Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93121 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Computer runs super slow

Started by DanielDude , Jan 28 2011 11:26 PM

  • This topic is locked This topic is locked
25 replies to this topic

#1 DanielDude

DanielDude

    Authentic Member

  • Authentic Member
  • PipPip
  • 75 posts

Posted 28 January 2011 - 11:26 PM

My father's PC use to run very quickly, multitasking like a pro, multiple windows, close and open, click here and there........ now it is super slow, like it's bogged down with malware or spyware. Sometimes it takes 20-30 seconds for a window to minimize. Closing windows and then shutting down the PC is a good 5-10 minute ordeal... it has to end.

Here is the latest Hijack log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:25:43 AM, on 1/29/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebo...toUploader5.cab
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} (FBootloaderAX) - http://static.ak.fac...fbootloader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebo...toUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/p...owserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1248574052187
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanma...ersion=1,0,0,10
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 7983 bytes


Thanks again guys!!! Your always to the rescue in our PC time of need ^_^

    Advertisements

Register to Remove

#2 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 30 January 2011 - 08:57 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days. :)


Hello there, DanielDude

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

Please bear with me, I will post back to you as soon as I can.

IMPORTANT NOTE : Please do not delete anything unless instructed to.

---------------------------------------------------------------------------------------------------

Not seeing anything significant in HJT. It could be just temporary files that is bogging the whole system, but we will have a deeper look.

---------------------------------------------------------------------------------------------------
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#3 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 30 January 2011 - 08:58 AM

Hello there,

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click on Minimal Output at the top
  • Download the following file scan.txt to your Desktop. Click here to download it. You may need to right click on it and select "Save"
  • Double click inside the Custom Scan box at the bottom
  • A window will appear saying "Click OK to load a custom scan from a file or Cancel to cancel"
  • Click the OK button and navigate to the file scan.txt which we just saved to your desktop
  • Select scan.txt and click Open. Writing will now appear under the Custom Scan box
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic
===================================================

Posted Image
  • Please download GMER from one of the following locations, and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zip Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Extract the contents of the zipped file to desktop (applicable only to Zip mirror) .
  • Double click Posted Image or Posted Image on your desktop.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
    Posted Image

    Posted Image
    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop, and attach it in your reply.
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

===================================================

Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===================================================

On your next reply please post :
OTL log
GMER log
Checkup log

Let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#4 DanielDude

DanielDude

    Authentic Member

  • Authentic Member
  • PipPip
  • 75 posts

Posted 30 January 2011 - 02:08 PM

Hmm for the OTL Custom Scan File (scan.txt), I can't see the find the download link, do I need to sign up with Geek to Go?

#5 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 30 January 2011 - 11:43 PM

My bad. Here is the custom scans command.

netsvcs
drivers32 
msconfig
safebootminimal
safebootnetwork
activex

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#6 DanielDude

DanielDude

    Authentic Member

  • Authentic Member
  • PipPip
  • 75 posts

Posted 01 February 2011 - 07:00 PM

OTL logfile created on: 1/31/2011 11:42:40 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Protoman\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 172.00 Mb Available Physical Memory | 34.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 725.79 Gb Free Space | 77.92% Space Free | Partition Type: NTFS

Computer Name: DANIEL | User Name: Protoman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Protoman\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Protoman\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- File not found
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (p2pgasvc) -- C:\WINDOWS\system32\p2pgasvc.dll (Microsoft Corporation)
SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)


========== Driver Services (SafeList) ==========

DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (scrcap) -- C:\WINDOWS\system32\drivers\scrcap.sys (ZD Soft)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (RT25USBAP) -- C:\WINDOWS\system32\drivers\RT25USBAP.SYS (Ralink Technology Inc.)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (drvnddm) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)
DRV - (tfsnudfa) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)
DRV - (tfsnudf) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)
DRV - (tfsnifs) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)
DRV - (tfsncofs) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)
DRV - (tfsnboio) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)
DRV - (tfsnopio) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)
DRV - (tfsnpool) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)
DRV - (tfsndrct) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)
DRV - (tfsndres) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)
DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (sscdbhk5) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)
DRV - (ssrtln) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)
DRV - (SMBios) Intel ® -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (PhilCam8116) Logitech QuickCam Pro 3000 (08B0) -- C:\WINDOWS\system32\drivers\CamDrO21.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...romesbox-en-us"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..keyword.URL: "http://slirsredirect...b-en-us&query="


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/17 19:00:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/22 18:23:03 | 000,000,000 | ---D | M]

[2008/11/12 22:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Protoman\Application Data\Mozilla\Extensions
[2011/01/23 18:12:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Protoman\Application Data\Mozilla\Firefox\Profiles\0aghlp78.default\extensions
[2009/08/13 21:57:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Protoman\Application Data\Mozilla\Firefox\Profiles\0aghlp78.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/24 00:07:32 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Protoman\Application Data\Mozilla\Firefox\Profiles\0aghlp78.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/12 20:03:47 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Documents and Settings\Protoman\Application Data\Mozilla\Firefox\Profiles\0aghlp78.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2010/01/12 20:04:02 | 000,004,546 | ---- | M] () -- C:\Documents and Settings\Protoman\Application Data\Mozilla\Firefox\Profiles\0aghlp78.default\searchplugins\aim-search.xml
[2011/01/23 18:12:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/29 16:52:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/28 22:29:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/14 23:21:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/02 04:13:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/01/03 21:34:27 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.fac...fbootloader.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} http://upload.facebo...toUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/p...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1248574052187 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} http://cafeimg.hanma...ersion=1,0,0,10 (Cdmcco Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Protoman\My Documents\rpwallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Protoman\My Documents\rpwallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/11 17:18:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0d6b025a-7a26-11de-be4d-001320775b47}\Shell - "" = AutoRun
O33 - MountPoints2\{0d6b025a-7a26-11de-be4d-001320775b47}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0d6b025a-7a26-11de-be4d-001320775b47}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{3f4a8e2a-4114-11df-bedf-001320775b47}\Shell - "" = AutoRun
O33 - MountPoints2\{3f4a8e2a-4114-11df-bedf-001320775b47}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3f4a8e2a-4114-11df-bedf-001320775b47}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{b14e370b-b6dd-11df-a902-001320775b47}\Shell\AutoRun\command - "" = podcastready.exe
O33 - MountPoints2\{f6bcfed5-377a-11de-bdf9-001320775b47}\Shell\AutoRun\command - "" = F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.alf2cd - alf2cd.acm File not found
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP31 - vp31vfw.dll File not found
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
Drivers32: VIDC.ZDSV - C:\WINDOWS\System32\scrvid.dll (ZD Soft, http://www.zdsoft.com/)


SafeBootMin: aawservice - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)
SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: aawservice - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)
SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1571ED68-FE67-60FF-6B69-3FDEA1FD048D} - Outlook Express
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Documents and Settings\Protoman\Desktop\YunaG031-1[1].mp4.
[2011/01/30 14:07:04 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Protoman\Desktop\OTL.exe
[2011/01/29 00:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Protoman\Start Menu\Programs\HiJackThis
[2011/01/27 23:32:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Protoman\Desktop\backups
[2011/01/25 00:38:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Protoman\Desktop\Proto Post
[2011/01/22 16:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Protoman\Desktop\uk
[2011/01/02 04:13:31 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/01/02 04:13:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/01/02 04:13:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[1 C:\Documents and Settings\Protoman\*.tmp files -> C:\Documents and Settings\Protoman\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Protoman\Desktop\YunaG031-1[1].mp4.
[2011/01/31 00:50:14 | 000,060,217 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\inchick-img352x588-12942136496zivpv98365.jpg
[2011/01/31 00:12:34 | 000,081,028 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\maxi.JPG
[2011/01/30 23:53:40 | 000,043,616 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\rodmp.jpg
[2011/01/30 21:25:11 | 005,128,213 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\santafu.zip
[2011/01/30 19:36:21 | 001,097,334 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\guber.bmp
[2011/01/30 18:29:35 | 000,047,413 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\god.JPG
[2011/01/30 15:26:29 | 000,064,458 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\1296326028811.jpg
[2011/01/30 15:01:48 | 000,013,758 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/30 15:01:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/30 14:07:04 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Protoman\Desktop\OTL.exe
[2011/01/30 14:01:43 | 019,382,731 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\GR_Soundtrack.zip
[2011/01/29 23:34:49 | 000,045,617 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\bot.JPG
[2011/01/29 17:49:19 | 001,585,134 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\pogs.bmp
[2011/01/29 17:49:11 | 001,752,966 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\trivia.bmp
[2011/01/29 00:37:32 | 000,442,486 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\prototrash.bmp
[2011/01/29 00:23:47 | 000,002,453 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\HiJackThis.lnk
[2011/01/27 23:41:06 | 000,238,080 | ---- | M] () -- C:\Documents and Settings\Protoman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/18 23:13:08 | 000,322,895 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\1295406154261.png
[2011/01/16 00:51:12 | 000,114,890 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\20101128.gif
[2011/01/09 20:26:50 | 000,143,340 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\TF_cake.jpg
[2011/01/09 19:29:28 | 042,052,120 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\MVI_0154.AVI
[2011/01/09 18:58:37 | 113,967,348 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\prototf.avi
[2011/01/09 18:56:12 | 000,361,134 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\black.bmp
[2011/01/08 15:33:22 | 016,908,417 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\The_Brave_and_the_Bold_01__2007___Both_Covers___Bchry-DCP_.cbr
[2011/01/08 14:14:37 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\spd.bmp
[2011/01/05 21:16:05 | 000,938,674 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\epic.bmp
[2011/01/03 23:14:43 | 000,660,894 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\1294112851099.jpg
[2011/01/03 14:54:21 | 000,433,710 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\ottoboto.bmp
[2011/01/02 16:25:52 | 001,323,194 | ---- | M] () -- C:\Documents and Settings\Protoman\Desktop\draw.bmp
[1 C:\Documents and Settings\Protoman\*.tmp files -> C:\Documents and Settings\Protoman\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/31 00:50:37 | 000,060,217 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\inchick-img352x588-12942136496zivpv98365.jpg
[2011/01/31 00:12:34 | 000,081,028 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\maxi.JPG
[2011/01/30 23:54:04 | 000,043,616 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\rodmp.jpg
[2011/01/30 21:25:09 | 005,128,213 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\santafu.zip
[2011/01/30 19:36:20 | 001,097,334 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\guber.bmp
[2011/01/30 18:29:34 | 000,047,413 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\god.JPG
[2011/01/30 15:26:39 | 000,064,458 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\1296326028811.jpg
[2011/01/29 23:34:49 | 000,045,617 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\bot.JPG
[2011/01/29 17:49:19 | 001,585,134 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\pogs.bmp
[2011/01/29 17:49:10 | 001,752,966 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\trivia.bmp
[2011/01/29 00:37:32 | 000,442,486 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\prototrash.bmp
[2011/01/29 00:21:36 | 000,002,453 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\HiJackThis.lnk
[2011/01/18 23:14:25 | 000,322,895 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\1295406154261.png
[2011/01/16 00:51:52 | 000,114,890 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\20101128.gif
[2011/01/09 20:28:06 | 000,143,340 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\TF_cake.jpg
[2011/01/09 18:58:04 | 113,967,348 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\prototf.avi
[2011/01/09 18:56:12 | 000,361,134 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\black.bmp
[2011/01/09 18:34:25 | 042,052,120 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\MVI_0154.AVI
[2011/01/08 15:33:20 | 016,908,417 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\The_Brave_and_the_Bold_01__2007___Both_Covers___Bchry-DCP_.cbr
[2011/01/08 14:14:37 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\spd.bmp
[2011/01/05 21:16:05 | 000,938,674 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\epic.bmp
[2011/01/03 23:14:58 | 000,660,894 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\1294112851099.jpg
[2011/01/03 14:54:20 | 000,433,710 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\ottoboto.bmp
[2011/01/02 16:25:51 | 001,323,194 | ---- | C] () -- C:\Documents and Settings\Protoman\Desktop\draw.bmp
[2009/07/09 22:18:42 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\Protoman\Application Data\5eT7WQpJat.gif
[2009/07/09 22:18:42 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Protoman\Application Data\5eT7WQpJzn.gif
[2009/07/09 22:18:42 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\Protoman\Application Data\5eT7WQpJby.gif
[2008/11/27 21:45:35 | 000,941,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2008/07/23 17:43:30 | 000,000,053 | ---- | C] () -- C:\WINDOWS\SIMTOWN.INI
[2008/02/26 01:23:10 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/02/16 04:35:35 | 002,293,848 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
[2008/01/23 00:47:54 | 000,002,794 | ---- | C] () -- C:\Program Files\Palette.pal
[2006/03/17 00:57:53 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/01/14 16:26:58 | 000,000,273 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/12/05 22:02:03 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/11/19 23:54:53 | 000,238,080 | ---- | C] () -- C:\Documents and Settings\Protoman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/11/13 04:37:52 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/12 09:12:04 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2005/11/12 01:16:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/11/11 17:31:57 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2005/11/11 17:31:57 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/11/11 17:28:49 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2005/10/24 10:12:10 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\OIBox.dll
[2005/10/14 05:56:51 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005/10/14 05:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005/10/14 05:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005/10/14 05:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005/10/14 05:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005/10/14 05:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005/08/16 08:42:12 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DaumCrypt.dll
[2005/08/09 17:12:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/05/25 03:45:04 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\dmvm.dll
[2004/12/20 11:08:28 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 11:03:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/09/22 13:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/04 23:42:42 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05D195EC
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >


OTL Extras logfile created on: 1/31/2011 11:42:40 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Protoman\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 172.00 Mb Available Physical Memory | 34.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 725.79 Gb Free Space | 77.92% Space Free | Partition Type: NTFS

