Jump to content

Recommended Posts

Hello sirs -

First, some thanks. You are doing God's work here helping us get rid of this malware.

I have been infected with this apparently common bit of malware. For the life of me, I cannot clear my sytem. I have read all the posted threads and taken all kinds of action - rkill, FixNCR, MBAM, etc. I just have been very unsuccessful. So, this morning I have booted anew and gone through the processed stickied in this forum.

Here is my MBAM log:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6633

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

5/21/2011 9:18:31 AM

mbam-log-2011-05-21 (09-18-31).txt

Scan type: Quick scan

Objects scanned: 255266

Time elapsed: 40 minute(s), 20 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\WINDOWS\Temp\explorer.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Here are my DDS logs - DDS:

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Mom Mother Mum Mommy at 9:53:35.09 on Sat 05/21/2011

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.452 [GMT -5:00]

.

AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\WINDOWS\system32\hphmon06.exe

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Secunia\PSI\psi_tray.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Secunia\PSI\PSIA.exe

C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe

C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Secunia\PSI\sua.exe

C:\Documents and Settings\Mom Mother Mum Mommy\Desktop\dds.scr

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local;<local>

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe

mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe

mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"

mRun: [HPHmon06] c:\windows\system32\hphmon06.exe

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 4.0\apdproxy.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

StartupFolder: c:\docume~1\mommot~1\startm~1\programs\startup\eventr~1.lnk - c:\program files\mindscape\printmaster\PMREMIND.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

Trusted Zone: intuit.com\ttlc

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.disneyphotopass.com/software/ImageUploader4.cab

Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\docume~1\mommot~1\applic~1\mozilla\firefox\profiles\nx176rrn.default\

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

.

---- FIREFOX POLICIES ----

user_pref(security.warn_viewing_mixed,false);

user_pref(security.warn_viewing_mixed.show_once,false);

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

user_pref(security.warn_submit_insecure,false);

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-5-21 11608]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]

R1 MpKsl04c06743;MpKsl04c06743;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{43e76538-3039-4080-ae88-f93e9aa5d6a4}\MpKsl04c06743.sys [2011-5-21 28752]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-5-21 136360]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-5-21 269480]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-5-21 61960]

R2 MotoConnect Service;MotoConnect Service;c:\program files\motorola\motoconnectservice\MotoConnectService.exe [2010-6-24 91456]

R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-4-19 993848]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-4-19 399416]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]

S1 MpKsl3351f9d4;MpKsl3351f9d4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{43e76538-3039-4080-ae88-f93e9aa5d6a4}\mpksl3351f9d4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{43e76538-3039-4080-ae88-f93e9aa5d6a4}\MpKsl3351f9d4.sys [?]

S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

.

=============== Created Last 30 ================

.

2011-05-21 14:51:34 28752 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{43e76538-3039-4080-ae88-f93e9aa5d6a4}\MpKsl04c06743.sys

2011-05-21 13:26:03 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-05-21 13:26:02 -------- d-----w- c:\program files\Avira

2011-05-21 13:26:02 -------- d-----w- c:\docume~1\alluse~1\applic~1\Avira

2011-05-18 04:09:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-17 01:19:39 -------- d-----w- c:\program files\iPod

2011-05-17 01:19:31 -------- d-----w- c:\program files\iTunes

2011-05-17 01:05:24 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-05-17 01:05:24 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2011-05-17 00:50:55 -------- d-----w- c:\docume~1\mommot~1\locals~1\applic~1\Secunia PSI

2011-05-17 00:50:44 -------- d-----w- c:\program files\Secunia

2011-05-16 23:05:51 7071056 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2011-05-16 23:05:30 7071056 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{43e76538-3039-4080-ae88-f93e9aa5d6a4}\mpengine.dll

2011-05-16 05:58:48 -------- d-----w- C:\Adobe

2011-05-11 01:11:11 83224 ----a-w- c:\program files\windows defender\MpShHook.dll

2011-05-11 00:38:59 -------- d-----w- c:\program files\Microsoft Security Client

2011-05-11 00:34:08 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll

2011-05-11 00:34:07 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll

2011-05-11 00:34:07 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll

2011-05-11 00:34:07 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll

2011-05-11 00:34:07 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll

2011-05-11 00:34:06 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll

2011-05-11 00:34:06 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll

2011-05-11 00:34:06 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-05-05 02:51:05 0 ----a-w- c:\windows\system32\SET35.tmp

2011-05-05 02:50:56 6144 ----a-w- c:\windows\system32\kbd106.dll

2011-05-02 03:16:07 18781 ----a-w- c:\program files\mozilla firefox\null0.5701365931378508.exe

2011-04-26 05:58:12 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-04-26 04:08:21 54016 ----a-w- c:\windows\system32\drivers\hwybn.sys

.

==================== Find3M ====================

.

2011-05-11 00:23:47 0 ----a-w- c:\windows\Xqebohidozo.bin

.

=================== ROOTKIT ====================

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 5.1.2600 Disk: WDC_WD800JD-60LUA0 rev.07.01D07 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17

.

device: opened successfully

user: MBR read successfully

.

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x870FC730]<<

_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x87102a10]; MOV EAX, [0x87102a8c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }

1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x87171AB8]

3 CLASSPNP[0xF755CFD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000064[0x871756C8]

5 ACPI[0xF73F3620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x87137D98]

\Driver\atapi[0x87173A28] -> IRP_MJ_CREATE -> 0x870FC730

error: Read A device attached to the system is not functioning.

kernel: MBR read successfully

_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [bP+0x0], CH; JL 0x2e; JNZ 0x3a; }

detected disk devices:

detected hooks:

\Driver\atapi DriverStartIo -> 0x870FC57B

user & kernel MBR OK

Warning: possible TDL3 rootkit infection !

.

============= FINISH: 9:55:22.67 ===============

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 6/18/2009 10:02:22 AM

System Uptime: 5/21/2011 9:50:28 AM (0 hours ago)

.

Motherboard: Hewlett-Packard | | 09F0h

Processor: Intel® Pentium® 4 CPU 3.00GHz | XU1 PROCESSOR | 2992/800mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 75 GiB total, 7.83 GiB free.

D: is CDROM ()

E: is CDROM ()

F: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}

Description: PS/2 Compatible Mouse

Device ID: ACPI\PNP0F13\4&EDE93E0&0

Manufacturer: Microsoft

Name: PS/2 Compatible Mouse

PNP Device ID: ACPI\PNP0F13\4&EDE93E0&0

Service: i8042prt

.

==== System Restore Points ===================

.

RP798: 5/10/2011 8:27:13 PM - Removed SUPERAntiSpyware Free Edition

RP799: 5/10/2011 8:34:18 PM - Removed Microsoft Silverlight

RP800: 5/10/2011 8:35:03 PM - Removed TES Construction Set

RP801: 5/10/2011 8:55:11 PM - Removed Safari

RP802: 5/10/2011 9:15:34 PM - Installed Microsoft Fix it 50362

RP803: 5/16/2011 8:04:57 AM - System Checkpoint

RP804: 5/16/2011 6:10:30 PM - Installed Microsoft Fix it 50362

RP805: 5/16/2011 8:16:49 PM - Installed iTunes

RP806: 5/17/2011 8:34:17 PM - Removed Java 6 Update 24

.

==== Installed Programs ======================

.

.

Acrobat.com

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Help Center 2.0

Adobe Photoshop Elements 4.0

Adobe Reader 9.4.4

akFontViewer

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Avira AntiVir Personal - Free Antivirus

Bonjour

Broadcom Management Programs

Broadcom NetXtreme Ethernet Controller

Compatibility Pack for the 2007 Office system

Creative Memories StoryBook Creator Plus 3

Critical Update for Windows Media Player 11 (KB959772)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB915800-v4)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Image Zone 4.0

HP Photo Creations

HP Photosmart Plus B210 series Basic Device Software

HP Photosmart Plus B210 series Help

HP Photosmart Plus B210 series Product Improvement Study

HP Update

Intel® Graphics Media Accelerator Driver

iSEEK AnswerWorks English Runtime

iTunes

LG USB Modem driver

Malwarebytes' Anti-Malware

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Antimalware

Microsoft Application Error Reporting

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Professional Edition 2003

Microsoft Security Client

Microsoft Security Essentials

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Web Publishing Wizard 1.52

Microsoft Works 6-9 Converter

Microsoft WSE 3.0 Runtime

MobileMe Control Panel

MotoConnect 1.1.31

Motorola Mobile Drivers Installation 4.7.1

Mozilla Firefox 4.0.1 (x86 en-US)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NVIDIA Drivers

OGA Notifier 2.0.0048.0

Overland

Photosmart 320,370,7400,8100,8400 Series

PrintMaster 7.00

PS8100

PSPrinters06

QFolder

QuickTime

Realtek High Definition Audio Driver

Secunia PSI (2.0.0.3003)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969897)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Spelling Dictionaries Support For Adobe Reader 9

The Sims

Link to post
Share on other sites

:welcome:

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs from these scans, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

Next:

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • It doesn't take long to run, once it is finished move onto the next step

Next:

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Hello Larry -

I am home now....and well...it is no longer a pristine sytem on which we are operating. My wife tried to do some work...etc....reboot.

So. I started afresh with your directions. Nothing was detected, but I am attaching the log here.

2011/05/24 18:48:03.0406 3436 TDSS rootkit removing tool 2.5.2.0 May 24 2011 11:01:23

2011/05/24 18:48:03.0796 3436 ================================================================================

2011/05/24 18:48:03.0796 3436 SystemInfo:

2011/05/24 18:48:03.0796 3436

2011/05/24 18:48:03.0796 3436 OS Version: 5.1.2600 ServicePack: 3.0

2011/05/24 18:48:03.0796 3436 Product type: Workstation

2011/05/24 18:48:03.0796 3436 ComputerName: 753C86E8AC9C4C6

2011/05/24 18:48:03.0796 3436 UserName: Mom Mother Mum Mommy

2011/05/24 18:48:03.0796 3436 Windows directory: C:\WINDOWS

2011/05/24 18:48:03.0796 3436 System windows directory: C:\WINDOWS

2011/05/24 18:48:03.0796 3436 Processor architecture: Intel x86

2011/05/24 18:48:03.0796 3436 Number of processors: 2

2011/05/24 18:48:03.0796 3436 Page size: 0x1000

2011/05/24 18:48:03.0796 3436 Boot type: Normal boot

2011/05/24 18:48:03.0796 3436 ================================================================================

2011/05/24 18:48:05.0531 3436 Initialize success

2011/05/24 18:48:08.0000 3484 ================================================================================

2011/05/24 18:48:08.0000 3484 Scan started

2011/05/24 18:48:08.0000 3484 Mode: Manual;

2011/05/24 18:48:08.0000 3484 ================================================================================

2011/05/24 18:48:09.0359 3484 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/05/24 18:48:09.0406 3484 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

2011/05/24 18:48:09.0484 3484 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2011/05/24 18:48:09.0546 3484 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

2011/05/24 18:48:09.0765 3484 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/05/24 18:48:09.0796 3484 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/05/24 18:48:09.0859 3484 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/05/24 18:48:09.0890 3484 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/05/24 18:48:10.0000 3484 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys

2011/05/24 18:48:10.0015 3484 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

2011/05/24 18:48:10.0046 3484 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\WINDOWS\system32\DRIVERS\avipbb.sys

2011/05/24 18:48:10.0093 3484 b57w2k (5175e788bcd1cb7345ab21f3e14369d2) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

2011/05/24 18:48:10.0156 3484 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/05/24 18:48:10.0218 3484 Blfp (9b53d428de0a2566a03499d7aa48dec4) C:\WINDOWS\system32\DRIVERS\baspxp32.sys

2011/05/24 18:48:10.0640 3484 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/05/24 18:48:10.0828 3484 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2011/05/24 18:48:10.0906 3484 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/05/24 18:48:10.0953 3484 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/05/24 18:48:11.0015 3484 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/05/24 18:48:11.0156 3484 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/05/24 18:48:11.0218 3484 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

2011/05/24 18:48:11.0296 3484 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

2011/05/24 18:48:11.0343 3484 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/05/24 18:48:11.0390 3484 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2011/05/24 18:48:11.0437 3484 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/05/24 18:48:11.0500 3484 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/05/24 18:48:11.0531 3484 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

2011/05/24 18:48:11.0562 3484 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

2011/05/24 18:48:11.0625 3484 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2011/05/24 18:48:11.0656 3484 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

2011/05/24 18:48:11.0718 3484 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/05/24 18:48:11.0765 3484 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/05/24 18:48:11.0812 3484 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

2011/05/24 18:48:11.0843 3484 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/05/24 18:48:11.0921 3484 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

2011/05/24 18:48:11.0968 3484 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/05/24 18:48:12.0031 3484 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

2011/05/24 18:48:12.0078 3484 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

2011/05/24 18:48:12.0093 3484 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

2011/05/24 18:48:12.0156 3484 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/05/24 18:48:12.0234 3484 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/05/24 18:48:12.0484 3484 ialm (bffa387180121df1e4646c4ced3e16ca) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

2011/05/24 18:48:12.0796 3484 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/05/24 18:48:13.0046 3484 IntcAzAudAddService (06b0e8d608ab69643b14a1f95f7feab3) C:\WINDOWS\system32\drivers\RtkHDAud.sys

2011/05/24 18:48:13.0203 3484 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2011/05/24 18:48:13.0250 3484 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

2011/05/24 18:48:13.0296 3484 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/05/24 18:48:13.0312 3484 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/05/24 18:48:13.0359 3484 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/05/24 18:48:13.0421 3484 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/05/24 18:48:13.0468 3484 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/05/24 18:48:13.0515 3484 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/05/24 18:48:13.0546 3484 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/05/24 18:48:13.0625 3484 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

2011/05/24 18:48:13.0734 3484 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2011/05/24 18:48:13.0781 3484 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/05/24 18:48:13.0859 3484 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/05/24 18:48:13.0906 3484 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

2011/05/24 18:48:13.0937 3484 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/05/24 18:48:13.0984 3484 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/05/24 18:48:14.0015 3484 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/05/24 18:48:14.0062 3484 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\WINDOWS\system32\DRIVERS\MpFilter.sys

2011/05/24 18:48:14.0234 3484 MpKslb5cf9a8f (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKslb5cf9a8f.sys

2011/05/24 18:48:14.0296 3484 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/05/24 18:48:14.0375 3484 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/05/24 18:48:14.0453 3484 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2011/05/24 18:48:14.0515 3484 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/05/24 18:48:14.0531 3484 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/05/24 18:48:14.0546 3484 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/05/24 18:48:14.0640 3484 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/05/24 18:48:14.0687 3484 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

2011/05/24 18:48:14.0703 3484 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2011/05/24 18:48:14.0734 3484 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2011/05/24 18:48:14.0843 3484 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2011/05/24 18:48:14.0921 3484 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2011/05/24 18:48:14.0937 3484 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/05/24 18:48:14.0984 3484 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/05/24 18:48:15.0015 3484 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/05/24 18:48:15.0046 3484 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/05/24 18:48:15.0078 3484 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/05/24 18:48:15.0109 3484 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/05/24 18:48:15.0171 3484 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2011/05/24 18:48:15.0234 3484 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/05/24 18:48:15.0296 3484 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/05/24 18:48:15.0531 3484 nv (70cb8915895ccb92ddf23ce890c4f5be) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

2011/05/24 18:48:15.0968 3484 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/05/24 18:48:16.0031 3484 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/05/24 18:48:16.0078 3484 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/05/24 18:48:16.0140 3484 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/05/24 18:48:16.0187 3484 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/05/24 18:48:16.0218 3484 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/05/24 18:48:16.0250 3484 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/05/24 18:48:16.0281 3484 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

2011/05/24 18:48:16.0453 3484 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/05/24 18:48:16.0500 3484 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/05/24 18:48:16.0546 3484 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys

2011/05/24 18:48:16.0609 3484 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/05/24 18:48:16.0656 3484 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/05/24 18:48:16.0718 3484 QCDonner (fddd1aeb9f81ef1e6e48ae1edc2a97d6) C:\WINDOWS\system32\DRIVERS\OVCD.sys

2011/05/24 18:48:16.0828 3484 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/05/24 18:48:16.0859 3484 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/05/24 18:48:16.0890 3484 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/05/24 18:48:16.0921 3484 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/05/24 18:48:16.0984 3484 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/05/24 18:48:17.0000 3484 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/05/24 18:48:17.0062 3484 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/05/24 18:48:17.0125 3484 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/05/24 18:48:17.0234 3484 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/05/24 18:48:17.0343 3484 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/05/24 18:48:17.0406 3484 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/05/24 18:48:17.0421 3484 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/05/24 18:48:17.0453 3484 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

2011/05/24 18:48:17.0531 3484 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2011/05/24 18:48:17.0593 3484 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2011/05/24 18:48:17.0687 3484 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/05/24 18:48:17.0734 3484 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/05/24 18:48:17.0828 3484 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

2011/05/24 18:48:17.0859 3484 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys

2011/05/24 18:48:17.0906 3484 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2011/05/24 18:48:17.0937 3484 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/05/24 18:48:17.0968 3484 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2011/05/24 18:48:18.0093 3484 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/05/24 18:48:18.0171 3484 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/05/24 18:48:18.0234 3484 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/05/24 18:48:18.0250 3484 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/05/24 18:48:18.0296 3484 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/05/24 18:48:18.0453 3484 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2011/05/24 18:48:18.0578 3484 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2011/05/24 18:48:18.0656 3484 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys

2011/05/24 18:48:18.0718 3484 usbbus (5aadc9297c39aa249cd994acdba19034) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys

2011/05/24 18:48:18.0781 3484 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/05/24 18:48:18.0843 3484 UsbDiag (4650ffe04e5922399b0e932319e6b215) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys

2011/05/24 18:48:18.0875 3484 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/05/24 18:48:18.0906 3484 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/05/24 18:48:18.0968 3484 USBModem (2666fe171e0c2e7085ccd5fe0bac09e3) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys

2011/05/24 18:48:19.0031 3484 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

2011/05/24 18:48:19.0078 3484 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2011/05/24 18:48:19.0109 3484 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/05/24 18:48:19.0156 3484 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2011/05/24 18:48:19.0203 3484 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2011/05/24 18:48:19.0281 3484 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/05/24 18:48:19.0312 3484 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/05/24 18:48:19.0390 3484 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/05/24 18:48:19.0546 3484 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

2011/05/24 18:48:19.0671 3484 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

2011/05/24 18:48:19.0734 3484 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2011/05/24 18:48:19.0796 3484 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2011/05/24 18:48:19.0843 3484 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2011/05/24 18:48:19.0921 3484 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

2011/05/24 18:48:20.0046 3484 ================================================================================

2011/05/24 18:48:20.0046 3484 Scan finished

2011/05/24 18:48:20.0046 3484 ================================================================================

2011/05/24 18:48:20.0062 3324 Detected object count: 0

2011/05/24 18:48:20.0062 3324 Actual detected object count: 0

I will try to keep the PC pristine here on out.

