# Nasty Virus!



## danielstern96 (Aug 16, 2011)

Hello Forum,
i am extremely new to this as i signed up as a last resort and really hope that this is a friendly community. recently my computer encountered a nasty virus that is too complex for me to deal with. i am in no way an expert, but i know a little more than the average computer user. ive thrown everything i knew at it, from looking for its source in the registry, to trying and stopping it from starting up (in safe mode) to using superantispywares portable scanner, yet nothing seems to work. i can provide all the information needed to fix my machine if thats what is needed. nothing on it is of grave importance, but i would much rather have my files and folders in check then not. any assistance would be greatly appreciated, and i thank you all for taking the time to read this. thank you in advance! 
also, i would love to learn any tips and suggestions you all might have.
Best Regards,
Daniel.


----------



## jeffce (May 10, 2011)

Hi and Welcome!!  My name is *Jeff*. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

 I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
 Please subscribe to this topic, if you haven't already. You can subscribe by clicking the *Watch Topic* button to the right of your topic title and then choosing the notification method ( Recommended: Inmediate Notification)
 The fixes are specific to your problem and should only be used for the issues on this machine.
 Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
 It's often worth reading through these instructions and printing them for ease of reference.
 If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
 Please reply to this thread. Do not start a new topic.

_***Please be advised, as I am still in training, all my replies to you will be checked for accuracy by one of our experts to ensure that I am giving you the best possible advise, this will be a team effort. This may cause a delay, but I will do my best to keep it as short as possible. Please bear with me, I will post back to you as soon as I can.***_

IMPORTANT NOTE : _*Please do not delete, download or install anything or run additional scans unless instructed to do so.*_
*DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision*.
Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.

*Vista and Windows 7 users:*
These tools MUST be run from the executable (.exe) every time you run them
with Admin Rights (Right click, choose "Run as Administrator")

_*Stay with this topic until I give you the all clean post.*_


----------



## jeffce (May 10, 2011)

Hi danielstern96,

Could you tell me what kind of symptoms your computer is experiencing (ie: pop-ups, redirects...)?

Please download DDS from one of the following links and save it to your desktop.



*DDS.scr*
*DDS.pif*

Disable any script blocking protection (How to Disable your Security Programs)
Double click *DDS* icon to run the tool (may take up to 3 minutes to run)
When done, DDS.txt will open.
After a few moments, attach.txt will open in a second window.
Save both reports to your desktop.
---------------------------------------------------

_*Post*_ the contents of the *DDS.txt* report in your next reply
*Attach* the _*Attach.txt*_ report to your post by scroling down to the *Attachments* area and then clicking *Browse*. Browse to where you saved the file, and click *Open* and then click *UPLOAD*.

----------

Please download *aswMBR* to your desktop.


Double click the aswMBR icon to run it.
_Vista and Windows 7 users right click the icon and choose *"Run as administrator"*._
Click the *Scan* button to start scan.
When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.


_Click the image to enlarge it_
----------

In your next reply please post both of the logs created by DDS and the log created by aswMBR.exe.


----------



## danielstern96 (Aug 16, 2011)

Hi Jeff,
Firstly, i want to thank you for what you are doing.
i couldnt find the watch topic, but it says i am subscribed to the thread and i get emails when for the thread.

to answer your question about the problems, no ant-virus/malware program i ran has been able to successfully complete a scan, the program just seems to close unexpectedly. the computer screen also goes black for about a second from time to time, then goes back to normal, and ive gotten many "security threats" on my windows XP OS that i have heard has been an actual virus floating around.

DDS.txt:

.
DDS (Ver_2011-06-23.01) - NTFSx86 
Internet Explorer: 8.0.6001.18702
Run by dan at 19:18:41 on 2011-08-17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1084 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\2212203682:1567827068.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\lxdncoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\SurfSecret PrivacyVaults\PriVault.exe
C:\Program Files\SurfSecret PrivacyProtector\SS2-FULL.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Java\jre6\bin\javaws.exe
C:\Program Files\Java\jre6\bin\javaw.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:62364
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Shop to Win 9: {0095c290-a428-4bdd-b98c-e0a116f1c702} - c:\program files\shop to win 9\ShoppingBHO.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: PriceGongBHO Class: {1631550f-191d-4826-b069-d9439253d926} - c:\program files\pricegong\2.1.0\PriceGongIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - c:\program files\common files\freecause\dca\dca-bho.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - c:\documents and settings\all users\application data\wecarereminder\IEHelperv2.5.0.dll
BHO: Shop to Win 8: {dac028c6-2a41-4730-b91f-dfbcb26c82b3} - c:\program files\shop to win 8\ShoppingBHO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers client\YontooIEClient.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {C105CBBF-A791-43A4-8A7C-91DF2B79E441} - No File
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: {C3CD744D-2FAE-4640-8297-16B5DA423104} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [pdfSaver3] "c:\program files\pdf-xchange 3 pro\pdfsaver\pdfSaver3.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SurfSecret Privacy Vaults] c:\program files\surfsecret privacyvaults\PriVault.exe
uRun: [SurfSecret] "c:\program files\surfsecret privacyprotector\SS2-FULL.exe" /min
uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [FaxCenterServer] "c:\program files\dell pc fax\fm3032.exe" /s
mRun: [dlcxmon.exe] "c:\program files\dell photo aio printer 926\dlcxmon.exe"
mRun: [MemoryCardManager] "c:\program files\dell photo aio printer 926\memcard.exe"
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [Linksys Wireless Manager] "c:\program files\linksys\linksys wireless manager\LinksysWirelessManager.exe" /cm /min /lcid 1033
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SurfSecret] 
mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [UnlockerAssistant] "c:\documents and settings\dan\desktop\unlocker\UnlockerAssistant.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Anti-phishing Domain Advisor] "c:\documents and settings\all users\application data\anti-phishing domain advisor\visicom_antiphishing.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
StartupFolder: c:\docume~1\dan\startm~1\programs\startup\flipto~1.lnk - c:\program files\fliptoast\fliptoast.exe
StartupFolder: c:\docume~1\dan\startm~1\programs\startup\keypad.lnk - c:\documents and settings\dan\desktop\surfsecret keypad\SSKeyPad.exe
StartupFolder: c:\docume~1\dan\startm~1\programs\startup\pdanet~1.lnk - c:\program files\pdanet for android\PdaNetPC.exe
StartupFolder: c:\docume~1\dan\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\xfire.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1243980282796
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243980267452
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 167.206.245.130 167.206.245.129
TCP: Interfaces\{921D554A-FDA6-4116-AEA7-875EF029E59F} : DhcpNameServer = 167.206.245.130 167.206.245.129
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: LMIinit - LMIinit.dll
AppInit_DLLs: 
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-8-11 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-1-21 47640]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-6-2 24652]
S2 Abel;Abel;f:\cain\abel.exe --> f:\cain\Abel.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-13 136176]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 cpuz132;cpuz132;\??\c:\docume~1\dan\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\dan\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-13 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [2011-5-17 13312]
S3 shwMirror;shwMirror;c:\windows\system32\drivers\shwMirror.sys [2011-1-19 3584]
S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [2009-10-2 627072]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2011-08-14 03:51:53	664	----a-w-	c:\windows\system32\d3d9caps.tmp
2011-08-14 03:01:55	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-14 03:01:52	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-08-14 03:01:52	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-08-14 02:46:42	--------	d-----w-	c:\program files\SUPERAntiSpyware
2011-08-13 20:58:02	--------	d-----w-	c:\documents and settings\dan\application data\WhiteSmoke
2011-08-13 20:57:52	--------	d-----w-	c:\documents and settings\dan\local settings\application data\antiphishing-webblog1_1dn
2011-08-13 20:57:49	--------	d-----w-	c:\documents and settings\all users\application data\Anti-phishing Domain Advisor
2011-08-13 20:57:09	--------	d-----w-	c:\program files\WhiteSmoke
2011-08-13 20:57:07	--------	d-----w-	c:\program files\Yontoo Layers Client
2011-08-13 20:57:03	--------	d-----w-	c:\documents and settings\all users\application data\Tarma Installer
2011-08-13 20:56:50	--------	d-----w-	c:\documents and settings\dan\application data\FileHunter
2011-08-11 22:20:34	139656	-c----w-	c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 22:19:18	10496	-c----w-	c:\windows\system32\dllcache\ndistapi.sys
.
==================== Find3M ====================
.
2011-07-15 13:29:31	456320	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00	10496	----a-w-	c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10:36	139656	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30	916480	----a-w-	c:\windows\system32\wininet.dll
2011-06-23 18:36:30	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13	385024	----a-w-	c:\windows\system32\html.iec
2011-06-20 17:44:52	293376	----a-w-	c:\windows\system32\winsrv.dll
2011-06-19 20:51:09	444952	----a-w-	c:\windows\system32\wrap_oal.dll
2011-06-19 20:51:09	109080	----a-w-	c:\windows\system32\OpenAL32.dll
2011-06-11 00:15:38	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-02 14:02:05	1858944	----a-w-	c:\windows\system32\win32k.sys
2011-03-23 17:03:30	108424	----a-w-	c:\program files\common files\APNStub.exe
2011-03-23 16:26:32	3325832	----a-w-	c:\program files\common files\APNToolbarInstaller.exe
2010-10-01 06:11:56	462112	----a-w-	c:\program files\common files\ZugoInstaller.exe
.
============= FINISH: 19:19:20.00 ===============