Computer Name: DANIEL | User Name: Protoman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"7845:UDP" = 7845:UDP:*:Enabled:SNES
"4000:TCP" = 4000:TCP:*:Enabled:SNES download
"6881:UDP" = 6881:UDP:*:Enabled:Torrent for Az
"9420:TCP" = 9420:TCP:*:Enabled:RSP
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTornado\btdownloadgui.exe" = C:\Program Files\BitTornado\btdownloadgui.exe:*:Enabled:btdownloadgui -- ()
"C:\Program Files\DC++\DCPlusPlus.exe" = C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++ -- ()
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Documents and Settings\Protoman\My Documents\D Drive\SNES\zsnesw.exe" = C:\Documents and Settings\Protoman\My Documents\D Drive\SNES\zsnesw.exe:*:Enabled:zsnesw -- ()
"C:\Program Files\Java\jre1.5.0_05\bin\javaw.exe" = C:\Program Files\Java\jre1.5.0_05\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Program Files\SmartFTP\SmartFTP.exe" = C:\Program Files\SmartFTP\SmartFTP.exe:*:Enabled:SmartFTP Client -- (SmartFTP GmbH)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.)
"C:\Documents and Settings\Protoman\My Documents\D Drive\NES Nesticle\NESTCL95.EXE" = C:\Documents and Settings\Protoman\My Documents\D Drive\NES Nesticle\NESTCL95.EXE:*:Disabled:NESTCL95 -- ()
"C:\Program Files\SmartFTP Client\SmartFTP.exe" = C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 2.5 -- (SmartSoft Ltd.)
"C:\WINDOWS\system32\rtcshare.exe" = C:\WINDOWS\system32\rtcshare.exe:*:Enabled:RTC App Sharing -- (Microsoft Corporation)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\WINDOWS\temp\~os9.tmp\rlvknlg.exe" = C:\WINDOWS\temp\~os9.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{11C762F9-95EA-486A-A8E7-683A50C231C1}" = SmartFTP Client
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.5
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 23
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36C9E08A-BE2B-40A0-83C5-576748F7B777}" = TestDrive Client
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{534C6D59-D6E3-48A6-AD0B-747799019960}" = XVID Codec Installation
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.7
"{AC76BA86-7AD7-5464-3428-7050000000A7}" = Adobe Reader 7.0.5 Language Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{C04092C7-B2E0-452A-8EA4-22DA47905724}" = Activision Anthology Remix Edition
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C169D3BB-9A27-43F5-9979-09A0D65FE95C}" = SmartFTP Client
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C4860702-8F8F-4858-938E-0F941C4A46C4}_is1" = Mega Man Effect
"{C833C7B6-1140-471D-932B-391B5CA66D7D}" = Digital Video
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}" = MSN Messenger 7.5
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007
"{EA23971F-2CEE-48FC-B64D-7F74A6EF90F0}" = XMLinst
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"3GP Video Converter 3" = 3GP Video Converter 3
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AIM_7" = AIM 7
"All ATI Software" = ATI - Software Uninstall Utility
"AltoMP3 Gold" = AltoMP3 Gold 5.20
"Animated GIF producer 3.1 TRIAL_is1" = Animated GIF producer 3.1 TRIAL
"Applian FLV Player2.0.23" = Applian FLV Player
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"Azureus" = Azureus
"BackStreet Browser_is1" = BackStreet Browser 3.1
"BitTornado" = BitTornado 0.3.7
"CDisplay_is1" = CDisplay 1.8
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.2.8
"DC++" = DC++ 0.674
"DebugMode Wax 2.0" = DebugMode Wax 2.0
"Digital Media Converter_is1" = Digital Media Converter 2.62
"FileZilla" = FileZilla (remove only)
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"IrfanView" = IrfanView (remove only)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Metacafe" = Metacafe
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"MKV TO AVI CONVERTER_is1" = MKV TO AVI CONVERTER version 3.0
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MS-MPEG4" = Microsoft MPEG-4 VKI Video Codec V1/V2/V3
"Palace" = Palace Uninstall
"Phalanx" = Phalanx v4.0
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Stella_is1" = Stella 2.5.1
"uTorrent" = µTorrent
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"xvid" = XviD MPEG-4 Video Codec
"XviD_is1" = XviD MPEG-4 Video Codec
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"ZD Soft Screen Recorder" = ZD Soft Screen Recorder
"ZDSV" = ZD Soft Screen Video Decoder

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/2/2011 6:14:45 PM | Computer Name = DANIEL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/6/2011 11:49:11 PM | Computer Name = DANIEL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/22/2011 3:31:40 PM | Computer Name = DANIEL | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
module uasvid.ax, version 1.8.0.1, fault address 0x00008150.

Error - 1/22/2011 3:39:48 PM | Computer Name = DANIEL | Source = Application Hang | ID = 1002
Description = Hanging application PowerDVD.exe, version 5.0.0.1307, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/22/2011 3:39:48 PM | Computer Name = DANIEL | Source = Application Hang | ID = 1002
Description = Hanging application PowerDVD.exe, version 5.0.0.1307, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/22/2011 3:52:52 PM | Computer Name = DANIEL | Source = Application Hang | ID = 1002
Description = Hanging application PowerDVD.exe, version 5.0.0.1307, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/22/2011 3:53:05 PM | Computer Name = DANIEL | Source = Application Hang | ID = 1002
Description = Hanging application PowerDVD.exe, version 5.0.0.1307, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/22/2011 3:53:36 PM | Computer Name = DANIEL | Source = Application Hang | ID = 1002
Description = Hanging application PowerDVD.exe, version 5.0.0.1307, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/22/2011 3:53:56 PM | Computer Name = DANIEL | Source = Application Hang | ID = 1002
Description = Hanging application PowerDVD.exe, version 5.0.0.1307, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/22/2011 3:53:59 PM | Computer Name = DANIEL | Source = Application Hang | ID = 1002
Description = Hanging application PowerDVD.exe, version 5.0.0.1307, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 1/29/2011 5:07:46 PM | Computer Name = DANIEL | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 1/29/2011 5:07:46 PM | Computer Name = DANIEL | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 1/29/2011 5:07:47 PM | Computer Name = DANIEL | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 1/29/2011 5:07:48 PM | Computer Name = DANIEL | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 1/29/2011 5:07:49 PM | Computer Name = DANIEL | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 1/29/2011 5:07:49 PM | Computer Name = DANIEL | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 1/29/2011 5:07:50 PM | Computer Name = DANIEL | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 1/29/2011 5:07:51 PM | Computer Name = DANIEL | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 1/29/2011 5:07:53 PM | Computer Name = DANIEL | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 1/29/2011 5:07:54 PM | Computer Name = DANIEL | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.


< End of report >




GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-01 06:16:30
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e WDC_WD1001FALS-00J7B0 rev.05.00K05
Running: gmer.exe; Driver: C:\DOCUME~1\Protoman\LOCALS~1\Temp\uwtdapog.sys


---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2820] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2820] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2820] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4FEF C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2820] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F21 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2820] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4F8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2820] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4DF2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2820] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E54 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2820] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5052 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[2820] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EB6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AE9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD145 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254696 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4FEF C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F21 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4F8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4DF2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E54 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5052 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EB6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3092] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E5370 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AE9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD145 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254696 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4FEF C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F21 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4F8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4DF2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E54 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5052 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EB6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3148] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E5370 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.15 ----

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{86160C21-8200-3688-7C4F-8FB663D01859}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{86160C21-8200-3688-7C4F-8FB663D01859}@iahbhllkpmhkkclphc 0x6A 0x61 0x6D 0x67 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{86160C21-8200-3688-7C4F-8FB663D01859}@hajbjngocogfomhc 0x6A 0x61 0x6D 0x67 ...