Guidance?

Link to post
Share on other sites

That one looks OK.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from one of these locations:

Link 1

Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
  • Double click on ComboFix.exe & follow the prompts.
    Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
    Note: If you have XP SP3, use the XP SP2 package.
    If Vista or Windows 7, skip the Recovery Console part
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RC1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Larry -

Thanks for your guidance. Here is the CF log:

ComboFix 11-05-24.01 - Mom Mother Mum Mommy 05/24/2011 19:12:18.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.573 [GMT -5:00]

Running from: c:\documents and settings\Mom Mother Mum Mommy\Desktop\ComboFix.exe

AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\page

c:\documents and settings\All Users\Application Data\page\page.ico

c:\documents and settings\All Users\Application Data\page\page.URL

c:\documents and settings\Mom Mother Mum Mommy\WINDOWS

c:\documents and settings\sam\WINDOWS

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_ITLPERF

-------\Service_itlperf

.

.

((((((((((((((((((((((((( Files Created from 2011-04-25 to 2011-05-25 )))))))))))))))))))))))))))))))

.

.

2011-05-25 00:22 . 2011-05-25 00:22 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKsl39affa4b.sys

2011-05-24 05:27 . 2011-05-24 05:29 -------- d-----w- c:\documents and settings\Mom Mother Mum Mommy\Application Data\Creative Memories Photo Center

2011-05-22 21:34 . 2011-05-09 20:46 6962000 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\mpengine.dll

2011-05-22 19:27 . 2011-05-24 12:13 -------- d-----w- c:\windows\system32\NtmsData

2011-05-22 19:25 . 2011-05-22 19:25 -------- d-----w- c:\documents and settings\Mom Mother Mum Mommy\Application Data\Avira

2011-05-21 14:35 . 2011-05-21 14:35 -------- d-sh--w- c:\documents and settings\Rick\IECompatCache

2011-05-21 13:26 . 2011-04-01 22:07 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-05-21 13:26 . 2011-04-01 22:07 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys

2011-05-21 13:26 . 2010-06-17 20:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2011-05-21 13:26 . 2010-06-17 20:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2011-05-21 13:26 . 2011-05-21 13:26 -------- d-----w- c:\program files\Avira

2011-05-21 13:26 . 2011-05-21 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira

2011-05-19 04:11 . 2011-05-19 04:11 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer

2011-05-18 04:09 . 2011-05-23 00:17 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-17 01:19 . 2011-05-17 01:19 -------- d-----w- c:\program files\iPod

2011-05-17 01:19 . 2011-05-17 01:20 -------- d-----w- c:\program files\iTunes

2011-05-17 01:08 . 2011-05-17 01:08 -------- d-----w- c:\program files\Common Files\Adobe AIR

2011-05-17 01:05 . 2011-05-17 01:05 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

2011-05-17 01:05 . 2011-05-17 01:05 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-05-17 00:50 . 2011-05-17 00:50 -------- d-----w- c:\documents and settings\Mom Mother Mum Mommy\Local Settings\Application Data\Secunia PSI

2011-05-17 00:50 . 2011-05-17 00:50 -------- d-----w- c:\program files\Secunia

2011-05-16 23:05 . 2011-04-18 14:15 7071056 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-05-16 17:10 . 2011-05-19 18:23 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Apple Computer

2011-05-16 17:10 . 2011-05-16 17:10 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer

2011-05-16 05:58 . 2011-05-16 05:58 -------- d-----w- C:\Adobe

2011-05-11 01:13 . 2011-05-11 01:13 -------- d-----w- c:\program files\Windows Defender

2011-05-11 00:38 . 2011-05-11 00:40 -------- d-----w- c:\program files\Microsoft Security Client

2011-05-11 00:34 . 2011-05-11 00:34 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll

2011-05-11 00:34 . 2011-05-11 00:34 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll

2011-05-11 00:34 . 2011-05-11 00:34 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll

2011-05-11 00:34 . 2011-05-11 00:34 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll

2011-05-11 00:34 . 2011-05-11 00:34 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll

2011-05-11 00:34 . 2011-05-11 00:34 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll

2011-05-11 00:34 . 2011-05-11 00:34 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll

2011-05-11 00:34 . 2011-05-11 00:34 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll

2011-05-05 02:51 . 2011-05-05 02:51 0 ----a-w- c:\windows\system32\SET35.tmp

2011-05-05 02:50 . 2008-04-14 10:39 6144 ----a-w- c:\windows\system32\kbd106.dll

2011-05-04 12:01 . 2011-05-04 12:11 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe

2011-05-02 03:16 . 2011-05-02 03:16 18781 ----a-w- c:\program files\Mozilla Firefox\null0.5701365931378508.exe

2011-04-26 05:58 . 2011-04-26 05:58 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-04-26 04:08 . 2011-04-26 04:08 54016 ----a-w- c:\windows\system32\drivers\hwybn.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-11 00:34 . 2011-05-11 00:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-07 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-07 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-07 137752]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-18 13574144]

"nwiz"="nwiz.exe" [2008-09-18 1657376]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-18 86016]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe" [2006-01-07 172032]

"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2006-01-07 49152]

"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]

"HPHmon06"="c:\windows\system32\hphmon06.exe" [2006-01-07 659456]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 57344]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-27 421160]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

c:\documents and settings\Mom Mother Mum Mommy\Start Menu\Programs\Startup\

Event Reminder.lnk - c:\program files\Mindscape\PrintMaster\PMREMIND.EXE [1998-6-6 325632]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\digital imaging\bin\hpqtra08.exe [2004-5-28 241664]

Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableNotifications"= 1 (0x1)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443

"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443

"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674

"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674

"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675

.

R1 MpKsl39affa4b;MpKsl39affa4b;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKsl39affa4b.sys [5/24/2011 7:22 PM 28752]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [5/21/2011 8:26 AM 136360]

R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [6/24/2010 2:34 PM 91456]

R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [4/19/2011 1:44 AM 993848]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [4/19/2011 1:44 AM 399416]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 3:30 AM 15544]

S1 MpKsl3351f9d4;MpKsl3351f9d4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{43E76538-3039-4080-AE88-F93E9AA5D6A4}\MpKsl3351f9d4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{43E76538-3039-4080-AE88-F93E9AA5D6A4}\MpKsl3351f9d4.sys [?]

S1 MpKsl5a798f7b;MpKsl5a798f7b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKsl5a798f7b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKsl5a798f7b.sys [?]

S1 MpKslb5cf9a8f;MpKslb5cf9a8f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKslb5cf9a8f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKslb5cf9a8f.sys [?]

S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSL39AFFA4B

*NewlyCreated* - WUAUSERV

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

itlsvc REG_MULTI_SZ itlperf

.

Contents of the 'Scheduled Tasks' folder

.

2011-05-23 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:50]

.

2011-05-24 c:\windows\Tasks\At1.job

- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-06-14 22:07]

.

2011-05-24 c:\windows\Tasks\At2.job

- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-06-14 22:07]

.

2011-05-24 c:\windows\Tasks\At3.job

- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-06-14 22:07]

.

2011-05-24 c:\windows\Tasks\At4.job

- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-06-14 22:07]

.

2011-05-24 c:\windows\Tasks\HP Usg Daily FY04.job

- c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\pexpress\hphped06.exe [2009-07-11 05:09]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local;<local>

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

Trusted Zone: intuit.com\ttlc

FF - ProfilePath - c:\documents and settings\Mom Mother Mum Mommy\Application Data\Mozilla\Firefox\Profiles\nx176rrn.default\

user_pref(security.warn_viewing_mixed,false);

user_pref(security.warn_viewing_mixed.show_once,false);

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

user_pref(security.warn_submit_insecure,false);

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - ORPHANS REMOVED - - - -

.

Notify-itlntfy - itlnfw32.dll

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-05-24 19:25

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Hlonusax]

"Tsogaxalaza"=hex:44,01,3b,03,37,05,45,07,3c,09,3b,0b,4a,0d,3f,0f,53,11,54,13,

2d,15,22,17,2c,19,59,1b,5e,1d,2a,1f,61,21,67,23,16,25,13,27,1a,29,1e,2b,1b,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(3948)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe

c:\program files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

c:\program files\Avira\AntiVir Desktop\avshadow.exe

c:\windows\system32\nvsvc32.exe

c:\windows\RTHDCPL.EXE

c:\windows\system32\RUNDLL32.EXE

c:\program files\Motorola\MotoConnectService\MotoConnect.exe

c:\windows\system32\HPZipm12.exe

c:\program files\HP\hpcoretech\comp\hptskmgr.exe

c:\program files\iPod\bin\iPodService.exe

.

**************************************************************************

.

Completion time: 2011-05-24 19:33:28 - machine was rebooted

ComboFix-quarantined-files.txt 2011-05-25 00:33

ComboFix2.txt 2010-04-19 22:30

.

Pre-Run: 8,846,630,912 bytes free

Post-Run: 15,811,018,752 bytes free

.

- - End Of File - - 9E6C4CAA3BDB5588C8E4B8E921E9AD10

Link to post
Share on other sites

Copy/paste the text in the Codebox below into notepad:

Here's how to do that:

Click Start > Run type Notepad click OK.

This will open an empty notepad file:

Take your mouse, and place your cursor at the beginning of the text in the box below, then click and hold the left mouse button, while pulling your mouse over the text. This should highlight the text. Now release the left mouse button. Now, with the cursor over the highlighted text, right click the mouse for options, and select 'copy'. Now over the empty Notepad box, right click your mouse again, and select 'paste' and you will have copied and pasted the text.

KillAll::

File::
c:\windows\system32\SET35.tmp
c:\program files\Mozilla Firefox\null0.5701365931378508.exe

RegLock::
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Hlonusax]

Save this file to your desktop, Save this as "CFScript"

Here's how to do that:

1.Click File;

2.Click Save As... Change the directory to your desktop;

3.Change the Save as type to "All Files";

4.Type in the file name: CFScript

5.Click Save ...

CFScriptB-4.gif

Drag CFScript.txt into ComboFix.exe

Then post the results log using Copy / Paste

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Larry, here is the latest CF log. Due to length I am posting it in two pieces:

ComboFix 11-05-24.01 - Mom Mother Mum Mommy 05/24/2011 20:02:13.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.510 [GMT -5:00]

Running from: c:\documents and settings\Mom Mother Mum Mommy\Desktop\ComboFix.exe

AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((( Files Created from 2011-04-25 to 2011-05-25 )))))))))))))))))))))))))))))))

.

.

2011-05-25 00:44 . 2011-05-25 00:44 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5DDB175F-4E9F-413C-B9EF-F3A402DE3252}\MpKsl67459356.sys

2011-05-25 00:44 . 2011-05-09 20:46 6962000 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5DDB175F-4E9F-413C-B9EF-F3A402DE3252}\mpengine.dll

2011-05-25 00:32 . 2011-05-25 00:32 -------- d-----w- c:\windows\LastGood

2011-05-24 05:27 . 2011-05-24 05:29 -------- d-----w- c:\documents and settings\Mom Mother Mum Mommy\Application Data\Creative Memories Photo Center

2011-05-22 19:27 . 2011-05-24 12:13 -------- d-----w- c:\windows\system32\NtmsData

2011-05-22 19:25 . 2011-05-22 19:25 -------- d-----w- c:\documents and settings\Mom Mother Mum Mommy\Application Data\Avira

2011-05-21 14:35 . 2011-05-21 14:35 -------- d-sh--w- c:\documents and settings\Rick\IECompatCache

2011-05-21 13:26 . 2011-04-01 22:07 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-05-21 13:26 . 2011-04-01 22:07 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys

2011-05-21 13:26 . 2010-06-17 20:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2011-05-21 13:26 . 2010-06-17 20:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2011-05-21 13:26 . 2011-05-21 13:26 -------- d-----w- c:\program files\Avira

2011-05-21 13:26 . 2011-05-21 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira

2011-05-19 04:11 . 2011-05-19 04:11 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer

2011-05-18 04:09 . 2011-05-23 00:17 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-17 01:19 . 2011-05-17 01:19 -------- d-----w- c:\program files\iPod

2011-05-17 01:19 . 2011-05-17 01:20 -------- d-----w- c:\program files\iTunes

2011-05-17 01:08 . 2011-05-17 01:08 -------- d-----w- c:\program files\Common Files\Adobe AIR

2011-05-17 01:05 . 2011-05-17 01:05 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

2011-05-17 01:05 . 2011-05-17 01:05 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-05-17 00:50 . 2011-05-17 00:50 -------- d-----w- c:\documents and settings\Mom Mother Mum Mommy\Local Settings\Application Data\Secunia PSI

2011-05-17 00:50 . 2011-05-17 00:50 -------- d-----w- c:\program files\Secunia

2011-05-16 23:05 . 2011-05-09 20:46 6962000 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-05-16 17:10 . 2011-05-19 18:23 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Apple Computer

2011-05-16 17:10 . 2011-05-16 17:10 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer

2011-05-16 05:58 . 2011-05-16 05:58 -------- d-----w- C:\Adobe

2011-05-11 01:13 . 2011-05-11 01:13 -------- d-----w- c:\program files\Windows Defender

2011-05-11 00:38 . 2011-05-11 00:40 -------- d-----w- c:\program files\Microsoft Security Client

2011-05-11 00:34 . 2011-05-11 00:34 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll

2011-05-11 00:34 . 2011-05-11 00:34 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll

2011-05-11 00:34 . 2011-05-11 00:34 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll

2011-05-11 00:34 . 2011-05-11 00:34 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll

2011-05-11 00:34 . 2011-05-11 00:34 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll

2011-05-11 00:34 . 2011-05-11 00:34 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll

2011-05-11 00:34 . 2011-05-11 00:34 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll

2011-05-11 00:34 . 2011-05-11 00:34 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll

2011-05-05 02:51 . 2011-05-05 02:51 0 ----a-w- c:\windows\system32\SET35.tmp

2011-05-05 02:50 . 2008-04-14 10:39 6144 ----a-w- c:\windows\system32\kbd106.dll

2011-05-04 12:01 . 2011-05-04 12:11 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe

2011-05-02 03:16 . 2011-05-02 03:16 18781 ----a-w- c:\program files\Mozilla Firefox\null0.5701365931378508.exe

2011-04-26 05:58 . 2011-04-26 05:58 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-04-26 04:08 . 2011-04-26 04:08 54016 ----a-w- c:\windows\system32\drivers\hwybn.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-11 00:34 . 2011-05-11 00:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2010-04-19_22.28.06 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-07-12 00:41 . 2009-07-12 00:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 45416 c:\windows\WinSxS\MSIL_Intuit.Spc.Esd.WinClient.Application.Update_540d4816ead86321_3.1.31.0_x-ww_46ee423f\Intuit.Spc.Esd.WinClient.Application.Update.exe

+ 2011-02-17 00:39 . 2011-02-17 00:39 40296 c:\windows\WinSxS\MSIL_Intuit.Spc.Esd.WinClient.Application.ConfigUXv2_540d4816ead86321_3.1.31.0_x-ww_8b778a47\Intuit.Spc.Esd.WinClient.Application.ConfigUXv2.exe

+ 2010-10-10 04:59 . 1996-08-27 07:12 61568 c:\windows\VIEWER.EXE

+ 2010-10-10 04:59 . 1996-08-27 07:12 17536 c:\windows\VIEWENU.DLL

+ 2010-04-19 22:40 . 2007-11-01 04:48 20992 c:\windows\system32\windowspowershell\v1.0\pwrshsip.dll

+ 2010-12-14 00:12 . 2010-12-14 00:11 28672 c:\windows\system32\vxblock.dll

+ 2010-05-09 22:24 . 2008-04-14 10:42 53760 c:\windows\system32\vfwwdm32.dll

+ 2003-02-21 10:16 . 2003-02-21 10:16 49152 c:\windows\system32\URTTEMP\regtlib.exe

- 2008-04-14 12:00 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe

+ 2008-04-14 12:00 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe

+ 2008-04-14 12:00 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll

+ 2008-04-14 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe

+ 2009-06-18 15:50 . 2007-04-09 18:23 28552 c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 40808 c:\windows\system32\spool\drivers\w32x86\photosmart_plus_b210_series_wsd_ip_print\hpvplui04.dll

+ 2009-06-18 15:50 . 2007-04-09 18:23 46472 c:\windows\system32\spool\drivers\w32x86\mdiui.dll

+ 2009-06-18 15:50 . 2007-04-09 18:23 46472 c:\windows\system32\spool\drivers\w32x86\3\mdiui.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 40808 c:\windows\system32\spool\drivers\w32x86\3\hpvplui04.dll

+ 2011-03-06 17:59 . 2010-12-15 00:51 41984 c:\windows\system32\ReinstallBackups\0000\DriverFiles\usbaapl.sys

+ 2010-12-14 00:12 . 2010-12-14 00:11 56320 c:\windows\system32\pxinsa64.exe

+ 2010-12-14 00:12 . 2010-12-14 00:11 61440 c:\windows\system32\pxhpinst.exe

+ 2010-12-14 00:12 . 2010-12-14 00:11 56832 c:\windows\system32\pxcpya64.exe

+ 2010-03-31 05:16 . 2010-03-31 05:16 99176 c:\windows\system32\PresentationHostProxy.dll