im very sorry but i couldnt find the attachments, so if you would like here is also the attach.txt

attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/2/2009 5:45:57 PM
System Uptime: 8/17/2011 7:12:19 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0CU409
Processor: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz | Socket 775 | 1795/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 142 GiB total, 43.967 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: Video Controller (VGA Compatible)
Device ID: PCI\VEN_8086&DEV_29C2&SUBSYS_02381028&REV_02\3&2411E6FE&0&10
Manufacturer: 
Name: Video Controller (VGA Compatible)
PNP Device ID: PCI\VEN_8086&DEV_29C2&SUBSYS_02381028&REV_02\3&2411E6FE&0&10
Service: 
.
==== System Restore Points ===================
.
RP618: 5/16/2011 6:01:29 AM - System Checkpoint
RP619: 5/17/2011 6:01:34 AM - System Checkpoint
RP620: 5/17/2011 8:53:43 PM - Unsigned driver install
RP621: 5/19/2011 12:18:43 AM - System Checkpoint
RP622: 5/20/2011 12:26:12 AM - System Checkpoint
RP623: 5/21/2011 1:41:04 AM - System Checkpoint
RP624: 5/22/2011 1:53:31 AM - System Checkpoint
RP625: 5/23/2011 2:26:47 AM - System Checkpoint
RP626: 5/24/2011 2:40:36 AM - System Checkpoint
RP627: 5/24/2011 7:55:23 PM - Removed FlipToast
RP628: 5/25/2011 9:14:17 PM - System Checkpoint
RP629: 5/26/2011 11:22:55 PM - System Checkpoint
RP630: 5/27/2011 11:34:46 PM - System Checkpoint
RP631: 5/29/2011 1:11:46 AM - System Checkpoint
RP632: 5/30/2011 1:47:04 AM - System Checkpoint
RP633: 5/31/2011 2:47:04 AM - System Checkpoint
RP634: 6/1/2011 10:32:31 PM - System Checkpoint
RP635: 6/2/2011 11:18:47 PM - System Checkpoint
RP636: 6/3/2011 4:27:05 PM - Installed DirectX
RP637: 6/3/2011 4:35:33 PM - Installed Braid
RP638: 6/3/2011 4:55:05 PM - Removed Braid
RP639: 6/3/2011 5:00:23 PM - Installed DirectX
RP640: 6/3/2011 5:27:34 PM - Installed Steam
RP641: 6/3/2011 5:47:45 PM - Installed DirectX
RP642: 6/3/2011 6:06:29 PM - Software Distribution Service 3.0
RP643: 6/3/2011 6:12:41 PM - Installed DirectX
RP644: 6/3/2011 7:16:35 PM - Installed Braid
RP645: 6/3/2011 7:17:02 PM - Installed DirectX
RP646: 6/3/2011 10:31:24 PM - Installed DirectX
RP647: 6/4/2011 1:05:29 PM - Removed Braid
RP648: 6/5/2011 1:12:23 PM - System Checkpoint
RP649: 6/6/2011 1:12:33 PM - System Checkpoint
RP650: 6/7/2011 1:13:48 PM - System Checkpoint
RP651: 6/8/2011 2:32:05 PM - System Checkpoint
RP652: 6/9/2011 7:07:38 PM - System Checkpoint
RP653: 6/10/2011 9:51:31 PM - System Checkpoint
RP654: 6/11/2011 11:09:57 PM - System Checkpoint
RP655: 6/12/2011 11:11:31 PM - System Checkpoint
RP656: 6/13/2011 11:35:10 PM - System Checkpoint
RP657: 6/15/2011 12:14:07 AM - System Checkpoint
RP658: 6/16/2011 1:02:07 AM - System Checkpoint
RP659: 6/16/2011 3:00:22 AM - Software Distribution Service 3.0
RP660: 6/17/2011 3:35:56 AM - System Checkpoint
RP661: 6/18/2011 4:23:56 AM - System Checkpoint
RP662: 6/18/2011 5:57:14 PM - Installed Java(TM) 6 Update 26
RP663: 6/19/2011 4:16:51 PM - Removed Apple Mobile Device Support
RP664: 6/19/2011 9:52:29 PM - Installed Gotcha!
RP665: 6/19/2011 9:53:12 PM - Installed Gotcha!
RP666: 6/19/2011 10:22:58 PM - Installed Gotcha!
RP667: 6/19/2011 10:31:05 PM - Removed Gotcha!
RP668: 6/21/2011 12:32:08 AM - System Checkpoint
RP669: 6/22/2011 1:36:17 AM - System Checkpoint
RP670: 6/23/2011 2:16:24 AM - System Checkpoint
RP671: 6/24/2011 2:33:53 AM - System Checkpoint
RP672: 6/25/2011 3:42:55 AM - System Checkpoint
RP673: 6/26/2011 4:28:25 AM - System Checkpoint
RP674: 6/27/2011 4:28:50 AM - System Checkpoint
RP675: 6/28/2011 3:00:15 AM - Software Distribution Service 3.0
RP676: 6/29/2011 3:00:15 AM - Software Distribution Service 3.0
RP677: 7/2/2011 5:15:29 PM - System Checkpoint
RP678: 7/3/2011 5:30:34 PM - System Checkpoint
RP679: 7/4/2011 5:32:40 PM - System Checkpoint
RP680: 7/5/2011 6:42:37 PM - System Checkpoint
RP681: 7/6/2011 7:46:29 PM - System Checkpoint
RP682: 7/14/2011 2:05:06 AM - System Checkpoint
RP683: 7/14/2011 3:00:18 AM - Software Distribution Service 3.0
RP684: 7/19/2011 2:05:01 PM - System Checkpoint
RP685: 7/20/2011 2:39:58 PM - System Checkpoint
RP686: 7/23/2011 1:06:11 AM - System Checkpoint
RP687: 7/24/2011 2:09:52 AM - System Checkpoint
RP688: 7/25/2011 2:57:52 AM - System Checkpoint
RP689: 7/26/2011 4:09:52 AM - System Checkpoint
RP690: 7/28/2011 3:07:50 AM - System Checkpoint
RP691: 7/29/2011 4:09:53 AM - System Checkpoint
RP692: 7/30/2011 4:57:52 AM - System Checkpoint
RP693: 7/31/2011 6:09:52 AM - System Checkpoint
RP694: 8/1/2011 6:57:52 AM - System Checkpoint
RP695: 8/2/2011 8:09:52 AM - System Checkpoint
RP696: 8/3/2011 8:57:52 AM - System Checkpoint
RP697: 8/4/2011 9:10:25 AM - System Checkpoint
RP698: 8/5/2011 10:10:48 AM - System Checkpoint
RP699: 8/7/2011 3:13:00 PM - System Checkpoint
RP700: 8/11/2011 7:22:36 PM - System Checkpoint
RP701: 8/12/2011 1:18:40 AM - Software Distribution Service 3.0
RP702: 8/12/2011 6:36:51 PM - Removed Laplink Everywhere.
RP703: 8/13/2011 12:45:48 PM - Configured COWON Media Center - jetAudio Basic VX
RP704: 8/13/2011 4:45:25 PM - Installed ooVoo
RP705: 8/13/2011 5:06:25 PM - Removed ooVoo
RP706: 8/13/2011 5:07:27 PM - Removed VDownloader Toolbar.
RP707: 8/13/2011 5:07:44 PM - Removed WeatherBug
RP708: 8/13/2011 5:17:24 PM - Removed ooVoo
RP709: 8/13/2011 5:20:43 PM - Removed ooVoo
RP710: 8/13/2011 5:24:55 PM - Removed ooVoo
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
Adobe Shockwave Player 11.5
AIM 7
Anti-phishing Domain Advisor
Apple Software Update
ASPCA Tri Reminder by We-Care.com
AssaultCube v1.1.0.4
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Editor 5
AVS Video Recorder 2.4
AVS4YOU Software Navigator 1.4
Bing Bar
Bonjour
Cain & Abel v4.9.40
CCleaner
Cheat Engine 5.5
Cheat Engine 5.6.1
Cheat Engine 6.0
Cheat Engine 6.1
Compatibility Pack for the 2007 Office system
COWON J3 User's Guide
COWON Media Center - jetAudio Basic VX
Critical Update for Windows Media Player 11 (KB959772)
DavkaWriter Platinum
Defraggler
Dell Photo AIO Printer 926
Download Updater (AOL LLC)
Easy Uninstaller
Fax Solutions
Fontboard Hebrew Keyboard
Free_Lunch_Design Toolbar
Freecorder
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Icy Tower v1.4
Intel(R) PRO Network Connections Drivers
Itibiti RTC
Java Auto Updater
Java(TM) 6 Update 26
Linksys Wireless Manager
Logitech QuickCam
Logitech Updater
LogMeIn
Malwarebytes' Anti-Malware
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft UI Engine
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WinUsb 1.0
MSN
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MusicBrainz Picard
NVIDIA Drivers
ooVoo
Paint.NET v3.5.8
PDF-XChange 3.0
Perfect Uninstaller v6.3.3.9
Picasa 3
PriceGong 2.1.0
Pure Networks Platform
Python 3.2
QuestBrowse 1.0 build 127
QuickTime
REACTOR
Realtek High Definition Audio Driver
Recuva
Revo Uninstaller 1.91
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Shop to Win 8
Shop to Win 9
Skype Toolbars
Skype™ 5.3
Software Update for Web Folders
Speccy
Steam
SUPERAntiSpyware
SurfSecret Privacy Protector
SurfSecret Privacy Vaults
Team Fortress 2
Unlocker 1.9.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VideoPad Video Editor
VideoSpirit Pro 1.68
Viewpoint Media Player
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinPcap 4.1.2
Wireshark 1.4.6
Yahoo! Toolbar
Yontoo Layers Runtime 1.10.01
YouTube Downloader 2.7.2
.
==== Event Viewer Messages From Past Week ========
.
8/13/2011 7:18:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
8/13/2011 7:18:45 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2011 7:18:45 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2011 7:18:45 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2011 7:18:45 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2011 7:18:45 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/13/2011 7:17:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
8/13/2011 7:17:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/13/2011 7:07:43 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
8/13/2011 7:02:52 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL
8/13/2011 7:02:52 PM, error: Service Control Manager [7000] - The Process Monitor service failed to start due to the following error: Access is denied.
8/13/2011 7:02:52 PM, error: Service Control Manager [7000] - The Abel service failed to start due to the following error: The system cannot find the path specified.
8/13/2011 5:23:09 PM, error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s).
8/11/2011 2:39:33 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.
.
==== End Of File ===========================