---- EOF - GMER 1.0.15 ----



Results of screen317's Security Check version 0.99.8
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java™ 6 Update 23
Adobe Flash Player 10.0.12.36
Adobe Reader 7.0.7
Adobe Reader 7.0.5 Language Support
Out of date Adobe Reader installed!
Mozilla Firefox (3.0.10) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
``````````End of Log````````````

#7 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 01 February 2011 - 10:47 PM

Hi,

You have ( µTorrent ), a P2P/file sharing programs installed on your computer. P2P applications like it are the largest source of malware we see. You'll be doing yourself a favor by removing it.

References for the risk of these programs can be found in these links:
http://www.microsoft...protection.mspx
http://www.internetw...cles/art053.htm
See Clean/Infected P2P Programs here

I would recommend that you uninstall it, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

===================================================

Please read through these instructions to familarize yourself with what to expect when this tool runs


Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs

    **********************************************
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#8 DanielDude

DanielDude

    Authentic Member

  • Authentic Member
  • PipPip
  • 75 posts

Posted 02 February 2011 - 11:34 PM

ComboFix 11-01-31.02 - Protoman 02/03/2011 0:13.9.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.342 [GMT -5:00]
Running from: c:\documents and settings\Protoman\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\591fab1
c:\documents and settings\All Users\Application Data\591fab1\7834.mof
c:\documents and settings\All Users\Application Data\591fab1\BackUp\Adobe Reader Speed Launch.lnk
c:\documents and settings\All Users\Application Data\591fab1\mozcrt19.dll
c:\documents and settings\All Users\Application Data\591fab1\sqlite3.dll
c:\documents and settings\All Users\Application Data\591fab1\WSD_APDM.ico
c:\documents and settings\All Users\Application Data\591fab1\WSDDSys\vd952342.bd
c:\documents and settings\Protoman\Recent\cid.sys
c:\documents and settings\Protoman\Recent\CLSV.sys
c:\documents and settings\Protoman\Recent\ddv.sys
c:\documents and settings\Protoman\Recent\delfile.sys
c:\documents and settings\Protoman\Recent\energy.sys
c:\documents and settings\Protoman\Recent\exec.dll
c:\documents and settings\Protoman\Recent\fix.sys
c:\documents and settings\Protoman\Recent\FW.dll
c:\documents and settings\Protoman\Recent\PE.tmp
c:\documents and settings\Protoman\Recent\ppal.sys
c:\documents and settings\Protoman\Recent\runddlkey.sys
c:\documents and settings\Protoman\Recent\SICKBOY.sys
c:\documents and settings\Protoman\Recent\sld.tmp
c:\documents and settings\Protoman\Recent\tempdoc.dll
c:\documents and settings\Protoman\Recent\tjd.tmp

.
((((((((((((((((((((((((( Files Created from 2011-01-03 to 2011-02-03 )))))))))))))))))))))))))))))))
.

2011-01-29 05:21 . 2011-01-29 05:21 388096 ----a-r- c:\documents and settings\Protoman\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 23:09 . 2010-08-19 23:20 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 23:08 . 2010-08-19 23:20 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:12 . 2005-11-11 22:15 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 23:53 . 2010-04-29 21:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 21:34 . 2008-12-20 22:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2004-08-04 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 22:47 . 2006-01-21 04:04 15256 ----a-w- c:\documents and settings\Protoman\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
2010-11-06 00:26 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2008-02-16 09:35 . 2008-02-16 09:35 2293848 ----a-w- c:\program files\FLV PlayerFCSetup.exe
2004-03-11 18:27 . 2005-11-12 14:12 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-01-04_22.34.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 07:19 . 2007-11-07 07:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2009-07-12 01:54 . 2009-07-12 01:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-12 06:07 . 2009-07-12 06:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 06:19 . 2009-07-12 06:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2011-01-30 20:01 . 2011-01-30 20:01 16384 c:\windows\temp\Perflib_Perfdata_580.dat
+ 2007-01-29 08:58 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
- 2007-01-29 08:58 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
+ 2004-08-04 12:00 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll
+ 2004-08-04 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2009-07-28 00:59 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
- 2009-07-28 00:59 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2010-03-31 04:16 . 2010-03-31 04:16 99176 c:\windows\system32\PresentationHostProxy.dll
- 2004-08-04 12:00 . 2009-12-09 08:25 67516 c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2010-11-10 02:22 67516 c:\windows\system32\perfc009.dat
+ 2009-11-07 05:07 . 2009-11-07 05:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2004-08-04 00:56 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2004-08-04 12:00 . 2009-11-27 16:07 28672 c:\windows\system32\msvidc32.dll
+ 2004-08-04 12:00 . 2009-11-27 16:07 11264 c:\windows\system32\msrle32.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 11264 c:\windows\system32\msrle32.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 66560 c:\windows\system32\mshtmled.dll
- 2004-08-04 12:00 . 2009-03-08 08:31 66560 c:\windows\system32\mshtmled.dll
+ 2009-03-08 08:31 . 2010-11-06 00:26 55296 c:\windows\system32\msfeedsbs.dll
- 2009-03-08 08:31 . 2009-10-29 07:45 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 25600 c:\windows\system32\jsproxy.dll
- 2004-08-04 12:00 . 2009-10-29 07:45 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 00:56 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll
+ 2004-08-04 12:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 80384 c:\windows\system32\iccvid.dll
- 2004-08-04 12:00 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll
+ 2004-08-04 12:00 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
+ 2004-08-04 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
+ 2010-07-24 19:26 . 2008-04-13 18:39 14592 c:\windows\system32\drivers\kbdhid.sys
+ 2009-07-15 00:46 . 2010-11-06 00:26 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-07-15 00:46 . 2009-10-29 07:45 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-12-15 21:30 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
+ 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2010-12-15 21:30 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
+ 2004-08-04 00:56 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2004-08-04 12:00 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
- 2009-03-08 08:31 . 2009-03-08 08:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 08:31 . 2010-11-06 00:26 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-07-28 21:31 . 2010-11-06 00:26 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-07-28 21:31 . 2009-10-29 07:45 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-03-08 08:34 . 2010-11-06 00:26 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2010-07-24 19:26 . 2008-04-13 18:39 14592 c:\windows\system32\dllcache\kbdhid.sys
+ 2009-03-08 08:33 . 2010-11-06 00:26 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-03-08 08:33 . 2009-10-29 07:45 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 00:56 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
- 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-01-13 14:01 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
- 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2009-06-10 14:13 . 2009-11-27 16:07 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-04 12:00 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
+ 2004-08-04 12:00 . 2010-01-13 14:01 86016 c:\windows\system32\cabview.dll
+ 2004-08-04 12:00 . 2009-11-27 16:07 84992 c:\windows\system32\avifil32.dll
- 2004-08-04 12:00 . 2009-06-10 14:13 84992 c:\windows\system32\avifil32.dll
+ 2004-08-04 12:00 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
- 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2010-09-22 13:43 . 2010-09-22 13:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2010-11-21 00:23 . 2010-11-21 00:23 86641 c:\windows\Installer\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\ARPPRODUCTICON.exe
+ 2010-06-10 01:46 . 2010-02-25 06:24 12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-06-10 01:46 . 2010-02-25 06:24 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-06-10 01:46 . 2010-02-25 06:24 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 12800 c:\windows\ie8updates\KB980182-IE8\xpshims.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 55296 c:\windows\ie8updates\KB980182-IE8\msfeedsbs.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 25600 c:\windows\ie8updates\KB980182-IE8\jsproxy.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 12800 c:\windows\ie8updates\KB978207-IE8\xpshims.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 55296 c:\windows\ie8updates\KB978207-IE8\msfeedsbs.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 25600 c:\windows\ie8updates\KB978207-IE8\jsproxy.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 12800 c:\windows\ie8updates\KB2416400-IE8\xpshims.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 66560 c:\windows\ie8updates\KB2416400-IE8\mshtmled.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 55296 c:\windows\ie8updates\KB2416400-IE8\msfeedsbs.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 43520 c:\windows\ie8updates\KB2416400-IE8\licmgr10.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 25600 c:\windows\ie8updates\KB2416400-IE8\jsproxy.dll
+ 2010-10-14 22:28 . 2010-06-24 12:22 12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll
+ 2010-10-14 22:28 . 2009-03-08 08:31 66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll
+ 2010-10-14 22:28 . 2010-06-24 12:21 55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll
+ 2010-10-14 22:28 . 2009-03-08 08:34 43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll
+ 2010-10-14 22:28 . 2010-06-24 12:21 25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 12800 c:\windows\ie8updates\KB2183461-IE8\xpshims.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 55296 c:\windows\ie8updates\KB2183461-IE8\msfeedsbs.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 25600 c:\windows\ie8updates\KB2183461-IE8\jsproxy.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-08-12 07:22 . 2010-08-12 07:22 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-08-12 07:27 . 2010-08-12 07:27 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-10-07 07:10 . 2010-10-07 07:10 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-08-12 07:11 . 2010-08-12 07:11 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-08-12 07:24 . 2010-08-12 07:24 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-08-12 07:24 . 2010-08-12 07:24 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-07-26 02:35 . 2009-07-26 02:35 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-06-10 01:35 . 2010-06-10 01:35 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-08-12 07:01 . 2008-04-14 00:11 80384 c:\windows\$NtUninstallKB982665$\iccvid.dll
+ 2010-05-26 07:00 . 2010-01-23 08:11 46080 c:\windows\$NtUninstallKB981793$\tzchange.exe
+ 2010-05-26 07:00 . 2010-04-22 22:21 16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll
+ 2010-06-10 01:38 . 2008-04-14 00:11 65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2010-04-14 06:10 . 2008-04-14 00:11 84480 c:\windows\$NtUninstallKB979309$\cabview.dll
+ 2010-02-24 08:00 . 2009-10-28 15:07 46080 c:\windows\$NtUninstallKB979306$\tzchange.exe
+ 2010-02-24 08:00 . 2010-01-23 10:40 16896 c:\windows\$NtUninstallKB979306$\spuninst\tzchange.dll
+ 2010-02-10 08:02 . 2008-04-14 00:11 32256 c:\windows\$NtUninstallKB978037$\csrsrv.dll
+ 2010-02-10 08:02 . 2004-08-04 12:00 25600 c:\windows\$NtUninstallKB977914$\msvidc32.dll
+ 2010-02-10 08:02 . 2008-04-14 00:12 11264 c:\windows\$NtUninstallKB977914$\msrle32.dll
+ 2010-02-10 08:02 . 2008-04-14 01:11 47616 c:\windows\$NtUninstallKB977914$\iyuv_32.dll
+ 2010-02-10 08:02 . 2009-06-10 14:13 84992 c:\windows\$NtUninstallKB977914$\avifil32.dll
+ 2010-02-10 08:02 . 2008-04-14 01:12 16896 c:\windows\$NtUninstallKB975560$\msyuv.dll
+ 2010-01-13 07:29 . 2009-06-16 14:36 81920 c:\windows\$NtUninstallKB972270$\fontsub.dll
+ 2010-12-16 08:06 . 2010-06-21 14:46 46080 c:\windows\$NtUninstallKB2443685$\tzchange.exe
+ 2010-12-16 08:06 . 2010-11-05 05:57 16896 c:\windows\$NtUninstallKB2443685$\spuninst\tzchange.dll
+ 2010-12-16 08:08 . 2008-04-14 00:11 81920 c:\windows\$NtUninstallKB2443105$\isign32.dll
+ 2010-12-16 08:07 . 2008-04-13 18:57 40576 c:\windows\$NtUninstallKB2440591$\ndproxy.sys
+ 2010-12-16 08:01 . 2008-04-14 00:12 46080 c:\windows\$NtUninstallKB2423089$\wab.exe
+ 2010-09-15 05:55 . 2008-04-14 00:12 57856 c:\windows\$NtUninstallKB2347290$\spoolsv.exe
+ 2010-10-14 22:29 . 2008-04-14 00:12 96768 c:\windows\$NtUninstallKB2345886$\srvsvc.dll
+ 2010-09-30 07:00 . 2010-04-21 13:28 46080 c:\windows\$NtUninstallKB2158563$\tzchange.exe
+ 2010-09-30 07:00 . 2010-06-23 00:54 16896 c:\windows\$NtUninstallKB2158563$\spuninst\tzchange.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982802\update\spcustom.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982802\spmsg.dll
+ 2010-08-12 07:01 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll
+ 2010-08-12 07:01 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982665\spmsg.dll
+ 2010-06-17 14:02 . 2010-06-17 14:02 80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll
+ 2010-06-10 01:46 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB982381-IE8\update\spcustom.dll
+ 2010-06-10 01:46 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB982381-IE8\spmsg.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 12800 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\xpshims.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 55296 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\msfeedsbs.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 25600 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\jsproxy.dll
+ 2010-08-12 07:11 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982214\update\spcustom.dll
+ 2010-08-12 07:11 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982214\spmsg.dll
+ 2010-10-14 22:29 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982132\update\spcustom.dll
+ 2010-10-14 22:29 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB982132\spmsg.dll
+ 2010-08-12 07:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll
+ 2010-08-12 07:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981997\spmsg.dll
+ 2010-10-14 22:22 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB981957\update\spcustom.dll
+ 2010-10-14 22:22 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB981957\spmsg.dll
+ 2010-08-12 07:11 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB981852\update\spcustom.dll
+ 2010-08-12 03:33 . 2010-06-18 06:28 16896 c:\windows\$hf_mig$\KB981852\update\mpsyschk.dll
+ 2010-08-12 07:11 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB981852\spmsg.dll
+ 2010-04-14 06:10 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981332-IE8\update\spcustom.dll
+ 2010-04-14 06:10 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981332-IE8\spmsg.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981322\spmsg.dll
+ 2010-08-12 07:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll
+ 2010-08-12 07:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980436\spmsg.dll
+ 2010-04-14 06:13 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB980232\update\spcustom.dll
+ 2010-04-14 06:13 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB980232\spmsg.dll
+ 2010-06-10 01:47 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980218\update\spcustom.dll
+ 2010-06-10 01:47 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980218\spmsg.dll
+ 2010-06-10 01:46 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB980195\update\spcustom.dll
+ 2010-06-10 01:46 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB980195\spmsg.dll
+ 2010-03-31 06:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980182-IE8\update\spcustom.dll
+ 2010-03-31 06:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980182-IE8\spmsg.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 12800 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\xpshims.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 55296 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\msfeedsbs.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 25600 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\jsproxy.dll
+ 2010-10-14 22:29 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979687\update\spcustom.dll
+ 2010-10-14 22:29 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB979687\spmsg.dll
+ 2010-04-14 06:13 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979683\update\spcustom.dll
+ 2010-04-14 00:31 . 2010-03-05 14:54 16896 c:\windows\$hf_mig$\KB979683\update\mpsyschk.dll
+ 2010-04-14 06:13 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB979683\spmsg.dll
+ 2010-06-10 01:46 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979559\update\spcustom.dll
+ 2010-06-10 01:46 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB979559\spmsg.dll
+ 2010-06-10 01:38 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll
+ 2010-06-10 01:38 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB979482\spmsg.dll
+ 2010-03-05 14:52 . 2010-03-05 14:52 65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll
+ 2010-04-14 06:10 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB979309\update\spcustom.dll
+ 2010-04-14 06:10 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB979309\spmsg.dll
+ 2010-01-13 13:48 . 2010-01-13 13:48 86016 c:\windows\$hf_mig$\KB979309\SP3QFE\cabview.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978706\update\spcustom.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978706\spmsg.dll
+ 2010-04-14 06:11 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB978601\update\spcustom.dll
+ 2010-04-14 06:11 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB978601\spmsg.dll
+ 2010-05-13 00:55 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-05-13 00:55 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978542\spmsg.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978338\update\spcustom.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978338\spmsg.dll
+ 2010-02-10 08:05 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978262\update\spcustom.dll
+ 2010-02-10 08:05 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978262\spmsg.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978251\update\spcustom.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978251\spmsg.dll
+ 2010-01-22 12:13 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB978207-IE8\update\spcustom.dll
+ 2010-01-22 12:13 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB978207-IE8\spmsg.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 12800 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\xpshims.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 55296 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\msfeedsbs.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 25600 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\jsproxy.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978037\update\spcustom.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978037\spmsg.dll
