 c:\windows\system32\dllcache\win87em.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 75776 c:\windows\system32\dllcache\wiascr.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 13600 c:\windows\system32\dllcache\wfwnet.drv
+ 2008-07-21 22:50 . 2008-04-14 12:00 40448 c:\windows\system32\dllcache\webhits.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 43008 c:\windows\system32\dllcache\wbemperf.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 12288 c:\windows\system32\dllcache\wbemads.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 12288 c:\windows\system32\dllcache\wb32.exe
+ 2008-07-21 22:00 . 2008-04-14 12:00 30208 c:\windows\system32\dllcache\wabmig.exe
+ 2008-07-21 22:00 . 2008-04-14 12:00 85504 c:\windows\system32\dllcache\wabimp.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 32768 c:\windows\system32\dllcache\wabfind.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 15872 c:\windows\system32\dllcache\w3ssl.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 22016 c:\windows\system32\dllcache\w32topl.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\vwipxspx.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 16896 c:\windows\system32\dllcache\vss_ps.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\vmmreg32.dll
+ 2008-07-21 23:57 . 2008-04-14 07:06 42240 c:\windows\system32\dllcache\viaagp.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 18176 c:\windows\system32\dllcache\vga64k.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 51456 c:\windows\system32\dllcache\vga256.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\verifier.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 51712 c:\windows\system32\dllcache\vdmredir.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 30749 c:\windows\system32\dllcache\vbajet32.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 49211 c:\windows\system32\dllcache\usrvpa.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 45116 c:\windows\system32\dllcache\usrvoica.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 49209 c:\windows\system32\dllcache\usrv80a.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 41019 c:\windows\system32\dllcache\usrsvpia.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 49211 c:\windows\system32\dllcache\usrsdpia.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 77883 c:\windows\system32\dllcache\usrrtosa.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 53305 c:\windows\system32\dllcache\usrlbva.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 86073 c:\windows\system32\dllcache\usrfaxa.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 77890 c:\windows\system32\dllcache\usrdpa.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 69699 c:\windows\system32\dllcache\usrcoina.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 61500 c:\windows\system32\dllcache\usrcntra.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 17920 c:\windows\system32\dllcache\ureg.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 13312 c:\windows\system32\dllcache\umdmxfrm.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 35840 c:\windows\system32\dllcache\umandlg.dll
+ 2008-07-22 00:05 . 2001-08-17 20:52 36736 c:\windows\system32\dllcache\ultra.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 82432 c:\windows\system32\dllcache\ufat.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\udhisapi.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 50688 c:\windows\system32\dllcache\twain_32.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 94784 c:\windows\system32\dllcache\twain.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 50688 c:\windows\system32\dllcache\tspkg.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 53248 c:\windows\system32\dllcache\tsgqec.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 12168 c:\windows\system32\dllcache\tsddd.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 15360 c:\windows\system32\dllcache\tsd32.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 52224 c:\windows\system32\dllcache\tsappcmp.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 59904 c:\windows\system32\dllcache\trnsprov.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 40960 c:\windows\system32\dllcache\trialoc.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 31232 c:\windows\system32\dllcache\traffic.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 13888 c:\windows\system32\dllcache\toolhelp.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 61952 c:\windows\system32\dllcache\tmplprov.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 45568 c:\windows\system32\dllcache\tcpmonui.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 78848 c:\windows\system32\dllcache\tapiui.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 19200 c:\windows\system32\dllcache\tapi.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 33792 c:\windows\system32\dllcache\tabletoc.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 15872 c:\windows\system32\dllcache\sysinv.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 57856 c:\windows\system32\dllcache\synceng.dll
+ 2008-07-22 00:01 . 2001-08-17 21:07 32640 c:\windows\system32\dllcache\symc8xx.sys
+ 2008-07-22 00:02 . 2001-08-17 21:07 16256 c:\windows\system32\dllcache\symc810.sys
+ 2008-07-22 00:01 . 2001-08-17 21:07 30688 c:\windows\system32\dllcache\sym_u3.sys
+ 2008-07-22 00:00 . 2001-08-17 21:07 28384 c:\windows\system32\dllcache\sym_hi.sys
+ 2009-04-02 22:07 . 2008-04-14 08:16 15232 c:\windows\system32\dllcache\streamip.sys
+ 2008-07-21 14:55 . 2008-04-14 12:42 74752 c:\windows\system32\dllcache\storprop.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 86528 c:\windows\system32\dllcache\stdprov.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 59392 c:\windows\system32\dllcache\stclient.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 33280 c:\windows\system32\dllcache\sstub.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\ssmyst.scr
+ 2008-07-21 22:50 . 2008-04-14 12:00 47104 c:\windows\system32\dllcache\ssmypics.scr
+ 2008-07-21 22:50 . 2008-04-14 12:00 20992 c:\windows\system32\dllcache\ssmarque.scr
+ 2008-07-21 22:50 . 2008-04-14 12:00 19968 c:\windows\system32\dllcache\ssbezier.scr
+ 2008-07-21 22:01 . 2008-04-14 12:00 58434 c:\windows\system32\dllcache\srchctls.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 24661 c:\windows\system32\dllcache\spxcoins.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 72192 c:\windows\system32\dllcache\sprio800.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 70656 c:\windows\system32\dllcache\sprio600.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 69632 c:\windows\system32\dllcache\spnike.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 62976 c:\windows\system32\dllcache\spgrmr.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 61440 c:\windows\system32\dllcache\spcplui.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 77824 c:\windows\system32\dllcache\spcommon.dll
+ 2008-07-21 23:57 . 2001-08-17 21:07 19072 c:\windows\system32\dllcache\sparrow.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 34816 c:\windows\system32\dllcache\sniffpol.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 40960 c:\windows\system32\dllcache\smtpcons.dll
+ 2009-04-02 22:07 . 2008-04-14 08:16 11136 c:\windows\system32\dllcache\slip.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 14848 c:\windows\system32\dllcache\slbrccsp.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 98304 c:\windows\system32\dllcache\slbiop.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 25088 c:\windows\system32\dllcache\slayerxp.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 13824 c:\windows\system32\dllcache\sisbkup.dll
+ 2008-07-21 23:55 . 2008-04-14 07:06 40960 c:\windows\system32\dllcache\sisagp.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 13312 c:\windows\system32\dllcache\sigtab.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 27648 c:\windows\system32\dllcache\shscrap.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\sfmapi.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 73216 c:\windows\system32\dllcache\setup50.exe
+ 2008-07-21 22:50 . 2008-04-14 12:00 14848 c:\windows\system32\dllcache\serwvdrv.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 56320 c:\windows\system32\dllcache\servdeps.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 14336 c:\windows\system32\dllcache\serialui.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 13824 c:\windows\system32\dllcache\senscfg.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 54784 c:\windows\system32\dllcache\sendmail.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 29184 c:\windows\system32\dllcache\sendcmsg.dll
+ 2008-04-14 05:42 . 2008-04-14 12:00 29184 c:\windows\system32\dllcache\sdhcinst.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 10240 c:\windows\system32\dllcache\scriptpw.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\scredir.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 69632 c:\windows\system32\dllcache\scarddlg.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 36864 c:\windows\system32\dllcache\sapisvr.exe
+ 2008-07-21 22:00 . 2008-04-14 12:00 45568 c:\windows\system32\dllcache\safrslv.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 29696 c:\windows\system32\dllcache\safrdm.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 43520 c:\windows\system32\dllcache\safrcdlg.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 98304 c:\windows\system32\dllcache\rtm.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 31744 c:\windows\system32\dllcache\rtipxmib.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 92672 c:\windows\system32\dllcache\rsvpsp.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\rsvpmsg.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\rsmps.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 28672 c:\windows\system32\dllcache\rsfsaps.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 61440 c:\windows\system32\dllcache\rrcm.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 22016 c:\windows\system32\dllcache\rpcns4.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 60416 c:\windows\system32\dllcache\remotepg.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 87176 c:\windows\system32\dllcache\rdpwsx.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 19968 c:\windows\system32\dllcache\rdpsnd.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 92424 c:\windows\system32\dllcache\rdpdd.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 12800 c:\windows\system32\dllcache\rasser.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\rassapi.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\rasrad.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 22528 c:\windows\system32\dllcache\rasmxs.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 11776 c:\windows\system32\dllcache\rasctrs.dll
+ 2008-07-22 00:02 . 2001-08-17 20:52 49024 c:\windows\system32\dllcache\ql1280.sys
+ 2008-07-22 00:02 . 2001-08-17 20:52 40448 c:\windows\system32\dllcache\ql1240.sys
+ 2008-07-22 00:02 . 2001-08-17 20:52 45312 c:\windows\system32\dllcache\ql12160.sys
+ 2008-07-22 00:02 . 2001-08-17 20:52 33152 c:\windows\system32\dllcache\ql10wnt.sys
+ 2008-07-22 00:02 . 2001-08-17 20:52 40320 c:\windows\system32\dllcache\ql1080.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 62464 c:\windows\system32\dllcache\qcliprov.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 10752 c:\windows\system32\dllcache\pschdprf.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 15860 c:\windows\system32\dllcache\prnqctl.vbs
+ 2008-07-21 22:50 . 2008-04-14 12:00 29454 c:\windows\system32\dllcache\prnport.vbs
+ 2008-07-21 22:50 . 2008-04-14 12:00 32546 c:\windows\system32\dllcache\prnmngr.vbs
+ 2008-07-21 22:50 . 2008-04-14 12:00 21527 c:\windows\system32\dllcache\prnjobs.vbs
+ 2008-07-21 22:50 . 2008-04-14 12:00 25415 c:\windows\system32\dllcache\prndrvr.vbs
+ 2008-07-21 22:50 . 2008-04-14 12:00 35755 c:\windows\system32\dllcache\prncnfg.vbs
+ 2008-07-21 22:50 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\prflbmsg.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 92672 c:\windows\system32\dllcache\policman.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 46592 c:\windows\system32\dllcache\pmspl.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 30720 c:\windows\system32\dllcache\plustab.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 35328 c:\windows\system32\dllcache\pifmgr.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 24064 c:\windows\system32\dllcache\pidgen.dll
+ 2008-04-14 05:42 . 2008-04-14 12:00 35328 c:\windows\system32\dllcache\pid.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 12288 c:\windows\system32\dllcache\perfts.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 17920 c:\windows\system32\dllcache\perfnet.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 39936 c:\windows\system32\dllcache\perfctrs.dll
+ 2008-07-22 00:00 . 2001-08-17 21:07 27296 c:\windows\system32\dllcache\perc2.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 67584 c:\windows\system32\dllcache\pautoenr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 10240 c:\windows\system32\dllcache\panmap.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 24064 c:\windows\system32\dllcache\olesvr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 82944 c:\windows\system32\dllcache\olecli.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 39744 c:\windows\system32\dllcache\ole2.dll
+ 2008-04-14 00:16 . 2008-04-14 12:00 61696 c:\windows\system32\dllcache\ohci1394.sys
+ 2008-07-21 22:00 . 2008-04-14 12:00 35328 c:\windows\system32\dllcache\oemiglib.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 60416 c:\windows\system32\dllcache\oemig50.exe
+ 2008-07-21 22:50 . 2008-04-14 12:00 20511 c:\windows\system32\dllcache\odtext32.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 20510 c:\windows\system32\dllcache\odpdx32.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 20510 c:\windows\system32\dllcache\odfox32.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 20510 c:\windows\system32\dllcache\odexl32.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 20511 c:\windows\system32\dllcache\oddbse32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 12288 c:\windows\system32\dllcache\odbcp32r.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 65536 c:\windows\system32\dllcache\odbccu32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 65536 c:\windows\system32\dllcache\odbccr32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\odbc32gt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 26224 c:\windows\system32\dllcache\odbc16gt.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 17408 c:\windows\system32\dllcache\ocmsn.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 67584 c:\windows\system32\dllcache\ocmanage.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 15360 c:\windows\system32\dllcache\ocgen.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 65536 c:\windows\system32\dllcache\nwwks.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 20480 c:\windows\system32\dllcache\nwcfg.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 64000 c:\windows\system32\dllcache\nwapi32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 17408 c:\windows\system32\dllcache\nwapi16.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 15360 c:\windows\system32\dllcache\ntvdmd.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 91136 c:\windows\system32\dllcache\ntprint.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 62976 c:\windows\system32\dllcache\ntoc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 36864 c:\windows\system32\dllcache\ntmsevt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 40960 c:\windows\system32\dllcache\ntmsapi.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 14336 c:\windows\system32\dllcache\ntlanui2.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 57856 c:\windows\system32\dllcache\ntlanui.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 34560 c:\windows\system32\dllcache\ntio804.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 35424 c:\windows\system32\dllcache\ntio412.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 35648 c:\windows\system32\dllcache\ntio411.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 34560 c:\windows\system32\dllcache\ntio404.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 33840 c:\windows\system32\dllcache\ntio.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 26112 c:\windows\system32\dllcache\ntdsbcli.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 29146 c:\windows\system32\dllcache\ntdos804.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 29274 c:\windows\system32\dllcache\ntdos412.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 29370 c:\windows\system32\dllcache\ntdos411.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 29146 c:\windows\system32\dllcache\ntdos404.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 27866 c:\windows\system32\dllcache\ntdos.sys
+ 2008-07-21 22:01 . 2008-04-14 12:00 10240 c:\windows\system32\dllcache\npwmsdrm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 54784 c:\windows\system32\dllcache\npptools.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 28672 c:\windows\system32\dllcache\nmmkcert.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 12288 c:\windows\system32\dllcache\nmevtmsg.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 77824 c:\windows\system32\dllcache\nmcom.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 81920 c:\windows\system32\dllcache\nmchat.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 28672 c:\windows\system32\dllcache\nmasnt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 77312 c:\windows\system32\dllcache\netoc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 57344 c:\windows\system32\dllcache\ndisnpp.dll
+ 2009-04-02 22:07 . 2008-04-14 08:16 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\nddenb32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 35840 c:\windows\system32\dllcache\narrhook.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 30208 c:\windows\system32\dllcache\napipsec.dll
+ 2009-04-02 22:07 . 2008-04-14 08:16 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 90112 c:\windows\system32\dllcache\mycomput.dll
+ 2008-07-21 21:59 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 34304 c:\windows\system32\dllcache\mtxlegih.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 30720 c:\windows\system32\dllcache\mtxdm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\msxmlr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 37916 c:\windows\system32\dllcache\msxml2r.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 24576 c:\windows\system32\dllcache\msxactps.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 72704 c:\windows\system32\dllcache\msw3prt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 57344 c:\windows\system32\dllcache\msvcirt.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 57344 c:\windows\system32\dllcache\mst123.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 13312 c:\windows\system32\dllcache\msswch.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\mssoapr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 35840 c:\windows\system32\dllcache\mssign32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 76800 c:\windows\system32\dllcache\msshamsg.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 60416 c:\windows\system32\dllcache\msratelc.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 69632 c:\windows\system32\dllcache\msr2c.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 41984 c:\windows\system32\dllcache\msports.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 20480 c:\windows\system32\dllcache\msorc32r.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\msobweb.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 30720 c:\windows\system32\dllcache\msobshel.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 33280 c:\windows\system32\dllcache\msobjs.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\msobdl.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 39936 c:\windows\system32\dllcache\mslwvtts.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 25088 c:\windows\system32\dllcache\mslbui.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 39936 c:\windows\system32\dllcache\msinfo32.exe