*aswMBR does not scan succesfully. while mid-scan the program closes.*

and finally, i was wondering how an infected computer that cannot access the internet can get the logs onto the forum. does the person have to transfer the logs via removable memory (like a USB drive)? wouldnt that put the uninfected computer which the person is using for internet access in some danger of also getting infected?


----------



## jeffce (May 10, 2011)

Hi danielstern96,

Please download TDSSKiller.zip


Extract it to your desktop
Double click *TDSSKiller.exe*
Press *Start Scan*
Only if *Malicious* objects are found then ensure *Cure* is selected
Then click *Continue* > *Reboot now*

Copy and paste the log in your next reply
_A copy of the log will be saved automatically to the root of the drive (typically C:\)_


----------

I notice that you have Malwarebytes on your system. Please update that program and then run a Quick Scan. When it shows the items to be removed you will notice that Whitesmoke entries will not be checked...be sure to go ahead and check those for removal. Once that has completed, it will create a log that I will need for you to post into your next reply. 
----------


Download *OTL* to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath *Output* at the top change it to *Minimal Output*.
Check the boxes beside *LOP Check* and *Purity Check*.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. *OTL.Txt* and *Extras.Txt*.
Note:These logs can be located in the *OTL.* folder on you C:\ drive if they fail to open automatically.
Please copy *(Edit->Select All, Edit->Copy)* the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.


----------

In your next reply I will need the logs created by TDSSKiller, Malwarebytes and OTL.


----------



## danielstern96 (Aug 16, 2011)

TDSSKiller.exe closed unexpectedly and when i clicked the desktop icon the message: "Windows cannot access the specified device, path, or file. you may not have the appropriate permissions to access the item" it also says that for *Malwarebytes*, and my superantispyware.

------------------------
see bolded Malwarebyes
------------------------
OTL.txt:

OTL logfile created on: 8/18/2011 3:18:14 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\dan\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 77.87% Memory free
3.84 Gb Paging File | 3.46 Gb Available in Paging File | 90.26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.80 Gb Total Space | 43.64 Gb Free Space | 30.78% Space Free | Partition Type: NTFS

Computer Name: COMPUTER1 | User Name: dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\2212203682:1567827068.exe File not found
PRC - C:\Documents and Settings\dan\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
PRC - C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardian.exe (LogMeIn, Inc.)
PRC - C:\Program Files\SurfSecret PrivacyProtector\SS2-FULL.exe ()
PRC - C:\Program Files\SurfSecret PrivacyVaults\PriVault.exe (SurfSecret, LLC)
PRC - C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
PRC - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\lxdncoms.exe ( )
PRC - C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
PRC - C:\WINDOWS\system32\dlcxcoms.exe ( )
PRC - C:\Program Files\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe (Tracker Software Products Ltd.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Steam\bin\libcef.dll ()
MOD - C:\Program Files\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files\Steam\bin\avcodec-52.dll ()
MOD - C:\Program Files\Steam\bin\avformat-52.dll ()
MOD - C:\Program Files\Steam\bin\avutil-50.dll ()
MOD - C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerHook.dll ()
MOD - C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerAssistant.exe ()
MOD - C:\Program Files\LogMeIn\x86\ICSAgent32.dll ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdndrpp.dll ()
MOD - C:\WINDOWS\system32\lxdndrs.dll ()
MOD - C:\Program Files\SurfSecret PrivacyProtector\SS2-FULL.exe ()
MOD - C:\WINDOWS\system32\lxdncaps.dll ()
MOD - C:\Program Files\Logitech\QuickCam\LAppRes.DLL ()
MOD - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\LogiVOIPDevicePlugin.dll ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\LogiCordless4001.dll ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\LogiCordless.dll ()
MOD - C:\Program Files\Logitech\QuickCam\EFVal.dll ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\DevMngr.dll ()
MOD - C:\Program Files\Common Files\logishrd\LVCOMSER\LVCSPS.dll ()
MOD - \\?\globalroot\systemroot\system32\mswsock.dll ()
MOD - C:\WINDOWS\system32\lxdncnv4.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll ()
MOD - C:\Program Files\Dell PC Fax\dlctrstr.dll ()
MOD - C:\WINDOWS\system32\DLPRMON.DLL ()
MOD - C:\Program Files\Dell PC Fax\ipcmt.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\DLCXcfg.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\dlcxscw.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\dlcxdrec.dll ()
MOD - C:\Program Files\PDF-XChange 3 Pro\pdfSaver\fm30xmf.dll ()

========== Win32 Services (SafeList) ==========

SRV - (Abel) -- File not found
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe ()
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe ()
SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (lxdn_device) -- C:\WINDOWS\System32\lxdncoms.exe ( )
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (dlcx_device) -- C:\WINDOWS\System32\dlcxcoms.exe ( )

========== Driver Services (SafeList) ==========

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (pneteth) -- C:\WINDOWS\system32\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Cisco Systems, Inc.)
DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Cisco Systems, Inc.)
DRV - (WUSB54GCv3) -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys (Ralink Technology, Corp.)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech QuickCam E3500(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (SSKBFD) -- C:\WINDOWS\system32\drivers\sskbfd.sys (Webroot Software Inc (www.webroot.com))
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (shwMirror) -- C:\WINDOWS\system32\drivers\shwMirror.sys (Windows (R) Server 2003 DDK provider)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 62 0F A5 3D A0 B6 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:62364

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2010/11/06 01:02:26 | 000,000,000 | ---D | M]

[2011/02/06 19:13:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dan\Application Data\Mozilla\Extensions
[2010/11/01 12:43:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/01 12:43:59 | 000,000,000 | ---D | M] (Firefox security) -- C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}