+ 2009-12-14 07:10 . 2009-12-14 07:10 33280 c:\windows\$hf_mig$\KB978037\SP3QFE\csrsrv.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977914\update\spcustom.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB977914\spmsg.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 28672 c:\windows\$hf_mig$\KB977914\SP3QFE\msvidc32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 11264 c:\windows\$hf_mig$\KB977914\SP3QFE\msrle32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 48128 c:\windows\$hf_mig$\KB977914\SP3QFE\iyuv_32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 84992 c:\windows\$hf_mig$\KB977914\SP3QFE\avifil32.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977816\update\spcustom.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB977816\spmsg.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977165\update\spcustom.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB977165\spmsg.dll
+ 2010-02-24 08:01 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB976662-IE8\update\spcustom.dll
+ 2010-02-24 08:01 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB976662-IE8\spmsg.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975713\update\spcustom.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975713\spmsg.dll
+ 2010-06-10 01:38 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll
+ 2010-06-10 01:38 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975562\spmsg.dll
+ 2010-03-10 08:03 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975561\update\spcustom.dll
+ 2010-03-10 08:03 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975561\spmsg.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975560\update\spcustom.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975560\spmsg.dll
+ 2009-11-27 17:23 . 2009-11-27 17:23 17920 c:\windows\$hf_mig$\KB975560\SP3QFE\msyuv.dll
+ 2010-01-13 07:29 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB972270\update\spcustom.dll
+ 2010-01-13 07:29 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB972270\spmsg.dll
+ 2010-01-13 04:33 . 2009-10-15 16:39 81920 c:\windows\$hf_mig$\KB972270\SP3QFE\fontsub.dll
+ 2010-02-10 08:05 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971468\update\spcustom.dll
+ 2010-02-10 08:05 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971468\spmsg.dll
+ 2010-12-16 08:06 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2467659\update\spcustom.dll
+ 2010-12-16 08:06 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2467659\spmsg.dll
+ 2010-12-16 08:08 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2443105\update\spcustom.dll
+ 2010-12-16 08:08 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2443105\spmsg.dll
+ 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\$hf_mig$\KB2443105\SP3QFE\isign32.dll
+ 2010-12-16 08:07 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2440591\update\spcustom.dll
+ 2010-12-16 08:07 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2440591\spmsg.dll
+ 2010-12-15 21:30 . 2010-11-03 05:55 40960 c:\windows\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys
+ 2010-12-16 08:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2436673\update\spcustom.dll
+ 2010-12-16 08:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2436673\spmsg.dll
+ 2010-12-16 08:01 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2423089\update\spcustom.dll
+ 2010-12-16 08:01 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2423089\spmsg.dll
+ 2010-12-15 21:30 . 2010-10-11 14:55 45568 c:\windows\$hf_mig$\KB2423089\SP3QFE\wab.exe
+ 2010-12-16 08:07 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2416400-IE8\update\spcustom.dll
+ 2010-12-16 08:07 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2416400-IE8\spmsg.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 12800 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\xpshims.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 66560 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtmled.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 55296 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\msfeedsbs.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 43520 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\licmgr10.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 25600 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\jsproxy.dll
+ 2010-10-14 22:30 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2387149\update\spcustom.dll
+ 2010-10-14 22:30 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2387149\spmsg.dll
+ 2010-10-14 22:22 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2360937\update\spcustom.dll
+ 2010-10-14 22:22 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2360937\spmsg.dll
+ 2010-10-14 22:28 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2360131-IE8\update\spcustom.dll
+ 2010-10-14 22:28 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2360131-IE8\spmsg.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 12800 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\xpshims.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 66560 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtmled.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 55296 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeedsbs.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 43520 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\licmgr10.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 25600 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\jsproxy.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2347290\spmsg.dll
+ 2010-08-17 13:19 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
+ 2010-10-14 22:29 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2345886\update\spcustom.dll
+ 2010-10-14 22:29 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2345886\spmsg.dll
+ 2010-08-27 06:05 . 2010-08-27 06:05 99840 c:\windows\$hf_mig$\KB2345886\SP3QFE\srvsvc.dll
+ 2010-12-16 08:08 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2296199\update\spcustom.dll
+ 2010-12-16 08:08 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2296199\spmsg.dll
+ 2010-08-04 02:22 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll
+ 2010-08-04 02:22 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2286198\spmsg.dll
+ 2010-10-14 22:29 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2279986\update\spcustom.dll
+ 2010-10-14 22:29 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2279986\spmsg.dll
+ 2010-09-15 05:55 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2259922\update\spcustom.dll
+ 2010-09-15 05:55 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2259922\spmsg.dll
+ 2010-07-14 07:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-07-14 07:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2229593\spmsg.dll
+ 2010-08-12 07:07 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2183461-IE8\update\spcustom.dll
+ 2010-08-12 07:07 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2183461-IE8\spmsg.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 12800 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\xpshims.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 55296 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\msfeedsbs.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 25600 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\jsproxy.dll
+ 2010-08-12 07:07 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2160329\update\spcustom.dll
+ 2010-08-12 07:07 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2160329\spmsg.dll
+ 2010-09-15 05:51 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2141007\update\spcustom.dll
+ 2010-09-15 05:51 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2141007\spmsg.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2121546\update\spcustom.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2121546\spmsg.dll
+ 2010-08-12 07:11 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2115168\update\spcustom.dll
+ 2010-08-12 07:11 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2115168\spmsg.dll
+ 2010-08-12 07:11 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll
+ 2010-08-12 07:11 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2079403\spmsg.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-04-17 01:04 . 2010-08-26 12:52 5120 c:\windows\system32\xpsp4res.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\tsbyuv.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-15 07:11 . 2009-10-15 07:11 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-15 07:11 . 2009-10-15 07:11 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-09-15 05:55 . 2008-05-03 11:55 2560 c:\windows\$NtUninstallKB982802$\xpsp4res.dll
+ 2010-02-10 08:02 . 2001-08-18 03:36 8192 c:\windows\$NtUninstallKB977914$\tsbyuv.dll
+ 2010-10-14 22:22 . 2010-07-22 05:57 5120 c:\windows\$NtUninstallKB2360937$\xpsp4res.dll
+ 2010-10-14 22:29 . 2010-08-13 12:53 5120 c:\windows\$NtUninstallKB2345886$\xpsp4res.dll
+ 2010-07-22 05:57 . 2010-07-22 05:57 5120 c:\windows\$hf_mig$\KB982802\SP3QFE\xpsp4res.dll
+ 2010-07-12 12:53 . 2010-07-12 12:53 5120 c:\windows\$hf_mig$\KB979687\SP3QFE\xpsp4res.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 8704 c:\windows\$hf_mig$\KB977914\SP3QFE\tsbyuv.dll
+ 2010-10-14 21:20 . 2010-08-13 12:53 5120 c:\windows\$hf_mig$\KB2360937\SP3QFE\xpsp4res.dll
+ 2010-08-26 12:52 . 2010-08-26 12:52 5120 c:\windows\$hf_mig$\KB2345886\SP3QFE\xpsp4res.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2009-07-12 06:12 . 2009-07-12 06:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 06:09 . 2009-07-12 06:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 06:08 . 2009-07-12 06:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2004-08-04 12:00 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
+ 2004-08-04 12:00 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 293376 c:\windows\system32\winsrv.dll
+ 2004-08-04 12:00 . 2010-03-10 06:15 420352 c:\windows\system32\vbscript.dll
- 2004-08-04 12:00 . 2009-03-08 08:33 420352 c:\windows\system32\vbscript.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 406016 c:\windows\system32\usp10.dll
+ 2004-08-04 12:00 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
+ 2004-08-04 12:00 . 2010-08-27 08:02 119808 c:\windows\system32\t2embed.dll
- 2004-08-04 12:00 . 2009-06-16 14:36 119808 c:\windows\system32\t2embed.dll
+ 2004-08-04 12:00 . 2009-12-08 09:23 474112 c:\windows\system32\shlwapi.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 474112 c:\windows\system32\shlwapi.dll
+ 2004-08-04 12:00 . 2010-06-30 12:31 149504 c:\windows\system32\schannel.dll
+ 2004-08-04 12:00 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll
+ 2010-03-31 04:10 . 2010-03-31 04:10 295264 c:\windows\system32\PresentationHost.exe
+ 2004-08-04 12:00 . 2010-11-10 02:22 432686 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2009-12-09 08:25 432686 c:\windows\system32\perfh009.dat
+ 2004-08-04 12:00 . 2010-11-06 00:26 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2009-10-29 07:45 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2009-03-08 08:32 611840 c:\windows\system32\mstime.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 611840 c:\windows\system32\mstime.dll
+ 2005-11-11 22:14 . 2009-12-16 18:43 343040 c:\windows\system32\mspaint.exe
- 2005-11-11 22:14 . 2008-04-14 00:12 343040 c:\windows\system32\mspaint.exe
+ 2009-03-08 08:32 . 2010-11-06 00:26 602112 c:\windows\system32\msfeeds.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 297808 c:\windows\system32\mscoree.dll
+ 2006-10-19 01:47 . 2010-03-30 16:24 317440 c:\windows\system32\mp4sdecd.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2004-08-04 12:00 . 2010-09-18 16:23 974848 c:\windows\system32\mfc42u.dll
+ 2004-08-04 12:00 . 2010-09-18 06:53 974848 c:\windows\system32\mfc42.dll
+ 2004-08-04 12:00 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll
+ 2004-08-04 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll
+ 2010-11-20 23:28 . 2010-11-20 23:28 233936 c:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
+ 2010-11-20 23:28 . 2010-11-20 23:28 311248 c:\windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.dll
+ 2004-08-04 12:00 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll
- 2004-08-04 12:00 . 2009-06-22 06:44 726528 c:\windows\system32\jscript.dll
+ 2011-01-02 09:13 . 2010-11-12 23:53 157472 c:\windows\system32\javaws.exe
- 2009-11-16 00:07 . 2009-10-11 09:17 145184 c:\windows\system32\javaw.exe
+ 2011-01-02 09:13 . 2010-11-12 23:53 145184 c:\windows\system32\javaw.exe
- 2009-11-16 00:07 . 2009-10-11 09:17 145184 c:\windows\system32\java.exe
+ 2011-01-02 09:13 . 2010-11-12 23:53 145184 c:\windows\system32\java.exe
+ 2005-11-11 22:15 . 2010-06-09 07:43 692736 c:\windows\system32\inetcomm.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2009-10-29 07:45 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-04 12:00 . 2009-10-29 07:45 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\ie4uinit.exe
+ 2005-11-12 06:15 . 2010-12-16 08:26 159544 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-04 12:00 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2004-08-04 12:00 . 2010-08-26 13:39 357248 c:\windows\system32\drivers\srv.sys
+ 2004-08-04 12:00 . 2010-02-24 13:11 455680 c:\windows\system32\drivers\mrxsmb.sys
+ 2009-04-17 01:04 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe
+ 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2008-04-21 06:44 . 2010-11-06 00:26 916480 c:\windows\system32\dllcache\wininet.dll
- 2008-04-21 06:44 . 2009-10-29 07:45 916480 c:\windows\system32\dllcache\wininet.dll
+ 2008-05-09 10:53 . 2010-03-10 06:15 420352 c:\windows\system32\dllcache\vbscript.dll
- 2008-05-09 10:53 . 2009-03-08 08:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
- 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-06-16 14:36 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2008-10-14 21:26 . 2010-08-26 13:39 357248 c:\windows\system32\dllcache\srv.sys
- 2009-01-07 22:20 . 2009-01-07 22:20 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2009-01-07 22:20 . 2009-12-08 09:23 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2008-12-05 06:54 . 2010-06-30 12:31 149504 c:\windows\system32\dllcache\schannel.dll
+ 2009-04-15 14:51 . 2010-08-16 08:45 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
- 2009-03-08 08:34 . 2009-10-29 07:45 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 08:34 . 2010-11-06 00:26 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 08:32 . 2010-11-06 00:26 611840 c:\windows\system32\dllcache\mstime.dll
- 2009-03-08 08:32 . 2009-03-08 08:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-12-16 18:43 . 2009-12-16 18:43 343040 c:\windows\system32\dllcache\mspaint.exe
+ 2010-11-09 14:52 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
+ 2009-07-28 21:31 . 2010-11-06 00:26 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
+ 2008-11-11 22:38 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-03-30 16:24 . 2010-03-30 16:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2004-08-04 12:00 . 2010-09-18 16:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2010-10-14 21:21 . 2010-09-18 06:53 974848 c:\windows\system32\dllcache\mfc42.dll
+ 2010-10-14 21:21 . 2010-09-18 06:53 953856 c:\windows\system32\dllcache\mfc40u.dll
+ 2004-08-04 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
+ 2008-05-09 10:53 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll
- 2008-05-09 10:53 . 2009-06-22 06:44 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-08-12 22:10 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-07-15 00:46 . 2010-11-06 00:26 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-03-08 08:31 . 2010-11-06 00:26 184320 c:\windows\system32\dllcache\iepeers.dll
- 2009-03-08 08:31 . 2009-10-29 07:45 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-10 01:24 . 2010-11-06 00:26 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2009-03-08 18:09 . 2010-11-06 00:26 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2009-03-08 18:09 . 2009-10-29 07:45 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 08:32 . 2010-11-03 12:26 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2010-07-14 00:37 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2010-10-14 21:21 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2010-04-20 05:30 . 2010-10-28 13:13 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2010-02-12 04:33 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 617472 c:\windows\system32\comctl32.dll
+ 2004-08-04 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll
+ 2004-08-04 12:00 . 2010-10-28 13:13 290048 c:\windows\system32\atmfd.dll
+ 2004-08-04 12:00 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll
+ 2005-11-11 22:16 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2005-11-11 22:16 . 2008-04-14 00:12 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2010-03-31 04:16 . 2010-03-31 04:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
- 2008-07-29 23:16 . 2008-07-29 23:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-09-22 13:43 . 2010-09-22 13:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 16:22 . 2010-02-09 16:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2009-08-08 03:51 . 2009-08-08 03:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-09-24 01:02 . 2010-09-24 01:02 798208 c:\windows\Installer\d384f2.msp
+ 2010-02-25 04:14 . 2010-02-25 04:14 543232 c:\windows\Installer\62259.msp
+ 2010-12-24 05:06 . 2010-12-24 05:06 424960 c:\windows\Installer\33bbed.msi
+ 2010-11-22 08:00 . 2010-11-22 08:00 195584 c:\windows\Installer\2b50dd4.msi
+ 2010-11-21 00:24 . 2010-11-21 00:24 228352 c:\windows\Installer\24acb5.msi
+ 2010-11-21 00:23 . 2010-11-21 00:23 884224 c:\windows\Installer\24aca7.msi
+ 2010-07-29 03:29 . 2010-07-29 03:29 180224 c:\windows\Installer\14e1848.msi
+ 2010-06-10 01:46 . 2010-02-25 06:24 916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-06-10 01:46 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-06-10 01:46 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-06-10 01:46 . 2010-02-25 06:24 206848 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-06-10 01:46 . 2010-02-25 06:24 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-06-10 01:46 . 2010-02-25 06:24 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-06-10 01:46 . 2010-02-25 06:24 247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-06-10 01:46 . 2010-02-25 06:24 184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-06-10 01:46 . 2009-03-08 08:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-06-10 01:46 . 2010-02-25 06:24 387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-06-10 01:46 . 2010-02-24 09:54 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-04-14 06:10 . 2009-03-08 08:33 420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2010-04-14 06:10 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2010-04-14 06:10 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2010-03-31 06:06 . 2009-12-21 19:14 916480 c:\windows\ie8updates\KB980182-IE8\wininet.dll
+ 2010-03-31 06:06 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB980182-IE8\spuninst\updspapi.dll
+ 2010-03-31 06:06 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB980182-IE8\spuninst\spuninst.exe
+ 2010-03-31 06:06 . 2009-12-21 19:14 206848 c:\windows\ie8updates\KB980182-IE8\occache.dll
+ 2010-03-31 06:06 . 2009-03-08 08:32 611840 c:\windows\ie8updates\KB980182-IE8\mstime.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 594432 c:\windows\ie8updates\KB980182-IE8\msfeeds.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 246272 c:\windows\ie8updates\KB980182-IE8\ieproxy.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 184320 c:\windows\ie8updates\KB980182-IE8\iepeers.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 387584 c:\windows\ie8updates\KB980182-IE8\iedkcs32.dll