+ 2005-10-29 04:49 . 2005-10-29 04:49 84480 c:\windows\system32\pintool.exe

+ 2008-04-14 12:00 . 2011-05-24 11:45 71846 c:\windows\system32\perfc009.dat

+ 2010-05-09 22:24 . 2001-08-18 03:36 41984 c:\windows\system32\OVUI2RC.dll

+ 2010-05-09 22:24 . 2001-08-18 03:36 44544 c:\windows\system32\OVUI2.dll

+ 2010-05-09 22:24 . 2001-08-18 03:36 39424 c:\windows\system32\OVComS.exe

+ 2010-05-09 22:24 . 2001-08-18 03:36 20480 c:\windows\system32\OVComC.dll

+ 2008-04-14 12:00 . 2009-10-08 19:56 20480 c:\windows\system32\oleaccrc.dll

+ 2008-04-14 12:00 . 2008-03-07 17:02 98304 c:\windows\system32\nlhtml.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 98304 c:\windows\system32\nlhtml.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 49488 c:\windows\system32\netfxperf.dll

+ 2009-11-06 03:17 . 2009-11-06 03:17 11600 c:\windows\system32\mui\0409\mscorees.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 66560 c:\windows\system32\mshtmled.dll

- 2008-04-14 12:00 . 2009-03-08 09:31 66560 c:\windows\system32\mshtmled.dll

- 2007-08-13 23:54 . 2010-02-25 06:24 55296 c:\windows\system32\msfeedsbs.dll

+ 2007-08-13 23:54 . 2010-12-20 23:59 55296 c:\windows\system32\msfeedsbs.dll

+ 2009-10-18 01:34 . 2011-03-07 04:15 56116 c:\windows\system32\mlfcache.dat

- 2008-04-14 12:00 . 2008-04-14 12:00 29696 c:\windows\system32\mimefilt.dll

+ 2008-04-14 12:00 . 2008-03-07 17:02 29696 c:\windows\system32\mimefilt.dll

+ 2009-06-18 15:50 . 2007-04-09 18:23 28040 c:\windows\system32\mdimon.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 43520 c:\windows\system32\licmgr10.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 25600 c:\windows\system32\jsproxy.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 25600 c:\windows\system32\jsproxy.dll

- 2009-06-18 14:57 . 2008-04-14 12:00 81920 c:\windows\system32\isign32.dll

+ 2009-06-18 14:57 . 2010-11-18 18:12 81920 c:\windows\system32\isign32.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 80384 c:\windows\system32\iccvid.dll

+ 2008-04-14 12:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll

+ 2007-03-23 00:17 . 2007-03-23 00:17 35440 c:\windows\system32\FM20ENU.DLL

+ 2010-12-14 00:16 . 2002-12-12 06:14 46592 c:\windows\system32\dxdllreg.exe

+ 2011-03-06 17:59 . 2011-02-18 22:36 41984 c:\windows\system32\DRVSTORE\usbaapl_05A32DBD3911A2EF4222EF5BE7BB535FAB37D6C4\usbaapl.sys

+ 2011-02-21 23:50 . 2010-04-20 01:29 18432 c:\windows\system32\DRVSTORE\netaapl_8A27A03003759CB01567E831096473C330131D64\netaapl.sys

+ 2011-01-03 01:10 . 2010-06-18 21:09 23936 c:\windows\system32\DRVSTORE\motport_4F4CBE1DF24686697EA24297424DF8E347630C56\motport.sys

+ 2011-01-03 01:10 . 2010-04-01 20:31 23424 c:\windows\system32\DRVSTORE\motousbnet_770BC1026CC54C2F3EBB8D43C100E1BE013A9284\Motousbnet.sys

+ 2011-01-03 01:10 . 2009-05-08 17:56 42752 c:\windows\system32\DRVSTORE\motodrv_9E3D9A40BFFF73BAD5B052681D43BC931352E639\motodrv.sys

+ 2011-01-03 01:10 . 2009-12-21 20:42 15616 c:\windows\system32\DRVSTORE\motodrv_9E3D9A40BFFF73BAD5B052681D43BC931352E639\mot_ci.dll

+ 2011-01-03 01:10 . 2009-07-10 19:01 25856 c:\windows\system32\DRVSTORE\motoandroi_281A0D1CF14FCFFB1B61021B981311BFDC53E1D2\motoandroid.sys

+ 2011-01-03 01:10 . 2010-06-18 21:09 23936 c:\windows\system32\DRVSTORE\motmodem_339FBB9A886D234C861F36407D0E4F9AF978E6CD\motmodem.sys

+ 2011-01-03 01:10 . 2010-06-18 20:41 19968 c:\windows\system32\DRVSTORE\motccgp_7B90A2F86B8D63041DA9D597F8E5A9C44922CD15\motccgp.sys

+ 2011-01-15 18:10 . 2010-06-14 20:48 40808 c:\windows\system32\DRVSTORE\hpvpl04_47B091F48F559E87E50F5837DCD9824163A68863\i386\hpvplui04.dll

+ 2010-05-09 22:24 . 2008-04-14 05:16 19200 c:\windows\system32\drivers\WSTCODEC.SYS

+ 2009-06-23 21:46 . 2011-02-18 22:36 41984 c:\windows\system32\drivers\usbaapl.sys

+ 2010-05-09 22:24 . 2008-04-14 05:16 15232 c:\windows\system32\drivers\StreamIP.sys

+ 2011-05-21 13:26 . 2010-06-17 20:27 28520 c:\windows\system32\drivers\ssmdrv.sys

+ 2010-05-09 22:24 . 2008-04-14 05:16 11136 c:\windows\system32\drivers\SLIP.sys

+ 2010-12-14 00:12 . 2010-12-14 00:11 20640 c:\windows\system32\drivers\PxHelp20.sys

+ 2010-09-01 08:30 . 2010-09-01 08:30 15544 c:\windows\system32\drivers\psi_mf.sys

+ 2010-05-09 22:24 . 2001-08-17 19:05 28032 c:\windows\system32\drivers\OVCD.sys

+ 2010-05-09 22:24 . 2001-08-17 19:05 48000 c:\windows\system32\drivers\OVCam2.sys

+ 2008-04-14 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys

+ 2010-05-09 22:24 . 2008-04-14 05:16 10880 c:\windows\system32\drivers\NdisIP.sys

+ 2010-05-09 22:24 . 2008-04-14 05:16 85248 c:\windows\system32\drivers\NABTSFEC.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 52096 c:\windows\system32\drivers\msdv.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 15104 c:\windows\system32\drivers\mpe.sys

+ 2010-04-19 22:04 . 2010-12-21 00:09 38224 c:\windows\system32\drivers\mbamswissarmy.sys

- 2010-04-19 22:04 . 2010-03-30 05:46 38224 c:\windows\system32\drivers\mbamswissarmy.sys

+ 2010-04-19 22:04 . 2010-12-21 00:08 20952 c:\windows\system32\drivers\mbam.sys

+ 2010-05-09 22:24 . 2008-04-14 05:16 17024 c:\windows\system32\drivers\CCDECODE.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 11392 c:\windows\system32\drivers\bdasup.sys

+ 2010-10-07 18:23 . 2010-10-07 18:23 91424 c:\windows\system32\dnssd.dll

- 2009-07-28 21:52 . 2010-02-25 06:24 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2009-07-28 21:52 . 2010-12-20 23:59 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2010-05-09 22:24 . 2008-04-14 05:16 19200 c:\windows\system32\dllcache\wstcodec.sys

+ 2009-06-18 14:57 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe

+ 2010-05-09 22:24 . 2008-04-14 10:42 53760 c:\windows\system32\dllcache\vfwwdm32.dll

+ 2010-05-09 22:24 . 2008-04-14 05:16 15232 c:\windows\system32\dllcache\streamip.sys

+ 2008-04-14 12:00 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll

+ 2008-04-14 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe

+ 2010-05-09 22:24 . 2008-04-14 05:16 11136 c:\windows\system32\dllcache\slip.sys

+ 2010-12-14 00:16 . 2002-08-29 09:41 31744 c:\windows\system32\dllcache\pid.dll

+ 2010-05-09 22:24 . 2001-08-18 03:36 41984 c:\windows\system32\dllcache\ovui2rc.dll

+ 2010-05-09 22:24 . 2001-08-18 03:36 44544 c:\windows\system32\dllcache\ovui2.dll

+ 2010-05-09 22:24 . 2001-08-18 03:36 39424 c:\windows\system32\dllcache\ovcoms.exe

+ 2010-05-09 22:24 . 2001-08-18 03:36 20480 c:\windows\system32\dllcache\ovcomc.dll

+ 2010-05-09 22:24 . 2001-08-17 19:05 28032 c:\windows\system32\dllcache\ovcd.sys

+ 2010-05-09 22:24 . 2001-08-17 19:05 48000 c:\windows\system32\dllcache\ovcam2.sys

+ 2008-04-14 12:00 . 2009-10-08 19:56 20480 c:\windows\system32\dllcache\oleaccrc.dll

+ 2008-04-14 12:00 . 2008-03-07 17:02 98304 c:\windows\system32\dllcache\nlhtml.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 98304 c:\windows\system32\dllcache\nlhtml.dll

+ 2008-04-14 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys

+ 2010-05-09 22:24 . 2008-04-14 05:16 10880 c:\windows\system32\dllcache\ndisip.sys

+ 2010-05-09 22:24 . 2008-04-14 05:16 85248 c:\windows\system32\dllcache\nabtsfec.sys

- 2008-04-14 12:00 . 2009-03-08 09:31 66560 c:\windows\system32\dllcache\mshtmled.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 66560 c:\windows\system32\dllcache\mshtmled.dll

+ 2009-06-18 15:29 . 2010-12-20 23:59 55296 c:\windows\system32\dllcache\msfeedsbs.dll

- 2009-06-18 15:29 . 2010-02-25 06:24 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2010-12-14 00:16 . 2004-07-09 10:26 52096 c:\windows\system32\dllcache\msdv.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 15104 c:\windows\system32\dllcache\mpe.sys

+ 2008-04-14 12:00 . 2008-03-07 17:02 29696 c:\windows\system32\dllcache\mimefilt.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 29696 c:\windows\system32\dllcache\mimefilt.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 43520 c:\windows\system32\dllcache\licmgr10.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2009-06-18 14:57 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll

- 2009-06-18 14:57 . 2008-04-14 12:00 81920 c:\windows\system32\dllcache\isign32.dll

+ 2009-07-28 21:51 . 2010-02-16 04:50 64000 c:\windows\system32\dllcache\iecompat.dll

- 2008-04-14 12:00 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll

+ 2008-04-14 12:00 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll

+ 2010-05-09 22:24 . 2008-04-14 05:16 17024 c:\windows\system32\dllcache\ccdecode.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 11392 c:\windows\system32\dllcache\bdasup.sys

+ 2008-04-14 12:00 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll

- 2008-04-14 12:00 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll

+ 2008-04-14 12:00 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll

+ 2011-05-16 05:44 . 2011-05-16 05:44 77440 c:\windows\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

+ 2005-10-29 04:49 . 2005-10-29 04:49 25600 c:\windows\system32\bcsprsrc.dll

+ 2005-10-28 21:40 . 2005-10-28 21:40 96792 c:\windows\system32\basecsp.dll

+ 2008-04-14 12:00 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll

+ 2010-10-10 04:59 . 1996-08-27 07:12 73712 c:\windows\system\QTOLE.DLL

+ 2010-10-10 04:59 . 1996-08-27 07:12 14544 c:\windows\system\QTIMCMGR.DLL

+ 2010-10-10 04:59 . 1996-08-27 07:12 43504 c:\windows\system\MCIQTW.DRV

+ 2010-12-14 00:16 . 2004-07-09 10:26 47104 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstdecod.dll

+ 2010-12-14 00:16 . 2004-07-09 10:26 18688 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstcodec.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 14976 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\streamip.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 10880 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\slip.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 10112 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ndisip.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 83968 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\nabtsfec.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 16896 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msyuv.dll

+ 2010-12-14 00:16 . 2004-07-09 10:26 15104 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\mpe.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 16384 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ccdecode.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 11392 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\bdasup.sys

+ 2010-12-14 00:16 . 2004-07-09 10:27 48512 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\stream.sys

+ 2010-12-14 00:16 . 2002-12-12 06:14 13312 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\msdmo.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 34304 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mciqtz32.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 18944 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\encapi.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 46592 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe

+ 2010-12-14 00:16 . 2002-12-12 06:14 18432 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dswave.dll

+ 2010-12-14 00:16 . 2004-07-09 10:27 79360 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpwsockx.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 80896 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe

+ 2010-12-14 00:16 . 2002-12-12 06:14 19968 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvacm.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 16896 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe

+ 2010-12-14 00:16 . 2003-03-24 15:00 68096 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhupnp.dll

+ 2010-12-14 00:16 . 2003-03-24 15:00 32768 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhpast.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 77824 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpmodemx.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 28160 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe

+ 2010-12-14 00:16 . 2002-12-12 06:14 98816 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmstyle.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 76800 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmscript.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 33280 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 58368 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmcompos.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 27136 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmband.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 24064 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddrawex.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 64512 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\amstream.dll

+ 2010-10-10 04:59 . 1996-08-27 07:12 93504 c:\windows\QTW16DEL.EXE

+ 2010-10-10 04:59 . 1996-08-27 07:12 74496 c:\windows\PLAYER.EXE

+ 2010-10-10 04:59 . 1996-08-27 07:12 16928 c:\windows\PLAYENU.DLL

+ 2010-04-08 04:48 . 2010-04-08 04:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll

- 2008-07-30 00:16 . 2008-07-30 00:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll

+ 2010-09-22 14:43 . 2010-09-22 14:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe

+ 2004-07-15 07:11 . 2004-07-15 07:11 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll

+ 2009-06-25 00:56 . 2009-06-25 00:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe

+ 2004-07-15 19:28 . 2004-07-15 19:28 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll

+ 2010-09-23 20:55 . 2010-09-23 20:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll

+ 2004-07-15 05:35 . 2004-07-15 05:35 66560 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll

+ 2003-02-21 12:26 . 2003-02-21 12:26 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.Design.dll

+ 2004-07-15 19:28 . 2004-07-15 19:28 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll

+ 2003-02-21 12:26 . 2003-02-21 12:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Configuration.Install.dll

+ 2003-02-21 12:25 . 2003-02-21 12:25 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe

+ 2004-07-15 19:28 . 2004-07-15 19:28 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll

+ 2003-02-21 12:25 . 2003-02-21 12:25 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe

+ 2004-07-15 05:34 . 2004-07-15 05:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll

+ 2003-02-21 00:09 . 2003-02-21 00:09 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\ngen.exe

+ 2003-02-20 23:43 . 2003-02-20 23:43 22528 c:\windows\Microsoft.NET\Framework\v1.1.4322\MUI\0409\mscorsecr.dll

+ 2003-02-21 00:18 . 2003-02-21 00:18 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\mtxoci8.dll

+ 2010-09-23 07:26 . 2010-09-23 07:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll

+ 2004-07-15 05:33 . 2004-07-15 05:33 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll

+ 2003-02-21 00:06 . 2003-02-21 00:06 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll

+ 2010-09-23 07:26 . 2010-09-23 07:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll

+ 2004-07-15 05:32 . 2004-07-15 05:32 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll

+ 2004-07-15 19:28 . 2004-07-15 19:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe

+ 2004-07-15 19:28 . 2004-07-15 19:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe

+ 2003-02-21 12:25 . 2003-02-21 12:25 11264 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2003-02-21 12:24 . 2003-02-21 12:24 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll

+ 2003-02-21 12:24 . 2003-02-21 12:24 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll

+ 2003-02-21 12:24 . 2003-02-21 12:24 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\jsc.exe

+ 2003-02-21 12:24 . 2003-02-21 12:24 26112 c:\windows\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll

+ 2003-02-21 00:22 . 2003-02-21 00:22 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll

+ 2003-02-21 12:24 . 2003-02-21 12:24 15872 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe

+ 2004-07-15 19:31 . 2004-07-15 19:31 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll

+ 2003-10-08 19:30 . 2003-10-08 19:30 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\gacutil.exe

+ 2003-02-21 09:12 . 2003-02-21 09:12 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe

+ 2003-02-21 12:24 . 2003-02-21 12:24 33792 c:\windows\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll

+ 2003-02-21 12:24 . 2003-02-21 12:24 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll

+ 2004-07-15 16:23 . 2004-07-15 16:23 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe

+ 2010-09-23 07:26 . 2010-09-23 07:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll

+ 2003-02-21 12:24 . 2003-02-21 12:24 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe

+ 2003-02-21 12:24 . 2003-02-21 12:24 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\CasPol.exe

+ 2010-09-23 08:17 . 2010-09-23 08:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe

+ 2004-07-15 06:49 . 2004-07-15 06:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe

+ 2004-07-15 06:49 . 2004-07-15 06:49 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe

+ 2003-02-21 00:19 . 2003-02-21 00:19 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll

+ 2010-09-23 08:17 . 2010-09-23 08:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll

+ 2003-02-21 10:00 . 2003-02-21 10:00 98304 c:\windows\Microsoft.NET\Framework\v1.1.4322\alink.dll

+ 2003-02-21 08:55 . 2003-02-21 08:55 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll

+ 2003-02-21 07:59 . 2003-02-21 07:59 16896 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe

+ 2011-02-17 00:43 . 2011-02-17 00:43 29184 c:\windows\Installer\fcf01.msi

+ 2011-02-17 00:37 . 2011-02-17 00:37 25088 c:\windows\Installer\fcee3.msi

+ 2011-05-17 01:08 . 2011-05-17 01:08 28160 c:\windows\Installer\e2f4f.msi

+ 2011-04-05 01:08 . 2011-04-05 01:08 81408 c:\windows\Installer\2129a071.msp

+ 2010-06-23 03:21 . 2010-06-23 03:21 27136 c:\windows\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe

+ 2011-01-15 18:10 . 2011-01-15 18:10 76759 c:\windows\Installer\{BE962181-E347-464E-AE70-276DD63A8293}\SCLite_Icon.exe