- 2007-08-14 02:01 . 2009-03-08 11:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2008-07-21 22:49 . 2009-03-08 11:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 15360 c:\windows\system32\dllcache\msgrocm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 90112 c:\windows\system32\dllcache\msdtcstp.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2008-07-21 21:59 . 2008-06-12 14:23 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 36864 c:\windows\system32\dllcache\msdfmap.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 20480 c:\windows\system32\dllcache\msdatt.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\msdaremr.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\msdaprsr.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 77824 c:\windows\system32\dllcache\msdaosp.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\msdaorar.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 68608 c:\windows\system32\dllcache\msctfp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 36864 c:\windows\system32\dllcache\mscpxl32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 12288 c:\windows\system32\dllcache\mscpx32r.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 69632 c:\windows\system32\dllcache\msconf.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 65024 c:\windows\system32\dllcache\msaudite.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 57344 c:\windows\system32\dllcache\msadrh15.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 57344 c:\windows\system32\dllcache\msador15.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 24576 c:\windows\system32\dllcache\msader15.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 24576 c:\windows\system32\dllcache\msaddsr.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 53248 c:\windows\system32\dllcache\msadcs.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\msadcor.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\msadcfr.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 61440 c:\windows\system32\dllcache\msadcf.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 61168 c:\windows\system32\dllcache\msacm.dll
+ 2008-07-22 00:00 . 2001-08-17 20:52 17280 c:\windows\system32\dllcache\mraid35x.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 49152 c:\windows\system32\dllcache\mqupgrd.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 95744 c:\windows\system32\dllcache\mqsec.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 89088 c:\windows\system32\dllcache\mqlogmgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 16896 c:\windows\system32\dllcache\mqise.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 60928 c:\windows\system32\dllcache\mqgentr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 47616 c:\windows\system32\dllcache\mqdscli.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 10752 c:\windows\system32\dllcache\mqcertui.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 92544 c:\windows\system32\dllcache\mqac.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 99840 c:\windows\system32\dllcache\mprmsg.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 53248 c:\windows\system32\dllcache\mprdim.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 69120 c:\windows\system32\dllcache\mprddm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 10112 c:\windows\system32\dllcache\modex.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 34560 c:\windows\system32\dllcache\mnmdd.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 68768 c:\windows\system32\dllcache\mmsystem.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 17408 c:\windows\system32\dllcache\mmfutil.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 12288 c:\windows\system32\dllcache\mmdrv.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 60928 c:\windows\system32\dllcache\miglibnt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 22528 c:\windows\system32\dllcache\mfcsubs.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 40960 c:\windows\system32\dllcache\mf3216.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 16896 c:\windows\system32\dllcache\medctroc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 50176 c:\windows\system32\dllcache\mdhcp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 28160 c:\windows\system32\dllcache\mciwave.drv
+ 2008-07-21 22:49 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\mciwave.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 25264 c:\windows\system32\dllcache\mciseq.drv
+ 2008-07-21 22:49 . 2008-04-14 12:00 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 35328 c:\windows\system32\dllcache\mciqtz32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 17408 c:\windows\system32\dllcache\mcicda.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 84480 c:\windows\system32\dllcache\mciavi32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 73376 c:\windows\system32\dllcache\mciavi.drv
+ 2008-07-21 22:49 . 2008-04-14 12:00 10496 c:\windows\system32\dllcache\mcdsrv32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 10240 c:\windows\system32\dllcache\mcd32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 14336 c:\windows\system32\dllcache\mcastmib.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 10240 c:\windows\system32\dllcache\lprhelp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 50176 c:\windows\system32\dllcache\loghours.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 19968 c:\windows\system32\dllcache\log.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 11776 c:\windows\system32\dllcache\localui.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 37376 c:\windows\system32\dllcache\l2store.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 24576 c:\windows\system32\dllcache\krnlprov.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 61440 c:\windows\system32\dllcache\kmsvc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 42537 c:\windows\system32\dllcache\keyboard.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 42809 c:\windows\system32\dllcache\key01.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 47952 c:\windows\system32\dllcache\jobexec.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 54272 c:\windows\system32\dllcache\ixsso.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 32768 c:\windows\system32\dllcache\isrdbg32.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\isignup.exe
+ 2008-07-21 14:55 . 2008-04-14 12:00 13312 c:\windows\system32\dllcache\irclass.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 22016 c:\windows\system32\dllcache\ipxwan.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 66560 c:\windows\system32\dllcache\ipxsap.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 39936 c:\windows\system32\dllcache\ipxrtmgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 21504 c:\windows\system32\dllcache\ipxrip.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 30720 c:\windows\system32\dllcache\iologmsg.dll
- 2007-08-14 02:39 . 2009-03-08 11:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2008-07-21 22:49 . 2009-03-08 11:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2008-07-22 00:04 . 2001-08-17 20:52 16000 c:\windows\system32\dllcache\ini910u.sys
+ 2008-07-21 22:00 . 2008-04-14 12:00 20480 c:\windows\system32\dllcache\inetwiz.exe
+ 2008-07-21 22:49 . 2008-04-14 12:00 15872 c:\windows\system32\dllcache\inetppui.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 32768 c:\windows\system32\dllcache\inetmib1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 36921 c:\windows\system32\dllcache\imeshare.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 81920 c:\windows\system32\dllcache\ils.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 70656 c:\windows\system32\dllcache\ifsutil.dll
- 2007-08-14 02:39 . 2009-03-08 11:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2008-07-21 22:49 . 2009-03-08 11:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2008-07-21 22:49 . 2009-03-08 11:32 55808 c:\windows\system32\dllcache\iernonce.dll
- 2007-08-14 02:39 . 2009-03-08 11:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 49152 c:\windows\system32\dllcache\icwutil.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 73728 c:\windows\system32\dllcache\icwtutor.exe
+ 2008-07-21 22:00 . 2008-04-14 12:00 24576 c:\windows\system32\dllcache\icwrmind.exe
+ 2008-07-21 22:01 . 2008-04-14 12:00 61440 c:\windows\system32\dllcache\icwres.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 65536 c:\windows\system32\dllcache\icwphbk.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 32768 c:\windows\system32\dllcache\icwdl.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 73728 c:\windows\system32\dllcache\icwdial.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 86016 c:\windows\system32\dllcache\icwconn2.exe
+ 2008-07-21 22:00 . 2008-04-14 12:00 61440 c:\windows\system32\dllcache\icwconn.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 54784 c:\windows\system32\dllcache\icmui.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\icfgnt5.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 59392 c:\windows\system32\dllcache\iassvcs.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 86528 c:\windows\system32\dllcache\iassam.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 17920 c:\windows\system32\dllcache\iaspolcy.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 62464 c:\windows\system32\dllcache\iasnap.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 32256 c:\windows\system32\dllcache\iashlpr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 41472 c:\windows\system32\dllcache\iasads.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\iasacct.dll
+ 2008-07-22 00:02 . 2008-04-14 07:11 18560 c:\windows\system32\dllcache\i2omp.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 41984 c:\windows\system32\dllcache\htui.dll
+ 2008-07-22 00:01 . 2001-08-17 21:07 25952 c:\windows\system32\dllcache\hpn.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 72704 c:\windows\system32\dllcache\hlink.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 87552 c:\windows\system32\dllcache\hhctrlui.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 57344 c:\windows\system32\dllcache\h323cc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 76800 c:\windows\system32\dllcache\gcdef.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 53248 c:\windows\system32\dllcache\fwdprov.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 32828 c:\windows\system32\dllcache\fp40ext.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 73728 c:\windows\system32\dllcache\fdeploy.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 97965 c:\windows\system32\dllcache\evtquery.vbs
+ 2008-07-21 22:49 . 2008-04-14 12:00 45056 c:\windows\system32\dllcache\evtgprov.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 21504 c:\windows\system32\dllcache\evntrprv.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 33280 c:\windows\system32\dllcache\eventcls.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 17408 c:\windows\system32\dllcache\esentprf.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 20480 c:\windows\system32\dllcache\encapi.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\efsadu.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 33792 c:\windows\system32\dllcache\eapsvc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 59392 c:\windows\system32\dllcache\eapqec.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 94208 c:\windows\system32\dllcache\eappgnui.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 55632 c:\windows\system32\dllcache\dwil1033.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\dswave.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 51200 c:\windows\system32\dllcache\dssec.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 71680 c:\windows\system32\dllcache\dsdmoprp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 62976 c:\windows\system32\dllcache\dsauth.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\ds32gt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 57344 c:\windows\system32\dllcache\dpwsockx.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 42768 c:\windows\system32\dllcache\dpwsock.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 21504 c:\windows\system32\dllcache\dpvacm.dll
+ 2008-07-21 23:59 . 2001-08-17 21:07 20192 c:\windows\system32\dllcache\dpti2o.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 53520 c:\windows\system32\dllcache\dpserial.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 61952 c:\windows\system32\dllcache\dpnwsock.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 62464 c:\windows\system32\dllcache\dpnmodem.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 60928 c:\windows\system32\dllcache\dpnhupnp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 35328 c:\windows\system32\dllcache\dpnhpast.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\dpmodemx.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 33040 c:\windows\system32\dllcache\dplay.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 56320 c:\windows\system32\dllcache\dot3msm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 39936 c:\windows\system32\dllcache\dot3clnt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 48128 c:\windows\system32\dllcache\docprop2.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 46080 c:\windows\system32\dllcache\docprop.dll
+ 2008-04-14 05:41 . 2008-04-14 12:00 52224 c:\windows\system32\dllcache\dmutil.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\dmserver.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 82432 c:\windows\system32\dllcache\dmscript.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\dmocx.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 35840 c:\windows\system32\dllcache\dmloader.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 18432 c:\windows\system32\dllcache\dmintf.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 61440 c:\windows\system32\dllcache\dmcompos.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 28672 c:\windows\system32\dllcache\dmband.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 32768 c:\windows\system32\dllcache\dispex.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 39936 c:\windows\system32\dllcache\dimsroam.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 44032 c:\windows\system32\dllcache\dimap.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 74240 c:\windows\system32\dllcache\dhcpsapi.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 48640 c:\windows\system32\dllcache\dhcpqec.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 85020 c:\windows\system32\dllcache\dgsetup.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 39424 c:\windows\system32\dllcache\dfrgsnap.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 51200 c:\windows\system32\dllcache\dfrgres.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 18432 c:\windows\system32\dllcache\deskperf.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 16896 c:\windows\system32\dllcache\deskmon.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\deskadp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 39424 c:\windows\system32\dllcache\ddeml.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 40960 c:\windows\system32\dllcache\dcap32.dll
+ 2008-07-22 00:04 . 2001-08-17 20:52 14720 c:\windows\system32\dllcache\dac960nt.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 47616 c:\windows\system32\dllcache\d3dxof.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 34816 c:\windows\system32\dllcache\d3dpmesh.dll
+ 2008-07-21 22:01 . 2004-08-11 09:45 28672 c:\windows\system32\dllcache\custsat.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 27200 c:\windows\system32\dllcache\ctl3dv2.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 27136 c:\windows\system32\dllcache\ctl3d32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 73728 c:\windows\system32\dllcache\csseqchk.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 53760 c:\windows\system32\dllcache\cryptext.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 74752 c:\windows\system32\dllcache\cryptdlg.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 12800 c:\windows\system32\dllcache\credssp.dll
+ 2008-07-22 00:00 . 2001-08-17 20:52 14976 c:\windows\system32\dllcache\cpqarray.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 27097 c:\windows\system32\dllcache\country.sys
+ 2008-07-21 22:49 . 2009-03-08 11:33 18944 c:\windows\system32\dllcache\corpol.dll
- 2007-08-14 02:42 . 2009-03-08 11:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 66560 c:\windows\system32\dllcache\console.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 45056 c:\windows\system32\dllcache\confmrsl.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 97792 c:\windows\system32\dllcache\comrepl.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 30160 c:\windows\system32\dllcache\compobj.dll
+ 2008-07-21 14:57 . 2008-04-14 00:06 10240 c:\windows\system32\dllcache\compbatt.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 32816 c:\windows\system32\dllcache\commdlg.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 28160 c:\windows\system32\dllcache\comaddin.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 17920 c:\windows\system32\dllcache\cobramsg.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\cnvfat.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 32768 c:\windows\system32\dllcache\cnetcfg.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 39424 c:\windows\system32\dllcache\cmutil.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 13312 c:\windows\system32\dllcache\cmsetacl.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 14336 c:\windows\system32\dllcache\cmpbk32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 15872 c:\windows\system32\dllcache\cmcfg32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 69120 c:\windows\system32\dllcache\ciodm.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 38912 c:\windows\system32\dllcache\cfgbkend.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 15872 c:\windows\system32\dllcache\cdmodem.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 27648 c:\windows\system32\dllcache\ccfgnt.dll
+ 2009-04-02 22:07 . 2008-04-14 08:16 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2008-07-21 22:01 . 2008-04-14 12:00 12288 c:\windows\system32\dllcache\cb32.exe
+ 2008-07-21 21:59 . 2008-04-14 12:00 85504 c:\windows\system32\dllcache\catsrvps.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 50688 c:\windows\system32\dllcache\camocx.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 50688 c:\windows\system32\dllcache\btpanui.dll
+ 2008-04-14 05:41 . 2008-04-14 12:00 30208 c:\windows\system32\dllcache\bthserv.dll