+ 2010-03-31 06:06 . 2009-12-21 13:19 173056 c:\windows\ie8updates\KB980182-IE8\ie4uinit.exe
+ 2010-01-22 12:13 . 2009-10-29 07:45 916480 c:\windows\ie8updates\KB978207-IE8\wininet.dll
+ 2010-01-22 12:13 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB978207-IE8\spuninst\updspapi.dll
+ 2010-01-22 12:13 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB978207-IE8\spuninst\spuninst.exe
+ 2010-01-22 12:13 . 2009-10-29 07:45 206848 c:\windows\ie8updates\KB978207-IE8\occache.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 594432 c:\windows\ie8updates\KB978207-IE8\msfeeds.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 246272 c:\windows\ie8updates\KB978207-IE8\ieproxy.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 184320 c:\windows\ie8updates\KB978207-IE8\iepeers.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 387584 c:\windows\ie8updates\KB978207-IE8\iedkcs32.dll
+ 2010-01-22 12:13 . 2009-10-28 14:40 173056 c:\windows\ie8updates\KB978207-IE8\ie4uinit.exe
+ 2010-02-24 08:01 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-02-24 08:01 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-02-24 08:01 . 2009-06-22 06:44 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 916480 c:\windows\ie8updates\KB2416400-IE8\wininet.dll
+ 2010-12-16 08:07 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2416400-IE8\spuninst\updspapi.dll
+ 2010-12-16 08:07 . 2010-02-22 14:23 231288 c:\windows\ie8updates\KB2416400-IE8\spuninst\spuninst.exe
+ 2010-12-16 08:07 . 2010-09-10 05:58 206848 c:\windows\ie8updates\KB2416400-IE8\occache.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 611840 c:\windows\ie8updates\KB2416400-IE8\mstime.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 602112 c:\windows\ie8updates\KB2416400-IE8\msfeeds.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 247808 c:\windows\ie8updates\KB2416400-IE8\ieproxy.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 184320 c:\windows\ie8updates\KB2416400-IE8\iepeers.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 743424 c:\windows\ie8updates\KB2416400-IE8\iedvtool.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 387584 c:\windows\ie8updates\KB2416400-IE8\iedkcs32.dll
+ 2010-12-16 08:07 . 2010-08-26 12:22 173056 c:\windows\ie8updates\KB2416400-IE8\ie4uinit.exe
+ 2010-10-14 22:28 . 2010-06-24 12:22 916480 c:\windows\ie8updates\KB2360131-IE8\wininet.dll
+ 2010-10-14 22:28 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll
+ 2010-10-14 22:28 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe
+ 2010-10-14 22:28 . 2010-06-24 12:22 206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll
+ 2010-10-14 22:28 . 2010-06-24 12:22 611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll
+ 2010-10-14 22:28 . 2010-06-24 12:21 599040 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll
+ 2010-10-14 22:28 . 2010-06-24 12:21 247808 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll
+ 2010-10-14 22:28 . 2010-06-24 12:21 184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll
+ 2010-10-14 22:28 . 2010-06-24 12:21 743424 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll
+ 2010-10-14 22:28 . 2010-06-24 12:21 387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll
+ 2010-10-14 22:28 . 2010-06-23 12:08 173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe
+ 2010-08-12 07:07 . 2010-05-06 10:41 916480 c:\windows\ie8updates\KB2183461-IE8\wininet.dll
+ 2010-08-12 07:07 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB2183461-IE8\spuninst\updspapi.dll
+ 2010-08-12 07:07 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2183461-IE8\spuninst\spuninst.exe
+ 2010-08-12 07:07 . 2010-05-06 10:41 206848 c:\windows\ie8updates\KB2183461-IE8\occache.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 611840 c:\windows\ie8updates\KB2183461-IE8\mstime.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 599040 c:\windows\ie8updates\KB2183461-IE8\msfeeds.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 247808 c:\windows\ie8updates\KB2183461-IE8\ieproxy.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 184320 c:\windows\ie8updates\KB2183461-IE8\iepeers.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 743424 c:\windows\ie8updates\KB2183461-IE8\iedvtool.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 387584 c:\windows\ie8updates\KB2183461-IE8\iedkcs32.dll
+ 2010-08-12 07:07 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2183461-IE8\ie4uinit.exe
+ 2008-11-11 22:38 . 2010-02-24 13:11 455680 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-02-26 02:41 . 2010-02-26 02:41 847040 c:\windows\Downloaded Program Files\axfbootloader.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-08-12 07:22 . 2010-08-12 07:22 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-08-12 07:22 . 2010-08-12 07:22 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-08-12 07:22 . 2010-08-12 07:22 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-08-12 07:27 . 2010-08-12 07:27 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-10-07 07:10 . 2010-10-07 07:10 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll
+ 2010-08-12 07:27 . 2010-08-12 07:27 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-10-12 21:59 . 2010-10-12 21:59 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll
+ 2010-10-12 21:59 . 2010-10-12 21:59 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll
+ 2010-10-12 21:59 . 2010-10-12 21:59 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll
+ 2010-10-12 21:59 . 2010-10-12 21:59 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll
+ 2010-10-07 07:10 . 2010-10-07 07:10 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-08-12 07:24 . 2010-08-12 07:24 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-08-12 07:24 . 2010-08-12 07:24 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-08-12 07:21 . 2010-08-12 07:21 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-10-07 07:09 . 2010-10-07 07:09 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-08-12 07:25 . 2010-08-12 07:25 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-10-07 07:08 . 2010-10-07 07:08 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2010-08-12 07:14 . 2010-08-12 07:14 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-08-12 07:15 . 2010-08-12 07:15 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-08-12 07:14 . 2010-08-12 07:15 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-08-12 07:15 . 2010-08-12 07:15 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-08-12 07:24 . 2010-08-12 07:24 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-08-12 07:24 . 2010-08-12 07:24 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-10-07 07:07 . 2010-10-07 07:07 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-10 01:35 . 2010-06-10 01:35 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-06-10 01:35 . 2010-06-10 01:35 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-06-10 01:35 . 2010-06-10 01:35 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-07-26 02:35 . 2009-07-26 02:35 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB982802$\spuninst\updspapi.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB982802$\spuninst\spuninst.exe
+ 2010-09-15 05:55 . 2009-04-15 14:51 585216 c:\windows\$NtUninstallKB982802$\rpcrt4.dll
+ 2010-08-12 07:01 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB982665$\spuninst\updspapi.dll
+ 2010-08-12 07:01 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB982665$\spuninst\spuninst.exe
+ 2010-08-12 07:11 . 2009-12-31 16:50 353792 c:\windows\$NtUninstallKB982214$\srv.sys
+ 2010-08-12 07:11 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB982214$\spuninst\updspapi.dll
+ 2010-08-12 07:11 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB982214$\spuninst\spuninst.exe
+ 2010-10-14 22:29 . 2009-10-15 16:28 119808 c:\windows\$NtUninstallKB982132$\t2embed.dll
+ 2010-10-14 22:29 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB982132$\spuninst\updspapi.dll
+ 2010-10-14 22:29 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB982132$\spuninst\spuninst.exe
+ 2010-08-12 07:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB981997$\spuninst\updspapi.dll
+ 2010-08-12 07:01 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB981997$\spuninst\spuninst.exe
+ 2010-10-14 22:22 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB981957$\spuninst\updspapi.dll
+ 2010-10-14 22:22 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB981957$\spuninst\spuninst.exe
+ 2010-08-12 07:11 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB981852$\spuninst\updspapi.dll
+ 2010-08-12 07:11 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB981852$\spuninst\spuninst.exe
+ 2010-05-26 07:00 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB981793$\spuninst\updspapi.dll
+ 2010-05-26 07:00 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB981793$\spuninst\spuninst.exe
+ 2010-09-15 05:55 . 2008-04-14 00:12 406016 c:\windows\$NtUninstallKB981322$\usp10.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB981322$\spuninst\updspapi.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB981322$\spuninst\spuninst.exe
+ 2010-08-12 07:06 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB980436$\spuninst\updspapi.dll
+ 2010-08-12 07:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB980436$\spuninst\spuninst.exe
+ 2010-08-12 07:06 . 2009-06-25 08:25 147456 c:\windows\$NtUninstallKB980436$\schannel.dll
+ 2010-04-14 06:13 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB980232$\spuninst\updspapi.dll
+ 2010-04-14 06:13 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB980232$\spuninst\spuninst.exe
+ 2010-04-14 06:13 . 2009-12-04 18:22 455424 c:\windows\$NtUninstallKB980232$\mrxsmb.sys
+ 2010-06-10 01:47 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB980218$\spuninst\updspapi.dll
+ 2010-06-10 01:47 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB980218$\spuninst\spuninst.exe
+ 2010-06-10 01:47 . 2008-04-14 00:09 285696 c:\windows\$NtUninstallKB980218$\atmfd.dll
+ 2010-06-10 01:46 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB980195$\spuninst\updspapi.dll
+ 2010-06-10 01:46 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB980195$\spuninst\spuninst.exe
+ 2010-10-14 22:29 . 2008-04-21 12:08 215552 c:\windows\$NtUninstallKB979687$\wordpad.exe
+ 2010-10-14 22:29 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979687$\spuninst\updspapi.dll
+ 2010-10-14 22:29 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB979687$\spuninst\spuninst.exe
+ 2010-04-14 06:13 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979683$\spuninst\updspapi.dll
+ 2010-04-14 06:13 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB979683$\spuninst\spuninst.exe
+ 2010-06-10 01:46 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979559$\spuninst\updspapi.dll
+ 2010-06-10 01:46 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB979559$\spuninst\spuninst.exe
+ 2010-06-10 01:38 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979482$\spuninst\updspapi.dll
+ 2010-06-10 01:38 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB979482$\spuninst\spuninst.exe
+ 2010-04-14 06:10 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979309$\spuninst\updspapi.dll
+ 2010-04-14 06:10 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB979309$\spuninst\spuninst.exe
+ 2010-02-24 08:00 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979306$\spuninst\updspapi.dll
+ 2010-02-24 08:00 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB979306$\spuninst\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978706$\spuninst\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978706$\spuninst\spuninst.exe
+ 2010-02-10 08:01 . 2008-04-14 00:12 343040 c:\windows\$NtUninstallKB978706$\mspaint.exe
+ 2010-06-10 01:38 . 2007-07-28 03:11 382840 c:\windows\$NtUninstallKB978695_WM9$\spuninst\updspapi.dll
+ 2010-06-10 01:38 . 2007-07-28 03:11 231288 c:\windows\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe
+ 2010-04-14 06:11 . 2008-04-14 00:12 176640 c:\windows\$NtUninstallKB978601$\wintrust.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978601$\spuninst\updspapi.dll
+ 2010-04-14 06:11 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB978601$\spuninst\spuninst.exe
+ 2010-05-13 00:55 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978542$\spuninst\updspapi.dll
+ 2010-05-13 00:55 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978542$\spuninst\spuninst.exe
+ 2010-05-13 00:55 . 2008-04-11 19:04 691712 c:\windows\$NtUninstallKB978542$\inetcomm.dll
+ 2010-04-14 06:11 . 2008-06-20 11:08 225856 c:\windows\$NtUninstallKB978338$\tcpip6.sys
+ 2010-04-14 06:11 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978338$\spuninst\updspapi.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978338$\spuninst\spuninst.exe
+ 2010-04-14 06:11 . 2008-04-14 00:11 100352 c:\windows\$NtUninstallKB978338$\6to4svc.dll
+ 2010-02-10 08:05 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978262$\spuninst\updspapi.dll
+ 2010-02-10 08:05 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978262$\spuninst\spuninst.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978251$\spuninst\updspapi.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978251$\spuninst\spuninst.exe
+ 2010-02-10 08:02 . 2008-10-24 11:21 455296 c:\windows\$NtUninstallKB978251$\mrxsmb.sys
+ 2010-02-10 08:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978037$\spuninst\updspapi.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978037$\spuninst\spuninst.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB977914$\spuninst\updspapi.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB977914$\spuninst\spuninst.exe
+ 2010-04-14 06:11 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB977816$\spuninst\updspapi.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB977816$\spuninst\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB977165$\spuninst\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB977165$\spuninst\spuninst.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975713$\spuninst\updspapi.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB975713$\spuninst\spuninst.exe
+ 2010-02-10 08:02 . 2008-04-14 00:12 474112 c:\windows\$NtUninstallKB975713$\shlwapi.dll
+ 2010-06-10 01:38 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975562$\spuninst\updspapi.dll
+ 2010-06-10 01:38 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB975562$\spuninst\spuninst.exe
+ 2010-03-10 08:03 . 2009-05-26 22:10 382840 c:\windows\$NtUninstallKB975561$\spuninst\updspapi.dll
+ 2010-03-10 08:03 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB975561$\spuninst\spuninst.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975560$\spuninst\updspapi.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB975560$\spuninst\spuninst.exe
+ 2010-09-15 05:55 . 2007-07-28 03:11 382840 c:\windows\$NtUninstallKB975558_WM8$\spuninst\updspapi.dll
+ 2010-09-15 05:55 . 2007-07-28 03:11 231288 c:\windows\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe
+ 2010-09-15 05:55 . 2006-10-19 01:47 317440 c:\windows\$NtUninstallKB975558_WM8$\mp4sdecd.dll
+ 2010-01-13 07:29 . 2009-06-16 14:36 119808 c:\windows\$NtUninstallKB972270$\t2embed.dll
+ 2010-01-13 07:29 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB972270$\spuninst\updspapi.dll
+ 2010-01-13 07:29 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB972270$\spuninst\spuninst.exe
+ 2010-02-10 08:05 . 2008-12-11 10:57 333952 c:\windows\$NtUninstallKB971468$\srv.sys
+ 2010-02-10 08:05 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB971468$\spuninst\updspapi.dll
+ 2010-02-10 08:05 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971468$\spuninst\spuninst.exe
+ 2010-12-16 08:06 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2467659$\spuninst\updspapi.dll
+ 2010-12-16 08:06 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2467659$\spuninst\spuninst.exe
+ 2010-12-16 08:06 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2443685$\spuninst\updspapi.dll
+ 2010-12-16 08:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2443685$\spuninst\spuninst.exe
+ 2010-12-16 08:08 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2443105$\spuninst\updspapi.dll
+ 2010-12-16 08:08 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2443105$\spuninst\spuninst.exe
+ 2010-12-16 08:07 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2440591$\spuninst\updspapi.dll
+ 2010-12-16 08:07 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2440591$\spuninst\spuninst.exe
+ 2010-12-16 08:06 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2436673$\spuninst\updspapi.dll
+ 2010-12-16 08:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2436673$\spuninst\spuninst.exe
+ 2010-12-16 08:01 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2423089$\spuninst\updspapi.dll
+ 2010-12-16 08:01 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2423089$\spuninst\spuninst.exe
+ 2010-10-14 22:30 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2387149$\spuninst\updspapi.dll
+ 2010-10-14 22:30 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2387149$\spuninst\spuninst.exe
+ 2010-10-14 22:30 . 2006-10-14 08:13 981760 c:\windows\$NtUninstallKB2387149$\mfc42u.dll
+ 2010-10-14 22:30 . 2008-04-14 00:11 927504 c:\windows\$NtUninstallKB2387149$\mfc40u.dll
+ 2010-10-14 22:30 . 2004-08-04 12:00 924432 c:\windows\$NtUninstallKB2387149$\mfc40.dll
+ 2010-10-14 22:29 . 2007-07-28 03:11 382840 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\updspapi.dll
+ 2010-10-14 22:29 . 2007-07-28 03:11 231288 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe
+ 2010-10-14 22:22 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2360937$\spuninst\updspapi.dll
+ 2010-10-14 22:22 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2360937$\spuninst\spuninst.exe
+ 2010-10-14 22:22 . 2010-07-22 15:49 590848 c:\windows\$NtUninstallKB2360937$\rpcrt4.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2347290$\spuninst\updspapi.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2347290$\spuninst\spuninst.exe
+ 2010-10-14 22:29 . 2010-06-21 15:27 354304 c:\windows\$NtUninstallKB2345886$\srv.sys
+ 2010-10-14 22:29 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2345886$\spuninst\updspapi.dll
+ 2010-10-14 22:29 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2345886$\spuninst\spuninst.exe
+ 2010-12-16 08:08 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2296199$\spuninst\updspapi.dll
+ 2010-12-16 08:08 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2296199$\spuninst\spuninst.exe
+ 2010-12-16 08:08 . 2010-09-01 11:51 285824 c:\windows\$NtUninstallKB2296199$\atmfd.dll
+ 2010-10-14 22:29 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB2296011$\spuninst\updspapi.dll
+ 2010-10-14 22:29 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB2296011$\spuninst\spuninst.exe
+ 2010-10-14 22:29 . 2008-04-14 00:11 617472 c:\windows\$NtUninstallKB2296011$\comctl32.dll
+ 2010-08-04 02:22 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2286198$\spuninst\updspapi.dll
+ 2010-08-04 02:22 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2286198$\spuninst\spuninst.exe
+ 2010-10-14 22:29 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2279986$\spuninst\updspapi.dll
+ 2010-10-14 22:29 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2279986$\spuninst\spuninst.exe
+ 2010-10-14 22:29 . 2010-04-20 05:30 285696 c:\windows\$NtUninstallKB2279986$\atmfd.dll
+ 2010-09-15 05:55 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB2259922$\spuninst\updspapi.dll