+ 2011-04-16 20:10 . 2011-04-16 20:10 71584 c:\windows\Installer\{95ED1AC3-DF2A-4719-B029-909C0875CD8F}\NewShortcut3_A46137BB226C435A9A28C47ED6CAAD47.exe

+ 2011-04-16 20:10 . 2011-04-16 20:10 75672 c:\windows\Installer\{95ED1AC3-DF2A-4719-B029-909C0875CD8F}\NewShortcut2_D445358616FC47EF8252C695ADDAAF1D.exe

+ 2011-04-16 20:10 . 2011-04-16 20:10 63392 c:\windows\Installer\{95ED1AC3-DF2A-4719-B029-909C0875CD8F}\NewShortcut11_E123FFE39EFD41F5803B04359EA6F655.exe

+ 2011-04-16 20:10 . 2011-04-16 20:10 63392 c:\windows\Installer\{95ED1AC3-DF2A-4719-B029-909C0875CD8F}\NewShortcut1_D1FFDBBC8D024D7CBB46F571B28B8D6D.exe

+ 2011-04-16 20:10 . 2011-04-16 20:10 51104 c:\windows\Installer\{95ED1AC3-DF2A-4719-B029-909C0875CD8F}\ARPPRODUCTICON.exe

- 2010-02-22 13:49 . 2010-02-22 13:49 34632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe

+ 2010-11-11 09:04 . 2010-11-11 09:04 34632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe

- 2009-06-18 15:50 . 2009-10-14 00:56 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe

+ 2009-06-18 15:50 . 2011-03-09 09:00 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe

+ 2009-06-18 15:50 . 2011-03-09 09:00 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe

- 2009-06-18 15:50 . 2009-10-14 00:56 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe

- 2009-06-18 15:50 . 2009-10-14 00:56 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe

+ 2009-06-18 15:50 . 2011-03-09 09:00 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe

- 2009-06-18 15:50 . 2009-10-14 00:56 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe

+ 2009-06-18 15:50 . 2011-03-09 09:00 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe

- 2009-06-18 15:50 . 2009-10-14 00:56 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe

+ 2009-06-18 15:50 . 2011-03-09 09:00 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe

+ 2009-06-18 15:50 . 2011-03-09 09:00 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe

- 2009-06-18 15:50 . 2009-10-14 00:56 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe

+ 2010-12-14 00:18 . 2010-12-14 00:18 65536 c:\windows\Installer\{8FFC924C-ED06-44CB-8867-3CA778ECE903}\ProgramMenuShortcut_E9787678103300008E670000000001_1.exe

+ 2010-12-14 00:18 . 2010-12-14 00:18 65536 c:\windows\Installer\{8FFC924C-ED06-44CB-8867-3CA778ECE903}\NewShortcut1_38345BD7BBBC49CAB430216AC471F461.exe

+ 2010-12-14 00:18 . 2010-12-14 00:18 65536 c:\windows\Installer\{8FFC924C-ED06-44CB-8867-3CA778ECE903}\AppLanuchShortcut_E9787678103300008E67000000000001_1.exe

+ 2011-01-03 01:10 . 2011-01-03 01:10 85182 c:\windows\Installer\{7BB493F6-1E56-4748-B3A3-D7B1FB6EE2FE}\_7A8DFDDA16A557B2C4B697.exe

+ 2007-03-23 00:07 . 2007-03-23 00:07 78168 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\RM.DLL

+ 2007-03-23 00:07 . 2007-03-23 00:07 41824 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\RECALL.DLL

+ 2007-03-23 00:05 . 2007-03-23 00:05 97632 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\PP7X32.DLL

+ 2007-04-19 18:53 . 2007-04-19 18:53 69984 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OUTLRPC.DLL

+ 2007-03-23 00:07 . 2007-03-23 00:07 80224 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\DLGSETP.DLL

+ 2007-03-23 00:07 . 2007-03-23 00:07 91488 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ADDRPARS.DLL

+ 2003-07-15 04:00 . 2003-07-15 04:00 99904 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\TRANSMGR.DLL

+ 2003-07-15 03:53 . 2003-07-15 03:53 11848 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE

+ 2003-07-15 03:57 . 2003-07-15 03:57 58944 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL

+ 2003-07-15 03:44 . 2003-07-15 03:44 66616 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL

+ 2003-07-15 03:43 . 2003-07-15 03:43 74288 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\RM.DLL

+ 2003-07-15 03:57 . 2003-07-15 03:57 40512 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL

+ 2003-05-09 02:54 . 2003-05-09 02:54 77824 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL

+ 2003-07-15 03:42 . 2003-07-15 03:42 37432 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\RECALL.DLL

+ 2003-07-15 08:18 . 2003-07-15 08:18 93752 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL

+ 2003-07-15 03:43 . 2003-07-15 03:43 49208 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL

+ 2003-07-15 03:43 . 2003-07-15 03:43 64056 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLRPC.DLL

+ 2003-07-15 03:44 . 2003-07-15 03:44 88128 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLMIME.DLL

+ 2003-07-15 03:41 . 2003-07-15 03:41 24640 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLACCT.DLL

+ 2003-07-15 08:14 . 2003-07-15 08:14 27192 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OISCTRL.DLL

+ 2003-07-15 03:56 . 2003-07-15 03:56 13888 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL

+ 2003-07-15 03:57 . 2003-07-15 03:57 56888 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\NAME.DLL

+ 2003-07-15 03:52 . 2003-07-15 03:52 41528 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL

+ 2003-06-18 22:31 . 2003-06-18 22:31 16384 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL

+ 2003-07-15 03:45 . 2003-07-15 03:45 39488 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL

+ 2003-07-15 03:45 . 2003-07-15 03:45 55360 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE

+ 2003-07-15 03:46 . 2003-07-15 03:46 42040 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL

+ 2003-07-15 03:53 . 2003-07-15 03:53 39488 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL

+ 2003-07-15 03:52 . 2003-07-15 03:52 35896 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL

+ 2003-07-15 03:52 . 2003-07-15 03:52 28224 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL

+ 2003-07-15 03:52 . 2003-07-15 03:52 55360 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE

+ 2003-07-15 03:44 . 2003-07-15 03:44 25144 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL

+ 2003-07-15 03:52 . 2003-07-15 03:52 27704 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL

+ 2003-07-15 03:52 . 2003-07-15 03:52 17464 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL

+ 2003-07-15 03:51 . 2003-07-15 03:51 87104 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL

+ 2003-06-18 22:31 . 2003-06-18 22:31 35328 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIUI.DLL

+ 2003-06-18 22:31 . 2003-06-18 22:31 18944 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIPPR.DLL

+ 2003-06-18 22:31 . 2003-06-18 22:31 17920 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL

+ 2003-07-15 03:57 . 2003-07-15 03:57 87096 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\IEAWSDC.DLL

+ 2003-07-15 03:41 . 2003-07-15 03:41 13368 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FINDER.EXE

+ 2003-07-15 03:57 . 2003-07-15 03:57 98360 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE

+ 2003-07-15 03:56 . 2003-07-15 03:56 14904 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL

+ 2003-07-25 23:57 . 2003-07-25 23:57 75832 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DLGSETP.DLL

+ 2003-07-15 08:18 . 2003-07-15 08:18 47160 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\DFUICOM.EXE

+ 2003-07-15 03:53 . 2003-07-15 03:53 94768 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\AW.DLL

+ 2003-07-15 03:57 . 2003-07-15 03:57 38968 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL

+ 2003-07-15 03:43 . 2003-07-15 03:43 87616 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\ADDRPARS.DLL

+ 2010-09-23 09:47 . 2010-09-23 09:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\reader_sl.exe

+ 2010-09-23 08:03 . 2010-09-23 08:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\eula.exe

+ 2010-09-23 07:52 . 2010-09-23 07:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrotextextractor.exe

+ 2010-09-22 23:12 . 2010-09-22 23:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32Info.exe

+ 2010-06-09 08:08 . 2010-02-25 06:24 12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll

+ 2010-06-09 08:08 . 2010-02-25 06:24 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll

+ 2010-06-09 08:08 . 2010-02-25 06:24 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll

+ 2011-02-09 09:01 . 2010-11-06 00:26 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll

+ 2011-02-09 09:01 . 2010-11-06 00:26 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll

+ 2011-02-09 09:01 . 2010-11-06 00:26 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll

+ 2011-02-09 09:01 . 2010-11-06 00:26 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll

+ 2011-02-09 09:01 . 2010-11-06 00:26 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll

+ 2010-12-16 09:04 . 2010-09-10 05:58 12800 c:\windows\ie8updates\KB2416400-IE8\xpshims.dll

+ 2010-12-16 09:04 . 2010-09-10 05:58 66560 c:\windows\ie8updates\KB2416400-IE8\mshtmled.dll

+ 2010-12-16 09:04 . 2010-09-10 05:58 55296 c:\windows\ie8updates\KB2416400-IE8\msfeedsbs.dll

+ 2010-12-16 09:04 . 2010-09-10 05:58 43520 c:\windows\ie8updates\KB2416400-IE8\licmgr10.dll

+ 2010-12-16 09:04 . 2010-09-10 05:58 25600 c:\windows\ie8updates\KB2416400-IE8\jsproxy.dll

+ 2010-10-15 08:04 . 2010-06-24 12:22 12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll

+ 2010-10-15 08:04 . 2009-03-08 09:31 66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll

+ 2010-10-15 08:04 . 2010-06-24 12:21 55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll

+ 2010-10-15 08:04 . 2009-03-08 09:34 43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll

+ 2010-10-15 08:04 . 2010-06-24 12:21 25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll

+ 2010-08-12 08:03 . 2010-05-06 10:41 12800 c:\windows\ie8updates\KB2183461-IE8\xpshims.dll

+ 2010-08-12 08:03 . 2010-05-06 10:41 55296 c:\windows\ie8updates\KB2183461-IE8\msfeedsbs.dll

+ 2010-08-12 08:03 . 2010-05-06 10:41 25600 c:\windows\ie8updates\KB2183461-IE8\jsproxy.dll

+ 2010-12-14 00:16 . 2004-07-09 10:26 18688 c:\windows\Driver Cache\i386\wstcodec.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 14976 c:\windows\Driver Cache\i386\streamip.sys

+ 2010-12-14 00:16 . 2004-07-09 10:27 48512 c:\windows\Driver Cache\i386\stream.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 10880 c:\windows\Driver Cache\i386\slip.sys

+ 2010-12-14 00:16 . 2002-08-29 09:41 31744 c:\windows\Driver Cache\i386\pid.dll

+ 2010-12-14 00:16 . 2004-07-09 10:26 10112 c:\windows\Driver Cache\i386\ndisip.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 83968 c:\windows\Driver Cache\i386\nabtsfec.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 52096 c:\windows\Driver Cache\i386\msdv.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 15104 c:\windows\Driver Cache\i386\mpe.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 16384 c:\windows\Driver Cache\i386\ccdecode.sys

+ 2010-12-14 00:16 . 2004-07-09 10:26 11392 c:\windows\Driver Cache\i386\bdasup.sys

+ 2010-10-06 08:01 . 2010-10-06 08:01 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_74d05cf6\System.Drawing.Design.dll

+ 2010-10-06 08:01 . 2010-10-06 08:01 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_74273b38\CustomMarshalers.dll

+ 2010-08-12 08:10 . 2010-08-12 08:10 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\TVM\5c43f4bc5800b1cd113737bf9cea00b2\TVM.ni.dll

+ 2011-02-17 00:42 . 2011-02-17 00:42 22016 c:\windows\assembly\NativeImages_v2.0.50727_32\TVM\54ae93f910b4c42dff3007af52f4f248\TVM.ni.dll

+ 2010-08-12 08:15 . 2010-08-12 08:15 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll

+ 2010-08-12 08:15 . 2010-08-12 08:15 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\aada360296a42e0413579a19c771ec2d\System.Web.DynamicData.Design.ni.dll

+ 2010-10-06 08:08 . 2010-10-06 08:08 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll

+ 2010-08-12 08:08 . 2010-08-12 08:08 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe

+ 2010-08-12 08:07 . 2010-08-12 08:07 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\272d51526813ea113970b8e890c92ee2\Microsoft.VisualC.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 30208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f5ff3e17f6e213811a108110f7b74ce0\Microsoft.PowerShell.Commands.Utility.resources.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\671fd43afa00654c9a8c2b9587a08eca\Microsoft.PowerShell.Security.resources.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\34fba6455956a34ed45c4fc20743d5c4\Microsoft.PowerShell.Commands.Management.resources.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\19ca3a2c95ca0893c952d37e74c039ad\Microsoft.PowerShell.ConsoleHost.resources.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 68608 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Wte.Inte#\3b255ce2623a0ee0a49b52720ec6fbed\Intuit.Ctg.Wte.InterviewControlLibrary.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe

+ 2010-08-12 08:12 . 2010-08-12 08:12 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

- 2009-08-15 08:04 . 2009-08-15 08:04 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

+ 2010-06-09 08:05 . 2010-06-09 08:05 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

- 2009-10-17 08:05 . 2009-10-17 08:05 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2010-04-19 22:44 . 2010-04-19 22:44 65536 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll

+ 2010-04-19 22:44 . 2010-04-19 22:44 36864 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.resources.dll

+ 2010-04-19 22:44 . 2010-04-19 22:44 32768 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.resources.dll

+ 2010-04-19 22:44 . 2010-04-19 22:44 11264 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.resources.dll

- 2009-10-17 08:05 . 2009-10-17 08:05 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

- 2009-10-17 08:05 . 2009-10-17 08:05 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 21864 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Map.SharedUIToolkit\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.SharedUIToolkit.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 49000 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Map.QuickBaseClient\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.QuickBaseClient.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 58728 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Map.Metrix.XmlSerializers\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Metrix.XmlSerializers.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 79208 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Map.Core\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Core.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 58728 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Map.3rdParty.MajesticHTMLParser\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.3rdParty.MajesticHTMLParser.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 18792 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 46952 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 23912 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 12136 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 45416 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.Update\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.Update.exe

+ 2011-02-17 00:39 . 2011-02-17 00:39 40296 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.ConfigUXv2\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.ConfigUXv2.exe

+ 2011-02-17 00:39 . 2011-02-17 00:39 54632 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess.XmlSerializers\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.XmlSerializers.dll

+ 2011-02-17 00:39 . 2011-02-17 00:39 70504 c:\windows\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321

Link to post
Share on other sites

+ 2010-10-06 08:03 . 2010-10-06 08:03 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2010-04-21 03:29 . 2010-04-21 03:29 57344 c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2010-10-06 08:01 . 2010-10-06 08:01 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll

+ 2010-04-21 03:29 . 2010-04-21 03:29 66560 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 65536 c:\windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2010-04-21 03:29 . 2010-04-21 03:29 90112 c:\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 77824 c:\windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2010-04-21 03:29 . 2010-04-21 03:29 32768 c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 32768 c:\windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 11264 c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 28672 c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 26112 c:\windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2010-04-21 03:29 . 2010-04-21 03:29 32768 c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 33792 c:\windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 12288 c:\windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2010-08-12 08:00 . 2008-04-14 12:00 80384 c:\windows\$NtUninstallKB982665$\iccvid.dll

+ 2010-05-26 08:00 . 2010-01-23 08:11 46080 c:\windows\$NtUninstallKB981793$\tzchange.exe

+ 2010-05-26 08:00 . 2010-04-22 22:21 16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll

+ 2010-06-09 08:06 . 2008-04-14 12:00 65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll

+ 2010-04-19 22:44 . 2008-04-14 12:00 16896 c:\windows\$NtUninstallKB971513$\oleaccrc.dll

+ 2010-04-19 22:40 . 2007-10-22 07:08 20480 c:\windows\$NtUninstallKB926139-v2$\PSCustomSetupUtil.exe

+ 2010-04-19 22:43 . 2008-04-14 12:00 98304 c:\windows\$NtUninstallKB915800-v4$\nlhtml.dll

+ 2010-04-19 22:43 . 2008-04-14 12:00 29696 c:\windows\$NtUninstallKB915800-v4$\mimefilt.dll

+ 2011-02-09 09:01 . 2009-12-14 07:08 33280 c:\windows\$NtUninstallKB2476687$\csrsrv.dll

+ 2010-12-16 09:03 . 2010-06-21 14:46 46080 c:\windows\$NtUninstallKB2443685$\tzchange.exe

+ 2010-12-16 09:03 . 2010-11-05 05:57 16896 c:\windows\$NtUninstallKB2443685$\spuninst\tzchange.dll

+ 2010-12-16 09:04 . 2008-04-14 12:00 81920 c:\windows\$NtUninstallKB2443105$\isign32.dll

+ 2010-12-16 09:04 . 2008-04-14 12:00 40576 c:\windows\$NtUninstallKB2440591$\ndproxy.sys

+ 2010-12-16 09:00 . 2008-04-14 12:00 46080 c:\windows\$NtUninstallKB2423089$\wab.exe

+ 2010-09-15 08:03 . 2008-04-14 12:00 57856 c:\windows\$NtUninstallKB2347290$\spoolsv.exe

+ 2010-10-15 08:06 . 2008-04-14 12:00 96768 c:\windows\$NtUninstallKB2345886$\srvsvc.dll

+ 2010-09-29 08:00 . 2010-04-21 13:28 46080 c:\windows\$NtUninstallKB2158563$\tzchange.exe

+ 2010-09-29 08:00 . 2010-06-23 00:54 16896 c:\windows\$NtUninstallKB2158563$\spuninst\tzchange.dll

+ 2010-09-15 08:03 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982802\update\spcustom.dll

+ 2010-09-15 08:03 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982802\spmsg.dll

+ 2010-08-12 08:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll

+ 2010-08-12 08:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982665\spmsg.dll

+ 2010-06-17 14:02 . 2010-06-17 14:02 80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll

+ 2010-06-09 08:08 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB982381-IE8\update\spcustom.dll

+ 2010-06-09 08:08 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB982381-IE8\spmsg.dll