O1 HOSTS File: ([2009/09/10 16:11:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Shop to Win 9) - {0095C290-A428-4BDD-B98C-E0A116F1C702} - C:\Program Files\Shop to Win 9\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Common Files\FreeCause\DCA\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Shop to Win 8) - {DAC028C6-2A41-4730-B91F-DFBCB26C82B3} - C:\Program Files\Shop to Win 8\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {C105CBBF-A791-43A4-8A7C-91DF2B79E441} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SurfSecret] File not found
O4 - HKLM..\Run: [UnlockerAssistant] C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [pdfSaver3] C:\Program Files\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe (Tracker Software Products Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SurfSecret] C:\Program Files\SurfSecret PrivacyProtector\SS2-FULL.exe ()
O4 - HKCU..\Run: [SurfSecret Privacy Vaults] C:\Program Files\SurfSecret PrivacyVaults\PriVault.exe (SurfSecret, LLC)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\fliptoast.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\KeyPad.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\PdaNet Desktop.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\Xfire.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 351
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1243980282796 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243980267452 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\dan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\dan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/02 17:44:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{9ac9962c-78f1-11e0-9b54-001d0989f3c7}\Shell - "" = AutoRun
O33 - MountPoints2\{9ac9962c-78f1-11e0-9b54-001d0989f3c7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9ac9962c-78f1-11e0-9b54-001d0989f3c7}\Shell\AutoRun\command - "" = F:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/13 23:01:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/13 23:01:55 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/08/13 23:01:52 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/13 23:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/13 22:50:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\dan\Recent
[2011/08/13 22:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/08/13 17:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ooVoo
[2011/08/13 16:58:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\Application Data\WhiteSmoke
[2011/08/13 16:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\Local Settings\Application Data\antiphishing-webblog1_1dn
[2011/08/13 16:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2011/08/13 16:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\WhiteSmoke
[2011/08/13 16:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Client
[2011/08/13 16:57:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/08/13 16:56:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\Application Data\FileHunter
[2011/08/12 18:36:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/08/11 18:20:34 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/08/11 18:19:18 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/05/11 23:42:17 | 000,462,112 | ---- | C] (How Inc.) -- C:\Program Files\Common Files\ZugoInstaller.exe
[2011/05/11 23:01:13 | 003,325,832 | ---- | C] (Ask) -- C:\Program Files\Common Files\APNToolbarInstaller.exe
[2011/05/11 23:01:13 | 000,108,424 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\APNStub.exe
[2009/10/20 18:59:04 | 000,409,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncoin.dll
[2009/06/02 18:14:53 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxserv.dll
[2009/06/02 18:14:53 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxusb1.dll
[2009/06/02 18:14:53 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhbn3.dll
[2009/06/02 18:14:53 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomc.dll
[2009/06/02 18:14:53 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpmui.dll
[2009/06/02 18:14:53 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxlmpm.dll
[2009/06/02 18:14:53 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcoms.exe
[2009/06/02 18:14:53 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomm.dll
[2009/06/02 18:14:53 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxinpa.dll
[2009/06/02 18:14:53 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxiesc.dll
[2009/06/02 18:14:53 | 000,381,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcfg.exe
[2009/06/02 18:14:53 | 000,380,928 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxih.exe
[2009/06/02 18:14:53 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhcp.dll
[2009/06/02 18:14:53 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxprox.dll
[2009/06/02 18:14:53 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpplc.dll
[2007/11/28 16:19:08 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnpmui.dll
[2007/11/28 16:16:04 | 001,101,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnserv.dll
[2007/11/28 16:13:38 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnlmpm.dll
[2007/11/28 16:13:30 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdniesc.dll
[2007/11/28 16:13:22 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncomm.dll
[2007/11/28 16:13:08 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncfg.exe
[2007/11/28 16:12:54 | 000,315,392 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnih.exe
[2007/11/28 16:12:40 | 000,589,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncoms.exe
[2007/11/28 16:12:26 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnhbn3.dll
[2007/11/28 16:12:08 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnusb1.dll
[2007/11/28 16:11:48 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncomc.dll
[2007/11/28 16:10:52 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnprox.dll
[2007/11/28 16:09:18 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdninpa.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[21 C:\Documents and Settings\dan\My Documents\*.tmp files -> C:\Documents and Settings\dan\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/18 15:21:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/18 15:11:01 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/18 15:01:19 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/18 15:00:26 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/18 14:59:22 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/18 14:59:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\2212203682
[2011/08/18 14:59:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/18 14:59:06 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/08/18 14:59:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011/08/16 00:49:51 | 000,006,096 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/08/13 22:52:44 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/08/13 22:49:42 | 000,517,328 | ---- | M] () -- C:\Documents and Settings\dan\My Documents\cc_20110813_224934.reg
[2011/08/13 22:46:44 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/08/13 17:44:48 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ooVoo.lnk
[2011/08/13 12:46:03 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\dan\Application Data\Microsoft\Internet Explorer\Quick Launch\COWON Media Center - jetAudio.lnk
[2011/08/13 12:46:03 | 000,001,496 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COWON Media Center - jetAudio.lnk
[2011/08/12 23:34:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/08/12 18:36:08 | 000,000,568 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\Shortcut to Unlocker.lnk
[2011/08/12 01:24:46 | 000,444,780 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/12 01:24:46 | 000,072,530 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/12 01:06:08 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/08/11 18:58:12 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\Microsoft Office Word 2003.lnk
[2011/08/11 18:22:01 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/08/11 16:33:10 | 001,404,720 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\TDSSKiller.exe
[2011/07/25 11:17:44 | 005,969,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[21 C:\Documents and Settings\dan\My Documents\*.tmp files -> C:\Documents and Settings\dan\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/17 19:15:27 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/16 00:49:51 | 000,006,096 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/08/13 23:01:56 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/13 22:49:37 | 000,517,328 | ---- | C] () -- C:\Documents and Settings\dan\My Documents\cc_20110813_224934.reg
[2011/08/13 22:46:44 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/08/13 17:44:48 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ooVoo.lnk
[2011/08/13 17:23:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\2212203682
[2011/08/12 18:36:08 | 000,000,568 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\Shortcut to Unlocker.lnk
[2011/08/11 18:12:21 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\dan\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2011/08/11 18:12:21 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\dan\Start Menu\Programs\Startup\Xfire.lnk
[2011/08/11 16:33:10 | 001,404,720 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\TDSSKiller.exe
[2011/06/19 16:19:08 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2011/05/17 21:21:34 | 000,192,752 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/14 19:00:54 | 000,038,543 | ---- | C] () -- C:\WINDOWS\System32\wbers.dat.dmp
[2011/02/14 19:00:54 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\wbers.dat
[2011/01/29 13:11:14 | 000,000,056 | ---- | C] () -- C:\WINDOWS\SpeederXP.INI
[2010/12/15 12:31:41 | 000,040,068 | ---- | C] () -- C:\Documents and Settings\dan\Application Data\969E.219
[2010/10/28 02:03:35 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/06/25 13:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/02/04 18:41:04 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/04 18:37:25 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2009/11/30 15:33:46 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/11/10 23:31:43 | 000,941,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009/10/02 20:58:49 | 000,015,312 | R--- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2009/09/10 16:02:34 | 000,230,912 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/09/10 16:02:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/09/10 16:02:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/09/10 16:02:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/07/23 20:49:04 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdndrs.dll
[2009/07/14 10:02:58 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdngrd.dll
[2009/06/26 20:24:26 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/02 20:37:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/06/02 18:40:38 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/06/02 18:39:35 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2009/06/02 18:15:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcxvs.dll
[2009/06/02 18:15:15 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlcxcoin.dll
[2009/06/02 18:15:08 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dlcxdrs.dll
[2009/06/02 18:15:08 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcxcaps.dll
[2009/06/02 18:15:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlcxcnv4.dll
[2009/06/02 18:14:53 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\dlcxutil.dll
[2009/06/02 18:14:53 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\dlcxinst.dll
[2009/06/02 18:14:53 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\dlcxgrd.dll
[2009/06/02 18:14:53 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsb.dll
[2009/06/02 18:14:53 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxins.dll
[2009/06/02 18:14:53 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\dlcxjswr.dll
[2009/06/02 18:14:53 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsr.dll
[2009/06/02 18:14:53 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcxcub.dll
[2009/06/02 18:14:53 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcxcu.dll
[2009/06/02 18:14:53 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DLCXcfg.dll
[2009/06/02 18:14:53 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcxcur.dll
[2009/06/02 18:11:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLPRMON.DLL
[2009/06/02 18:11:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLPMONUI.DLL
[2009/06/02 17:58:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/06/02 17:46:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/06/02 17:41:11 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/06/02 13:35:05 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/06/02 13:33:37 | 000,362,528 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/14 14:46:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdncaps.dll
[2008/07/26 14:42:52 | 000,066,482 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/07/26 08:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/03/31 20:47:44 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdnvs.dll
[2007/10/02 15:51:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdncnv4.dll
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,444,780 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,072,530 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/18 01:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2002/04/04 21:00:50 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\kbdhebz.dll

========== LOP Check ==========

[2009/06/02 20:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2011/05/07 14:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2011/08/18 15:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2011/06/19 16:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Armagetron
[2010/01/21 20:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/02/09 22:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuestBrwSearch
[2011/05/11 23:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Smith Micro
[2011/08/13 16:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2010/02/04 18:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/05/24 00:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2011/05/24 00:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2009/06/05 07:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/06/02 20:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\acccore
[2011/01/19 20:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\ACD Systems
[2010/01/07 08:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\Application Data
[2011/06/19 16:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\Armagetron
[2011/06/24 17:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\BitZipper
[2011/06/03 17:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\Braid
[2011/05/24 00:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\com.w3i.FlipToast
[2010/10/28 22:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\COWON
[2010/01/07 08:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\cs
[2009/10/04 09:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\EmailNotifier
[2011/02/06 19:13:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\FCSB000062385
[2010/11/06 01:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\FCSB000063123
[2011/08/13 19:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\FileHunter
[2011/02/01 12:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\GetRightToGo
[2011/05/08 20:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\GrabPro
[2011/05/08 20:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\IEPro
[2011/02/01 13:55:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\dan\Application Data\ijjigame
[2011/01/19 20:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\Laplink
[2009/06/02 19:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\Leadertech
[2011/02/26 00:30:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\MusicBrainz
[2010/10/29 19:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\ooVoo Details
[2009/10/04 17:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\oovootb
[2011/05/08 20:05:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\OpenCandy
[2010/11/06 01:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\OpenOffice.org
[2011/05/07 17:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\PriceGong
[2011/05/24 00:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\RegistryKeys
[2011/01/19 20:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\SurfSecret
[2011/02/10 00:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\Synthesia
[2010/12/25 20:16:53 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\dan\Application Data\SystemProc
[2011/08/14 00:33:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\uTorrent
[2009/10/23 01:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\Viewpoint
[2010/11/06 01:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\WeatherBug
[2009/11/10 23:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\Webcammax
[2011/08/13 16:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\WhiteSmoke
[2011/01/17 19:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\WhiteSmokeTranslator
[2011/05/31 20:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dan\Application Data\Wireshark
[2011/06/07 12:43:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 816 bytes -> C:\WINDOWS\2212203682:1567827068.exe

< End of report >


----------



## danielstern96 (Aug 16, 2011)

for the extras.txt, this message comes up in the site: "You have included 24 images in your message. You are limited to using 20 images so please go back and correct the problem and then continue again.