+ 2008-04-14 05:41 . 2008-04-14 12:00 20992 c:\windows\system32\dllcache\bthci.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 21504 c:\windows\system32\dllcache\brpinfo.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 78336 c:\windows\system32\dllcache\browsewm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 17408 c:\windows\system32\dllcache\bidispl.dll
+ 2008-07-21 14:57 . 2008-04-14 00:06 14208 c:\windows\system32\dllcache\battc.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 69584 c:\windows\system32\dllcache\avicap.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 80384 c:\windows\system32\dllcache\autodisc.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 11264 c:\windows\system32\dllcache\atrace.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 34816 c:\windows\system32\dllcache\atmpvcno.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 30208 c:\windows\system32\dllcache\atmlib.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 13312 c:\windows\system32\dllcache\atkctrs.dll
+ 2008-07-22 00:04 . 2001-08-17 20:51 14848 c:\windows\system32\dllcache\asc3550.sys
+ 2008-07-22 00:04 . 2001-08-17 20:52 22400 c:\windows\system32\dllcache\asc3350p.sys
+ 2008-07-22 00:04 . 2001-08-17 20:52 26496 c:\windows\system32\dllcache\asc.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 70656 c:\windows\system32\dllcache\amstream.dll
+ 2008-07-22 00:04 . 2001-08-17 20:52 12032 c:\windows\system32\dllcache\amsint.sys
+ 2008-07-21 23:50 . 2008-04-14 07:06 43008 c:\windows\system32\dllcache\amdagp.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 17408 c:\windows\system32\dllcache\alrsvc.dll
+ 2008-07-21 23:50 . 2008-04-14 07:06 42752 c:\windows\system32\dllcache\alim1541.sys
+ 2008-07-21 23:58 . 2001-08-17 21:07 56960 c:\windows\system32\dllcache\aic78xx.sys
+ 2008-07-21 23:58 . 2001-08-17 21:07 55168 c:\windows\system32\dllcache\aic78u2.sys
+ 2008-07-21 23:57 . 2001-08-17 20:52 12800 c:\windows\system32\dllcache\aha154x.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 24064 c:\windows\system32\dllcache\agtintl.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 20480 c:\windows\system32\dllcache\agt0c0a.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 20992 c:\windows\system32\dllcache\agt0816.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt041f.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt041d.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt0419.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 20480 c:\windows\system32\dllcache\agt0416.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt0415.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt0414.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 20992 c:\windows\system32\dllcache\agt0413.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 20992 c:\windows\system32\dllcache\agt0410.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 19968 c:\windows\system32\dllcache\agt040e.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 21504 c:\windows\system32\dllcache\agt040c.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt040b.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 19968 c:\windows\system32\dllcache\agt0409.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 22016 c:\windows\system32\dllcache\agt0408.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 21504 c:\windows\system32\dllcache\agt0407.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt0406.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt0405.dll
+ 2008-07-21 23:55 . 2008-04-14 07:06 44928 c:\windows\system32\dllcache\agpcpq.sys
+ 2008-07-21 23:52 . 2008-04-14 07:06 42368 c:\windows\system32\dllcache\agp440.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 44032 c:\windows\system32\dllcache\agentsr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 24064 c:\windows\system32\dllcache\agentpsh.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 49152 c:\windows\system32\dllcache\agentmpx.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 57344 c:\windows\system32\dllcache\agentdpv.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 42496 c:\windows\system32\dllcache\agentdp2.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 24064 c:\windows\system32\dllcache\agentanm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 68096 c:\windows\system32\dllcache\adsmsext.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 26112 c:\windows\system32\dllcache\adptif.dll
- 2007-08-14 02:39 . 2009-03-08 11:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2008-07-21 22:49 . 2009-03-08 11:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2008-07-22 00:04 . 2001-08-17 20:52 23552 c:\windows\system32\dllcache\abp480n5.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 25600 c:\windows\system32\dllcache\aaaamon.dll
+ 2008-04-14 00:16 . 2008-04-14 12:00 53376 c:\windows\system32\dllcache\1394bus.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 8261 c:\windows\system32\dllcache\zoneoc.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\wuauserv.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 9216 c:\windows\system32\dllcache\wshatm.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 3200 c:\windows\system32\dllcache\wowfax.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\wmm2res2.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\wmm2ext.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 4096 c:\windows\system32\dllcache\wmm2eres.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\wmiapres.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 2864 c:\windows\system32\dllcache\winsock.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\winnls.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 9216 c:\windows\system32\dllcache\winfax.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 9216 c:\windows\system32\dllcache\wifeman.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 4608 c:\windows\system32\dllcache\vjoy.dll
+ 2008-07-22 00:07 . 2008-04-14 07:10 5376 c:\windows\system32\dllcache\viaide.sys
+ 2008-07-21 14:55 . 2008-04-14 12:00 2176 c:\windows\system32\dllcache\vga.drv
+ 2008-07-21 22:50 . 2008-04-14 12:00 9008 c:\windows\system32\dllcache\ver.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\vcdex.dll
+ 2008-07-22 00:08 . 2001-08-17 20:51 4992 c:\windows\system32\dllcache\toside.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\tlntsvrp.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 4048 c:\windows\system32\dllcache\timer.drv
+ 2008-07-21 22:50 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\tapiperf.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 3360 c:\windows\system32\dllcache\system.drv
+ 2008-07-21 22:50 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\svcpack.dll
+ 2001-08-17 22:36 . 2001-08-18 05:36 8192 c:\windows\system32\dllcache\streamci.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 4208 c:\windows\system32\dllcache\storage.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 1744 c:\windows\system32\dllcache\sound.drv
+ 2008-07-21 22:50 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\softpub.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\skdll.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\shell.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 9216 c:\windows\system32\dllcache\scrnsave.scr
+ 2008-07-21 22:50 . 2008-04-14 12:00 9728 c:\windows\system32\dllcache\rsvpperf.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\routetab.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 3072 c:\windows\system32\dllcache\rnr20.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 4096 c:\windows\system32\dllcache\rdpcfgex.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\qosname.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 3708 c:\windows\system32\dllcache\pubprn.vbs
+ 2008-07-21 22:50 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\psnppagn.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\perfnw.dll
+ 2008-07-22 00:00 . 2001-08-17 21:07 5504 c:\windows\system32\dllcache\perc2hib.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\nwevent.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\ncxpnt.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 4096 c:\windows\system32\dllcache\mtxex.dll
+ 2009-04-02 22:07 . 2008-04-14 08:09 5504 c:\windows\system32\dllcache\mstee.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 4608 c:\windows\system32\dllcache\mssip32.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\msr2cenu.dll
+ 2009-04-02 22:07 . 2008-04-14 08:09 4992 c:\windows\system32\dllcache\mspqm.sys
+ 2009-04-02 22:07 . 2008-04-14 08:09 5376 c:\windows\system32\dllcache\mspclock.sys
+ 2009-04-02 22:07 . 2008-04-14 08:09 7552 c:\windows\system32\dllcache\mskssrv.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 4126 c:\windows\system32\dllcache\msdxmlc.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 4096 c:\windows\system32\dllcache\msdaurl.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 4096 c:\windows\system32\dllcache\msdasc.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 4096 c:\windows\system32\dllcache\msdaer.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 4096 c:\windows\system32\dllcache\msdaenum.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 4096 c:\windows\system32\dllcache\msdadc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\mscat32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 3584 c:\windows\system32\dllcache\msafd.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\mqperf.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 2032 c:\windows\system32\dllcache\mouse.drv
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\mll_qic.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\mll_mtf.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 3584 c:\windows\system32\dllcache\mll_hp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\mciole32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\mciole16.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 4608 c:\windows\system32\dllcache\mchgrcoi.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\mag_hook.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 9936 c:\windows\system32\dllcache\lzexpand.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 9216 c:\windows\system32\dllcache\lprmonui.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 2000 c:\windows\system32\dllcache\keyboard.drv
+ 2008-07-21 22:49 . 2008-04-14 12:00 7424 c:\windows\system32\dllcache\kd1394.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdycl.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdycc.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbduzb.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdusx.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdusr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdusl.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdur.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdukx.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbduk.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdtuq.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdtuf.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdtat.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdsw.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdsp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\kbdsmsno.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\kbdsmsfi.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdsl1.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdsl.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdsg.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdsf.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdru1.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdru.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdro.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdpo.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdpl1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdpl.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdpash.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdno1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdno.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdnepr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdnec.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdne.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdmon.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdmlt48.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdmlt47.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdmaori.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdmac.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdlv1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdlv.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdlt1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdlt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdla.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdkyr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdkaz.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdiultn.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdit142.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdit.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdir.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdinmal.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdinben.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdinbe1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdic.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhu1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdhu.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\kbdhept.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdhela3.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdhela2.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhe319.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhe220.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhe.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdgr1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdgkl.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdgae.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdfr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdfo.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdfi1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdfi.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdfc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdest.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdes.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\kbddv.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdda.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdcz2.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdcz1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdcz.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdcr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\kbdcan.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdca.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdbu.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdbr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdblr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdbhc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdbene.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdbe.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdazel.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdaze.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdal.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 4096 c:\windows\system32\dllcache\iprtprio.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 3584 c:\windows\system32\dllcache\iprop.dll
+ 2008-07-22 00:06 . 2008-04-14 07:10 5504 c:\windows\system32\dllcache\intelide.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 9216 c:\windows\system32\dllcache\iissuba.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\igmpagnt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 4768 c:\windows\system32\dllcache\himem.sys
+ 2008-04-14 05:41 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\hccoin.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\hcappres.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 9728 c:\windows\system32\dllcache\gpkrsrc.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\fsconins.dll
+ 2008-07-21 14:57 . 2001-08-17 13:46 6400 c:\windows\system32\dllcache\enum1394.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 4096 c:\windows\system32\dllcache\dsprpres.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 4656 c:\windows\system32\dllcache\ds16gt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 3072 c:\windows\system32\dllcache\dpnlobby.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 3072 c:\windows\system32\dllcache\dpnaddr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 3584 c:\windows\system32\dllcache\comcat.dll
+ 2008-07-22 00:06 . 2001-08-17 20:51 6656 c:\windows\system32\dllcache\cmdide.sys
+ 2008-07-22 00:04 . 2001-08-17 20:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys
+ 2008-07-21 22:01 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\bitsprx3.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 8704 c:\windows\system32\dllcache\batt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 9029 c:\windows\system32\dllcache\ansi.sys
+ 2008-07-22 00:06 . 2001-08-17 20:51 5248 c:\windows\system32\dllcache\aliide.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 338432 c:\windows\system32\dllcache\zipfldr.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 187392 c:\windows\system32\dllcache\xpsp1res.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 129024 c:\windows\system32\dllcache\xmlprov.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 174200 c:\windows\system32\dllcache\xenroll.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 183296 c:\windows\system32\dllcache\wuaueng1.dll
+ 2008-04-14 05:42 . 2008-04-14 12:00 108032 c:\windows\system32\dllcache\wshbth.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 604160 c:\windows\system32\dllcache\wsecedit.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 303616 c:\windows\system32\dllcache\wmstream.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 115200 c:\windows\system32\dllcache\wmsdmoe.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 221184 c:\windows\system32\dllcache\wmpns.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 325632 c:\windows\system32\dllcache\wmm2fxb.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 502272 c:\windows\system32\dllcache\wmm2fxa.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 402432 c:\windows\system32\dllcache\wmm2filt.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 167936 c:\windows\system32\dllcache\wmm2ae.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 132096 c:\windows\system32\dllcache\wmipdskq.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 156672 c:\windows\system32\dllcache\wmipcima.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 140800 c:\windows\system32\dllcache\wmidcprv.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 146432 c:\windows\system32\dllcache\winspool.drv