+ 2010-06-08 19:27 . 2010-05-06 10:36 12800 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\xpshims.dll

+ 2010-06-08 19:27 . 2010-05-06 10:36 55296 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\msfeedsbs.dll

+ 2010-06-08 19:27 . 2010-05-06 10:36 25600 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\jsproxy.dll

+ 2010-08-12 08:08 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982214\update\spcustom.dll

+ 2010-08-12 08:08 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982214\spmsg.dll

+ 2010-10-15 08:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982132\update\spcustom.dll

+ 2010-10-15 08:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB982132\spmsg.dll

+ 2010-08-12 08:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll

+ 2010-08-12 08:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981997\spmsg.dll

+ 2010-10-15 08:02 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB981957\update\spcustom.dll

+ 2010-10-15 08:02 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB981957\spmsg.dll

+ 2010-08-12 08:06 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB981852\update\spcustom.dll

+ 2010-08-11 21:34 . 2010-06-18 06:28 16896 c:\windows\$hf_mig$\KB981852\update\mpsyschk.dll

+ 2010-08-12 08:06 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB981852\spmsg.dll

+ 2010-09-15 08:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll

+ 2010-09-15 08:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981322\spmsg.dll

+ 2010-08-12 08:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll

+ 2010-08-12 08:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980436\spmsg.dll

+ 2010-04-19 22:49 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980302-IE8\update\spcustom.dll

+ 2010-04-19 22:49 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980302-IE8\spmsg.dll

+ 2010-04-19 22:41 . 2010-02-16 04:50 64000 c:\windows\$hf_mig$\KB980302-IE8\SP3QFE\iecompat.dll

+ 2010-06-09 08:10 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980218\update\spcustom.dll

+ 2010-06-09 08:10 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980218\spmsg.dll

+ 2010-06-09 08:09 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB980195\update\spcustom.dll

+ 2010-06-09 08:09 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB980195\spmsg.dll

+ 2010-10-15 08:05 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979687\update\spcustom.dll

+ 2010-10-15 08:05 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB979687\spmsg.dll

+ 2010-06-09 08:08 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979559\update\spcustom.dll

+ 2010-06-09 08:08 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB979559\spmsg.dll

+ 2010-06-09 08:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll

+ 2010-06-09 08:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB979482\spmsg.dll

+ 2010-03-05 14:52 . 2010-03-05 14:52 65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll

+ 2010-05-12 08:00 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll

+ 2010-05-12 08:00 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978542\spmsg.dll

+ 2010-06-09 08:06 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll

+ 2010-06-09 08:06 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975562\spmsg.dll

+ 2011-03-17 08:00 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll

+ 2011-03-17 08:00 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll

+ 2010-07-08 08:03 . 2007-11-30 12:39 26488 c:\windows\$hf_mig$\KB961503\update\spcustom.dll

+ 2010-07-08 08:03 . 2007-11-30 12:39 17272 c:\windows\$hf_mig$\KB961503\spmsg.dll

+ 2011-03-24 08:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2524375\update\spcustom.dll

+ 2011-03-24 08:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2524375\spmsg.dll

+ 2011-02-09 09:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485376\update\spcustom.dll

+ 2011-02-09 09:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485376\spmsg.dll

+ 2011-02-09 09:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2483185\update\spcustom.dll

+ 2011-02-09 09:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2483185\spmsg.dll

+ 2011-02-09 09:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2482017-IE8\update\spcustom.dll

+ 2011-02-09 09:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2482017-IE8\spmsg.dll

+ 2011-02-09 03:13 . 2010-12-20 23:58 12800 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\xpshims.dll

+ 2011-02-09 03:13 . 2010-12-20 23:58 66560 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtmled.dll

+ 2011-02-09 03:13 . 2010-12-20 23:58 55296 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeedsbs.dll

+ 2011-02-09 03:13 . 2010-12-20 23:58 43520 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\licmgr10.dll

+ 2011-02-09 03:13 . 2010-12-20 23:58 25600 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\jsproxy.dll

+ 2011-03-09 09:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll

+ 2011-03-09 09:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2481109\spmsg.dll

+ 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll

+ 2011-03-09 09:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll

+ 2011-03-09 09:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll

+ 2011-02-09 09:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479628\update\spcustom.dll

+ 2011-02-09 09:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479628\spmsg.dll

+ 2011-02-09 09:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478971\update\spcustom.dll

+ 2011-02-09 09:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478971\spmsg.dll

+ 2011-02-09 09:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478960\update\spcustom.dll

+ 2011-02-09 09:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478960\spmsg.dll

+ 2011-02-09 09:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476687\update\spcustom.dll

+ 2011-02-09 09:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476687\spmsg.dll

+ 2010-12-09 14:29 . 2010-12-09 14:29 33280 c:\windows\$hf_mig$\KB2476687\SP3QFE\csrsrv.dll

+ 2010-12-16 09:03 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2467659\update\spcustom.dll

+ 2010-12-16 09:03 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2467659\spmsg.dll

+ 2010-12-16 09:04 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2443105\update\spcustom.dll

+ 2010-12-16 09:04 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2443105\spmsg.dll

+ 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\$hf_mig$\KB2443105\SP3QFE\isign32.dll

+ 2010-12-16 09:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2440591\update\spcustom.dll

+ 2010-12-16 09:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2440591\spmsg.dll

+ 2010-12-15 20:23 . 2010-11-03 05:55 40960 c:\windows\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys

+ 2010-12-16 09:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2436673\update\spcustom.dll

+ 2010-12-16 09:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2436673\spmsg.dll

+ 2010-12-16 09:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2423089\update\spcustom.dll

+ 2010-12-16 09:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2423089\spmsg.dll

+ 2010-12-15 20:22 . 2010-10-11 14:55 45568 c:\windows\$hf_mig$\KB2423089\SP3QFE\wab.exe

+ 2011-01-12 09:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2419632\update\spcustom.dll

+ 2011-01-12 09:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2419632\spmsg.dll

+ 2010-12-16 09:04 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2416400-IE8\update\spcustom.dll

+ 2010-12-16 09:04 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2416400-IE8\spmsg.dll

+ 2010-12-15 20:24 . 2010-11-06 00:27 12800 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\xpshims.dll

+ 2010-12-15 20:24 . 2010-11-06 00:27 66560 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtmled.dll

+ 2010-12-15 20:24 . 2010-11-06 00:27 55296 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\msfeedsbs.dll

+ 2010-12-15 20:24 . 2010-11-06 00:27 43520 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\licmgr10.dll

+ 2010-12-15 20:24 . 2010-11-06 00:27 25600 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\jsproxy.dll

+ 2011-02-09 09:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2393802\update\spcustom.dll

+ 2011-02-09 03:12 . 2010-12-09 15:15 16896 c:\windows\$hf_mig$\KB2393802\update\mpsyschk.dll

+ 2011-02-09 09:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2393802\spmsg.dll

+ 2010-10-15 08:06 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2387149\update\spcustom.dll

+ 2010-10-15 08:06 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2387149\spmsg.dll

+ 2010-10-15 08:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2360937\update\spcustom.dll

+ 2010-10-15 08:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2360937\spmsg.dll

+ 2010-10-15 08:04 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2360131-IE8\update\spcustom.dll

+ 2010-10-15 08:04 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2360131-IE8\spmsg.dll

+ 2010-10-14 22:44 . 2010-09-10 05:57 12800 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\xpshims.dll

+ 2010-10-14 22:44 . 2010-09-10 05:57 66560 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtmled.dll

+ 2010-10-14 22:44 . 2010-09-10 05:57 55296 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeedsbs.dll

+ 2010-10-14 22:44 . 2010-09-10 05:57 43520 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\licmgr10.dll

+ 2010-10-14 22:44 . 2010-09-10 05:57 25600 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\jsproxy.dll

+ 2010-09-15 08:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll

+ 2010-09-15 08:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2347290\spmsg.dll

+ 2010-08-17 13:19 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe

+ 2010-10-15 08:06 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2345886\update\spcustom.dll

+ 2010-10-15 08:06 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2345886\spmsg.dll

+ 2010-08-27 06:05 . 2010-08-27 06:05 99840 c:\windows\$hf_mig$\KB2345886\SP3QFE\srvsvc.dll

+ 2010-12-16 09:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2296199\update\spcustom.dll

+ 2010-12-16 09:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2296199\spmsg.dll

+ 2010-08-03 08:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll

+ 2010-08-03 08:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2286198\spmsg.dll

+ 2010-10-15 08:06 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2279986\update\spcustom.dll

+ 2010-10-15 08:06 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2279986\spmsg.dll

+ 2010-09-15 08:03 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2259922\update\spcustom.dll

+ 2010-09-15 08:03 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2259922\spmsg.dll

+ 2010-07-14 08:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll

+ 2010-07-14 08:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2229593\spmsg.dll

+ 2010-08-12 08:03 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2183461-IE8\update\spcustom.dll

+ 2010-08-12 08:03 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2183461-IE8\spmsg.dll

+ 2010-08-11 21:34 . 2010-06-24 12:24 12800 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\xpshims.dll

+ 2010-08-11 21:34 . 2010-06-24 12:24 55296 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\msfeedsbs.dll

+ 2010-08-11 21:34 . 2010-06-24 12:24 25600 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\jsproxy.dll

+ 2010-08-12 08:03 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2160329\update\spcustom.dll

+ 2010-08-12 08:03 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2160329\spmsg.dll

+ 2010-09-15 08:01 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2141007\update\spcustom.dll

+ 2010-09-15 08:01 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2141007\spmsg.dll

+ 2010-09-15 08:03 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2121546\update\spcustom.dll

+ 2010-09-15 08:03 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2121546\spmsg.dll

+ 2010-08-12 08:08 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2115168\update\spcustom.dll

+ 2010-08-12 08:08 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2115168\spmsg.dll

+ 2010-08-12 08:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll

+ 2010-08-12 08:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2079403\spmsg.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2009-06-18 15:14 . 2010-08-26 12:52 5120 c:\windows\system32\xpsp4res.dll

+ 2010-04-19 22:40 . 2007-06-30 18:49 4608 c:\windows\system32\windowspowershell\v1.0\pwrshmsg.dll

+ 2003-02-20 23:43 . 2003-02-20 23:43 4096 c:\windows\system32\mui\0409\mscoreer.dll

+ 2011-01-03 01:10 . 2010-01-26 01:56 9472 c:\windows\system32\DRVSTORE\motusbdevi_E42DBACAEBCECEBA9A8B12194BB5736D07B623F9\motusbdevice.sys

+ 2011-01-03 01:10 . 2007-11-02 21:51 6400 c:\windows\system32\DRVSTORE\motousbnet_770BC1026CC54C2F3EBB8D43C100E1BE013A9284\motswch.sys

+ 2011-01-03 01:10 . 2009-01-29 23:11 6016 c:\windows\system32\DRVSTORE\motousbnet_770BC1026CC54C2F3EBB8D43C100E1BE013A9284\motfilt.sys

+ 2011-01-03 01:10 . 2007-11-02 21:51 6400 c:\windows\system32\DRVSTORE\motccgp_7B90A2F86B8D63041DA9D597F8E5A9C44922CD15\motswch.sys

+ 2011-01-03 01:10 . 2009-01-29 23:18 8320 c:\windows\system32\DRVSTORE\motccgp_7B90A2F86B8D63041DA9D597F8E5A9C44922CD15\motccgpfl.sys

+ 2011-01-15 18:15 . 2001-08-17 19:53 6784 c:\windows\system32\drivers\serscan.sys

+ 2010-05-09 22:24 . 2008-04-14 05:09 5504 c:\windows\system32\drivers\MSTEE.sys

+ 2010-05-09 22:24 . 2008-04-14 05:09 5504 c:\windows\system32\dllcache\mstee.sys

+ 2010-10-10 04:59 . 1996-08-27 07:12 4176 c:\windows\system\QTNOTIFY.EXE

+ 2010-10-10 04:59 . 1996-08-27 07:12 8304 c:\windows\system\QTHNDLR.DLL

+ 2010-10-10 04:59 . 1996-08-27 07:12 4320 c:\windows\system\MCIQTENU.DLL

+ 2010-12-14 00:16 . 2002-12-12 06:14 4096 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\swenum.sys

+ 2010-12-14 00:16 . 2002-12-12 06:14 5504 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mstee.sys

+ 2010-12-14 00:16 . 2001-08-23 11:00 4608 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspqm.sys

+ 2010-12-14 00:16 . 2002-12-12 06:14 5248 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspclock.sys

+ 2010-12-14 00:16 . 2002-12-12 06:14 7424 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mskssrv.sys

+ 2010-12-14 00:16 . 2002-12-12 06:14 4096 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 3072 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnlobby.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 3072 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnaddr.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 8192 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8thk.dll

+ 2003-02-21 00:09 . 2003-02-21 00:09 9216 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscortim.dll

+ 2003-02-21 12:25 . 2003-02-21 12:25 6656 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft_VsaVb.dll

+ 2003-02-21 12:25 . 2003-02-21 12:25 6144 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll

+ 2003-02-21 12:24 . 2003-02-21 12:24 4608 c:\windows\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll

+ 2004-07-15 19:31 . 2004-07-15 19:31 8192 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll

+ 2003-02-21 12:24 . 2003-02-21 12:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExec.exe

+ 2003-02-21 12:24 . 2003-02-21 12:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll

+ 2009-06-18 15:50 . 2011-03-09 09:00 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe

- 2009-06-18 15:50 . 2009-10-14 00:56 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe

+ 2011-01-03 01:10 . 2011-01-03 01:10 7278 c:\windows\Installer\{7BB493F6-1E56-4748-B3A3-D7B1FB6EE2FE}\_6FEFF9B68218417F98F549.exe

+ 2011-01-03 01:10 . 2011-01-03 01:10 7278 c:\windows\Installer\{7BB493F6-1E56-4748-B3A3-D7B1FB6EE2FE}\_1C4C258407FCD759F84E91.exe

+ 2010-12-14 00:16 . 2002-12-12 06:14 4096 c:\windows\Driver Cache\i386\swenum.sys

+ 2010-12-14 00:16 . 2002-12-12 06:14 5504 c:\windows\Driver Cache\i386\mstee.sys

+ 2010-12-14 00:16 . 2001-08-23 11:00 4608 c:\windows\Driver Cache\i386\mspqm.sys

+ 2010-12-14 00:16 . 2002-12-12 06:14 5248 c:\windows\Driver Cache\i386\mspclock.sys

+ 2010-12-14 00:16 . 2002-12-12 06:14 7424 c:\windows\Driver Cache\i386\mskssrv.sys

+ 2010-12-14 00:16 . 2002-12-12 06:14 4096 c:\windows\Driver Cache\i386\ksuser.dll

+ 2010-08-13 02:10 . 2010-08-13 02:10 4096 c:\windows\d3dx.dat

- 2009-10-17 08:04 . 2009-10-17 08:04 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

- 2009-10-17 08:05 . 2009-10-17 08:05 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2010-04-19 22:44 . 2010-04-19 22:44 8704 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.resources.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 6656 c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 6144 c:\windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 4608 c:\windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2010-04-21 03:29 . 2010-04-21 03:29 8192 c:\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 7680 c:\windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2010-09-15 08:03 . 2008-05-03 11:55 2560 c:\windows\$NtUninstallKB982802$\xpsp4res.dll

+ 2010-04-19 22:40 . 2007-10-30 09:15 7680 c:\windows\$NtUninstallKB926139-v2$\PSSetupNativeUtils.exe

+ 2010-10-15 08:00 . 2010-07-22 05:57 5120 c:\windows\$NtUninstallKB2360937$\xpsp4res.dll

+ 2010-10-15 08:06 . 2010-08-13 12:53 5120 c:\windows\$NtUninstallKB2345886$\xpsp4res.dll

+ 2010-07-22 05:57 . 2010-07-22 05:57 5120 c:\windows\$hf_mig$\KB982802\SP3QFE\xpsp4res.dll

+ 2010-07-12 12:53 . 2010-07-12 12:53 5120 c:\windows\$hf_mig$\KB979687\SP3QFE\xpsp4res.dll

+ 2010-10-14 22:42 . 2010-08-13 12:53 5120 c:\windows\$hf_mig$\KB2360937\SP3QFE\xpsp4res.dll

+ 2010-08-26 12:52 . 2010-08-26 12:52 5120 c:\windows\$hf_mig$\KB2345886\SP3QFE\xpsp4res.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2010-10-10 04:58 . 1996-08-16 18:49 298496 c:\windows\uninst.exe

- 2008-04-14 12:00 . 2008-04-14 12:00 293376 c:\windows\system32\winsrv.dll

+ 2008-04-14 12:00 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 916480 c:\windows\system32\wininet.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 916480 c:\windows\system32\wininet.dll

+ 2010-04-19 22:40 . 2007-10-30 09:15 330240 c:\windows\system32\windowspowershell\v1.0\powershell.exe

+ 2008-04-14 12:00 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 406016 c:\windows\system32\usp10.dll

+ 2008-07-30 00:59 . 2009-10-08 19:57 611328 c:\windows\system32\uiautomationcore.dll

+ 2008-04-14 12:00 . 2010-08-27 08:02 119808 c:\windows\system32\t2embed.dll

- 2008-04-14 12:00 . 2009-10-15 16:28 119808 c:\windows\system32\t2embed.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 761344 c:\windows\system32\spool\drivers\w32x86\photosmart_plus_b210_series_wsd_ip_print\unires.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 740864 c:\windows\system32\spool\drivers\w32x86\photosmart_plus_b210_series_wsd_ip_print\unidrvui.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 372736 c:\windows\system32\spool\drivers\w32x86\photosmart_plus_b210_series_wsd_ip_print\unidrv.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 220520 c:\windows\system32\spool\drivers\w32x86\photosmart_plus_b210_series_wsd_ip_print\hpvplres04.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 442728 c:\windows\system32\spool\drivers\w32x86\photosmart_plus_b210_series_wsd_ip_print\hpvpldrv04.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 264552 c:\windows\system32\spool\drivers\w32x86\photosmart_plus_b210_series_wsd_ip_print\hpinksts8e11LM.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 232296 c:\windows\system32\spool\drivers\w32x86\photosmart_plus_b210_series_wsd_ip_print\hpinksts8e11.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 257896 c:\windows\system32\spool\drivers\w32x86\photosmart_plus_b210_series_wsd_ip_print\hpfime50.dll