Images include use of smilies, the BB code


----------



## jeffce (May 10, 2011)

Hi danielstern96,

Run *OTL.exe*


Copy/paste the following text written *inside of the code box* into the *Custom Scans/Fixes* box located at the bottom of OTL


```
:Services

:OTL
PRC - C:\WINDOWS\2212203682:1567827068.exe File not found
FF  -  HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:  C:\Program Files\PriceGong\2.1.0\FF [2010/11/06 01:02:26 | 000,000,000 |  ---D | M]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:62364
O2  - BHO: (Shop to Win 9) - {0095C290-A428-4BDD-B98C-E0A116F1C702} -  C:\Program Files\Shop to Win 9\ShoppingBHO.dll (Freecause Inc.)
O2 -  BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} -  C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2  - BHO: (Shop to Win 8) - {DAC028C6-2A41-4730-B91F-DFBCB26C82B3} -  C:\Program Files\Shop to Win 8\ShoppingBHO.dll (Freecause Inc.)
O3 -  HKLM\..\Toolbar: (Search Toolbar) -  {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search  Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {C105CBBF-A791-43A4-8A7C-91DF2B79E441} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3  - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) -  {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search  Toolbar\SearchToolbar.dll ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [SurfSecret] File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\fliptoast.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\KeyPad.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\PdaNet Desktop.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\Xfire.lnk = File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{9ac9962c-78f1-11e0-9b54-001d0989f3c7}\Shell - "" = AutoRun
O33 - MountPoints2\{9ac9962c-78f1-11e0-9b54-001d0989f3c7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9ac9962c-78f1-11e0-9b54-001d0989f3c7}\Shell\AutoRun\command - "" = F:\setup.exe -a
[2011/08/13 16:58:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\Application Data\WhiteSmoke
[2011/08/13 16:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\WhiteSmoke
[2011/08/13 16:58:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\Application Data\WhiteSmoke
[2011/08/13 16:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\WhiteSmoke
[2011/08/18 14:59:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011/08/13 22:49:42 | 000,517,328 | ---- | M] () -- C:\Documents and Settings\dan\My Documents\cc_20110813_224934.reg
[2009/06/26  20:24:26 | 000,046,080 | ---- | C] () -- C:\Documents and  Settings\dan\Local Settings\Application  Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

:Files
ipconfig /flushdns /c
dir C:\WINDOWS\2212203682 /s /c 

:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
```



Then click the *Run Fix* button at the top
Let the program run unhindered, reboot when it is done
Then run another scan and post a new OTL log ( *don't check* the boxes beside LOP Check or Purity this time )

----------

I see that you had trouble posting the OTL Extras log that was created last time. Go ahead and attach it into your next reply for me so that I can take a look at it. 
----------

In your next reply please post:

OTL log created after the fix
OTL log created after the new scan
Attach the extras log you could not post previously


----------



## danielstern96 (Aug 16, 2011)

Extras.txt: PART 1

OTL Extras logfile created on: 8/18/2011 3:18:14 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\dan\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 77.87% Memory free
3.84 Gb Paging File | 3.46 Gb Available in Paging File | 90.26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.80 Gb Total Space | 43.64 Gb Free Space | 30.78% Space Free | Partition Type: NTFS

Computer Name: COMPUTER1 | User Name: dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days


----------



## danielstern96 (Aug 16, 2011)

Extras.txt: PART 2

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)


----------



## danielstern96 (Aug 16, 2011)

Extras.txt: PART 3

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UACDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0


----------



## danielstern96 (Aug 16, 2011)

Extras.txt: PART 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"443:TCP" = 443:TCP:*:EnabledoVoo TCP port 443
"443:UDP" = 443:UDP:*:EnabledoVoo UDP port 443
"37674:TCP" = 37674:TCP:*:EnabledoVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:EnabledoVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:EnabledoVoo UDP port 37675
"37676:TCP" = 37676:TCP:*isabledoVoo TCP port 37676
"37676:UDP" = 37676:UDP:*isabledoVoo UDP port 37676
"37677:UDP" = 37677:UDP:*isabledoVoo UDP port 37677
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]


----------



## danielstern96 (Aug 16, 2011)

Extras.txt: PART 5

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL Inc.)
"C:\Program Files\Xfire\xfire.exe" = C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire
"C:\WINDOWS\system32\lxdncoms.exe" = C:\WINDOWS\system32\lxdncoms.exe:*:Enabled:2600 Series Server -- ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnjswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*isabled:AIM
"C:\ijji\ENGLISH\Gunz\Gunz.exe" = C:\ijji\ENGLISH\Gunz\Gunz.exe:*isabled:Gunz
"C:\WINDOWS\Downloaded Program Files\ijjiOptimizer.exe" = C:\WINDOWS\Downloaded Program Files\ijjiOptimizer.exe:*isabled:ijjiOptimizer.exe -- ()
"C:\WINDOWS\system32\dlcxcoms.exe" = C:\WINDOWS\system32\dlcxcoms.exe:*isabled:Lexmark Communications System -- ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdntime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdntime.exe:*isabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnpswx.exe:*isabledrinter Status Window Interface -- ()
"C:\Program Files\ooVoo\ooVoo.exe" = C:\Program Files\ooVoo\ooVoo.exe:*isabledoVoo -- (ooVoo LLC)
"C:\WINDOWS\system32\javajar.exe" = C:\WINDOWS\system32\javajar.exe:*:Enabled:Explorer
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Laplink\Laplink Everywhere\ServerProxy.exe" = C:\Program Files\Laplink\Laplink Everywhere\ServerProxy.exe:*:Enabled:ServerProxy
"C:\Program Files\Laplink\Laplink Everywhere\LLServerMain2.exe" = C:\Program Files\Laplink\Laplink Everywhere\LLServerMain2.exe:*:Enabled:Host HTTP/1.1 server
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Itibiti Soft Phone\Itibiti.exe" = C:\Program Files\Itibiti Soft Phone\Itibiti.exe:*:Enabled:Itibiti
"C:\Program Files\Armagetron Advanced\armagetronad.exe" = C:\Program Files\Armagetron Advanced\armagetronad.exe:*:Enabled:armagetronad
"C:\Documents and Settings\dan\Desktop\Little_fighter_3\LF3主程式啟動器.exe" = C:\Documents and Settings\dan\Desktop\Little_fighter_3\LF3??????.exe:*:Enabled:LF3?????? -- ()
"C:\Documents and Settings\dan\My Documents\Downloads\oovoosetup (7).exe" = C:\Documents and Settings\dan\My Documents\Downloads\oovoosetup (7).exe:*:EnabledoVoo Setup -- (ooVoo LLC)
"C:\Documents and Settings\dan\Local Settings\temp\ApnStub.exe" = C:\Documents and Settings\dan\Local Settings\temp\ApnStub.exe:*:Enabled:AskStub Application -- (Ask.com)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Documents and Settings\dan\My Documents\Downloads\ooVooSetup (8).exe" = C:\Documents and Settings\dan\My Documents\Downloads\ooVooSetup (8).exe:*:EnabledoVoo Setup -- (ooVoo LLC)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\dan\Desktop\Unlocker\Unlocker.exe" = C:\Documents and Settings\dan\Desktop\Unlocker\Unlocker.exe:*:Enabled:Unlocker -- ()
"C:\Program Files\SurfSecret PrivacyVaults\PriVault.exe" = C:\Program Files\SurfSecret PrivacyVaults\PriVault.exe:*:Enabled:Surf Secret Private Vaults Application -- (SurfSecret, LLC)
"C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe" = C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe:*:Enabled:Visicom Media Anti-Phishing Domain Advisor (Powered by Panda Security) -- (Visicom Media Inc. (Powered by Panda Security))
"C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" = C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe:*:Enabled:Shockwave Helper -- (Adobe Systems, Inc.)
"C:\Documents and Settings\dan\My Documents\Downloads\SUPERAntiSpyware (4).exe" = C:\Documents and Settings\dan\My Documents\Downloads\SUPERAntiSpyware (4).exe:*:Enabled:SUPERAntiSpyware Free Edition Setup -- (SUPERAntiSpyware.com)
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe:*:Enabled:SUPERAntiSpyware Application -- ()
"C:\Documents and Settings\dan\My Documents\Downloads\SUPERAntiSpyware (5).exe" = C:\Documents and Settings\dan\My Documents\Downloads\SUPERAntiSpyware (5).exe:*:Enabled:SUPERAntiSpyware Free Edition Setup -- (SUPERAntiSpyware.com)
"C:\Program Files\SurfSecret PrivacyProtector\SS2-FULL.exe" = C:\Program Files\SurfSecret PrivacyProtector\SS2-FULL.exe:*isabled:SS2-FULL -- ()
"C:\Program Files\Defraggler\Defraggler.exe" = C:\Program Files\Defraggler\Defraggler.exe:*isabledefraggler -- (Piriform Ltd)