+ 2008-07-21 22:50 . 2008-04-14 12:00 756224 c:\windows\system32\dllcache\winntbbu.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 111104 c:\windows\system32\dllcache\wiavideo.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 124416 c:\windows\system32\dllcache\wiadss.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 135680 c:\windows\system32\dllcache\webvw.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 197120 c:\windows\system32\dllcache\wbemupgd.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 196608 c:\windows\system32\dllcache\wbemcntl.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 215552 c:\windows\system32\dllcache\wavemsp.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 249856 c:\windows\system32\dllcache\wab32res.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 510976 c:\windows\system32\dllcache\wab32.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 131584 c:\windows\system32\dllcache\viewprov.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 102457 c:\windows\system32\dllcache\usrv42a.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 323641 c:\windows\system32\dllcache\usrdtea.dll
+ 2009-04-02 22:07 . 2008-04-14 08:16 121984 c:\windows\system32\dllcache\usbvideo.sys
+ 2008-07-21 22:50 . 2008-04-14 12:00 185856 c:\windows\system32\dllcache\upnphost.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 116224 c:\windows\system32\dllcache\updprov.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 316416 c:\windows\system32\dllcache\untfs.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 177856 c:\windows\system32\dllcache\typelib.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 101376 c:\windows\system32\dllcache\txflog.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 130048 c:\windows\system32\dllcache\tsoc.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 279040 c:\windows\system32\dllcache\tshoot.dll
- 2009-09-12 05:06 . 2009-06-21 21:44 153088 c:\windows\system32\dllcache\triedit.dll
+ 2008-07-21 22:00 . 2009-06-21 21:44 153088 c:\windows\system32\dllcache\triedit.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 358400 c:\windows\system32\dllcache\termmgr.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 858624 c:\windows\system32\dllcache\tapi3.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 990208 c:\windows\system32\dllcache\syssetup.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 173568 c:\windows\system32\dllcache\sysmoda.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 193024 c:\windows\system32\dllcache\sysmod.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 191488 c:\windows\system32\dllcache\syncui.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 138752 c:\windows\system32\dllcache\swprv.dll
- 2009-05-27 19:53 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-07-21 22:50 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 136704 c:\windows\system32\dllcache\sti_ci.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 679936 c:\windows\system32\dllcache\sstext3d.scr
+ 2008-07-21 22:50 . 2008-04-14 12:00 610304 c:\windows\system32\dllcache\sspipes.scr
+ 2008-07-21 22:50 . 2008-04-14 12:00 393216 c:\windows\system32\dllcache\ssflwbox.scr
+ 2008-07-21 22:50 . 2008-04-14 12:00 704512 c:\windows\system32\dllcache\ss3dfo.scr
+ 2008-07-21 22:00 . 2008-04-14 12:00 239104 c:\windows\system32\dllcache\srrstr.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 726078 c:\windows\system32\dllcache\srchui.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 217088 c:\windows\system32\dllcache\sqlxmlx.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 180800 c:\windows\system32\dllcache\sqlunirl.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 110592 c:\windows\system32\dllcache\sqlse20.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 462848 c:\windows\system32\dllcache\sqlqp20.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 151552 c:\windows\system32\dllcache\sqldb20.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 774144 c:\windows\system32\dllcache\spttseng.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 648704 c:\windows\system32\dllcache\sprc0C0A.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 639488 c:\windows\system32\dllcache\sprc0816.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 322560 c:\windows\system32\dllcache\sprc0804.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 576512 c:\windows\system32\dllcache\sprc0424.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 592896 c:\windows\system32\dllcache\sprc041f.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 590848 c:\windows\system32\dllcache\sprc041D.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 577536 c:\windows\system32\dllcache\sprc041b.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 627200 c:\windows\system32\dllcache\sprc0419.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 620032 c:\windows\system32\dllcache\sprc0416.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 641024 c:\windows\system32\dllcache\sprc0415.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 591872 c:\windows\system32\dllcache\sprc0414.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 645120 c:\windows\system32\dllcache\sprc0413.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 392704 c:\windows\system32\dllcache\sprc0412.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 412672 c:\windows\system32\dllcache\sprc0411.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 658432 c:\windows\system32\dllcache\sprc0410.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 645120 c:\windows\system32\dllcache\sprc040e.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 620544 c:\windows\system32\dllcache\sprc040D.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 663040 c:\windows\system32\dllcache\sprc040C.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 604672 c:\windows\system32\dllcache\sprc040b.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 679936 c:\windows\system32\dllcache\sprc0408.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 663552 c:\windows\system32\dllcache\sprc0407.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 605696 c:\windows\system32\dllcache\sprc0406.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 601088 c:\windows\system32\dllcache\sprc0405.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 327680 c:\windows\system32\dllcache\sprc0404.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 656896 c:\windows\system32\dllcache\sprc0401.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 773632 c:\windows\system32\dllcache\sprb0C0A.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 751616 c:\windows\system32\dllcache\sprb0816.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 470016 c:\windows\system32\dllcache\sprb0804.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 732160 c:\windows\system32\dllcache\sprb0424.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 724480 c:\windows\system32\dllcache\sprb041f.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 724480 c:\windows\system32\dllcache\sprb041D.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 757248 c:\windows\system32\dllcache\sprb041b.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 736768 c:\windows\system32\dllcache\sprb0419.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 752128 c:\windows\system32\dllcache\sprb0416.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 759808 c:\windows\system32\dllcache\sprb0415.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 716288 c:\windows\system32\dllcache\sprb0414.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 769024 c:\windows\system32\dllcache\sprb0413.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 543744 c:\windows\system32\dllcache\sprb0412.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 562688 c:\windows\system32\dllcache\sprb0411.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 769536 c:\windows\system32\dllcache\sprb0410.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 769536 c:\windows\system32\dllcache\sprb040e.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 793088 c:\windows\system32\dllcache\sprb040C.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 729088 c:\windows\system32\dllcache\sprb040b.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 801280 c:\windows\system32\dllcache\sprb0408.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 788480 c:\windows\system32\dllcache\sprb0407.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 742912 c:\windows\system32\dllcache\sprb0406.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 734720 c:\windows\system32\dllcache\sprb0405.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 477696 c:\windows\system32\dllcache\sprb0404.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 196096 c:\windows\system32\dllcache\spra0C0A.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 194560 c:\windows\system32\dllcache\spra0816.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 161280 c:\windows\system32\dllcache\spra0804.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 189952 c:\windows\system32\dllcache\spra0427.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 188928 c:\windows\system32\dllcache\spra0426.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 186880 c:\windows\system32\dllcache\spra0425.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 192512 c:\windows\system32\dllcache\spra0424.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 188928 c:\windows\system32\dllcache\spra041f.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 188416 c:\windows\system32\dllcache\spra041e.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 188928 c:\windows\system32\dllcache\spra041D.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 192512 c:\windows\system32\dllcache\spra041b.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 188928 c:\windows\system32\dllcache\spra041a.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 192512 c:\windows\system32\dllcache\spra0419.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 190464 c:\windows\system32\dllcache\spra0418.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 192512 c:\windows\system32\dllcache\spra0416.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 194560 c:\windows\system32\dllcache\spra0415.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 189440 c:\windows\system32\dllcache\spra0414.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 196096 c:\windows\system32\dllcache\spra0413.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 167936 c:\windows\system32\dllcache\spra0412.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 171008 c:\windows\system32\dllcache\spra0411.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 195072 c:\windows\system32\dllcache\spra0410.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 195584 c:\windows\system32\dllcache\spra040e.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 181760 c:\windows\system32\dllcache\spra040D.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 197632 c:\windows\system32\dllcache\spra040C.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 186368 c:\windows\system32\dllcache\spra040b.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 197632 c:\windows\system32\dllcache\spra0408.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 199680 c:\windows\system32\dllcache\spra0407.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 192000 c:\windows\system32\dllcache\spra0406.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 188928 c:\windows\system32\dllcache\spra0405.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 161280 c:\windows\system32\dllcache\spra0404.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 189440 c:\windows\system32\dllcache\spra0402.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 186880 c:\windows\system32\dllcache\spra0401.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 130048 c:\windows\system32\dllcache\softkbd.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 182272 c:\windows\system32\dllcache\snmpsnap.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 362496 c:\windows\system32\dllcache\smlogcfg.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 306176 c:\windows\system32\dllcache\slbcsp.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 152064 c:\windows\system32\dllcache\shmedia.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 101376 c:\windows\system32\dllcache\setupqry.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 414208 c:\windows\system32\dllcache\setupdll.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 130048 c:\windows\system32\dllcache\sdpblb.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 199680 c:\windows\system32\dllcache\scripta.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 215552 c:\windows\system32\dllcache\script.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 171008 c:\windows\system32\dllcache\sccsccp.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 169984 c:\windows\system32\dllcache\sccbase.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 118784 c:\windows\system32\dllcache\scardssp.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 159232 c:\windows\system32\dllcache\sbeio.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 741376 c:\windows\system32\dllcache\sapi.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 290304 c:\windows\system32\dllcache\rhttpaa.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 107520 c:\windows\system32\dllcache\rend.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 397824 c:\windows\system32\dllcache\regwizc.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 147968 c:\windows\system32\dllcache\rdchost.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 102400 c:\windows\system32\dllcache\rcbdyctl.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 733696 c:\windows\system32\dllcache\qedwipes.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 562176 c:\windows\system32\dllcache\qedit.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 386048 c:\windows\system32\dllcache\qdvd.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 279040 c:\windows\system32\dllcache\qdv.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 192512 c:\windows\system32\dllcache\qcap.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 291328 c:\windows\system32\dllcache\qagentrt.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 237056 c:\windows\system32\dllcache\provthrd.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 560640 c:\windows\system32\dllcache\printui.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 105472 c:\windows\system32\dllcache\polstore.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 176128 c:\windows\system32\dllcache\photowiz.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 102912 c:\windows\system32\dllcache\pchshell.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 157696 c:\windows\system32\dllcache\paqsp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 167219 c:\windows\system32\dllcache\pagefile.vbs
+ 2008-07-21 22:49 . 2008-04-14 12:00 554496 c:\windows\system32\dllcache\p2psvc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 313856 c:\windows\system32\dllcache\p2pgraph.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 105472 c:\windows\system32\dllcache\p2pgasvc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 713728 c:\windows\system32\dllcache\opengl32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 107008 c:\windows\system32\dllcache\oleprn.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 153008 c:\windows\system32\dllcache\ole2nls.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 169520 c:\windows\system32\dllcache\ole2disp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 147456 c:\windows\system32\dllcache\odbctrac.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 135168 c:\windows\system32\dllcache\odbcconf.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 446464 c:\windows\system32\dllcache\obrb0C0A.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 435200 c:\windows\system32\dllcache\obrb0816.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 270336 c:\windows\system32\dllcache\obrb0804.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 408576 c:\windows\system32\dllcache\obrb0424.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 390144 c:\windows\system32\dllcache\obrb041f.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 363008 c:\windows\system32\dllcache\obrb041D.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 405504 c:\windows\system32\dllcache\obrb041b.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 427008 c:\windows\system32\dllcache\obrb0419.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 409600 c:\windows\system32\dllcache\obrb0416.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 391680 c:\windows\system32\dllcache\obrb0415.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 353792 c:\windows\system32\dllcache\obrb0414.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 401920 c:\windows\system32\dllcache\obrb0413.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 306688 c:\windows\system32\dllcache\obrb0412.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 275456 c:\windows\system32\dllcache\obrb0411.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 413696 c:\windows\system32\dllcache\obrb0410.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 434176 c:\windows\system32\dllcache\obrb040e.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 384000 c:\windows\system32\dllcache\obrb040D.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 410624 c:\windows\system32\dllcache\obrb040C.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 405504 c:\windows\system32\dllcache\obrb040b.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 419328 c:\windows\system32\dllcache\obrb0408.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 403456 c:\windows\system32\dllcache\obrb0407.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 418816 c:\windows\system32\dllcache\obrb0406.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 428032 c:\windows\system32\dllcache\obrb0405.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 212480 c:\windows\system32\dllcache\obrb0404.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 393728 c:\windows\system32\dllcache\obrb0401.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 286208 c:\windows\system32\dllcache\objsel.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 163584 c:\windows\system32\dllcache\nwrdr.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 488448 c:\windows\system32\dllcache\ntmsmgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 179200 c:\windows\system32\dllcache\ntmsdba.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 212992 c:\windows\system32\dllcache\ntevt.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 364544 c:\windows\system32\dllcache\npdsplay.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 226816 c:\windows\system32\dllcache\npdrmv2.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 188416 c:\windows\system32\dllcache\nmwb.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 172032 c:\windows\system32\dllcache\nmoldwb.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 151552 c:\windows\system32\dllcache\nmft.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 229376 c:\windows\system32\dllcache\nmas.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 247808 c:\windows\system32\dllcache\newdev.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 875008 c:\windows\system32\dllcache\netplwiz.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 139264 c:\windows\system32\dllcache\netid.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 253952 c:\windows\system32\dllcache\neth.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 126976 c:\windows\system32\dllcache\netfxocm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 214016 c:\windows\system32\dllcache\netevent.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 108464 c:\windows\system32\dllcache\netapi.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 221184 c:\windows\system32\dllcache\nac.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 701440 c:\windows\system32\dllcache\msxml2.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 506368 c:\windows\system32\dllcache\msxml.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 355104 c:\windows\system32\dllcache\msxbde40.dll