+ 2010-09-15 05:55 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB2259922$\spuninst\spuninst.exe
+ 2010-07-14 07:06 . 2010-02-22 23:53 382840 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll
+ 2010-07-14 07:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe
+ 2010-07-14 07:06 . 2008-04-14 00:12 744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe
+ 2010-08-12 07:07 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2160329$\spuninst\updspapi.dll
+ 2010-08-12 07:07 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2160329$\spuninst\spuninst.exe
+ 2010-09-30 07:00 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2158563$\spuninst\updspapi.dll
+ 2010-09-30 07:00 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2158563$\spuninst\spuninst.exe
+ 2010-09-15 05:51 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2141007$\spuninst\updspapi.dll
+ 2010-09-15 05:51 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2141007$\spuninst\spuninst.exe
+ 2010-09-15 05:51 . 2010-01-29 15:01 691712 c:\windows\$NtUninstallKB2141007$\inetcomm.dll
+ 2010-09-15 05:55 . 2008-04-14 00:12 293376 c:\windows\$NtUninstallKB2121546$\winsrv.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2121546$\spuninst\updspapi.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2121546$\spuninst\spuninst.exe
+ 2010-08-12 07:11 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2115168$\spuninst\updspapi.dll
+ 2010-08-12 07:11 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2115168$\spuninst\spuninst.exe
+ 2010-08-12 07:11 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2079403$\spuninst\updspapi.dll
+ 2010-08-12 07:11 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2079403$\spuninst\spuninst.exe
+ 2010-09-15 05:55 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982802\update\updspapi.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982802\update\update.exe
+ 2010-09-15 05:55 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982802\spuninst.exe
+ 2010-07-23 06:13 . 2010-07-23 06:13 590848 c:\windows\$hf_mig$\KB982802\SP3QFE\rpcrt4.dll
+ 2010-08-12 07:01 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982665\update\updspapi.dll
+ 2010-08-12 07:01 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982665\update\update.exe
+ 2010-08-12 07:01 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982665\spuninst.exe
+ 2010-06-10 01:46 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982381-IE8\update\updspapi.dll
+ 2010-06-10 01:46 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB982381-IE8\update\update.exe
+ 2010-06-10 01:46 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB982381-IE8\spuninst.exe
+ 2010-06-10 01:24 . 2010-05-06 10:36 919040 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 206848 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\occache.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 611840 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mstime.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 599040 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\msfeeds.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 247808 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\ieproxy.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 184320 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iepeers.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 743424 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iedvtool.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 387584 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iedkcs32.dll
+ 2010-06-10 01:24 . 2010-05-05 13:55 173056 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\ie4uinit.exe
+ 2010-08-12 07:11 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982214\update\updspapi.dll
+ 2010-08-12 07:11 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982214\update\update.exe
+ 2010-08-12 07:11 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982214\spuninst.exe
+ 2010-08-12 03:33 . 2010-06-21 14:18 354304 c:\windows\$hf_mig$\KB982214\SP3QFE\srv.sys
+ 2010-10-14 22:29 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB982132\update\updspapi.dll
+ 2010-10-14 22:29 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB982132\update\update.exe
+ 2010-10-14 22:29 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB982132\spuninst.exe
+ 2010-08-27 08:01 . 2010-08-27 08:01 119808 c:\windows\$hf_mig$\KB982132\SP3QFE\t2embed.dll
+ 2010-08-12 07:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981997\update\updspapi.dll
+ 2010-08-12 07:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981997\update\update.exe
+ 2010-08-12 07:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981997\spuninst.exe
+ 2010-10-14 22:22 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB981957\update\updspapi.dll
+ 2010-10-14 22:22 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB981957\update\update.exe
+ 2010-10-14 22:22 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB981957\spuninst.exe
+ 2010-08-12 07:11 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB981852\update\updspapi.dll
+ 2010-08-12 07:11 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB981852\update\update.exe
+ 2010-08-12 07:11 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB981852\spuninst.exe
+ 2010-04-14 06:10 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981332-IE8\update\updspapi.dll
+ 2010-04-14 06:10 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981332-IE8\update\update.exe
+ 2010-04-14 06:10 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981332-IE8\spuninst.exe
+ 2010-04-14 00:31 . 2010-03-10 06:18 420352 c:\windows\$hf_mig$\KB981332-IE8\SP3QFE\vbscript.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981322\update\updspapi.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981322\update\update.exe
+ 2010-09-15 05:55 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981322\spuninst.exe
+ 2010-04-16 15:29 . 2010-04-16 15:29 406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
+ 2010-08-12 07:06 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980436\update\updspapi.dll
+ 2010-08-12 07:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980436\update\update.exe
+ 2010-08-12 07:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB980436\spuninst.exe
+ 2010-06-30 12:23 . 2010-06-30 12:23 149504 c:\windows\$hf_mig$\KB980436\SP3QFE\schannel.dll
+ 2010-04-14 06:13 . 2009-05-26 09:01 382840 c:\windows\$hf_mig$\KB980232\update\updspapi.dll
+ 2010-04-14 06:13 . 2009-05-26 09:01 755576 c:\windows\$hf_mig$\KB980232\update\update.exe
+ 2010-04-14 06:13 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB980232\spuninst.exe
+ 2010-04-14 00:31 . 2010-02-24 11:57 457216 c:\windows\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys
+ 2010-06-10 01:47 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980218\update\updspapi.dll
+ 2010-06-10 01:47 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980218\update\update.exe
+ 2010-06-10 01:47 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB980218\spuninst.exe
+ 2010-04-20 05:37 . 2010-04-20 05:37 285824 c:\windows\$hf_mig$\KB980218\SP3QFE\atmfd.dll
+ 2010-06-10 01:46 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB980195\update\updspapi.dll
+ 2010-06-10 01:46 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB980195\update\update.exe
+ 2010-06-10 01:46 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB980195\spuninst.exe
+ 2010-03-31 06:06 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980182-IE8\update\updspapi.dll
+ 2010-03-31 06:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980182-IE8\update\update.exe
+ 2010-03-31 06:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB980182-IE8\spuninst.exe
+ 2010-03-30 22:43 . 2010-02-25 06:19 919040 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 206848 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\occache.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 611840 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mstime.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 594432 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\msfeeds.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 247808 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\ieproxy.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 184320 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\iepeers.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 387584 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\iedkcs32.dll
+ 2010-03-30 22:43 . 2010-02-24 09:34 173056 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\ie4uinit.exe
+ 2010-10-14 22:29 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979687\update\updspapi.dll
+ 2010-10-14 22:29 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979687\update\update.exe
+ 2010-10-14 22:29 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB979687\spuninst.exe
+ 2010-07-12 13:02 . 2010-07-12 13:02 218112 c:\windows\$hf_mig$\KB979687\SP3QFE\wordpad.exe
+ 2010-04-14 06:13 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979683\update\updspapi.dll
+ 2010-04-14 06:13 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979683\update\update.exe
+ 2010-04-14 06:13 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB979683\spuninst.exe
+ 2010-06-10 01:46 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979559\update\updspapi.dll
+ 2010-06-10 01:46 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979559\update\update.exe
+ 2010-06-10 01:46 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB979559\spuninst.exe
+ 2010-06-10 01:38 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979482\update\updspapi.dll
+ 2010-06-10 01:38 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979482\update\update.exe
+ 2010-06-10 01:38 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB979482\spuninst.exe
+ 2010-04-14 06:10 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979309\update\updspapi.dll
+ 2010-04-14 06:10 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979309\update\update.exe
+ 2010-04-14 06:10 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB979309\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978706\update\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978706\update\update.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978706\spuninst.exe
+ 2009-12-16 18:27 . 2009-12-16 18:27 343040 c:\windows\$hf_mig$\KB978706\SP3QFE\mspaint.exe
+ 2010-04-14 06:11 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978601\update\updspapi.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978601\update\update.exe
+ 2010-04-14 06:11 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB978601\spuninst.exe
+ 2009-12-24 06:42 . 2009-12-24 06:42 178176 c:\windows\$hf_mig$\KB978601\SP3QFE\wintrust.dll
+ 2010-05-13 00:55 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-05-13 00:55 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-05-13 00:55 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-01-29 14:53 . 2010-01-29 14:53 691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978338\update\updspapi.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978338\update\update.exe
+ 2010-04-14 06:11 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978338\spuninst.exe
+ 2010-02-11 11:36 . 2010-02-11 11:36 226880 c:\windows\$hf_mig$\KB978338\SP3QFE\tcpip6.sys
+ 2010-02-12 04:27 . 2010-02-12 04:27 100864 c:\windows\$hf_mig$\KB978338\SP3QFE\6to4svc.dll
+ 2010-02-10 08:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978262\update\updspapi.dll
+ 2010-02-10 08:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978262\update\update.exe
+ 2010-02-10 08:05 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978262\spuninst.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978251\update\updspapi.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978251\update\update.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978251\spuninst.exe
+ 2010-02-09 19:48 . 2009-12-04 17:25 456832 c:\windows\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys
+ 2010-01-22 12:13 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978207-IE8\update\updspapi.dll
+ 2010-01-22 12:13 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB978207-IE8\update\update.exe
+ 2010-01-22 12:13 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB978207-IE8\spuninst.exe
+ 2010-01-22 08:41 . 2009-12-21 19:09 916480 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 206848 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\occache.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 594432 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\msfeeds.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 246272 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ieproxy.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 184320 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iepeers.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 387584 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iedkcs32.dll
+ 2010-01-22 08:41 . 2009-12-21 13:22 173056 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ie4uinit.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978037\update\updspapi.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978037\update\update.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978037\spuninst.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB977914\update\updspapi.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB977914\update\update.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB977914\spuninst.exe
+ 2010-04-14 06:11 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB977816\update\updspapi.dll
+ 2010-04-14 06:11 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB977816\update\update.exe
+ 2010-04-14 06:11 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB977816\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB977165\update\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB977165\update\update.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB977165\spuninst.exe
+ 2010-02-24 08:01 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB976662-IE8\update\updspapi.dll
+ 2010-02-24 08:01 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB976662-IE8\update\update.exe
+ 2010-02-24 08:01 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB976662-IE8\spuninst.exe
+ 2010-02-24 00:38 . 2009-12-09 05:51 726528 c:\windows\$hf_mig$\KB976662-IE8\SP3QFE\jscript.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975713\update\updspapi.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975713\update\update.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975713\spuninst.exe
+ 2009-12-08 09:01 . 2009-12-08 09:01 474112 c:\windows\$hf_mig$\KB975713\SP3QFE\shlwapi.dll
+ 2010-06-10 01:38 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
+ 2010-06-10 01:38 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-06-10 01:38 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975562\spuninst.exe
+ 2010-03-10 08:03 . 2009-05-26 22:10 382840 c:\windows\$hf_mig$\KB975561\update\updspapi.dll
+ 2010-03-10 08:03 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB975561\update\update.exe
+ 2010-03-10 08:03 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975561\spuninst.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
+ 2010-02-10 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975560\update\update.exe
+ 2010-02-10 08:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975560\spuninst.exe
+ 2010-01-13 07:29 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB972270\update\updspapi.dll
+ 2010-01-13 07:29 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB972270\update\update.exe
+ 2010-01-13 07:29 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB972270\spuninst.exe
+ 2010-01-13 04:33 . 2009-10-15 16:39 119808 c:\windows\$hf_mig$\KB972270\SP3QFE\t2embed.dll
+ 2010-02-10 08:05 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB971468\update\updspapi.dll
+ 2010-02-10 08:05 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB971468\update\update.exe
+ 2010-02-10 08:05 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971468\spuninst.exe
+ 2010-02-09 19:48 . 2010-01-01 07:58 353792 c:\windows\$hf_mig$\KB971468\SP3QFE\srv.sys
+ 2010-12-16 08:06 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2467659\update\updspapi.dll
+ 2010-12-16 08:06 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2467659\update\update.exe
+ 2010-12-16 08:06 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2467659\spuninst.exe
+ 2010-12-16 08:08 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2443105\update\updspapi.dll
+ 2010-12-16 08:08 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2443105\update\update.exe
+ 2010-12-16 08:08 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2443105\spuninst.exe
+ 2010-12-16 08:07 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2440591\update\updspapi.dll
+ 2010-12-16 08:07 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2440591\update\update.exe
+ 2010-12-16 08:07 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2440591\spuninst.exe
+ 2010-12-16 08:06 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2436673\update\updspapi.dll
+ 2010-12-16 08:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2436673\update\update.exe
+ 2010-12-16 08:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2436673\spuninst.exe
+ 2010-12-16 08:01 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2423089\update\updspapi.dll
+ 2010-12-16 08:01 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2423089\update\update.exe
+ 2010-12-16 08:01 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2423089\spuninst.exe
+ 2010-12-16 08:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2416400-IE8\update\updspapi.dll
+ 2010-12-16 08:07 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2416400-IE8\update\update.exe
+ 2010-12-16 08:07 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2416400-IE8\spuninst.exe
+ 2010-12-15 21:31 . 2010-11-06 00:27 919552 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 206848 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\occache.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 611840 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mstime.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 602112 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\msfeeds.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 247808 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ieproxy.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 184320 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iepeers.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 743424 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iedvtool.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 387584 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iedkcs32.dll
+ 2010-12-15 21:31 . 2010-11-03 12:01 173568 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ie4uinit.exe
+ 2010-10-14 22:30 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2387149\update\updspapi.dll
+ 2010-10-14 22:30 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2387149\update\update.exe
+ 2010-10-14 22:30 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2387149\spuninst.exe
+ 2010-10-14 21:21 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42u.dll
+ 2010-10-14 21:21 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42.dll
+ 2010-10-14 21:21 . 2010-09-18 07:18 953856 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
+ 2010-10-14 21:21 . 2010-09-18 07:18 954368 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40.dll