----------



## danielstern96 (Aug 16, 2011)

Extras.txt: PART 6

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.7.2
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam
"{45184324-E8A6-4C38-B020-85D359EDF9FC}" = COWON J3 User's Guide
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{54F6C98F-94A0-421C-B90E-0B6A2A96A9CF}" = Pure Networks Platform
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9F4ECB4A-AFD9-4E9F-8DF2-1E339AF8F2CF}" = ASPCA Tri Reminder by We-Care.com
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{b2042d5e-986d-44ec-aee3-afe4108ccc93}" = Python 3.2
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Basic VX
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FE55E6BF-220A-4376-9F7D-C76B49A9EB7D}" = DavkaWriter Platinum
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_7" = AIM 7
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"AssaultCube_v1.1.0.4" = AssaultCube v1.1.0.4
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Cain & Abel v4.9.40" = Cain & Abel v4.9.40
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"Defraggler" = Defraggler
"Dell Fax Solutions" = Fax Solutions
"Dell Photo AIO Printer 926" = Dell Photo AIO Printer 926
"Easy Uninstaller" = Easy Uninstaller
"Fontboard Hebrew Keyboard_is1" = Fontboard Hebrew Keyboard
"Free_Lunch_Design Toolbar" = Free_Lunch_Design Toolbar
"Freecorder4.1" = Freecorder
"Google Chrome" = Google Chrome
"Icy Tower v1.4_is1" = Icy Tower v1.4
"ie8" = Windows Internet Explorer 8
"Linksys Wireless Manager" = Linksys Wireless Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MusicBrainz Picard" = MusicBrainz Picard
"NVIDIA Drivers" = NVIDIA Drivers
"PDF-XChange 3_is1" = PDF-XChange 3.0
"Perfect Uninstaller_is1" = Perfect Uninstaller v6.3.3.9
"Picasa 3" = Picasa 3
"PriceGong" = PriceGong 2.1.0
"PROSet" = Intel(R) PRO Network Connections Drivers
"QuestBrowse" = QuestBrowse 1.0 build 127
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.91
"Shop to Win 8" = Shop to Win 8
"Shop to Win 9" = Shop to Win 9
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Speccy" = Speccy
"Steam App 440" = Team Fortress 2
"SurfSecret Privacy Protector_is1" = SurfSecret Privacy Protector
"SurfSecret Privacy Vaults_is1" = SurfSecret Privacy Vaults
"SurfSecret_is1" = SurfSecret Privacy Protector
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"VideoPad" = VideoPad Video Editor
"VideoSpirit Pro" = VideoSpirit Pro 1.68
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.1.2
"winusb0100" = Microsoft WinUsb 1.0
"Wireshark" = Wireshark 1.4.6
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar


----------



## danielstern96 (Aug 16, 2011)

Extras.txt: part 7

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/15/2011 11:08:09 PM | Computer Name = COMPUTER1 | Source = MsiInstaller | ID = 1008
Description = The installation of F:\HiJackThis.msi is not permitted due to an error
in software restriction policy processing. The object cannot be trusted.

Error - 8/15/2011 11:08:20 PM | Computer Name = COMPUTER1 | Source = MsiInstaller | ID = 1008
Description = The installation of F:\HiJackThis.msi is not permitted due to an error
in software restriction policy processing. The object cannot be trusted.

Error - 8/15/2011 11:08:45 PM | Computer Name = COMPUTER1 | Source = MsiInstaller | ID = 1008
Description = The installation of F:\HiJackThis.msi is not permitted due to an error
in software restriction policy processing. The object cannot be trusted.

Error - 8/15/2011 11:13:39 PM | Computer Name = COMPUTER1 | Source = MsiInstaller | ID = 1008
Description = The installation of F:\HiJackThis.msi is not permitted due to an error
in software restriction policy processing. The object cannot be trusted.

Error - 8/16/2011 12:10:27 AM | Computer Name = COMPUTER1 | Source = MsiInstaller | ID = 1008
Description = The installation of F:\eav_nt32_enu.msi is not permitted due to an
error in software restriction policy processing. The object cannot be trusted.

Error - 8/16/2011 12:11:50 AM | Computer Name = COMPUTER1 | Source = MsiInstaller | ID = 1008
Description = The installation of F:\eav_nt32_enu.msi is not permitted due to an
error in software restriction policy processing. The object cannot be trusted.

Error - 8/16/2011 12:28:38 AM | Computer Name = COMPUTER1 | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module 
chrome.dll, version 13.0.782.112, fault address 0x0001fdef.

Error - 8/16/2011 12:28:38 AM | Computer Name = COMPUTER1 | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module 
chrome.dll, version 13.0.782.112, fault address 0x0001fdef.

Error - 8/16/2011 12:28:43 AM | Computer Name = COMPUTER1 | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module 
chrome.dll, version 13.0.782.112, fault address 0x0001fdef.

Error - 8/18/2011 2:59:59 PM | Computer Name = COMPUTER1 | Source = Pure Networks Platform Service | ID = 1
Description = Service failed to start with error 0x80010119.

[ System Events ]
Error - 8/15/2011 11:00:46 PM | Computer Name = COMPUTER1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 8/15/2011 11:04:39 PM | Computer Name = COMPUTER1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 8/15/2011 11:08:05 PM | Computer Name = COMPUTER1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 8/15/2011 11:08:06 PM | Computer Name = COMPUTER1 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 8/18/2011 3:00:57 PM | Computer Name = COMPUTER1 | Source = Service Control Manager | ID = 7000
Description = The Abel service failed to start due to the following error: %%3

Error - 8/18/2011 3:00:57 PM | Computer Name = COMPUTER1 | Source = Service Control Manager | ID = 7000
Description = The Process Monitor service failed to start due to the following error:
%%5

Error - 8/18/2011 3:00:57 PM | Computer Name = COMPUTER1 | Source = Service Control Manager | ID = 7024
Description = The Pure Networks Platform Service service terminated with service-specific
error 2147549465 (0x80010119).

Error - 8/18/2011 3:00:57 PM | Computer Name = COMPUTER1 | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
error: %%127

Error - 8/18/2011 3:00:57 PM | Computer Name = COMPUTER1 | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
error: %%127

Error - 8/18/2011 3:00:57 PM | Computer Name = COMPUTER1 | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
error: %%127

< End of report >


----------



## danielstern96 (Aug 16, 2011)

i apologize for the emoticons, the forum picked up "colons" and "letters" together and associated them with emoticons. secondly, the only way possible for me to post all of the "extras.txt" was by chopping it up into sections, but its all there. lastly, the OTL log couldnt finish as a message at the bottom of the program read: "Processing PRC-C:\WINDOWS\2212203682:1567827068.exe File not found..." the program seemed to get stuck there.


----------



## jeffce (May 10, 2011)

Hi danielstern96,

Go ahead and try another scan with TDSSKiller. When the scan completes please go ahead and post the log that is created into your next reply.
----------

Please read through these instructions to familarize yourself with what to expect when this tool runs

Download ComboFix from one of these locations:

*Link 1*
*Link 2*

** IMPORTANT !!! Save ComboFix.exe to your Desktop*


*Disable your AntiVirus and AntiSpyware applications*, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. *Note*: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : *How to Disable your Security Programs*
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.








Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:










Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the *C:\ComboFix.txt* in your next reply.

*Notes:*

1.*Do not mouse-click Combofix's window while it is running. That may cause it to stall.*
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. *CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.*
----------

In your next reply please post the logs created by TDSSKiller and ComboFix.


----------



## danielstern96 (Aug 16, 2011)

the same message about not having "appropriate permissions" comes up for both. could that be because the virus has changed some administrative settings? this is what i have read could happen with some viruses.


----------



## jeffce (May 10, 2011)

Hi danielstern96,

Read through this entire procedure and if you have any questions, please ask them before you begin. Then either print out, or have this page open on another computer for reference as you will not have access to any browsers while you are carrying out portions of these instructions.

Please download ARCDC from Artellos.com.


Double click ARCDC.exe
Follow the dialog until you see 6 options. Please pick: *Windows Professional SP2 & SP3*
You will be prompted with a Terms of Use by Microsoft, please accept.
You will see a few dos screens flash by, this is normal.
Next you will be able to choose to add extra files. Select the Default Files.
The last window will allow you to burn the disk using BurnCDCC
Your ISO is located on your desktop.

Keep that disc nearby, but _do not insert it yet_, we'll be using it later, but now is the time to ensure your computer is set to boot from CD first, then HDD. Go into your BIOS usually by tapping F2 and change the boot order if necessary. Press F10 to save the changes and the machine will continue to boot.