+ 2008-07-21 22:49 . 2009-08-05 09:01 204800 c:\windows\system32\dllcache\mswebdvd.dll
- 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:\windows\system32\dllcache\mswebdvd.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 838432 c:\windows\system32\dllcache\mswdat10.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 126912 c:\windows\system32\dllcache\msvideo.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 253952 c:\windows\system32\dllcache\msvcrt20.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 565760 c:\windows\system32\dllcache\msvcp50.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 264992 c:\windows\system32\dllcache\mstext40.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 274432 c:\windows\system32\dllcache\mst120.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 235520 c:\windows\system32\dllcache\mssoap1.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 155136 c:\windows\system32\dllcache\mssha.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 134656 c:\windows\system32\dllcache\mssap.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 559904 c:\windows\system32\dllcache\msrepl40.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 322336 c:\windows\system32\dllcache\msrd3x40.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 432928 c:\windows\system32\dllcache\msrd2x40.dll
- 2007-08-14 02:44 . 2009-03-08 11:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2008-07-21 22:49 . 2009-03-08 11:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 355104 c:\windows\system32\dllcache\mspbde40.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 143360 c:\windows\system32\dllcache\msorcl32.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 565248 c:\windows\system32\dllcache\msobmain.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 122368 c:\windows\system32\dllcache\msobcomm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 170496 c:\windows\system32\dllcache\msmqocm.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 219936 c:\windows\system32\dllcache\msltus40.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 248608 c:\windows\system32\dllcache\msjtes40.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 355112 c:\windows\system32\dllcache\msjetol1.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 273920 c:\windows\system32\dllcache\msiprov.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 376832 c:\windows\system32\dllcache\msinfo.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 884736 c:\windows\system32\dllcache\msimsg.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 271360 c:\windows\system32\dllcache\msihnd.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 248832 c:\windows\system32\dllcache\msieftp.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 539136 c:\windows\system32\dllcache\msftedit.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 326432 c:\windows\system32\dllcache\msexcl40.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 518944 c:\windows\system32\dllcache\msexch40.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2008-07-21 21:59 . 2008-06-12 14:23 161792 c:\windows\system32\dllcache\msdtcuiu.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2008-07-21 21:59 . 2008-06-12 14:23 956928 c:\windows\system32\dllcache\msdtctm.dll
- 2008-06-12 14:23 . 2008-06-12 14:23 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2008-07-21 21:59 . 2008-06-12 14:23 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 118784 c:\windows\system32\dllcache\msdarem.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 204800 c:\windows\system32\dllcache\msdaps.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 200704 c:\windows\system32\dllcache\msdaprst.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 233472 c:\windows\system32\dllcache\msdaora.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 118784 c:\windows\system32\dllcache\msdadiag.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 220160 c:\windows\system32\dllcache\mscandui.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 155648 c:\windows\system32\dllcache\msadds.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 102912 c:\windows\system32\dllcache\msaatext.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 471552 c:\windows\system32\dllcache\mqutil.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 187392 c:\windows\system32\dllcache\mqtrig.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 517632 c:\windows\system32\dllcache\mqsnap.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 123904 c:\windows\system32\dllcache\mqrtdep.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 177152 c:\windows\system32\dllcache\mqrt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 663040 c:\windows\system32\dllcache\mqqm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 225280 c:\windows\system32\dllcache\mqoa.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 138240 c:\windows\system32\dllcache\mqad.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 216064 c:\windows\system32\dllcache\moricons.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 119808 c:\windows\system32\dllcache\mmutilse.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 106496 c:\windows\system32\dllcache\Mmcfxc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 397312 c:\windows\system32\dllcache\mmcex.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 163328 c:\windows\system32\dllcache\mmcbase.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 184320 c:\windows\system32\dllcache\mmc30.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 261120 c:\windows\system32\dllcache\migisma.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 274432 c:\windows\system32\dllcache\migism.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 362496 c:\windows\system32\dllcache\metal_ss.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 147968 c:\windows\system32\dllcache\mdwmdmsp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 118272 c:\windows\system32\dllcache\mdminst.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 220672 c:\windows\system32\dllcache\logon.scr
+ 2008-07-21 22:49 . 2008-04-14 12:00 221696 c:\windows\system32\dllcache\localsec.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 399872 c:\windows\system32\dllcache\lmrt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 150528 c:\windows\system32\dllcache\keymgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 362496 c:\windows\system32\dllcache\jet500.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 191488 c:\windows\system32\dllcache\iuengine.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 155136 c:\windows\system32\dllcache\itircl.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 384000 c:\windows\system32\dllcache\ipsmsnap.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 183808 c:\windows\system32\dllcache\ipsecsvc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 349696 c:\windows\system32\dllcache\ipsecsnp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 177152 c:\windows\system32\dllcache\iprtrmgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 123392 c:\windows\system32\dllcache\input.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 147456 c:\windows\system32\dllcache\initpki.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 110592 c:\windows\system32\dllcache\inetcplc.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 274432 c:\windows\system32\dllcache\inetcfg.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 123392 c:\windows\system32\dllcache\imsinsnt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 505344 c:\windows\system32\dllcache\iis.dll
- 2007-08-14 01:56 . 2009-03-08 11:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2008-07-21 22:49 . 2009-03-08 11:32 163840 c:\windows\system32\dllcache\ieakui.dll
- 2007-08-14 02:39 . 2009-03-08 11:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-07-21 22:49 . 2009-03-08 11:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-07-21 22:49 . 2009-03-08 11:33 125952 c:\windows\system32\dllcache\ieakeng.dll
- 2007-08-14 02:39 . 2009-03-08 11:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 120832 c:\windows\system32\dllcache\idq.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 172032 c:\windows\system32\dllcache\icwhelp.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 214528 c:\windows\system32\dllcache\icwconn1.exe
+ 2008-07-21 22:49 . 2008-04-14 12:00 254976 c:\windows\system32\dllcache\icm32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 247808 c:\windows\system32\dllcache\iassdo.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 141312 c:\windows\system32\dllcache\iasrecst.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 119808 c:\windows\system32\dllcache\iasrad.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 144896 c:\windows\system32\dllcache\hotplug.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 362496 c:\windows\system32\dllcache\home_ss.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 330752 c:\windows\system32\dllcache\hnetwiz.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 614912 c:\windows\system32\dllcache\h323msp.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 115200 c:\windows\system32\dllcache\guitrna.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 133120 c:\windows\system32\dllcache\guitrn.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 199680 c:\windows\system32\dllcache\gptext.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 101888 c:\windows\system32\dllcache\gpkcsp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 566784 c:\windows\system32\dllcache\gpedit.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 122880 c:\windows\system32\dllcache\glu32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 285184 c:\windows\system32\dllcache\glmf32.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 132608 c:\windows\system32\dllcache\fxsocm.dll
+ 2008-07-21 22:03 . 2003-03-24 23:52 618605 c:\windows\system32\dllcache\fp4autl.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 124928 c:\windows\system32\dllcache\fde.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 125952 c:\windows\system32\dllcache\exts.dll
- 2007-08-14 02:54 . 2009-02-20 18:09 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-07-21 22:49 . 2009-02-20 18:09 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 380445 c:\windows\system32\dllcache\expsrv.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 103424 c:\windows\system32\dllcache\eqnclass.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 183296 c:\windows\system32\dllcache\els.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 180224 c:\windows\system32\dllcache\eapphost.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 184832 c:\windows\system32\dllcache\eapp3hst.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 498742 c:\windows\system32\dllcache\dxmasf.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 619008 c:\windows\system32\dllcache\dx7vb.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 113152 c:\windows\system32\dllcache\dsuiext.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 239104 c:\windows\system32\dllcache\dsquery.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 120320 c:\windows\system32\dllcache\dsprov.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 142848 c:\windows\system32\dllcache\dsprop.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 181248 c:\windows\system32\dllcache\dsdmo.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 116736 c:\windows\system32\dllcache\dpvvox.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 212480 c:\windows\system32\dllcache\dpvoice.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 375296 c:\windows\system32\dllcache\dpnet.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 229888 c:\windows\system32\dllcache\dplayx.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 650752 c:\windows\system32\dllcache\dot3ui.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 132096 c:\windows\system32\dllcache\dot3svc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 104448 c:\windows\system32\dllcache\dmusic.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 103424 c:\windows\system32\dllcache\dmsynth.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 105984 c:\windows\system32\dllcache\dmstyle.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 181248 c:\windows\system32\dllcache\dmime.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 118784 c:\windows\system32\dllcache\dmdskres.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 200704 c:\windows\system32\dllcache\dmdskmgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 285184 c:\windows\system32\dllcache\dmdlgs.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 330752 c:\windows\system32\dllcache\dmconfig.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 158720 c:\windows\system32\dllcache\dinput.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 394240 c:\windows\system32\dllcache\diactfrm.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 379904 c:\windows\system32\dllcache\dhcpmon.dll
+ 2008-07-21 14:55 . 2008-04-14 12:00 176157 c:\windows\system32\dllcache\dgrpsetu.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 124416 c:\windows\system32\dllcache\dfrgui.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 110592 c:\windows\system32\dllcache\dbnetlib.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 847872 c:\windows\system32\dllcache\dbgeng.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 165376 c:\windows\system32\dllcache\datime.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 554008 c:\windows\system32\dllcache\dao360.dll
+ 2008-07-22 00:04 . 2001-08-17 20:52 179584 c:\windows\system32\dllcache\dac2w2k.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 350208 c:\windows\system32\dllcache\d3drm.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 590336 c:\windows\system32\dllcache\d3dramp.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 436224 c:\windows\system32\dllcache\d3dim.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 357888 c:\windows\system32\dllcache\confmsp.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 539648 c:\windows\system32\dllcache\comuid.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 167424 c:\windows\system32\dllcache\comsnap.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 274944 c:\windows\system32\dllcache\comsetup.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 229376 c:\windows\system32\dllcache\compstui.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 195072 c:\windows\system32\dllcache\comadmin.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 185344 c:\windows\system32\dllcache\cmprops.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 344064 c:\windows\system32\dllcache\cmdial32.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 110592 c:\windows\system32\dllcache\clbcatex.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 435712 c:\windows\system32\dllcache\class_ss.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 148480 c:\windows\system32\dllcache\cic.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 163328 c:\windows\system32\dllcache\ciadmin.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 457728 c:\windows\system32\dllcache\certmgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 151040 c:\windows\system32\dllcache\cdfview.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 625664 c:\windows\system32\dllcache\catsrvut.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 226304 c:\windows\system32\dllcache\catsrv.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 359936 c:\windows\system32\dllcache\cards.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 150016 c:\windows\system32\dllcache\capesnpn.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 385024 c:\windows\system32\dllcache\callcont.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 152576 c:\windows\system32\dllcache\bnts.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 233472 c:\windows\system32\dllcache\azroles.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 109456 c:\windows\system32\dllcache\avifile.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 295936 c:\windows\system32\dllcache\appmgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 102912 c:\windows\system32\dllcache\apcups.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 214016 c:\windows\system32\dllcache\agentctl.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 123392 c:\windows\system32\dllcache\adsnw.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 263680 c:\windows\system32\dllcache\adsnt.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 161792 c:\windows\system32\dllcache\adsnds.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 175616 c:\windows\system32\dllcache\adsldp.dll
+ 2008-07-21 23:58 . 2001-08-17 21:07 101888 c:\windows\system32\dllcache\adpu160m.sys
+ 2008-07-21 22:49 . 2008-04-14 12:00 116224 c:\windows\system32\dllcache\acxtrnal.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 245248 c:\windows\system32\dllcache\acspecfc.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 141312 c:\windows\system32\dllcache\aclua.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 129536 c:\windows\system32\dllcache\acledit.dll
+ 2008-07-21 21:59 . 2008-04-14 12:00 136192 c:\windows\system32\dllcache\aaclient.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 4256768 c:\windows\system32\dllcache\wmm2res.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 1647616 c:\windows\system32\dllcache\winbrand.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 2842112 c:\windows\system32\dllcache\sprb040D.dll
+ 2008-07-21 22:50 . 2008-04-14 12:00 2869248 c:\windows\system32\dllcache\sprb0401.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 1428992 c:\windows\system32\dllcache\msvidctl.dll
+ 2008-07-21 22:01 . 2008-04-14 12:00 3166208 c:\windows\system32\dllcache\msgr3en.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 1872896 c:\windows\system32\dllcache\mmcndmgr.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 1114896 c:\windows\system32\dllcache\esent97.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 2113536 c:\windows\system32\dllcache\dxdiagn.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 1227264 c:\windows\system32\dllcache\dx8vb.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 1293824 c:\windows\system32\dllcache\dsound3d.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 1054208 c:\windows\system32\dllcache\danim.dll
+ 2008-07-21 22:49 . 2008-04-14 12:00 1179648 c:\windows\system32\dllcache\d3d8.dll
+ 2008-07-21 22:00 . 2008-04-14 12:00 1032192 c:\windows\system32\dllcache\conf.exe
+ 2008-07-21 22:49 . 2008-04-14 12:00 2091520 c:\windows\system32\dllcache\cdosys.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\prxtbZyn2.dll" [2011-05-09 176936]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
2011-05-09 09:49 176936 ------w- c:\program files\Zynga\prxtbZyn2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\prxtbZyn2.dll" [2011-05-09 176936]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7B13EC3E-999A-4B70-B9CB-2617B8323822}"= "c:\program files\Zynga\prxtbZyn2.dll" [2011-05-09 176936]