+ 2009-06-18 15:50 . 2007-04-09 18:24 758664 c:\windows\system32\spool\drivers\w32x86\mdigraph.dll

+ 2009-06-18 15:50 . 2007-04-09 18:24 758664 c:\windows\system32\spool\drivers\w32x86\3\mdigraph.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 220520 c:\windows\system32\spool\drivers\w32x86\3\hpvplres04.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 442728 c:\windows\system32\spool\drivers\w32x86\3\hpvpldrv04.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 264552 c:\windows\system32\spool\drivers\w32x86\3\hpinksts8e11LM.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 232296 c:\windows\system32\spool\drivers\w32x86\3\hpinksts8e11.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 257896 c:\windows\system32\spool\drivers\w32x86\3\hpfime50.dll

+ 2008-04-14 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 135168 c:\windows\system32\shsvcs.dll

+ 2008-04-14 12:00 . 2011-01-21 14:44 439296 c:\windows\system32\shimgvw.dll

+ 2008-04-14 12:00 . 2010-06-30 12:31 149504 c:\windows\system32\schannel.dll

+ 2008-04-14 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\sbe.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 270848 c:\windows\system32\sbe.dll

+ 2008-04-14 12:00 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll

+ 2010-12-14 00:12 . 2010-12-14 00:11 339968 c:\windows\system32\pxwave.dll

+ 2010-12-14 00:12 . 2010-12-14 00:11 172032 c:\windows\system32\pxmas.dll

+ 2010-12-14 00:12 . 2010-12-14 00:11 109568 c:\windows\system32\pxinsi64.exe

+ 2010-12-14 00:12 . 2010-12-14 00:11 434176 c:\windows\system32\pxdrv.dll

+ 2010-12-14 00:12 . 2010-12-14 00:11 108544 c:\windows\system32\pxcpyi64.exe

+ 2010-12-14 00:12 . 2010-12-14 00:11 405504 c:\windows\system32\px.dll

+ 2010-12-14 00:16 . 2004-07-09 10:26 354816 c:\windows\system32\psisdecd.dll

+ 2010-03-31 05:10 . 2010-03-31 05:10 295264 c:\windows\system32\PresentationHost.exe

+ 2008-04-14 12:00 . 2011-05-24 11:45 443588 c:\windows\system32\perfh009.dat

+ 2010-05-09 22:24 . 2001-08-18 03:36 116736 c:\windows\system32\OVCodec2.dll

+ 2008-04-14 12:00 . 2009-10-08 19:57 220160 c:\windows\system32\oleacc.dll

+ 2009-08-03 20:07 . 2009-08-03 20:07 230768 c:\windows\system32\OGAEXEC.exe

+ 2009-08-03 20:07 . 2009-08-03 20:07 403816 c:\windows\system32\OGACheckControl.dll

+ 2009-08-03 20:07 . 2009-08-03 20:07 322928 c:\windows\system32\OGAAddin.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 192000 c:\windows\system32\offfilt.dll

+ 2008-04-14 12:00 . 2008-03-07 17:02 192000 c:\windows\system32\offfilt.dll

+ 2008-04-14 12:00 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 249856 c:\windows\system32\odbc32.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 206848 c:\windows\system32\occache.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 206848 c:\windows\system32\occache.dll

+ 2008-04-14 12:00 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll

+ 2010-07-07 21:03 . 2009-08-07 00:23 215920 c:\windows\system32\muweb.dll

+ 2010-07-07 21:03 . 2009-08-07 00:23 274288 c:\windows\system32\mucltui.dll

- 2009-06-18 14:56 . 2008-04-14 12:00 677888 c:\windows\system32\mstsc.exe

+ 2009-06-18 14:56 . 2011-01-27 11:57 677888 c:\windows\system32\mstsc.exe

- 2008-04-14 12:00 . 2010-02-25 06:24 611840 c:\windows\system32\mstime.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 611840 c:\windows\system32\mstime.dll

+ 2007-08-13 23:54 . 2010-12-20 23:59 602112 c:\windows\system32\msfeeds.dll

+ 2009-11-07 06:07 . 2009-11-07 06:07 297808 c:\windows\system32\mscoree.dll

+ 2010-04-18 16:00 . 2010-10-19 20:51 222080 c:\windows\system32\MpSigStub.exe

- 2006-10-19 02:47 . 2006-10-19 02:47 317440 c:\windows\system32\MP4SDECD.dll

+ 2006-10-19 02:47 . 2010-03-30 17:24 317440 c:\windows\system32\mp4sdecd.dll

+ 2008-04-14 12:00 . 2010-09-18 17:23 974848 c:\windows\system32\mfc42u.dll

+ 2008-04-14 12:00 . 2010-09-18 06:53 974848 c:\windows\system32\mfc42.dll

+ 2008-04-14 12:00 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll

+ 2008-04-14 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll

+ 2011-05-18 04:09 . 2011-05-23 00:17 239776 c:\windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe

+ 2008-04-14 12:00 . 2010-12-20 17:26 730112 c:\windows\system32\lsasrv.dll

- 2008-04-14 12:00 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll

+ 2008-04-14 12:00 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll

- 2008-04-14 12:00 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll

+ 2009-06-18 14:57 . 2010-06-09 07:43 692736 c:\windows\system32\inetcomm.dll

+ 2005-10-29 04:49 . 2005-10-29 04:49 151552 c:\windows\system32\ifxcardm.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 184320 c:\windows\system32\iepeers.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 184320 c:\windows\system32\iepeers.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 387584 c:\windows\system32\iedkcs32.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 387584 c:\windows\system32\iedkcs32.dll

+ 2008-04-14 12:00 . 2010-12-20 12:55 173568 c:\windows\system32\ie4uinit.exe

+ 2011-01-15 18:10 . 2010-06-14 20:48 264552 c:\windows\system32\hpinksts8e11LM.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 232296 c:\windows\system32\hpinksts8e11.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 213352 c:\windows\system32\hpinkcoi8e11.dll

+ 2011-01-15 18:10 . 2010-06-14 22:04 273256 c:\windows\system32\HPDiscoPM8e11.dll

+ 2009-06-17 12:16 . 2011-05-24 11:23 306008 c:\windows\system32\FNTCACHE.DAT

- 2008-04-14 12:00 . 2008-04-14 12:00 186880 c:\windows\system32\encdec.dll

+ 2008-04-14 12:00 . 2011-02-09 13:53 186880 c:\windows\system32\encdec.dll

+ 2011-01-03 01:10 . 2009-03-02 15:00 103552 c:\windows\system32\DRVSTORE\Moser_D7089C7835F0E7ECEC244A670740F4C8336E0FA1\Mousbser.sys

+ 2011-01-03 01:10 . 2009-03-02 15:00 103552 c:\windows\system32\DRVSTORE\Momdm_D7089C7835F0E7ECEC244A670740F4C8336E0FA1\Mousbser.sys

+ 2011-01-15 18:10 . 2010-06-14 20:48 761344 c:\windows\system32\DRVSTORE\hpvpl04_47B091F48F559E87E50F5837DCD9824163A68863\i386\unires.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 740864 c:\windows\system32\DRVSTORE\hpvpl04_47B091F48F559E87E50F5837DCD9824163A68863\i386\unidrvui.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 372736 c:\windows\system32\DRVSTORE\hpvpl04_47B091F48F559E87E50F5837DCD9824163A68863\i386\unidrv.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 220520 c:\windows\system32\DRVSTORE\hpvpl04_47B091F48F559E87E50F5837DCD9824163A68863\i386\hpvplres04.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 442728 c:\windows\system32\DRVSTORE\hpvpl04_47B091F48F559E87E50F5837DCD9824163A68863\i386\hpvpldrv04.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 264552 c:\windows\system32\DRVSTORE\hpvpl04_47B091F48F559E87E50F5837DCD9824163A68863\i386\hpinksts8e11LM.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 232296 c:\windows\system32\DRVSTORE\hpvpl04_47B091F48F559E87E50F5837DCD9824163A68863\i386\hpinksts8e11.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 213352 c:\windows\system32\DRVSTORE\hpvpl04_47B091F48F559E87E50F5837DCD9824163A68863\i386\hpinkcoi8e11.dll

+ 2011-01-15 18:10 . 2010-06-14 20:48 257896 c:\windows\system32\DRVSTORE\hpvpl04_47B091F48F559E87E50F5837DCD9824163A68863\i386\hpfime50.dll

+ 2008-04-14 12:00 . 2010-08-26 13:39 357248 c:\windows\system32\drivers\srv.sys

+ 2010-05-09 22:24 . 2001-08-17 19:05 351616 c:\windows\system32\drivers\OVCodek2.sys

+ 2010-10-25 02:25 . 2010-10-25 02:25 165264 c:\windows\system32\drivers\MpFilter.sys

+ 2010-10-07 18:23 . 2010-10-07 18:23 197920 c:\windows\system32\dnssdX.dll

+ 2010-10-07 18:23 . 2010-10-07 18:23 107808 c:\windows\system32\dns-sd.exe

+ 2009-06-18 14:56 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe

+ 2008-04-14 12:00 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 293376 c:\windows\system32\dllcache\winsrv.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 916480 c:\windows\system32\dllcache\wininet.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 916480 c:\windows\system32\dllcache\wininet.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 406016 c:\windows\system32\dllcache\usp10.dll

+ 2008-04-14 12:00 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll

+ 2008-04-14 12:00 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll

- 2008-04-14 12:00 . 2009-10-15 16:28 119808 c:\windows\system32\dllcache\t2embed.dll

+ 2008-04-14 12:00 . 2010-08-26 13:39 357248 c:\windows\system32\dllcache\srv.sys

- 2008-04-14 12:00 . 2008-04-14 12:00 135168 c:\windows\system32\dllcache\shsvcs.dll

+ 2008-04-14 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll

+ 2008-04-14 12:00 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll

+ 2008-04-14 12:00 . 2010-06-30 12:31 149504 c:\windows\system32\dllcache\schannel.dll

+ 2008-04-14 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 270848 c:\windows\system32\dllcache\sbe.dll

+ 2008-04-14 12:00 . 2010-08-16 08:45 590848 c:\windows\system32\dllcache\rpcrt4.dll

+ 2010-12-14 00:16 . 2004-07-09 10:26 354816 c:\windows\system32\dllcache\psisdecd.dll

+ 2010-05-09 22:24 . 2001-08-17 19:05 351616 c:\windows\system32\dllcache\ovcodek2.sys

+ 2010-05-09 22:24 . 2001-08-18 03:36 116736 c:\windows\system32\dllcache\ovcodec2.dll

+ 2008-04-14 12:00 . 2009-10-08 19:57 220160 c:\windows\system32\dllcache\oleacc.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 192000 c:\windows\system32\dllcache\offfilt.dll

+ 2008-04-14 12:00 . 2008-03-07 17:02 192000 c:\windows\system32\dllcache\offfilt.dll

+ 2008-04-14 12:00 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 249856 c:\windows\system32\dllcache\odbc32.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 206848 c:\windows\system32\dllcache\occache.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 206848 c:\windows\system32\dllcache\occache.dll

+ 2008-04-14 12:00 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 611840 c:\windows\system32\dllcache\mstime.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 611840 c:\windows\system32\dllcache\mstime.dll

- 2009-06-18 14:57 . 2008-04-14 12:00 102400 c:\windows\system32\dllcache\msjro.dll

+ 2009-06-18 14:57 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll

+ 2009-06-18 15:29 . 2010-12-20 23:59 602112 c:\windows\system32\dllcache\msfeeds.dll

- 2009-06-18 14:57 . 2008-04-14 12:00 200704 c:\windows\system32\dllcache\msadox.dll

+ 2009-06-18 14:57 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll

+ 2009-06-18 14:57 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll

- 2009-06-18 14:57 . 2008-04-14 12:00 180224 c:\windows\system32\dllcache\msadomd.dll

+ 2009-06-18 14:57 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll

- 2009-06-18 14:57 . 2008-04-14 12:00 536576 c:\windows\system32\dllcache\msado15.dll

- 2009-06-18 14:57 . 2008-04-14 12:00 143360 c:\windows\system32\dllcache\msadco.dll

+ 2009-06-18 14:57 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll

+ 2010-03-30 17:24 . 2010-03-30 17:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll

+ 2008-04-14 12:00 . 2010-09-18 17:23 974848 c:\windows\system32\dllcache\mfc42u.dll

+ 2008-04-14 12:00 . 2010-09-18 06:53 974848 c:\windows\system32\dllcache\mfc42.dll

+ 2008-04-14 12:00 . 2010-09-18 06:53 953856 c:\windows\system32\dllcache\mfc40u.dll

+ 2008-04-14 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll

+ 2008-04-14 12:00 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll

- 2008-04-14 12:00 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll

- 2009-06-18 14:56 . 2008-04-14 12:00 677888 c:\windows\system32\dllcache\lhmstsc.exe

+ 2009-06-18 14:56 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe

- 2008-04-14 12:00 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll

+ 2008-04-14 12:00 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll

+ 2009-06-18 14:57 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll

+ 2009-07-28 21:52 . 2010-12-20 23:59 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2009-07-28 21:52 . 2010-02-25 06:24 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 184320 c:\windows\system32\dllcache\iepeers.dll

+ 2010-06-08 19:27 . 2010-12-20 23:59 743424 c:\windows\system32\dllcache\iedvtool.dll

+ 2008-04-14 12:00 . 2010-12-20 23:59 387584 c:\windows\system32\dllcache\iedkcs32.dll

- 2008-04-14 12:00 . 2010-02-25 06:24 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2008-04-14 12:00 . 2010-12-20 12:55 173568 c:\windows\system32\dllcache\ie4uinit.exe

+ 2009-06-18 14:57 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe

- 2009-06-18 14:57 . 2008-04-14 12:00 744448 c:\windows\system32\dllcache\helpsvc.exe

- 2008-04-14 12:00 . 2008-04-14 12:00 186880 c:\windows\system32\dllcache\encdec.dll

+ 2008-04-14 12:00 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll

+ 2008-04-14 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 617472 c:\windows\system32\dllcache\comctl32.dll

+ 2008-04-14 12:00 . 2011-01-07 14:09 290048 c:\windows\system32\dllcache\atmfd.dll

+ 2008-04-14 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll

- 2008-04-14 12:00 . 2008-04-14 12:00 617472 c:\windows\system32\comctl32.dll

+ 2005-10-29 04:49 . 2005-10-29 04:49 133120 c:\windows\system32\axaltocm.dll

+ 2008-04-14 12:00 . 2011-01-07 14:09 290048 c:\windows\system32\atmfd.dll

+ 2010-10-10 04:59 . 1996-08-27 07:12 429424 c:\windows\system\QTIM.DLL

+ 2010-12-14 00:16 . 2004-07-09 10:26 354816 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\psisdecd.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 733184 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedwipes.dll

+ 2010-12-14 00:16 . 2004-07-09 10:27 470528 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdvd.dll

+ 2010-12-14 00:16 . 2004-07-09 10:27 316928 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdv.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 257024 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qcap.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 173056 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qasf.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 324096 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mswebdvd.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 130304 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ks.sys

+ 2010-12-14 00:16 . 2004-07-09 10:27 974848 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe

+ 2010-12-14 00:16 . 2002-12-12 06:14 602624 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx7vb.dll

+ 2010-12-14 00:16 . 2004-07-09 10:27 381952 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 491520 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmoprp.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 186880 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmo.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 112128 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvvox.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 381952 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvoice.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 723968 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnet.dll

+ 2010-12-14 00:16 . 2004-07-09 10:27 230400 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplayx.dll

+ 2010-12-14 00:16 . 2004-07-09 10:27 122880 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmusic.dll

+ 2010-12-14 00:16 . 2002-12-12 06:14 100864 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmsynth.dll

+ 2010-12-14 00:16 . 2004-07-09 10:27 181248 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmime.dll

+ 2010-12-14 00:16 . 2003-05-30 15:00 132608 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\devenum.dll

+ 2010-12-14 00:16 . 2004-07-09 10:27 292864 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll

+ 2010-12-14 00:16 . 2003-05-30 15:00 797184 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3dim700.dll

+ 2011-05-16 05:44 . 2010-10-18 19:57 171282 c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1033.dat

- 2009-06-18 14:57 . 2008-04-14 12:00 744448 c:\windows\pchealth\helpctr\binaries\HelpSvc.exe

+ 2009-06-18 14:57 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe

+ 2010-03-31 05:16 . 2010-03-31 05:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll

+ 2010-04-08 04:48 . 2010-04-08 04:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll

- 2008-07-30 00:16 . 2008-07-30 00:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll

+ 2010-04-08 04:48 . 2010-04-08 04:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll

+ 2010-09-22 14:43 . 2010-09-22 14:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll

+ 2010-02-09 17:22 . 2010-02-09 17:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

- 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

+ 2010-05-11 11:40 . 2010-05-11 11:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll

+ 2010-05-11 11:40 . 2010-05-11 11:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

- 2009-08-08 04:51 . 2009-08-08 04:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2004-07-15 16:23 . 2004-07-15 16:23 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe

+ 2004-07-15 19:31 . 2004-07-15 19:31 573440 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll

+ 2004-07-15 19:28 . 2004-07-15 19:28 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll

+ 2004-07-15 19:28 . 2004-07-15 19:28 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll

+ 2004-07-15 19:31 . 2004-07-15 19:31 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll

+ 2004-07-15 19:28 . 2004-07-15 19:28 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll

+ 2004-07-15 19:31 . 2004-07-15 19:31 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll

+ 2004-07-15 19:31 . 2004-07-15 19:31 372736 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Management.dll