+ 2010-10-14 22:22 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2360937\update\updspapi.dll
+ 2010-10-14 22:22 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2360937\update\update.exe
+ 2010-10-14 22:22 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2360937\spuninst.exe
+ 2010-10-14 21:20 . 2010-08-16 08:43 590848 c:\windows\$hf_mig$\KB2360937\SP3QFE\rpcrt4.dll
+ 2010-10-14 22:28 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2360131-IE8\update\updspapi.dll
+ 2010-10-14 22:28 . 2009-05-26 09:01 755576 c:\windows\$hf_mig$\KB2360131-IE8\update\update.exe
+ 2010-10-14 22:28 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB2360131-IE8\spuninst.exe
+ 2010-10-14 21:21 . 2010-09-10 05:57 919552 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 206848 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\occache.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 611840 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mstime.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 602112 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeeds.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 247808 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieproxy.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 184320 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iepeers.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 743424 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iedvtool.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 387584 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iedkcs32.dll
+ 2010-10-14 21:21 . 2010-09-08 15:48 173056 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ie4uinit.exe
+ 2010-09-15 05:55 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll
+ 2010-09-15 05:55 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2347290\update\update.exe
+ 2010-09-15 05:55 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2347290\spuninst.exe
+ 2010-10-14 22:29 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2345886\update\updspapi.dll
+ 2010-10-14 22:29 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2345886\update\update.exe
+ 2010-10-14 22:29 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2345886\spuninst.exe
+ 2010-08-26 13:37 . 2010-08-26 13:37 357248 c:\windows\$hf_mig$\KB2345886\SP3QFE\srv.sys
+ 2010-12-16 08:08 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2296199\update\updspapi.dll
+ 2010-12-16 08:08 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2296199\update\update.exe
+ 2010-12-16 08:08 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2296199\spuninst.exe
+ 2010-10-28 13:08 . 2010-10-28 13:08 290048 c:\windows\$hf_mig$\KB2296199\SP3QFE\atmfd.dll
+ 2010-08-04 02:22 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2286198\update\updspapi.dll
+ 2010-08-04 02:22 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2286198\update\update.exe
+ 2010-08-04 02:22 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2286198\spuninst.exe
+ 2010-10-14 22:29 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2279986\update\updspapi.dll
+ 2010-10-14 22:29 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2279986\update\update.exe
+ 2010-10-14 22:29 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2279986\spuninst.exe
+ 2010-09-01 11:48 . 2010-09-01 11:48 285824 c:\windows\$hf_mig$\KB2279986\SP3QFE\atmfd.dll
+ 2010-09-15 05:55 . 2009-05-26 09:01 382840 c:\windows\$hf_mig$\KB2259922\update\updspapi.dll
+ 2010-09-15 05:55 . 2009-05-26 09:01 755576 c:\windows\$hf_mig$\KB2259922\update\update.exe
+ 2010-09-15 05:55 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB2259922\spuninst.exe
+ 2010-07-14 07:06 . 2010-02-22 23:53 382840 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
+ 2010-07-14 07:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2229593\update\update.exe
+ 2010-07-14 07:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2229593\spuninst.exe
+ 2010-07-14 00:37 . 2010-06-14 14:38 744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe
+ 2010-08-12 07:07 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2183461-IE8\update\updspapi.dll
+ 2010-08-12 07:07 . 2009-05-26 09:01 755576 c:\windows\$hf_mig$\KB2183461-IE8\update\update.exe
+ 2010-08-12 07:07 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB2183461-IE8\spuninst.exe
+ 2010-08-12 03:33 . 2010-06-24 12:24 919040 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 206848 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\occache.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 611840 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mstime.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 599040 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\msfeeds.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 247808 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\ieproxy.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 184320 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iepeers.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 743424 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iedvtool.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 387584 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iedkcs32.dll
+ 2010-08-12 03:33 . 2010-06-23 11:30 173056 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\ie4uinit.exe
+ 2010-08-12 07:07 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2160329\update\updspapi.dll
+ 2010-08-12 07:07 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2160329\update\update.exe
+ 2010-08-12 07:07 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2160329\spuninst.exe
+ 2010-09-15 05:51 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2141007\update\updspapi.dll
+ 2010-09-15 05:51 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2141007\update\update.exe
+ 2010-09-15 05:51 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2141007\spuninst.exe
+ 2010-06-09 07:41 . 2010-06-09 07:41 692736 c:\windows\$hf_mig$\KB2141007\SP3QFE\inetcomm.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2121546\update\updspapi.dll
+ 2010-09-15 05:55 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2121546\update\update.exe
+ 2010-09-15 05:55 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2121546\spuninst.exe
+ 2010-06-18 17:43 . 2010-06-18 17:43 293376 c:\windows\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
+ 2010-08-12 07:11 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2115168\update\updspapi.dll
+ 2010-08-12 07:11 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2115168\update\update.exe
+ 2010-08-12 07:11 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2115168\spuninst.exe
+ 2010-08-12 07:11 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2079403\update\updspapi.dll
+ 2010-08-12 07:11 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2079403\update\update.exe
+ 2010-08-12 07:11 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2079403\spuninst.exe
+ 2010-10-14 21:21 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2009-07-12 01:46 . 2009-07-12 01:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-12 01:46 . 2009-07-12 01:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2004-08-04 12:00 . 2010-04-06 08:52 2462720 c:\windows\system32\WMVCore.dll
+ 2004-08-04 12:00 . 2010-10-26 13:25 1853312 c:\windows\system32\win32k.sys
+ 2004-08-04 12:00 . 2010-11-06 00:26 1210880 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
+ 2004-08-04 12:00 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll
+ 2004-08-04 12:00 . 2010-07-16 12:05 1288192 c:\windows\system32\ole32.dll
+ 2004-08-04 12:00 . 2010-04-27 13:59 2146304 c:\windows\system32\ntoskrnl.exe
+ 2004-08-03 22:59 . 2010-04-27 13:05 2024448 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-04 12:00 . 2010-06-14 07:41 1172480 c:\windows\system32\msxml3.dll
- 2004-08-04 12:00 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll
+ 2004-08-04 12:00 . 2010-11-06 00:26 5959168 c:\windows\system32\mshtml.dll
+ 2009-03-08 08:32 . 2010-11-06 00:26 1991680 c:\windows\system32\iertutil.dll
+ 2004-08-04 12:00 . 2010-04-06 08:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-14 21:22 . 2010-10-26 13:25 1853312 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-26 08:15 . 2010-11-06 00:26 1210880 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2008-05-07 05:12 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2010-07-16 12:05 . 2010-07-16 12:05 1288192 c:\windows\system32\dllcache\ole32.dll
+ 2008-10-14 21:21 . 2010-04-28 02:25 2189952 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-14 21:21 . 2010-04-27 13:05 2024448 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-14 21:21 . 2010-04-27 13:05 2066816 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-14 21:21 . 2010-04-27 13:59 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2008-11-11 22:38 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2008-11-11 22:38 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-08-11 21:25 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-11 21:25 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-04-21 06:44 . 2010-11-06 00:26 5959168 c:\windows\system32\dllcache\mshtml.dll
+ 2010-03-10 00:54 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2009-07-15 00:46 . 2010-11-06 00:26 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2009-11-07 05:06 . 2009-11-07 05:06 1130824 c:\windows\system32\dfshim.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2010-09-22 13:44 . 2010-09-22 13:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2008-11-25 08:59 . 2008-11-25 08:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 09:32 . 2010-03-23 09:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2009-08-08 03:51 . 2009-08-08 03:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-01-29 05:21 . 2011-01-29 05:21 1094656 c:\windows\Installer\a1560.msi
+ 2010-09-23 11:39 . 2010-09-23 11:39 4265472 c:\windows\Installer\7419162.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 2607104 c:\windows\Installer\62265.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 4210688 c:\windows\Installer\62264.msp
+ 2009-11-09 04:25 . 2009-11-09 04:25 1935360 c:\windows\Installer\336f4e9.msp
+ 2010-11-21 00:23 . 2010-11-21 00:23 7028736 c:\windows\Installer\24ac9f.msi
+ 2010-06-10 01:46 . 2010-02-25 06:24 1209344 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2010-06-10 01:46 . 2010-02-25 06:24 5944832 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2010-06-10 01:46 . 2010-02-25 06:24 1985536 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 1208832 c:\windows\ie8updates\KB980182-IE8\urlmon.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 5942784 c:\windows\ie8updates\KB980182-IE8\mshtml.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 1985536 c:\windows\ie8updates\KB980182-IE8\iertutil.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 1208832 c:\windows\ie8updates\KB978207-IE8\urlmon.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 5940736 c:\windows\ie8updates\KB978207-IE8\mshtml.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 1985536 c:\windows\ie8updates\KB978207-IE8\iertutil.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 1210880 c:\windows\ie8updates\KB2416400-IE8\urlmon.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 5957120 c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 1986560 c:\windows\ie8updates\KB2416400-IE8\iertutil.dll
+ 2010-10-14 22:28 . 2010-06-24 12:22 1210368 c:\windows\ie8updates\KB2360131-IE8\urlmon.dll
+ 2010-10-14 22:28 . 2010-06-24 12:22 5951488 c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
+ 2010-10-14 22:28 . 2010-06-24 12:21 1986560 c:\windows\ie8updates\KB2360131-IE8\iertutil.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 1209344 c:\windows\ie8updates\KB2183461-IE8\urlmon.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 5950976 c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 1985536 c:\windows\ie8updates\KB2183461-IE8\iertutil.dll
+ 2008-10-14 21:21 . 2010-04-28 02:25 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-14 21:21 . 2010-04-27 13:05 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-14 21:21 . 2010-04-27 13:05 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-14 21:21 . 2010-04-27 13:59 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-08-12 07:11 . 2010-08-12 07:11 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-08-12 07:22 . 2010-08-12 07:22 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-08-12 07:22 . 2010-08-12 07:22 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-10-07 07:12 . 2010-10-07 07:12 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll
+ 2010-10-07 07:12 . 2010-10-07 07:12 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll
+ 2010-10-07 07:12 . 2010-10-07 07:12 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll
+ 2010-10-07 07:11 . 2010-10-07 07:11 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll
+ 2010-10-07 07:11 . 2010-10-07 07:11 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll
+ 2010-10-07 07:11 . 2010-10-07 07:11 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4200f716e9a41cb91d17516ba864e586\System.Web.Mobile.ni.dll
+ 2010-10-12 21:59 . 2010-10-12 21:59 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll
+ 2010-08-12 07:21 . 2010-08-12 07:21 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll
+ 2010-10-12 21:59 . 2010-10-12 21:59 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll
+ 2010-08-12 07:24 . 2010-08-12 07:24 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-08-12 07:21 . 2010-08-12 07:21 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-10-07 07:07 . 2010-10-07 07:07 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll
+ 2010-08-12 07:21 . 2010-08-12 07:21 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-08-12 07:17 . 2010-08-12 07:17 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-10-07 07:09 . 2010-10-07 07:09 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll
+ 2010-08-12 07:19 . 2010-08-12 07:19 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-08-12 07:16 . 2010-08-12 07:16 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-08-12 07:15 . 2010-08-12 07:15 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-08-12 07:15 . 2010-08-12 07:15 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-10-07 07:09 . 2010-10-07 07:09 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll
+ 2010-08-12 07:24 . 2010-08-12 07:24 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-12 07:26 . 2010-08-12 07:26 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-08-12 07:25 . 2010-08-12 07:25 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2010-07-01 07:04 . 2010-07-01 07:04 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-07-26 02:44 . 2009-07-26 02:44 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-10-08 05:03 . 2010-10-08 05:03 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-06-10 01:35 . 2010-06-10 01:35 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-07-01 07:04 . 2010-07-01 07:04 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-15 07:11 . 2009-10-15 07:11 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-07-01 07:04 . 2010-07-01 07:04 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2009-07-26 02:35 . 2009-07-26 02:35 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-10-07 07:02 . 2010-10-07 07:02 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-08-12 07:01 . 2009-10-23 15:28 3558912 c:\windows\$NtUninstallKB981997$\moviemk.exe
+ 2010-10-14 22:22 . 2010-06-23 13:44 1851904 c:\windows\$NtUninstallKB981957$\win32k.sys
+ 2010-08-12 07:11 . 2010-02-16 14:08 2146304 c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
+ 2010-08-12 07:11 . 2010-02-16 13:25 2024448 c:\windows\$NtUninstallKB981852$\ntkrpamp.exe
+ 2010-08-12 07:11 . 2010-02-16 13:25 2024448 c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
+ 2010-08-12 07:11 . 2010-02-16 14:08 2146304 c:\windows\$NtUninstallKB981852$\ntkrnlmp.exe
+ 2010-10-14 22:29 . 2008-04-14 00:12 1287168 c:\windows\$NtUninstallKB979687$\ole32.dll
+ 2010-04-14 06:13 . 2009-12-08 19:26 2145280 c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
+ 2010-04-14 06:13 . 2009-12-08 18:43 2023936 c:\windows\$NtUninstallKB979683$\ntkrpamp.exe
+ 2010-04-14 06:13 . 2009-12-08 18:43 2023936 c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
+ 2010-04-14 06:13 . 2009-12-08 19:26 2145280 c:\windows\$NtUninstallKB979683$\ntkrnlmp.exe
+ 2010-06-10 01:46 . 2009-08-14 13:21 1850624 c:\windows\$NtUninstallKB979559$\win32k.sys
+ 2010-06-10 01:38 . 2009-05-20 08:56 2458112 c:\windows\$NtUninstallKB978695_WM9$\wmvcore.dll
+ 2010-05-13 00:55 . 2009-07-10 13:27 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-02-10 08:01 . 2009-08-04 15:13 2145280 c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
+ 2010-02-10 08:01 . 2009-08-04 14:20 2023936 c:\windows\$NtUninstallKB977165$\ntkrpamp.exe
+ 2010-02-10 08:01 . 2009-08-04 14:20 2023936 c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
+ 2010-02-10 08:01 . 2009-08-04 15:13 2145280 c:\windows\$NtUninstallKB977165$\ntkrnlmp.exe
+ 2010-06-10 01:38 . 2009-11-27 17:11 1291776 c:\windows\$NtUninstallKB975562$\quartz.dll
+ 2010-03-10 08:03 . 2008-04-14 00:12 3558912 c:\windows\$NtUninstallKB975561$\moviemk.exe
+ 2010-02-10 08:02 . 2009-06-03 19:09 1291264 c:\windows\$NtUninstallKB975560$\quartz.dll
+ 2010-12-16 08:06 . 2010-08-31 13:42 1852800 c:\windows\$NtUninstallKB2436673$\win32k.sys
+ 2010-10-14 22:30 . 2008-04-14 00:11 1028096 c:\windows\$NtUninstallKB2387149$\mfc42.dll
+ 2010-08-04 02:22 . 2008-06-17 19:02 8461312 c:\windows\$NtUninstallKB2286198$\shell32.dll
+ 2010-08-12 07:07 . 2010-05-02 05:22 1851264 c:\windows\$NtUninstallKB2160329$\win32k.sys
+ 2010-08-12 07:11 . 2009-07-31 04:35 1172480 c:\windows\$NtUninstallKB2079403$\msxml3.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 1209856 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\urlmon.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 5953024 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
+ 2010-06-10 01:24 . 2010-05-06 10:36 1986048 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iertutil.dll
+ 2010-08-12 03:31 . 2010-06-18 13:43 3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe
+ 2010-08-31 13:38 . 2010-08-31 13:38 1861888 c:\windows\$hf_mig$\KB981957\SP3QFE\win32k.sys
+ 2010-08-12 03:33 . 2010-04-27 13:50 2190080 c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
+ 2010-08-12 03:33 . 2010-04-27 13:14 2024448 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrpamp.exe
+ 2010-04-28 11:14 . 2010-04-28 11:14 2066944 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
+ 2010-08-12 03:33 . 2010-04-27 13:54 2146304 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlmp.exe
+ 2010-03-30 22:43 . 2010-02-25 06:19 1209856 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\urlmon.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 5946880 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 1986048 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\iertutil.dll
+ 2010-07-16 12:04 . 2010-07-16 12:04 1289216 c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
+ 2010-04-14 00:31 . 2010-02-16 12:52 2190080 c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
+ 2010-04-14 00:31 . 2010-02-16 12:12 2024448 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrpamp.exe
+ 2010-04-14 00:31 . 2010-02-16 12:12 2066944 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
+ 2010-04-14 00:31 . 2010-02-16 12:50 2146304 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlmp.exe
+ 2010-05-02 06:34 . 2010-05-02 06:34 1860352 c:\windows\$hf_mig$\KB979559\SP3QFE\win32k.sys