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-17 3872080]
"Google Update"="c:\documents and settings\Andrew Rubidoux\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2011-06-03 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2008-09-23 83240]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2008-03-11 54560]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-10-17 1368064]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-11-24 487424]
"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-04-26 120368]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2008-04-25 244208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-25 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-25 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-25 136192]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 49152]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-10 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-10 46368]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-27 413696]

c:\documents and settings\Andrew Rubidoux\Start Menu\Programs\Startup\
MLB.TV NexDef Plug-in.lnk - c:\documents and settings\Andrew Rubidoux\Local Settings\Application Data\Autobahn\mlb-nexdef-autobahn.exe [2011-3-16 15502336]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2009-12-31 1150976]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2008-08-08 10:14 28672 ------w- c:\program files\Lenovo\HOTKEY\tphklock.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [5/24/2006 11:48 AM 10240]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [5/9/2008 5:50 PM 46144]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [1/11/2008 5:50 PM 30312]
R2 FNF5SVC;Fn+F5 Service;c:\program files\Lenovo\HOTKEY\FnF5svc.exe [9/10/2008 10:49 PM 54560]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [11/24/2008 3:34 PM 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [5/9/2008 5:50 PM 360448]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/8/2009 4:18 PM 24652]
R3 easytether;easytether;c:\windows\system32\drivers\easytthr.sys [7/11/2010 12:19 PM 10496]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [4/2/2009 2:18 PM 110080]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [4/2/2009 2:13 PM 81296]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2/22/2008 3:54 PM 37312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/26/2010 9:55 PM 136176]
S2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [7/21/2008 2:50 PM 14336]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\Roxio\Digital Home 10\RoxioUpnpService10.exe [4/25/2008 8:18 AM 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [4/25/2008 8:16 AM 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [4/25/2008 8:15 AM 166384]
S2 SessionLauncher;SessionLauncher;c:\docume~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe [?]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [1/4/2011 5:51 PM 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [1/4/2011 5:51 PM 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [1/4/2011 5:51 PM 20096]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [1/4/2011 5:51 PM 25088]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\lgandadb.sys [1/4/2011 5:51 PM 25728]
S3 AVPsys;AVPsys;c:\windows\system32\drivers\cdaudio.sys [8/17/2001 5:52 AM 18688]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/26/2010 9:55 PM 136176]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [12/10/2010 7:29 PM 29293408]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [4/25/2008 8:18 AM 313840]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [4/25/2008 8:15 AM 1120752]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [7/21/2008 2:50 PM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b2dd3306-4afb-11de-b80c-0022fa94a318}]
\Shell\AutoRun\command - E:\w9hw8.exe
\Shell\open\Command - E:\w9hw8.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2011-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-27 05:55]