Link to post
Share on other sites

+ 2010-09-23 12:39 . 2010-09-23 12:39 4265472 c:\windows\Installer\675ee8c.msp

+ 2010-04-12 03:17 . 2010-04-12 03:17 2607104 c:\windows\Installer\63fbd568.msp

+ 2010-04-12 03:17 . 2010-04-12 03:17 4210688 c:\windows\Installer\63fbd567.msp

+ 2009-10-16 23:07 . 2009-10-16 23:07 6115328 c:\windows\Installer\51431d0.msp

+ 2009-08-21 15:14 . 2009-08-21 15:14 8363008 c:\windows\Installer\51431a6.msp

+ 2010-05-03 21:27 . 2010-05-03 21:27 6825472 c:\windows\Installer\5143187.msp

+ 2009-08-20 10:02 . 2009-08-20 10:02 5204992 c:\windows\Installer\514315d.msp

+ 2009-07-01 18:21 . 2009-07-01 18:21 8891904 c:\windows\Installer\5143147.msp

+ 2010-05-03 21:11 . 2010-05-03 21:11 4149760 c:\windows\Installer\5143130.msp

+ 2010-05-05 03:25 . 2010-05-05 03:25 7681024 c:\windows\Installer\514311c.msp

+ 2008-01-14 21:53 . 2008-01-14 21:53 5213696 c:\windows\Installer\5143107.msp

+ 2009-12-17 03:58 . 2009-12-17 03:58 5382144 c:\windows\Installer\51430f3.msp

+ 2008-10-25 14:15 . 2008-10-25 14:15 6227456 c:\windows\Installer\51430db.msp

+ 2009-09-29 14:08 . 2009-09-29 14:08 6747648 c:\windows\Installer\51430b2.msp

+ 2007-11-08 16:42 . 2007-11-08 16:42 4158464 c:\windows\Installer\5143089.msp

+ 2010-05-03 21:06 . 2010-05-03 21:06 5053952 c:\windows\Installer\514306d.msp

+ 2010-03-30 17:34 . 2010-03-30 17:34 3826688 c:\windows\Installer\5143056.msp

+ 2011-03-06 17:59 . 2011-03-06 17:59 3085312 c:\windows\Installer\4151b1cf.msi

+ 2011-03-06 17:49 . 2011-03-06 17:49 1710592 c:\windows\Installer\4151b15f.msi

+ 2010-08-13 22:59 . 2010-08-13 22:59 8182272 c:\windows\Installer\34d061c4.msp

+ 2010-08-13 23:02 . 2010-08-13 23:02 2545664 c:\windows\Installer\34d061bc.msp

+ 2010-08-23 22:09 . 2010-08-23 22:09 7673344 c:\windows\Installer\34d061b4.msp

+ 2010-10-04 21:32 . 2010-10-04 21:32 5517824 c:\windows\Installer\34d0619f.msp

+ 2010-08-24 14:49 . 2010-08-24 14:49 6825472 c:\windows\Installer\34d0618a.msp

+ 2011-04-14 14:46 . 2011-04-14 14:46 3854848 c:\windows\Installer\2da2b.msp

+ 2011-04-16 20:10 . 2011-04-16 20:10 1063424 c:\windows\Installer\2af585d8.msi

+ 2010-08-05 15:57 . 2010-08-05 15:57 4066304 c:\windows\Installer\270a784e.msp

+ 2010-08-20 18:50 . 2010-08-20 18:50 5518848 c:\windows\Installer\270a782b.msp

+ 2010-08-04 20:12 . 2010-08-04 20:12 1004544 c:\windows\Installer\270a7816.msp

+ 2010-08-25 22:06 . 2010-08-25 22:06 6479360 c:\windows\Installer\270a780f.msp

+ 2011-01-15 18:10 . 2011-01-15 18:10 2817024 c:\windows\Installer\24df39.msi

+ 2010-11-06 14:22 . 2010-11-06 14:22 3940864 c:\windows\Installer\22b3c.msi

+ 2011-04-07 02:25 . 2011-04-07 02:25 4773888 c:\windows\Installer\2129a0d7.msp

+ 2011-04-05 01:06 . 2011-04-05 01:06 4431360 c:\windows\Installer\2129a065.msp

+ 2011-02-22 02:50 . 2011-02-22 02:50 3852288 c:\windows\Installer\1ccb2b17.msp

+ 2011-02-22 02:48 . 2011-02-22 02:48 3805184 c:\windows\Installer\1ccb2aba.msp

+ 2011-02-21 23:49 . 2011-02-21 23:49 1984000 c:\windows\Installer\1997a73d.msi

+ 2011-02-21 23:43 . 2011-02-21 23:43 9472000 c:\windows\Installer\1997a71c.msi

+ 2010-09-17 12:04 . 2010-09-17 12:04 9401856 c:\windows\Installer\189d1f9c.msp

+ 2010-10-01 23:42 . 2010-10-01 23:42 5054464 c:\windows\Installer\189d1f7f.msp

+ 2010-10-22 19:25 . 2010-10-22 19:25 5521408 c:\windows\Installer\189d1f6a.msp

+ 2010-05-25 16:45 . 2010-05-25 16:45 8445440 c:\windows\Installer\18857c3.msp

+ 2010-06-11 22:55 . 2010-06-11 22:55 1827328 c:\windows\Installer\18857ac.msp

+ 2010-07-01 03:52 . 2010-07-01 03:52 5522944 c:\windows\Installer\1885796.msp

+ 2010-06-28 21:01 . 2010-06-28 21:01 7677952 c:\windows\Installer\1746c2ff.msp

+ 2010-06-29 03:53 . 2010-06-29 03:53 6819840 c:\windows\Installer\1746c2ea.msp

+ 2010-07-26 22:02 . 2010-07-26 22:02 5519360 c:\windows\Installer\1746c2cb.msp

+ 2010-07-11 01:14 . 2010-07-11 01:14 2850816 c:\windows\Installer\1746c2b6.msp

+ 2011-04-14 14:46 . 2011-04-14 14:46 3854848 c:\windows\Installer\16964add.msp

+ 2011-04-14 22:30 . 2011-04-14 22:30 1981760 c:\windows\Installer\{A525E00B-6609-442E-9DCD-64453C233E8D}\TurboTax.exe

+ 2007-05-09 22:19 . 2007-05-09 22:19 2585936 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\VBE6.DLL

+ 2007-04-19 18:49 . 2007-04-19 18:49 1661280 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\PPTVIEW.EXE

+ 2007-05-31 18:35 . 2007-05-31 18:35 6420320 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE

+ 2007-05-10 18:45 . 2007-05-10 18:45 8069464 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OWC11.DLL

+ 2007-05-31 18:43 . 2007-05-31 18:43 7613280 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OUTLLIB.DLL

+ 2007-06-06 15:53 . 2007-06-06 15:53 1195888 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\FM20.DLL

+ 2003-07-03 20:19 . 2003-07-03 20:19 2502656 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\VBE6.DLL

+ 2003-08-03 15:52 . 2003-08-03 15:52 2808376 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\STSLIST.DLL

+ 2003-07-31 20:21 . 2003-07-31 20:21 1782840 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\PPTVIEW.EXE

+ 2003-07-30 17:40 . 2003-07-30 17:40 6133312 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\POWERPNT.EXE

+ 2003-08-01 20:09 . 2003-08-01 20:09 8086072 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OWC11.DLL

+ 2003-08-10 04:06 . 2003-08-10 04:06 7522360 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLLIB.DLL

+ 2003-07-07 18:36 . 2003-07-07 18:36 2058343 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DAT

+ 2003-07-15 04:05 . 2003-07-15 04:05 1054264 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL

+ 2003-06-18 22:31 . 2003-06-18 22:31 1033216 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSPCORE.DLL

+ 2003-07-11 07:15 . 2003-07-11 07:15 1292872 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL

+ 2002-12-18 00:09 . 2002-12-18 00:09 2071752 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSOLAP80.DLL

+ 2002-12-18 00:08 . 2002-12-18 00:08 1383592 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSDMINE.DLL

+ 2003-07-15 04:11 . 2003-07-15 04:11 2139192 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\GRAPH.EXE

+ 2003-07-26 00:00 . 2003-07-26 00:00 1157696 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPSRVUTL.DLL

+ 2003-07-24 04:01 . 2003-07-24 04:01 1949240 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FPCUTL.DLL

+ 2003-08-03 15:56 . 2003-08-03 15:56 1146184 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\FM20.DLL

+ 2010-09-22 23:05 . 2010-09-22 23:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\rt3d.dll

+ 2010-09-16 08:08 . 2010-09-16 08:08 6210560 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\authplay.dll

+ 2010-06-19 22:51 . 2010-06-19 22:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AGM.dll

+ 2009-08-20 00:04 . 2009-08-20 00:04 4542296 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\WRD12CNV.DLL

+ 2010-06-09 08:08 . 2010-02-25 06:24 1209344 c:\windows\ie8updates\KB982381-IE8\urlmon.dll

+ 2010-06-09 08:08 . 2010-02-25 06:24 5944832 c:\windows\ie8updates\KB982381-IE8\mshtml.dll

+ 2010-06-09 08:08 . 2010-02-25 06:24 1985536 c:\windows\ie8updates\KB982381-IE8\iertutil.dll

+ 2011-02-09 09:01 . 2010-11-06 00:26 1210880 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll

+ 2011-02-09 09:01 . 2010-11-06 00:26 5959168 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll

+ 2011-02-09 09:01 . 2010-11-06 00:26 1991680 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll

+ 2010-12-16 09:04 . 2010-09-10 05:58 1210880 c:\windows\ie8updates\KB2416400-IE8\urlmon.dll

+ 2010-12-16 09:04 . 2010-09-10 05:58 5957120 c:\windows\ie8updates\KB2416400-IE8\mshtml.dll

+ 2010-12-16 09:04 . 2010-09-10 05:58 1986560 c:\windows\ie8updates\KB2416400-IE8\iertutil.dll

+ 2010-10-15 08:04 . 2010-06-24 12:22 1210368 c:\windows\ie8updates\KB2360131-IE8\urlmon.dll

+ 2010-10-15 08:04 . 2010-06-24 12:22 5951488 c:\windows\ie8updates\KB2360131-IE8\mshtml.dll

+ 2010-10-15 08:04 . 2010-06-24 12:21 1986560 c:\windows\ie8updates\KB2360131-IE8\iertutil.dll

+ 2010-08-12 08:03 . 2010-05-06 10:41 1209344 c:\windows\ie8updates\KB2183461-IE8\urlmon.dll

+ 2010-08-12 08:03 . 2010-05-06 10:41 5950976 c:\windows\ie8updates\KB2183461-IE8\mshtml.dll

+ 2010-08-12 08:03 . 2010-05-06 10:41 1985536 c:\windows\ie8updates\KB2183461-IE8\iertutil.dll

+ 2009-06-18 15:16 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe

+ 2009-06-18 15:16 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe

+ 2009-02-08 00:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe

+ 2009-06-18 15:16 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe

+ 2010-10-06 08:01 . 2010-10-06 08:01 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_ab9cb89a\System.dll

+ 2010-10-06 08:01 . 2010-10-06 08:01 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_4cbb8cd9\System.dll

+ 2010-10-06 08:01 . 2010-10-06 08:01 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b1b1f0c1\System.Xml.dll

+ 2010-10-06 08:02 . 2010-10-06 08:02 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_24271733\System.Xml.dll

+ 2010-10-06 08:01 . 2010-10-06 08:01 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_ee72ed79\System.Windows.Forms.dll

+ 2010-10-06 08:01 . 2010-10-06 08:01 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_ed8108b9\System.Windows.Forms.dll

+ 2010-10-06 08:02 . 2010-10-06 08:02 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b08f942f\System.Drawing.dll

+ 2010-10-06 08:02 . 2010-10-06 08:02 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_ff5c5bbc\System.Design.dll

+ 2010-10-06 08:01 . 2010-10-06 08:01 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_e28de323\System.Design.dll

+ 2010-10-06 08:01 . 2010-10-06 08:01 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_c7b8b735\mscorlib.dll

+ 2010-10-06 08:02 . 2010-10-06 08:02 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_03e9d06e\mscorlib.dll

+ 2010-08-12 08:07 . 2010-08-12 08:07 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll

+ 2010-08-12 08:10 . 2010-08-12 08:10 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll

+ 2011-02-17 00:42 . 2011-02-17 00:42 3432448 c:\windows\assembly\NativeImages_v2.0.50727_32\ttax\a6cf14b81f733b6c5009bbb4f4fe1cb9\ttax.ni.dll

+ 2010-08-12 08:12 . 2010-08-12 08:12 4161024 c:\windows\assembly\NativeImages_v2.0.50727_32\ttax\8a7f4c7d467984e37117d6bbb7af3e74\ttax.ni.dll

+ 2010-08-12 08:07 . 2010-08-12 08:07 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll

+ 2010-08-12 08:10 . 2010-08-12 08:10 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll

+ 2010-10-06 08:08 . 2010-10-06 08:08 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll

+ 2010-08-12 08:16 . 2010-08-12 08:16 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\60b3c9a63b2065a6952d16256545c25d\System.WorkflowServices.ni.dll

+ 2010-08-12 08:16 . 2010-08-12 08:16 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5cc2a23ce8ac371c7a97b5e542ee27ed\System.Workflow.Runtime.ni.dll

+ 2010-10-06 08:08 . 2010-10-06 08:08 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll

+ 2010-08-12 08:16 . 2010-08-12 08:16 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c0aabf67e7ef98dc10c3e174c136731b\System.Workflow.ComponentModel.ni.dll

+ 2010-10-06 08:08 . 2010-10-06 08:08 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll

+ 2010-10-06 08:08 . 2010-10-06 08:08 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll

+ 2010-08-12 08:16 . 2010-08-12 08:16 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\66682c8a064608ba4ffd0463cf09aef9\System.Workflow.Activities.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2d662564b8d9c57a34c588cc2970902b\System.Web.Services.ni.dll

+ 2010-10-06 08:07 . 2010-10-06 08:07 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll

+ 2010-08-12 08:15 . 2010-08-12 08:15 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\9b455702c9b7b02c5708406f87986751\System.Web.Mobile.ni.dll

+ 2010-10-06 08:08 . 2010-10-06 08:08 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4200f716e9a41cb91d17516ba864e586\System.Web.Mobile.ni.dll

+ 2010-10-06 08:08 . 2010-10-06 08:08 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll

+ 2010-08-12 08:15 . 2010-08-12 08:15 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\49c7a1c78ed9502ba97c11e6bd993f63\System.Web.Extensions.ni.dll

+ 2010-08-12 08:10 . 2010-08-12 08:10 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll

+ 2010-08-12 08:15 . 2010-08-12 08:15 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\f5790a1b7b41e7b8d05f01b549c80f39\System.ServiceModel.Web.ni.dll

+ 2010-10-06 08:08 . 2010-10-06 08:08 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll

+ 2010-08-12 08:12 . 2010-08-12 08:12 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll

+ 2010-08-12 08:10 . 2010-08-12 08:10 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll

+ 2010-08-12 08:15 . 2010-08-12 08:15 4949504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\cf2f92b2b626f7e53e80146b17bd7bed\System.Management.Automation.ni.dll

+ 2010-10-06 08:06 . 2010-10-06 08:06 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll

+ 2010-08-12 08:12 . 2010-08-12 08:12 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\0885f31c21b796465fde6297dba20981\System.IdentityModel.ni.dll

+ 2010-08-12 08:10 . 2010-08-12 08:10 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll

+ 2010-08-12 08:09 . 2010-08-12 08:09 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll

+ 2010-08-12 08:12 . 2010-08-12 08:12 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll

+ 2010-10-06 08:08 . 2010-10-06 08:08 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll

+ 2010-08-12 08:15 . 2010-08-12 08:15 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\23cf0498f2ebe4c8ffa5cc79efca2dc5\System.Data.Services.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\58202ed61096113d08815c0a78313b66\System.Data.OracleClient.ni.dll

+ 2010-08-12 08:09 . 2010-08-12 08:09 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll

+ 2010-08-12 08:15 . 2010-08-12 08:15 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll

+ 2010-08-12 08:09 . 2010-08-12 08:09 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll

+ 2010-08-12 08:09 . 2010-08-12 08:09 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll

+ 2010-08-12 08:09 . 2010-08-12 08:09 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll

+ 2010-08-12 08:07 . 2010-08-12 08:07 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll

+ 2010-10-06 08:07 . 2010-10-06 08:07 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\9732a7c993055f82040642966db07ccf\Microsoft.VisualBasic.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2010-08-12 08:14 . 2010-08-12 08:14 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Map\e752e945a051edcf347fff89785a4c67\Intuit.Ctg.Map.ni.dll

+ 2010-10-06 08:07 . 2010-10-06 08:07 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Map\b64ee9e3b78b54c843ff60a2dea683dc\Intuit.Ctg.Map.ni.dll

+ 2011-02-17 00:42 . 2011-02-17 00:42 1491968 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Map\b37188801979f0a688659387a2c82cae\Intuit.Ctg.Map.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 2597376 c:\windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\2d0d02d1ab503f8dd07b117e80af0107\Infragistics2.Win.Misc.v8.2.ni.dll

+ 2010-06-23 08:03 . 2010-06-23 08:03 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

- 2009-10-17 08:05 . 2009-10-17 08:05 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2010-10-06 08:04 . 2010-10-06 08:04 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll

- 2009-08-15 08:09 . 2009-08-15 08:09 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll

+ 2010-06-09 08:05 . 2010-06-09 08:05 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll

+ 2010-04-19 22:44 . 2010-04-19 22:44 1564672 c:\windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2010-06-23 08:03 . 2010-06-23 08:03 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll

- 2009-10-17 08:04 . 2009-10-17 08:04 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

- 2009-10-17 08:05 . 2009-10-17 08:05 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2010-06-23 08:03 . 2010-06-23 08:03 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

- 2009-08-15 08:04 . 2009-08-15 08:04 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2010-10-06 08:03 . 2010-10-06 08:03 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2010-10-06 08:01 . 2010-10-06 08:01 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll

+ 2010-04-21 03:29 . 2010-04-21 03:29 1339392 c:\windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll

+ 2010-04-21 03:29 . 2010-04-21 03:29 2052096 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2010-10-06 08:01 . 2010-10-06 08:01 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll

+ 2010-04-21 03:29 . 2010-04-21 03:29 1703936 c:\windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll

+ 2010-04-21 03:29 . 2010-04-21 03:29 1294336 c:\windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll

+ 2010-04-19 22:42 . 2010-04-19 22:42 1564672 c:\windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll

+ 2010-08-12 08:01 . 2009-10-23 15:28 3558912 c:\windows\$NtUninstallKB981997$\moviemk.exe

+ 2010-10-15 08:02 . 2010-06-23 13:44 1851904 c:\windows\$NtUninstallKB981957$\win32k.sys

+ 2010-08-12 08:06 . 2010-02-16 14:08 2146304 c:\windows\$NtUninstallKB981852$\ntoskrnl.exe

+ 2010-08-12 08:06 . 2010-02-16 13:25 2024448 c:\windows\$NtUninstallKB981852$\ntkrpamp.exe

+ 2010-08-12 08:06 . 2010-02-16 13:25 2024448 c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe

+ 2010-08-12 08:06 . 2010-02-16 14:08 2146304 c:\windows\$NtUninstallKB981852$\ntkrnlmp.exe

+ 2010-10-15 08:05 . 2008-04-14 12:00 1287168 c:\windows\$NtUninstallKB979687$\ole32.dll

+ 2010-06-09 08:08 . 2009-08-14 13:21 1850624 c:\windows\$NtUninstallKB979559$\win32k.sys

+ 2010-06-09 08:06 . 2009-05-20 09:56 2458112 c:\windows\$NtUninstallKB978695_WM9$\wmvcore.dll

+ 2010-05-12 08:00 . 2009-07-10 13:27 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll

+ 2010-06-09 08:06 . 2009-11-27 17:11 1291776 c:\windows\$NtUninstallKB975562$\quartz.dll

+ 2011-02-09 09:03 . 2010-07-27 06:30 8462336 c:\windows\$NtUninstallKB2483185$\shell32.dll

+ 2011-03-09 09:01 . 2009-06-10 14:19 2066432 c:\windows\$NtUninstallKB2481109$\mstscax.dll

+ 2011-03-09 09:01 . 2008-04-14 12:00 2061824 c:\windows\$NtUninstallKB2481109$\lhmstscx.dll

+ 2011-02-09 09:03 . 2010-10-26 13:25 1853312 c:\windows\$NtUninstallKB2479628$\win32k.sys

+ 2010-12-16 09:03 . 2010-08-31 13:42 1852800 c:\windows\$NtUninstallKB2436673$\win32k.sys

+ 2011-02-09 09:00 . 2010-04-27 13:59 2146304 c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe

+ 2011-02-09 09:00 . 2010-04-27 13:05 2024448 c:\windows\$NtUninstallKB2393802$\ntkrpamp.exe

+ 2011-02-09 09:00 . 2010-04-27 13:05 2024448 c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe

+ 2011-02-09 09:00 . 2010-04-27 13:59 2146304 c:\windows\$NtUninstallKB2393802$\ntkrnlmp.exe

+ 2010-10-15 08:06 . 2008-04-14 12:00 1028096 c:\windows\$NtUninstallKB2387149$\mfc42.dll

+ 2010-08-03 08:00 . 2008-06-17 19:02 8461312 c:\windows\$NtUninstallKB2286198$\shell32.dll

+ 2010-08-12 08:03 . 2010-05-02 05:22 1851264 c:\windows\$NtUninstallKB2160329$\win32k.sys

+ 2010-08-12 08:06 . 2009-07-31 04:35 1172480 c:\windows\$NtUninstallKB2079403$\msxml3.dll

+ 2010-06-08 19:27 . 2010-05-06 10:36 1209856 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\urlmon.dll

+ 2010-06-08 19:27 . 2010-05-06 10:36 5953024 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll

+ 2010-06-08 19:27 . 2010-05-06 10:36 1986048 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iertutil.dll

+ 2010-08-11 21:33 . 2010-06-18 13:43 3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe

+ 2010-08-31 13:38 . 2010-08-31 13:38 1861888 c:\windows\$hf_mig$\KB981957\SP3QFE\win32k.sys

+ 2010-08-11 21:34 . 2010-04-27 13:50 2190080 c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe

+ 2010-08-11 21:34 . 2010-04-27 13:14 2024448 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrpamp.exe

+ 2010-04-28 12:14 . 2010-04-28 12:14 2066944 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe

+ 2010-08-11 21:34 . 2010-04-27 13:54 2146304 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlmp.exe

+ 2010-07-16 12:04 . 2010-07-16 12:04 1289216 c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll

+ 2010-05-02 06:34 . 2010-05-02 06:34 1860352 c:\windows\$hf_mig$\KB979559\SP3QFE\win32k.sys

+ 2010-01-29 14:53 . 2010-01-29 14:53 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll

+ 2010-02-05 18:29 . 2010-02-05 18:29 1291776 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll

+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll

+ 2011-01-21 14:42 . 2011-01-21 14:42 8463360 c:\windows\$hf_mig$\KB2483185\SP3QFE\shell32.dll

+ 2011-02-09 03:13 . 2010-12-20 23:58 1211904 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\urlmon.dll

+ 2011-02-09 03:13 . 2010-12-20 23:58 5962240 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll

+ 2011-02-09 03:13 . 2010-12-20 23:58 1992192 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iertutil.dll

+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll

+ 2010-12-31 13:14 . 2010-12-31 13:14 1864064 c:\windows\$hf_mig$\KB2479628\SP3QFE\win32k.sys

+ 2010-10-26 13:27 . 2010-10-26 13:27 1862272 c:\windows\$hf_mig$\KB2436673\SP3QFE\win32k.sys

+ 2010-12-15 20:24 . 2010-11-06 00:27 1211904 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\urlmon.dll

+ 2010-12-15 20:24 . 2010-11-06 00:27 5960704 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll

+ 2010-12-15 20:24 . 2010-11-06 00:27 1992192 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iertutil.dll

+ 2011-02-09 03:12 . 2010-12-09 13:43 2192768 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe

+ 2011-02-09 03:12 . 2010-12-09 13:09 2027008 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe

+ 2010-12-10 00:39 . 2010-12-10 00:39 2069376 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe

+ 2011-02-09 03:12 . 2010-12-09 13:47 2148864 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe

+ 2010-10-14 22:44 . 2010-09-10 05:57 1211904 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\urlmon.dll

+ 2010-10-14 22:44 . 2010-09-10 05:57 5958656 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll

+ 2010-10-14 22:44 . 2010-09-10 05:57 1987072 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iertutil.dll

+ 2010-07-27 06:28 . 2010-07-27 06:28 8463360 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll

+ 2010-08-11 21:34 . 2010-06-24 12:24 1211904 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\urlmon.dll

+ 2010-08-11 21:34 . 2010-06-24 12:24 5954560 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll

+ 2010-08-11 21:34 . 2010-06-24 12:24 1987072 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\iertutil.dll

+ 2010-06-24 02:14 . 2010-06-24 02:14 1861120 c:\windows\$hf_mig$\KB2160329\SP3QFE\win32k.sys

+ 2010-06-14 07:39 . 2010-06-14 07:39 1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll

+ 2010-06-14 22:01 . 2010-06-14 22:01 12648808 c:\windows\twain_32\HP Photosmart Plus B210 series\HPScanUI.dll

+ 2008-04-14 12:00 . 2010-08-26 04:36 10841088 c:\windows\system32\wmp.dll

- 2008-04-14 12:00 . 2009-07-14 04:43 10841088 c:\windows\system32\wmp.dll

+ 2009-06-18 15:18 . 2011-03-09 09:01 37943240 c:\windows\system32\MRT.exe

+ 2007-08-13 23:54 . 2010-12-21 11:29 11080704 c:\windows\system32\ieframe.dll

+ 2008-04-14 12:00 . 2010-08-26 04:36 10841088 c:\windows\system32\dllcache\wmp.dll

- 2008-04-14 12:00 . 2009-07-14 04:43 10841088 c:\windows\system32\dllcache\wmp.dll

+ 2009-06-18 15:29 . 2010-12-21 11:29 11080704 c:\windows\system32\dllcache\ieframe.dll

+ 2010-04-03 00:29 . 2010-04-03 00:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp

+ 2010-09-24 19:08 . 2010-09-24 19:08 11430400 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp

+ 2010-03-31 06:23 . 2010-03-31 06:23 15638528 c:\windows\Installer\d29800.msp

+ 2009-10-27 19:57 . 2009-10-27 19:57 14009856 c:\windows\Installer\bce21.msp

+ 2009-10-27 22:11 . 2009-10-27 22:11 11146240 c:\windows\Installer\bce13.msp

+ 2010-12-14 00:15 . 2010-12-14 00:15 13121024 c:\windows\Installer\9465399.msi

+ 2010-12-14 00:14 . 2010-12-14 00:14 10113024 c:\windows\Installer\9465398.msi

+ 2010-04-24 22:09 . 2010-04-24 22:09 11750912 c:\windows\Installer\6e974b8.msp

+ 2010-09-24 12:08 . 2010-09-24 12:08 17518080 c:\windows\Installer\675ee83.msp

+ 2010-04-02 17:30 . 2010-04-02 17:30 17456640 c:\windows\Installer\63fbd593.msp

+ 2010-04-12 03:17 . 2010-04-12 03:17 14599680 c:\windows\Installer\63fbd576.msp

+ 2010-05-11 16:30 . 2010-05-11 16:30 11194880 c:\windows\Installer\51431bb.msp

+ 2009-07-01 18:19 . 2009-07-01 18:19 10607104 c:\windows\Installer\5143148.msp

+ 2009-08-10 19:09 . 2009-08-10 19:09 17254912 c:\windows\Installer\456d53f.msp

+ 2010-04-21 03:28 . 2010-04-21 03:28 19210240 c:\windows\Installer\41f1f3b.msp

+ 2011-03-13 01:02 . 2011-03-13 01:02 15139328 c:\windows\Installer\2da2a.msp

+ 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\2da29.msp

+ 2010-10-14 22:57 . 2010-10-14 22:57 11189248 c:\windows\Installer\189d1f94.msp

+ 2010-06-11 22:52 . 2010-06-11 22:52 45542912 c:\windows\Installer\18857ad.msp

+ 2010-05-19 18:08 . 2010-05-19 18:08 11408896 c:\windows\Installer\1746c2d5.msp

+ 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\16964adf.msp

+ 2011-03-13 01:02 . 2011-03-13 01:02 15139328 c:\windows\Installer\16964ade.msp

+ 2007-05-31 18:37 . 2007-05-31 18:37 12310368 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\WINWORD.EXE

+ 2007-06-18 22:16 . 2007-06-18 22:16 12259160 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSO.DLL

+ 2007-05-31 18:41 . 2007-05-31 18:41 10352472 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\EXCEL.EXE

+ 2003-08-06 18:24 . 2003-08-06 18:24 12037688 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\WINWORD.EXE

+ 2003-08-08 05:23 . 2003-08-08 05:23 12172336 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\MSO.DLL

+ 2003-08-13 07:34 . 2003-08-13 07:34 10073144 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.5614\EXCEL.EXE

+ 2010-09-23 08:03 . 2010-09-23 08:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.dll

+ 2009-08-17 23:39 . 2009-08-17 23:39 15119720 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\XL12CNV.EXE

+ 2009-08-17 22:40 . 2009-08-17 22:40 17309040 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\MSO.DLL

+ 2010-06-09 08:08 . 2010-02-25 16:54 11070976 c:\windows\ie8updates\KB982381-IE8\ieframe.dll

+ 2011-02-09 09:01 . 2010-11-06 00:26 11080704 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll

+ 2010-12-16 09:04 . 2010-09-10 05:58 11080192 c:\windows\ie8updates\KB2416400-IE8\ieframe.dll

+ 2010-10-15 08:04 . 2010-06-24 22:51 11077120 c:\windows\ie8updates\KB2360131-IE8\ieframe.dll

+ 2010-08-12 08:03 . 2010-05-06 10:41 11076096 c:\windows\ie8updates\KB2183461-IE8\ieframe.dll

+ 2010-08-12 08:10 . 2010-08-12 08:10 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll

+ 2010-10-06 08:07 . 2010-10-06 08:07 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 11798016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\411a627d6f5cb83509332253406988e5\System.Web.ni.dll

+ 2010-08-12 08:12 . 2010-08-12 08:12 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f523a69e7c93ee4f245c996eac4b3a57\System.ServiceModel.ni.dll

+ 2010-10-06 08:07 . 2010-10-06 08:07 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll

+ 2010-10-06 08:05 . 2010-10-06 08:05 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\fdc42078fd10e4dc8b05087900c63977\System.Design.ni.dll

+ 2010-08-12 08:10 . 2010-08-12 08:10 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\b307acf63075b997d02a97a7492d0d9c\System.Design.ni.dll

+ 2010-08-12 08:08 . 2010-08-12 08:08 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll

+ 2010-08-12 08:08 . 2010-08-12 08:08 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll

+ 2010-08-12 08:06 . 2010-08-12 08:06 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll

+ 2010-08-12 08:13 . 2010-08-12 08:13 10334208 c:\windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\b28590ae33df1896ab13e8ceb5fb018b\Infragistics2.Win.v8.2.ni.dll

+ 2010-10-15 08:06 . 2009-07-14 04:43 10841088 c:\windows\$NtUninstallKB2378111_WM9$\wmp.dll

+ 2010-05-06 21:06 . 2010-05-06 21:06 11078144 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\ieframe.dll

+ 2011-02-09 03:13 . 2010-12-20 23:58 11082752 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieframe.dll

+ 2010-11-06 11:57 . 2010-11-06 11:57 11082752 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ieframe.dll

+ 2010-09-10 16:27 . 2010-09-10 16:27 11082240 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieframe.dll

+ 2010-08-11 21:34 . 2010-06-24 12:24 11079168 c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\ieframe.dll

+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\6e9749a.msp

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-07 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-07 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-07 137752]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-18 13574144]

"nwiz"="nwiz.exe" [2008-09-18 1657376]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-18 86016]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe" [2006-01-07 172032]

"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2006-01-07 49152]

"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]

"HPHmon06"="c:\windows\system32\hphmon06.exe" [2006-01-07 659456]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 57344]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-27 421160]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

c:\documents and settings\Mom Mother Mum Mommy\Start Menu\Programs\Startup\

Event Reminder.lnk - c:\program files\Mindscape\PrintMaster\PMREMIND.EXE [1998-6-6 325632]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\digital imaging\bin\hpqtra08.exe [2004-5-28 241664]

Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableNotifications"= 1 (0x1)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443

"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443

"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674

"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674

"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675

.

R1 MpKsl67459356;MpKsl67459356;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5DDB175F-4E9F-413C-B9EF-F3A402DE3252}\MpKsl67459356.sys [5/24/2011 7:44 PM 28752]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [5/21/2011 8:26 AM 136360]

R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [6/24/2010 2:34 PM 91456]

R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [4/19/2011 1:44 AM 993848]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [4/19/2011 1:44 AM 399416]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [9/1/2010 3:30 AM 15544]

S1 MpKsl3351f9d4;MpKsl3351f9d4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{43E76538-3039-4080-AE88-F93E9AA5D6A4}\MpKsl3351f9d4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{43E76538-3039-4080-AE88-F93E9AA5D6A4}\MpKsl3351f9d4.sys [?]

S1 MpKsl5a798f7b;MpKsl5a798f7b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKsl5a798f7b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKsl5a798f7b.sys [?]

S1 MpKslb5cf9a8f;MpKslb5cf9a8f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKslb5cf9a8f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D947EC6A-9EFF-4962-9885-2E9EE93FAC83}\MpKslb5cf9a8f.sys [?]

S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSL67459356

*NewlyCreated* - WUAUSERV

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

itlsvc REG_MULTI_SZ itlperf

.

Contents of the 'Scheduled Tasks' folder

.

2011-05-23 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:50]

.

2011-05-24 c:\windows\Tasks\At1.job

- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-06-14 22:07]

.

2011-05-24 c:\windows\Tasks\At2.job

- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-06-14 22:07]

.

2011-05-24 c:\windows\Tasks\At3.job

- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-06-14 22:07]

.

2011-05-24 c:\windows\Tasks\At4.job

- c:\program files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-06-14 22:07]

.

2011-05-24 c:\windows\Tasks\HP Usg Daily FY04.job

- c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\pexpress\hphped06.exe [2009-07-11 05:09]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local;<local>

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

Trusted Zone: intuit.com\ttlc

FF - ProfilePath - c:\documents and settings\Mom Mother Mum Mommy\Application Data\Mozilla\Firefox\Profiles\nx176rrn.default\

user_pref(security.warn_viewing_mixed,false);

user_pref(security.warn_viewing_mixed.show_once,false);

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

user_pref(security.warn_submit_insecure,false);

FF - user.js: security.warn_submit_insecure.show_once - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-05-24 20:08

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion*Hlonusax]

"Tsogaxalaza"=hex:44,01,3b,03,37,05,45,07,3c,09,3b,0b,4a,0d,3f,0f,53,11,54,13,

2d,15,22,17,2c,19,59,1b,5e,1d,2a,1f,61,21,67,23,16,25,13,27,1a,29,1e,2b,1b,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(3260)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Completion time: 2011-05-24 20:10:42

ComboFix-quarantined-files.txt 2011-05-25 01:10

ComboFix2.txt 2011-05-25 00:33

ComboFix3.txt 2010-04-19 22:30

.

Pre-Run: 15,657,996,288 bytes free

Post-Run: 15,637,856,256 bytes free

.

- - End Of File - - 98EEC814EFEEFB74F5DA3A898AB2E45F

Link to post
Share on other sites

Lets uninstall combofix and then reboot.

The following will implement some cleanup procedures as well as reset System Restore points:

For XP:

  • Click START run
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

For Vista / Windows 7

  • Click START Search
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

If you used DeFogger

To re-enable your Emulation drivers, double click DeFogger to run the tool.

  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

Your Emulation drivers are now re-enabled.

Now reboot and let me know how it's running.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.