+ 2010-01-29 14:53 . 2010-01-29 14:53 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 1209344 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\urlmon.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 5945856 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
+ 2010-01-22 08:41 . 2009-12-21 19:09 1986048 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iertutil.dll
+ 2009-12-09 04:52 . 2009-12-09 04:52 2189312 c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
+ 2010-02-09 19:47 . 2009-12-08 17:40 2023936 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrpamp.exe
+ 2009-12-09 04:10 . 2009-12-09 04:10 2066176 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
+ 2010-02-09 19:47 . 2009-12-08 18:20 2145280 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlmp.exe
+ 2010-02-05 18:29 . 2010-02-05 18:29 1291776 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll
+ 2010-03-10 00:54 . 2009-10-23 14:53 3558912 c:\windows\$hf_mig$\KB975561\SP3QFE\moviemk.exe
+ 2009-11-27 17:23 . 2009-11-27 17:23 1291776 c:\windows\$hf_mig$\KB975560\SP3QFE\quartz.dll
+ 2010-10-26 13:27 . 2010-10-26 13:27 1862272 c:\windows\$hf_mig$\KB2436673\SP3QFE\win32k.sys
+ 2010-12-15 21:31 . 2010-11-06 00:27 1211904 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\urlmon.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 5960704 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
+ 2010-12-15 21:31 . 2010-11-06 00:27 1992192 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iertutil.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 1211904 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\urlmon.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 5958656 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
+ 2010-10-14 21:21 . 2010-09-10 05:57 1987072 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iertutil.dll
+ 2010-07-27 06:28 . 2010-07-27 06:28 8463360 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 1211904 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\urlmon.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 5954560 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
+ 2010-08-12 03:33 . 2010-06-24 12:24 1987072 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iertutil.dll
+ 2010-06-24 02:14 . 2010-06-24 02:14 1861120 c:\windows\$hf_mig$\KB2160329\SP3QFE\win32k.sys
+ 2010-06-14 07:39 . 2010-06-14 07:39 1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll
- 2004-08-04 12:00 . 2009-07-14 03:43 10841088 c:\windows\system32\wmp.dll
+ 2004-08-04 12:00 . 2010-08-26 03:36 10841088 c:\windows\system32\wmp.dll
+ 2009-01-14 06:10 . 2011-01-13 03:05 37403080 c:\windows\system32\MRT.exe
+ 2009-03-08 08:39 . 2010-11-06 00:26 11080704 c:\windows\system32\ieframe.dll
- 2004-08-04 12:00 . 2009-07-14 03:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2004-08-04 12:00 . 2010-08-26 03:36 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-07-15 00:46 . 2010-11-06 00:26 11080704 c:\windows\system32\dllcache\ieframe.dll
+ 2010-05-19 17:08 . 2010-05-19 17:08 11408896 c:\windows\Installer\736a2cd.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 14599680 c:\windows\Installer\62273.msp
+ 2010-03-31 05:23 . 2010-03-31 05:23 15638528 c:\windows\Installer\336f4f5.msp
+ 2010-06-10 01:46 . 2010-02-25 15:54 11070976 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2010-03-31 06:06 . 2009-12-21 19:14 11070464 c:\windows\ie8updates\KB980182-IE8\ieframe.dll
+ 2010-01-22 12:13 . 2009-10-29 07:45 11069952 c:\windows\ie8updates\KB978207-IE8\ieframe.dll
+ 2010-12-16 08:07 . 2010-09-10 05:58 11080192 c:\windows\ie8updates\KB2416400-IE8\ieframe.dll
+ 2010-10-14 22:28 . 2010-06-24 21:51 11077120 c:\windows\ie8updates\KB2360131-IE8\ieframe.dll
+ 2010-08-12 07:07 . 2010-05-06 10:41 11076096 c:\windows\ie8updates\KB2183461-IE8\ieframe.dll
+ 2010-08-12 07:22 . 2010-08-12 07:22 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-10-07 07:10 . 2010-10-07 07:10 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll
+ 2010-10-07 07:08 . 2010-10-07 07:08 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll
+ 2010-10-07 07:05 . 2010-10-07 07:05 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\fdc42078fd10e4dc8b05087900c63977\System.Design.ni.dll
+ 2010-08-12 07:14 . 2010-08-12 07:14 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2010-08-12 07:12 . 2010-08-12 07:12 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
+ 2010-08-12 07:11 . 2010-08-12 07:11 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
+ 2010-10-14 22:29 . 2009-07-14 03:43 10841088 c:\windows\$NtUninstallKB2378111_WM9$\wmp.dll
+ 2010-05-06 20:06 . 2010-05-06 20:06 11078144 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\ieframe.dll
+ 2010-03-30 22:43 . 2010-02-25 06:19 11073024 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\ieframe.dll
+ 2009-12-22 19:09 . 2009-12-22 19:09 11070976 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ieframe.dll
+ 2010-11-06 10:57 . 2010-11-06 10:57 11082752 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ieframe.dll
+ 2010-09-10 15:27 . 2010-09-10 15:27 11082240 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieframe.dll
+ 2010-08-12 03:32 . 2010-06-24 12:24 11079168 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2005-10-12 7086080]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-08-18 307200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTornado\\btdownloadgui.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Documents and Settings\\Protoman\\My Documents\\D Drive\\SNES\\zsnesw.exe"=
"c:\\Program Files\\Java\\jre1.5.0_05\\bin\\javaw.exe"=
"c:\\Program Files\\SmartFTP\\SmartFTP.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Documents and Settings\\Protoman\\My Documents\\D Drive\\NES Nesticle\\NESTCL95.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7845:UDP"= 7845:UDP:SNES
"4000:TCP"= 4000:TCP:SNES download
"6881:UDP"= 6881:UDP:Torrent for Az
"9420:TCP"= 9420:TCP:RSP
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R3 scrcap;scrcap;c:\windows\system32\drivers\scrcap.sys [12/27/2006 9:47 AM 9006]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} - hxxp://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10
FF - ProfilePath - c:\documents and settings\Protoman\Application Data\Mozilla\Firefox\Profiles\0aghlp78.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-03 00:24
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-839522115-562591055-2147167427-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{86160C21-8200-3688-7C4F-8FB663D01859}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iahbhllkpmhkkclphc"=hex:6a,61,6d,67,6c,64,63,6d,6b,61,61,69,70,69,6f,6b,6e,6b,
69,67,00,00
"hajbjngocogfomhc"=hex:6a,61,6d,67,6c,64,63,6d,6b,61,61,69,70,69,6f,6b,6e,6b,
69,67,00,a6

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2011-02-03 00:28:10
ComboFix-quarantined-files.txt 2011-02-03 05:27
ComboFix2.txt 2010-01-04 22:37
ComboFix3.txt 2010-01-04 02:43

Pre-Run: 779,593,400,320 bytes free
Post-Run: 780,475,633,664 bytes free

- - End Of File - - CC273E39C4F4ED16A6DA6F5F99191A54

#9 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 03 February 2011 - 06:55 AM

Hi,

Go to My Computer-> Tools-> Folder Options-> View tab:
  • Under the Hidden files and folders heading:
  • Select - Show hidden files and folders.
  • Uncheck- Hide protected operating system files (recommended) option.
  • Also, make sure there is no checkmark beside Hide file extensions for known file types.
  • Click OK. (Remember to Hide files and folders once done)

Please go to one of the below sites to scan the following files:
Virus Total (Recommended)
jotti.org
VirScan


click on Browse, and upload the following file for analysis:
c:\windows\system32\drivers\scrcap.sys

Then click Submit. Allow the file to be scanned, and then please copy and paste the results here for me to see.
If it says already scanned -- click "reanalyze now"
Please post the results in your next reply.
===================================================

Please follow all previous instructions regarding security programs.

Open a new Notepad session
  • Click the Start button, click run
  • in the run box type notepad
  • click ok
  • In the notepad, Click "Format" and be certain that Word Wrap is not checked.
  • Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE

RegLockDel::
[HKEY_USERS\S-1-5-21-839522115-562591055-2147167427-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{86160C21-8200-3688-7C4F-8FB663D01859}*]


In the notepad
  • Click File, Save as..., and set the Save in to your Desktop
  • In the filename box, type (including quotation marks) as the filename: "CFScript.txt"
  • Click save
Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown below.

This will start ComboFix again.Close all browser/windows first.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Posted Image

===================================================

On your next reply please post :
File scanner report
Combofix log


Let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#10 DanielDude

DanielDude

    Authentic Member

  • Authentic Member
  • PipPip
  • 75 posts

Posted 06 February 2011 - 03:08 AM

Antivirus Version Last update Result
AhnLab-V3 2011.01.27.01 2011.01.27 -
AntiVir 7.11.2.80 2011.02.04 -
Antiy-AVL 2.0.3.7 2011.01.28 -
Avast 4.8.1351.0 2011.02.06 -
Avast5 5.0.677.0 2011.02.06 -
AVG 10.0.0.1190 2011.02.06 -
BitDefender 7.2 2011.02.06 -
CAT-QuickHeal 11.00 2011.02.06 -
ClamAV 0.96.4.0 2011.02.06 -
Commtouch 5.2.11.5 2011.02.05 -
Comodo 7596 2011.02.05 -
DrWeb 5.0.2.03300 2011.02.06 -
Emsisoft 5.1.0.2 2011.02.06 -
eTrust-Vet 36.1.8141 2011.02.04 -
F-Prot 4.6.2.117 2011.02.04 -
F-Secure 9.0.16160.0 2011.02.06 -
Fortinet 4.2.254.0 2011.02.05 -
GData 21 2011.02.06 -
Ikarus T3.1.1.97.0 2011.02.06 -
Jiangmin 13.0.900 2011.02.05 -
K7AntiVirus 9.81.3752 2011.02.05 -
Kaspersky 7.0.0.125 2011.02.06 -
McAfee 5.400.0.1158 2011.02.05 -
McAfee-GW-Edition 2010.1C 2011.02.06 -
Microsoft 1.6502 2011.02.06 -
NOD32 5849 2011.02.05 -
Norman 6.07.03 2011.02.05 -
nProtect 2011-01-27.01 2011.02.02 -
Panda 10.0.3.5 2011.02.05 -
PCTools 7.0.3.5 2011.02.06 -
Prevx 3.0 2011.02.06 -
Rising 23.43.05.06 2011.02.05 -
Sophos 4.61.0 2011.02.05 -
SUPERAntiSpyware 4.40.0.1006 2011.02.05 -
Symantec 20101.3.0.103 2011.02.06 -
TheHacker 6.7.0.1.124 2011.02.04 -
TrendMicro 9.200.0.1012 2011.02.06 -
TrendMicro-HouseCall 9.200.0.1012 2011.02.06 -
VBA32 3.12.14.3 2011.02.04 -
VIPRE 8324 2011.02.06 -
ViRobot 2011.2.5.4294 2011.02.05 -
VirusBuster 13.6.184.0 2011.02.05 -
MD5: 8d837882b0c6750eda99b82a13e5c9e2
SHA1: c2d59856bd09729ae107dcd7f1204e73b9958096
SHA256: 5982dd61615e69fd9cb2d4c5e681ded00f045592990a1d08d8c04c3e486fc04f
File size: 9006 bytes
Scan date: 2011-02-06 08:18:11 (UTC)


ComboFix 11-02-05.01 - Protoman 02/06/2011 3:53.10.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.311 [GMT -5:00]
Running from: c:\documents and settings\Protoman\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Protoman\Desktop\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2011-01-06 to 2011-02-06 )))))))))))))))))))))))))))))))
.

2011-01-29 05:21 . 2011-01-29 05:21 388096 ----a-r- c:\documents and settings\Protoman\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 23:09 . 2010-08-19 23:20 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 23:08 . 2010-08-19 23:20 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:12 . 2005-11-11 22:15 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 23:53 . 2010-04-29 21:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 21:34 . 2008-12-20 22:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2004-08-04 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2008-02-16 09:35 . 2008-02-16 09:35 2293848 ----a-w- c:\program files\FLV PlayerFCSetup.exe
2004-03-11 18:27 . 2005-11-12 14:12 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( SnapShot_2011-02-03_05.24.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-05 14:09 . 2011-02-05 14:09 16384 c:\windows\temp\Perflib_Perfdata_57c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2005-10-12 7086080]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-08-18 307200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTornado\\btdownloadgui.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Documents and Settings\\Protoman\\My Documents\\D Drive\\SNES\\zsnesw.exe"=
"c:\\Program Files\\Java\\jre1.5.0_05\\bin\\javaw.exe"=
"c:\\Program Files\\SmartFTP\\SmartFTP.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Documents and Settings\\Protoman\\My Documents\\D Drive\\NES Nesticle\\NESTCL95.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7845:UDP"= 7845:UDP:SNES
"4000:TCP"= 4000:TCP:SNES download
"6881:UDP"= 6881:UDP:Torrent for Az
"9420:TCP"= 9420:TCP:RSP
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R3 scrcap;scrcap;c:\windows\system32\drivers\scrcap.sys [12/27/2006 9:47 AM 9006]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} - hxxp://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10
FF - ProfilePath - c:\documents and settings\Protoman\Application Data\Mozilla\Firefox\Profiles\0aghlp78.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-06 04:02
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-839522115-562591055-2147167427-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{86160C21-8200-3688-7C4F-8FB663D01859}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iahbhllkpmhkkclphc"=hex:6a,61,6d,67,6c,64,63,6d,6b,61,61,69,70,69,6f,6b,6e,6b,
69,67,00,00
"hajbjngocogfomhc"=hex:6a,61,6d,67,6c,64,63,6d,6b,61,61,69,70,69,6f,6b,6e,6b,
69,67,00,a6

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2332)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-02-06 04:07:32
ComboFix-quarantined-files.txt 2011-02-06 09:07
ComboFix2.txt 2011-02-03 05:28
ComboFix3.txt 2010-01-04 22:37
ComboFix4.txt 2010-01-04 02:43

Pre-Run: 773,679,742,976 bytes free
Post-Run: 773,993,271,296 bytes free

- - End Of File - - 076C111CDCAB2C036B6C5B1B4AC15695

    Advertisements

Register to Remove

#11 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 06 February 2011 - 10:52 AM

Hi,

Please follow all previous instructions regarding security programs and delete the exiting copy of Combofix and download a new one here.

Open a new Notepad session
  • Click the Start button, click run
  • in the run box type notepad
  • click ok
  • In the notepad, Click "Format" and be certain that Word Wrap is not checked.
  • Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE

Regnull::
[HKEY_USERS\S-1-5-21-839522115-562591055-2147167427-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{86160C21-8200-3688-7C4F-8FB663D01859}*]


In the notepad
  • Click File, Save as..., and set the Save in to your Desktop
  • In the filename box, type (including quotation marks) as the filename: "CFScript.txt"
  • Click save
Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown below.

This will start ComboFix again.Close all browser/windows first.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Posted Image
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#12 DanielDude

DanielDude

    Authentic Member

  • Authentic Member
  • PipPip
  • 75 posts

Posted 06 February 2011 - 09:12 PM

ComboFix 11-02-05.01 - Protoman 02/06/2011 21:57:39.11.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.329 [GMT -5:00]
Running from: c:\documents and settings\Protoman\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Protoman\Desktop\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2011-01-07 to 2011-02-07 )))))))))))))))))))))))))))))))
.

2011-01-29 05:21 . 2011-01-29 05:21 388096 ----a-r- c:\documents and settings\Protoman\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 23:09 . 2010-08-19 23:20 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 23:08 . 2010-08-19 23:20 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:12 . 2005-11-11 22:15 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 23:53 . 2010-04-29 21:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 21:34 . 2008-12-20 22:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2004-08-04 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2008-02-16 09:35 . 2008-02-16 09:35 2293848 ----a-w- c:\program files\FLV PlayerFCSetup.exe
2004-03-11 18:27 . 2005-11-12 14:12 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( SnapShot_2011-02-03_05.24.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-05 14:09 . 2011-02-05 14:09 16384 c:\windows\temp\Perflib_Perfdata_57c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2005-10-12 7086080]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-08-18 307200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTornado\\btdownloadgui.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Documents and Settings\\Protoman\\My Documents\\D Drive\\SNES\\zsnesw.exe"=
"c:\\Program Files\\Java\\jre1.5.0_05\\bin\\javaw.exe"=
"c:\\Program Files\\SmartFTP\\SmartFTP.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Documents and Settings\\Protoman\\My Documents\\D Drive\\NES Nesticle\\NESTCL95.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7845:UDP"= 7845:UDP:SNES
"4000:TCP"= 4000:TCP:SNES download
"6881:UDP"= 6881:UDP:Torrent for Az
"9420:TCP"= 9420:TCP:RSP
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R3 scrcap;scrcap;c:\windows\system32\drivers\scrcap.sys [12/27/2006 9:47 AM 9006]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} - hxxp://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10
FF - ProfilePath - c:\documents and settings\Protoman\Application Data\Mozilla\Firefox\Profiles\0aghlp78.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-06 22:07
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3984)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-02-06 22:10:06
ComboFix-quarantined-files.txt 2011-02-07 03:10
ComboFix2.txt 2011-02-06 09:07
ComboFix3.txt 2011-02-03 05:28
ComboFix4.txt 2010-01-04 22:37
ComboFix5.txt 2011-02-07 02:56

Pre-Run: 773,209,882,624 bytes free
Post-Run: 773,789,175,808 bytes free

- - End Of File - - 2844E6900C8B2F90A31E80536955DFA5

#13 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 07 February 2011 - 03:14 AM

Looking good :thumbup: Does it run significantly faster now?
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#14 DanielDude

DanielDude

    Authentic Member

  • Authentic Member
  • PipPip
  • 75 posts

Posted 07 February 2011 - 05:39 PM

So far so good. What was the problem you think?

#15 Conspire

Conspire

    SuperHelper

  • Retired Classroom Teacher
  • 5,806 posts

Posted 07 February 2011 - 08:54 PM

Hi,

Good. The problem lies on a rogue software hidden in your system which typically slows the system down. Right now we should do a final check up to ensure everything is good to go.

If possible, try getting another RAM for better performance because right now you only have 512MB of RAM installed.

You have an older version of Adobe Reader. You can download the current version HERE

You may want to consider Foxit Reader instead. It may be a bit lighter on resources.

Visit their support forum
Foxit Forum

In either case you should uninstall Adobe Reader 7.0 first. Be sure to move any PDF documents to another folder first though.

===================================================

ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan

Note: If you are using Windows Vista/7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.


  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • Look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Select Uninstall application on close check box and push Posted Image
===================================================

On your next reply please post :
ESET report


Let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·