2011-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-27 05:55]

2011-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1304309932-1563542103-2976120065-1008Core.job
- c:\documents and settings\Andrew Rubidoux\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-29 23:15]

2011-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1304309932-1563542103-2976120065-1008UA.job
- c:\documents and settings\Andrew Rubidoux\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-29 23:15]

2011-12-19 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PCDR5\pcdr5cuiw32.exe [2008-12-12 23:32]

2011-12-24 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1304309932-1563542103-2976120065-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 19:33]

2011-12-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1304309932-1563542103-2976120065-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 19:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.cbssports.com/mlb/scoreboard
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: navnet - {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - c:\program files\NavNetApp\ComUtilities.dll
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - hxxp://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
DPF: {707ABFC2-1D27-4A10-A6E4-6BE6BDF9FB11} - hxxp://rubidoux.is-a-geek.com:1024/UltraMJCamX.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} - hxxp://192.168.2.8/xplugLite.cab
DPF: {E1B26101-23FB-4855-9171-F79F29CC7728} - hxxp://192.168.2.30:81/UltraCamX.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FF - ProfilePath - c:\documents and settings\Andrew Rubidoux\Application Data\Mozilla\Firefox\Profiles\y04uzr63.default\
FF - prefs.js: browser.startup.homepage - hxxp://losangeles.angels.mlb.com/index.jsp?c_id=ana
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-23 21:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\$NtUninstallKB22193$:SummaryInformation 0 bytes hidden from API

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1304309932-1563542103-2976120065-1008\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5C4D2EC1-E2D9-FFFC-A8F0-336713882354}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iagpdgifojaohbdokh"=hex:69,61,66,69,69,68,63,6c,62,70,66,69,68,6c,6c,62,67,62,
00,00
"haaonhnmnighdbkf"=hex:69,61,66,69,69,68,63,6c,62,70,66,69,68,6c,6c,62,67,62,
00,00

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(528)
c:\program files\Lenovo\HOTKEY\tphklock.dll
c:\windows\system32\netprovcredman.dll

- - - - - - - > 'explorer.exe'(1788)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-12-24 21:18
ComboFix-quarantined-files.txt 2011-12-24 05:18
ComboFix2.txt 2011-12-22 02:37

Pre-Run: 41,712,119,808 bytes free
Post-Run: 41,658,486,784 bytes free

1398 --- E O F --- 2011-03-24 15:49


here is the FSS log if you wanted it...

Farbar Service Scanner
Ran by Andrew Rubidoux (administrator) on 23-12-2011 at 21:22:49
Microsoft Windows XP Professional Service Pack 3 (X86)
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Localhost is blocked.
There is no connection to network.
Attempt to access Google IP returned error: Other errors
Attempt to access Yahoo IP returend error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2008-07-21 14:49] - [2008-10-16 06:43] - 0138496 ____N (Microsoft Corporation) 7618D5218F2A614672EC61A80D854A37

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) ipsec(5) NetBT(5) PSched(7) Tcpip(3) Tcpip6(9)
0x080000000400000001000000020000000300000005000000060000000700000009000000

**** End of log ****

Here is the clipboard saved from LoadOrder

Boot Boot Bus Extender 1 ACPI Microsoft ACPI Driver
Boot Boot Bus Extender 2 PCI PCI Bus Driver
Boot Boot Bus Extender 3 isapnp PnP ISA/EISA Bus Driver
Boot Boot Bus Extender 6 ohci1394 OHCI Compliant IEEE 1394 Host Controller
Boot System Bus Extender 5 Compbatt Microsoft Composite Battery Driver
Boot System Bus Extender 1 Pcmcia
Boot System Bus Extender 8 MountMgr
Boot System Bus Extender 9 Ftdisk Volume Manager Driver
Boot System Bus Extender 6 ACPIEC Microsoft Embedded Controller Driver
Boot System Bus Extender 6 PartMgr
Boot System Bus Extender n/a* VolSnap
Boot SCSI Miniport 25 iaStor Intel AHCI Controller
Boot SCSI Class 2 Disk Disk Driver
Boot FSFilter Infrastructure 4 FltMgr FltMgr
Boot FSFilter System Recovery 4 sr System Restore Filter Driver
Boot Filter 1 DRVMCDB
Boot Filter n/a* PxHelp20 PxHelp20
Boot Base 1 KSecDD
Boot base 23 WudfPf Windows Driver Foundation - User-mode Driver Framework Platform Driver
Boot NDIS Wrapper n/a* NDIS NDIS System Driver
Boot Network* 2* Mup Mup
System System Bus Extender 14 lbrtfdc
System System Bus Extender 0* Fdc
System Primary disk 2 Flpydisk
System Primary disk 4 Sfloppy
System SCSI Class 45* i2omgmt
System SCSI CDROM Class 2 Cdrom CD-ROM Driver
System FSFilter Activity Monitor 5 tvtumon tvtumon
System Filter 1 DLACDBHM
System Filter 5 Changer
System Filter 6 Cdaudio
System Boot file system n/a* Fs_Rec
System Base 1 Null
System Base 2 Beep
System Base 4 DLARTL_M
System Keyboard Port 4 i8042prt i8042 Keyboard and PS/2 Mouse Port Driver
System Keyboard Port 5 kbdhid Keyboard HID Driver
System Pointer Class 1 Mouclass Mouse Class Driver
System Keyboard Class 1 Kbdclass Keyboard Class Driver
System Video Save 1 VgaSave
System Video Save n/a* mnmdd
System Video Save n/a* RDPCDD
System File system n/a* Msfs
System File system n/a* Npfs
System Streams Drivers 1 RasAcd Remote Access Auto Connection Driver
System PNP_TDI 3 Tcpip TCP/IP Protocol Driver
System PNP_TDI 5 ipsec IPSEC driver
System PNP_TDI 5 NetBT NetBios over Tcpip
System PNP_TDI 9 Tcpip6 Microsoft IPv6 Protocol Driver
System TDI n/a* AFD AFD
System NetBIOSGroup 1 NetBIOS NetBIOS Interface
System Extended Base 3 WmiAcpi Microsoft Windows Management Interface for ACPI
System Extended Base 5 intelppm Intel Processor Driver
System PCI Configuration 1* PCIDump
System n/a* n/a* Fips
System Pnp Filter* 2* Imapi CD-Burning Filter Driver
System Network* 5* MRxSmb MRXSMB
System n/a* n/a* PMHler PMHler
System Network* 4* Rdbss Rdbss
System Pnp Filter* 1* redbook Digital CD Audio Playback Filter Driver
System n/a* n/a* TermDD Terminal Device Driver
System n/a* n/a* TSMAPIP
System n/a* n/a* WS2IFSL
Automatic FSFilter Activity Monitor 4 tvtfilter tvtfilter
Automatic Filter 1 DRVNDDM
Automatic Base 7 DLADResM
Automatic Base 8 DLAIFS_M
Automatic Base 8 DLAOPIOM
Automatic Base 8 DLAPoolM
Automatic File system 0* DLABMFSM
Automatic File system 0* DLABOIOM
Automatic File system 0* DLAUDFAM
Automatic File system 0* DLAUDF_M
Automatic Event Log n/a* DcomLaunch DCOM Server Process Launcher
Automatic Event log n/a* Eventlog Event Log
Automatic COM Infrastructure n/a* RpcSs Remote Procedure Call (RPC)
Automatic UIGroup n/a* Themes Themes
Automatic LocalValidation n/a* SamSs Security Accounts Manager
Automatic PlugPlay n/a* PlugPlay Plug and Play
Automatic PlugPlay n/a* WudfSvc Windows Driver Foundation - User-mode Driver Framework
Automatic NDIS 16 s24trans WLAN Transport
Automatic NDIS n/a* S24EventMonitor Intel® PROSet/Wireless WiFi Service
Automatic TDI n/a* Dhcp DHCP Client
Automatic TDI n/a* Dnscache DNS Client
Automatic TDI n/a* LmHosts TCP/IP NetBIOS Helper
Automatic TDI n/a* WZCSVC Wireless Zero Configuration
Automatic ShellSvcGroup n/a* ShellHWDetection Shell Hardware Detection
Automatic SchedulerGroup n/a* Schedule Task Scheduler
Automatic SpoolerGroup n/a* LexBceS LexBce Server
Automatic SpoolerGroup n/a* Spooler Print Spooler
Automatic AudioGroup n/a* AudioSrv Windows Audio
Automatic NetworkProvider n/a* lanmanworkstation Workstation
Automatic NetworkProvider n/a* WebClient WebClient
Automatic n/a* n/a* 6to4 IPv6 Helper Service
Automatic n/a* n/a* BcmSqlStartupSvc Business Contact Manager SQL Server Startup Service
Automatic n/a* n/a* BITS Background Intelligent Transfer Service
Automatic n/a* n/a* Browser Computer Browser
Automatic n/a* n/a* clr_optimization_v4.0.30319_32 Microsoft .NET Framework NGEN v4.0.30319_X86
Automatic n/a* n/a* CryptSvc CryptSvc
Automatic n/a* n/a* ERSvc Error Reporting Service
Automatic n/a* n/a* EvtEng Intel® PROSet/Wireless Event Log
Automatic n/a* n/a* FNF5SVC Fn+F5 Service
Automatic n/a* n/a* gupdate Google Update Service (gupdate)
Automatic n/a* n/a* helpsvc Help and Support
Automatic n/a* n/a* HidServ HID Input Service
Automatic n/a* n/a* Iprip RIP Listener
Automatic n/a* n/a* IviRegMgr IviRegMgr
Automatic n/a* n/a* JavaQuickStarterService Java Quick Starter
Automatic n/a* n/a* LanmanServer Server
Automatic n/a* n/a* mdmxsdk
Automatic n/a* n/a* MSSQL$SQLEXPRESS SQL Server (SQLEXPRESS)
Automatic n/a* n/a* pmem pmem
Automatic n/a* n/a* PMSveH PMSveH
Automatic n/a* n/a* PolicyAgent IPSEC Services
Automatic n/a* n/a* ProtectedStorage Protected Storage
Automatic n/a* n/a* RegSrvc Intel® PROSet/Wireless Registry Service
Automatic * n/a* RemoteRegistry Remote Registry
Automatic n/a* n/a* Roxio Upnp Server 10 Roxio Upnp Server 10
Automatic n/a* n/a* RoxLiveShare10 LiveShare P2P Server 10
Automatic n/a* n/a* RoxWatch10 Roxio Hard Drive Watcher 10
Automatic n/a* n/a* SeaPort SeaPort
Automatic n/a* n/a* seclogon Secondary Logon
Automatic Network* n/a* SENS System Event Notification
Automatic n/a* n/a* SessionLauncher SessionLauncher
Automatic n/a* n/a* SharedAccess Windows Firewall/Internet Connection Sharing (ICS)
Automatic n/a* n/a* SimpTcp Simple TCP/IP Services
Automatic n/a* n/a* SQLBrowser SQL Server Browser
Automatic n/a* n/a* SQLWriter SQL Server VSS Writer
Automatic n/a* n/a* srservice System Restore Service
Automatic n/a* n/a* stisvc Windows Image Acquisition (WIA)
Automatic n/a* n/a* SUService System Update
Automatic n/a* n/a* TermService Terminal Services
Automatic n/a* n/a* ThinkVantage Registry Monitor Service ThinkVantage Registry Monitor Service
Automatic n/a* n/a* TrkWks Distributed Link Tracking Client
Automatic n/a* n/a* TVT Backup Protection Service TVT Backup Protection Service
Automatic n/a* n/a* TVT Backup Service TVT Backup Service
Automatic n/a* n/a* TVT Scheduler TVT Scheduler
Automatic n/a* n/a* TVT_UpdateMonitor TVT Windows Update Monitor
Automatic n/a* n/a* Viewpoint Manager Service Viewpoint Manager Service
Automatic * n/a* W32Time Windows Time
Automatic n/a* n/a* winmgmt Windows Management Instrumentation
Automatic n/a* n/a* wscsvc
Automatic n/a* n/a* WSearch Windows Search
Automatic n/a* n/a* wuauserv

#9 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:09 AM

Posted 24 December 2011 - 08:37 AM

Hi

Please run the following:



Click WinKey + R to open a run box > type notepad into the open run box > OK > this will open Notepad

Click Format and make certain that Word Wrap is NOT checked.

Copy/Paste the text inside of the code box into the open Notepad


REGEDIT4

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\ipsec]
"Tag"=dword:00000004


Now go to File > and click Save As,
From the drop down menu at the top of the box choose Desktop as the location to save this file.
Go down to the File Name box and type in fixme.reg as the file name, then choose All Files as the save as file type.
Then click the save button.

Once you have clicked the save button, close Notepad.

You should now see a file on your desktop that looks like this:

Posted Image

Locate the fixme.reg icon on your desktop and double click it, an information box will pop up asking if you want to merge the information in the file into the registry, click YES.

Once the file has run, the information will have merged with your registry so you can delete fixme.reg from your desktop as you won't be needing it any more.



Once completed, please reboot and see if you can now connect

Please run a fresh Farbar Service Scanner > post the resulting log

thanks

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#10 peggyr1

peggyr1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 24 December 2011 - 11:39 AM

Good morning from Cold California....

I tried the TCP/IP uninstall/reinstall procedure last night after you helped me fix the registry because I still couldn't connect. I was able to connect halfway through the procedure so am very happy with that!

Should I go ahead and do your registry addition/correction above anyway?

Thanks a MILLION for getting the registry keys fixed! Do you think the virus did that damage, or was it one of the cleanup procedures that caused it to happen?

Let me know what else I should/could do if necessary.

#11 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:09 AM

Posted 24 December 2011 - 12:14 PM

Hi,

It appears that what you did, has taken care of what that registry fix would have done :)


Could you please run Farbar Service Scanner one more time


I would like to run a few more scans to make sure the infection has gone completely now that internet connection is stabilized,

thanks

Edited by CatByte, 24 December 2011 - 12:34 PM.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#12 peggyr1

peggyr1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 24 December 2011 - 02:09 PM

Farbar Service Scanner
Ran by Andrew Rubidoux (administrator) on 24-12-2011 at 11:06:18
Microsoft Windows XP Professional Service Pack 3 (X86)
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2008-07-21 14:49] - [2008-10-16 06:43] - 0138496 ____N (Microsoft Corporation) 7618D5218F2A614672EC61A80D854A37

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswFW(10) aswTdi(8) Gpc(6) ipsec(5) NetBT(5) PSched(7) Tcpip(3)
0x0A00000005000000040000000100000002000000030000000A00000008000000060000000700000009000000

**** End of log ****

Computer is running great now :-) :thumbsup:

#13 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:09 AM

Posted 24 December 2011 - 06:31 PM

Hi

Please run the following:

Visit ADOBE and download the latest version of Acrobat Reader (version X)
Having the latest updates ensures there are no security vulnerabilities in your system.

NEXT

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.
  • Download the latest version of Java Runtime Environment (JRE) 6 and Save it to your Desktop.
  • Scroll down to where it says Java SE 6 Update 30
  • Click the Download button under JRE to the right.
  • Read the License Agreement then select Accept License Agreement
  • Click on the link to download Windows x86 Offline and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java™ 6) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u30-windows-i586.exe to install the newest version.
  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
      Applications and Applets
      Trace and Log Files
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.


NEXT


  • Please open your MalwareBytes AntiMalware Program
  • Click the Update Tab and search for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT


Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#14 peggyr1

peggyr1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 25 December 2011 - 01:42 AM

Everything looks great. MB found nothing and the online scanner found nothing. We installed the new Java and new adobe perfectly. Runs like a new computer now. Here is the MBAM log

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 911122405

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/24/2011 7:22:49 PM
mbam-log-2011-12-24 (19-22-49).txt

Scan type: Quick scan
Objects scanned: 191929
Time elapsed: 4 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)





MERRY CHRISTMAS by the way.....

#15 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:09 AM

Posted 25 December 2011 - 12:45 PM

Hi,

Just some housekeeping to do now


You can delete the FSS, DDS and aswMBR logs and programs from your desktop.


NEXT


Follow these steps to uninstall Combofix

  • Make sure your security programs are totally disabled.
  • Click START then RUN
  • Now copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

Posted Image


If there are any logs/tools remaining on your desktop > right click and delete them.


NEXT


Below I have included a number of recommendations for how to protect your computer against malware infections.

  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them
    Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.

  • Keep Windows updated by regularly checking their website at :
    http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.

  • Download TFC to your desktop
    • Close any open windows.
    • Double click the TFC icon to run the program
    • TFC will close all open programs itself in order to run,
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish it's job
    • Once its finished it should automatically reboot your machine,
    • if it doesn't, manually reboot to ensure a complete clean
    It's normal after running TFC cleaner that the PC will be slower to boot the first time.

  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for both Firefox and IE

  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at this well written article:
    PC Safety and Security--What Do I Need?.


**Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.


Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users