===============================================================

Next, please download maxlook, saving the file to your desktop.

Double click maxlook.exe to run it. *Note - you must run it only once*

The tool will prompt you to restart the machine and boot into the Recovery Console. Do not do that yet - *insert the boot CD you created*, then restart the computer.

===============================================================

*1.* Reboot your computer and press any key on the keyboard when prompted.

*2.* Press R to load the Recovery Console.

*3. *The Recovery Console will start and ask you which Windows installation you would like to log on to. If you have multiple Windows installations, it will list each one, and you would enter the number associated with the installation you would like to work on and press *enter*. If you have just one Windows installation, type *1* and press *enter*.

*4.* It will then prompt you for the Administrator's password. If there is no password, simply press enter. Otherwise type in the password and then press enter.

*5.* You should now be presented with a *C:\Windows>* prompt

At that prompt, type in the following bolded text and press Enter

*batch look.bat*

(Note - there is a space between the words batch and look.bat)








Reduced: 99% of original size [ 641 x 397 ] - Click to view full image









You will see *1 file copied* many times then return to the _x:\windows>_ prompt.
Type *Exit* to restart your computer then logon in normal mode.

Once back in Windows, click Start > Run, and copy/paste the following then press Enter.

*maxlook -sig*

Follow the prompts, and attach the C:\looklog.txt in your next reply.


----------



## danielstern96 (Aug 16, 2011)

dear jeffce,
i have a couple of questions/comments.
1. when i download ARCDC, am i burning this onto a CD? i have the icon "xprc.iso" on my computer.
2. i know how to change boot priority from startup, but while in normal mode pressing F2 does nothing.
3. i am not sure if i have the administrator's password. i know the password i use in order to log on, but i dont know if thats the administrator's password.
4. i will be gone for a few days and will not be able to reply back.


----------



## jeffce (May 10, 2011)

Hi Danielstern96,



> when i download ARCDC, am i burning this onto a CD? i have the icon "xprc.iso" on my computer.


Yes we will be burning xprc.iso onto a CD.











> i know how to change boot priority from startup, but while in normal mode pressing F2 does nothing.


 Ok, then go ahead and change the boot priority as you normally would do so and that will be just fine.



> i am not sure if i have the administrator's password. i know the password i use in order to log on, but i dont know if thats the administrator's password.


 Go ahead and if prompted use the password that you use to normally log-in. Let me know how that works.



> i will be gone for a few days and will not be able to reply back.


 I look forward to hearing from you when you return.


----------



## jeffce (May 10, 2011)

Hi Danielstern96,

How about we try this. Just disregard what I have put into my previous post. 

I would like for you to *delete your current version of ComboFix* by using *Right-Click > Delete* on the icon.
----------

Now download a fresh copy of ComboFix following these directions...

Please read through these instructions to familarize yourself with what to expect when this tool runs

Download ComboFix from one of these locations:

*Link 1*
*Link 2*

** IMPORTANT !!! Save ComboFix.exe to your Desktop*


*Disable your AntiVirus and AntiSpyware applications*, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. *Note*: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : *How to Disable your Security Programs*
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.








Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:










Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the *C:\ComboFix.txt* in your next reply.

*Notes:*

1.*Do not mouse-click Combofix's window while it is running. That may cause it to stall.*
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. *CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.*
----------

Once ComboFix has run please post the log that it creates into your next reply.


----------



## jeffce (May 10, 2011)

Hi danielstern96,

Do you still need help?


----------



## danielstern96 (Aug 16, 2011)

Part 1:

ComboFix 11-09-04.03 - dan 09/04/2011 22:48:02.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1672 [GMT -4:00]
Running from: c:\documents and settings\dan\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\bbbxxxxxxx.exe
c:\bbbxxxxxxx.exe\config.bin
c:\documents and settings\All Users\Application Data\QuestBrwSearch
c:\documents and settings\All Users\Application Data\Tarma Installer
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\documents and settings\All Users\SPL1160.tmp
c:\documents and settings\dan\Application Data\969E.219
c:\documents and settings\dan\Application Data\Microsoft\stor.cfg
c:\documents and settings\dan\Application Data\PriceGong
c:\documents and settings\dan\Application Data\PriceGong\Data\1.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\a.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\b.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\c.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\d.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\e.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\f.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\g.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\h.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\i.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\J.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\k.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\l.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\m.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\n.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\o.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\p.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\q.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\r.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\s.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\t.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\u.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\v.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\w.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\x.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\y.xml
c:\documents and settings\dan\Application Data\PriceGong\Data\z.xml
c:\documents and settings\dan\Application Data\SystemProc
c:\documents and settings\dan\My Documents\~WRL0067.tmp
c:\documents and settings\dan\My Documents\~WRL0444.tmp
c:\documents and settings\dan\My Documents\~WRL0556.tmp
c:\documents and settings\dan\My Documents\~WRL0784.tmp
c:\documents and settings\dan\My Documents\~WRL0961.tmp
c:\documents and settings\dan\My Documents\~WRL1166.tmp
c:\documents and settings\dan\My Documents\~WRL1267.tmp
c:\documents and settings\dan\My Documents\~WRL1398.tmp
c:\documents and settings\dan\My Documents\~WRL1469.tmp
c:\documents and settings\dan\My Documents\~WRL1621.tmp
c:\documents and settings\dan\My Documents\~WRL2340.tmp
c:\documents and settings\dan\My Documents\~WRL2380.tmp
c:\documents and settings\dan\My Documents\~WRL2386.tmp
c:\documents and settings\dan\My Documents\~WRL2489.tmp
c:\documents and settings\dan\My Documents\~WRL2578.tmp
c:\documents and settings\dan\My Documents\~WRL3109.tmp
c:\documents and settings\dan\My Documents\~WRL3148.tmp
c:\documents and settings\dan\My Documents\~WRL3180.tmp
c:\documents and settings\dan\My Documents\~WRL3415.tmp
c:\documents and settings\dan\My Documents\~WRL4034.tmp
c:\documents and settings\dan\My Documents\~WRL4055.tmp
c:\documents and settings\dan\WINDOWS
c:\documents and settings\NetworkService\Application Data\alot
c:\documents and settings\NetworkService\Application Data\alot\configurator\configurator.xml
c:\documents and settings\NetworkService\Application Data\alot\configurator\configurator.xml.backup
c:\documents and settings\NetworkService\Application Data\alot\contextMenu\contextMenu.xml
c:\documents and settings\NetworkService\Application Data\alot\contextMenu\contextMenu.xml.backup
c:\documents and settings\NetworkService\Application Data\alot\products\products.xml
c:\documents and settings\NetworkService\Application Data\alot\products\products.xml.backup
c:\documents and settings\NetworkService\Application Data\alot\resources\Button_4\images\default_2304_default_1379_alot_cas_playgames.bmp
c:\documents and settings\NetworkService\Application Data\alot\resources\Button_4\images\default_2304_default_1379_alot_cas_playgames.png
c:\documents and settings\NetworkService\Application Data\alot\resources\Button_5\images\default_2303_default_1379_alot_cas_playgames.bmp
c:\documents and settings\NetworkService\Application Data\alot\resources\Button_5\images\default_2303_default_1379_alot_cas_playgames.png
c:\documents and settings\NetworkService\Application Data\alot\resources\Button_6\images\default_2305_default_1613_alot_online_games_tetriz.bmp
c:\documents and settings\NetworkService\Application Data\alot\resources\Button_6\images\default_2305_default_1613_alot_online_games_tetriz.png
c:\documents and settings\NetworkService\Application Data\alot\TimerManager\TimerManager.xml
c:\documents and settings\NetworkService\Application Data\alot\TimerManager\TimerManager.xml.backup
c:\documents and settings\NetworkService\Application Data\alot\ToolbarSearch\ToolbarSearch.xml
c:\documents and settings\NetworkService\Application Data\alot\Updater\Updater.xml
c:\documents and settings\NetworkService\Application Data\alot\Updater\Updater.xml.backup
c:\program files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}
c:\program files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul
c:\program files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\install.rdf
c:\program files\QuestBrwSearch
c:\program files\QuestBrwSearch\uninstall.exe
c:\program files\Search Toolbar
c:\program files\Search Toolbar\icon.ico
c:\program files\Search Toolbar\SearchToolbar.dll
c:\program files\Search Toolbar\SearchToolbarUninstall.exe
c:\program files\Search Toolbar\SearchToolbarUpdater.exe
c:\program files\Shop to Win 8\ShOPpingbho.dll
c:\windows\$NtUninstallKB34544$
c:\windows\$NtUninstallKB34544$\2727140227\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
c:\windows\$NtUninstallKB34544$\2727140227\click.tlb
c:\windows\$NtUninstallKB34544$\2727140227\L\kpnrlmth
c:\windows\$NtUninstallKB34544$\2727140227\loader.tlb
c:\windows\$NtUninstallKB34544$\2727140227\U\@00000001
c:\windows\$NtUninstallKB34544$\2727140227\U\@000000c0
c:\windows\$NtUninstallKB34544$\2727140227\U\@000000cb
c:\windows\$NtUninstallKB34544$\2727140227\U\@000000cf
c:\windows\$NtUninstallKB34544$\2727140227\U\@80000000
c:\windows\$NtUninstallKB34544$\2727140227\U\@800000c0
c:\windows\$NtUninstallKB34544$\2727140227\U\@800000cb
c:\windows\$NtUninstallKB34544$\2727140227\U\@800000cf
c:\windows\$NtUninstallKB34544$\3904215282
c:\windows\system32\c_65121.nls
c:\windows\system32\lvci11801048.dll
.
Infected copy of c:\windows\system32\drivers\redbook.sys was found and disinfected 
Restored copy from - The cat found it  
Infected copy of c:\windows\system32\wuauclt.exe was found and disinfected 
Restored copy from - c:\windows\system32\dllcache\wuauclt.exe 
.
Infected copy of c:\program files\Bonjour\mDNSResponder.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086053.exe 
.
Infected copy of c:\windows\system32\dlcxcoms.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086052.exe 
.
Infected copy of c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086113.exe 
.
Infected copy of c:\program files\Java\jre6\bin\jqs.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086051.exe 
.
Infected copy of c:\program files\LogMeIn\x86\RaMaint.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086050.exe 
.
Infected copy of c:\program files\LogMeIn\x86\LogMeIn.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086049.exe 
.
Infected copy of c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086047.exe 
.
Infected copy of c:\windows\system32\lxdncoms.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086046.exe 
.
Infected copy of c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086045.EXE 
.
Infected copy of c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086041.exe 
.
Infected copy of c:\program files\Microsoft\BingBar\SeaPort.EXE was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086044.EXE 
.
Infected copy of c:\program files\Viewpoint\Common\ViewpointService.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086043.exe 
.
Infected copy of c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086042.EXE 
.
Infected copy of c:\program files\Viewpoint\Common\ViewpointService.exe was found and disinfected 
Restored copy from - c:\system volume information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086043.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ABEL
-------\Legacy_QUESTBROWSE_SERVICE
-------\Service_a28cdb83
-------\Service_Abel
.
.
((((((((((((((((((((((((( Files Created from 2011-08-05 to 2011-09-05 )))))))))))))))))))))))))))))))
.
.
2011-09-05 02:44 . 2008-04-14 04:10	57600	----a-w-	c:\windows\system32\drivers\redbook.sys
2011-08-31 17:35 . 2011-08-31 17:35	--------	d-----w-	c:\program files\YoutubeDownloader.org
2011-08-24 07:00 . 2011-08-24 07:00	--------	d-----w-	c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2011-08-19 19:27 . 2011-08-19 19:27	--------	d-----w-	C:\_OTL
2011-08-14 03:01 . 2011-08-21 00:46	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-08-13 20:58 . 2011-08-13 20:58	--------	d-----w-	c:\documents and settings\dan\Application Data\WhiteSmoke
2011-08-13 20:57 . 2011-08-13 20:57	--------	d-----w-	c:\documents and settings\dan\Local Settings\Application Data\antiphishing-webblog1_1dn
2011-08-13 20:57 . 2011-09-05 03:01	--------	d-----w-	c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor
2011-08-13 20:57 . 2011-08-13 21:08	--------	d-----w-	c:\program files\WhiteSmoke
2011-08-13 20:57 . 2011-08-13 20:57	--------	d-----w-	c:\program files\Yontoo Layers Client
2011-08-13 20:56 . 2011-08-13 23:06	--------	d-----w-	c:\documents and settings\dan\Application Data\FileHunter
2011-08-11 22:20 . 2011-06-24 14:10	139656	-c----w-	c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 22:19 . 2011-07-08 14:02	10496	-c----w-	c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-15 13:29 . 2006-10-23 17:44	456320	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-04 12:00	10496	----a-w-	c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2009-06-02 21:40	139656	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2006-10-23 17:45	916480	----a-w-	c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2004-08-04 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-06-23 18:36 . 2004-08-04 12:00	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-04 12:00	385024	----a-w-	c:\windows\system32\html.iec
2011-06-20 17:44 . 2006-10-23 17:45	293376	----a-w-	c:\windows\system32\winsrv.dll
2011-06-19 20:51 . 2011-01-27 16:33	444952	----a-w-	c:\windows\system32\wrap_oal.dll
2011-06-19 20:51 . 2011-01-27 16:33	109080	----a-w-	c:\windows\system32\OpenAL32.dll
2011-06-11 00:15 . 2011-06-03 21:36	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-03-23 17:03 . 2011-05-12 03:01	108424	----a-w-	c:\program files\Common Files\APNStub.exe
2011-03-23 16:26 . 2011-05-12 03:01	3325832	----a-w-	c:\program files\Common Files\APNToolbarInstaller.exe
2010-10-01 06:11 . 2011-05-12 03:42	462112	----a-w-	c:\program files\Common Files\ZugoInstaller.exe
.
.
((((((((((((((((((((((((((((( [email protected]_20.12.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-19 02:51 . 2011-04-19 02:51	51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_214ee422\vcomp90.dll
+ 2011-03-05 18:39 . 2011-03-05 18:39	51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2007-11-07 07:19 . 2007-11-07 07:19	54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90rus.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90kor.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90jpn.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90ita.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90fra.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esp.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esn.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90enu.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90deu.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90cht.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90chs.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90u.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07	59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07	59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2006-12-02 05:46 . 2006-12-02 05:46	65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2011-05-14 00:17 . 2011-05-14 00:17	65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
+ 2009-07-12 00:54 . 2009-07-12 00:54	65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08	49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08	49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08	61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08	61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08	61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08	57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08	65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08	45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-02 05:08 . 2006-12-02 05:08	40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45	49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45	49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45	61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45	61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45	61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45	57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45	65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45	45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45	40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
+ 2009-07-12 00:32 . 2009-07-12 00:32	49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-12 00:32 . 2009-07-12 00:32	49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-12 00:32 . 2009-07-12 00:32	61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-12 00:32 . 2009-07-12 00:32	61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-12 00:32 . 2009-07-12 00:32	61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-12 00:32 . 2009-07-12 00:32	57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-12 00:32 . 2009-07-12 00:32	65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-12 00:32 . 2009-07-12 00:32	45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-12 00:32 . 2009-07-12 00:32	40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2006-12-02 05:26 . 2006-12-02 05:26	57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25	69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2011-05-14 05:06 . 2011-05-14 05:06	57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-14 05:23 . 2011-05-14 05:23	69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
+ 2009-07-12 05:07 . 2009-07-12 05:07	57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 05:19 . 2009-07-12 05:19	69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2006-12-02 03:56 . 2006-12-02 03:56	96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2011-05-13 22:37 . 2011-05-13 22:37	97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2009-07-11 23:41 . 2009-07-11 23:41	97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2011-03-05 18:39 . 2011-03-05 18:39	56656 c:\windows\WinSxS\amd64_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_22d6ba8a\vcomp90.dll
+ 2007-10-02 19:51 . 2007-10-02 19:51	69632 c:\windows\twain_32\Lexmark\2600 Series\lxdncnv4.dll
+ 2007-11-05 11:32 . 2007-11-05 11:32	77906 c:\windows\twain_32\Lexmark\2600 Series\lxdncfg.dll
+ 2009-05-14 18:46 . 2009-05-14 18:46	81920 c:\windows\twain_32\Lexmark\2600 Series\lxdncaps.dll
+ 2011-09-05 03:00 . 2011-09-05 03:00	16384 c:\windows\temp\Perflib_Perfdata_208.dat
+ 2006-10-23 17:46 . 2007-04-04 22:53	81768 c:\windows\system32\xinput1_3.dll
+ 2009-11-30 19:33 . 2009-11-30 19:33	41872 c:\windows\system32\xfcodec.dll
+ 2011-06-03 21:00 . 2010-06-02 08:55	74072 c:\windows\system32\XAPOFX1_5.dll
+ 2011-06-03 21:00 . 2010-02-04 14:01	74072 c:\windows\system32\XAPOFX1_4.dll
+ 2011-06-03 21:00 . 2009-09-04 21:44	69464 c:\windows\system32\XAPOFX1_3.dll
+ 2011-06-03 21:00 . 2008-10-27 14:04	70992 c:\windows\system32\XAPOFX1_2.dll
+ 2011-06-03 21:00 . 2008-07-31 14:41	68616 c:\windows\system32\XAPOFX1_1.dll
+ 2011-06-03 21:00 . 2008-05-30 18:17	65032 c:\windows\system32\XAPOFX1_0.dll
+ 2011-06-03 21:00 . 2010-02-04 14:01	22360 c:\windows\system32\X3DAudio1_7.dll
+ 2011-06-03 21:00 . 2009-03-16 18:18	22360 c:\windows\system32\X3DAudio1_6.dll
+ 2011-06-03 21:00 . 2008-10-27 14:04	23376 c:\windows\system32\X3DAudio1_5.dll
+ 2011-06-03 21:00 . 2008-05-30 18:17	25608 c:\windows\system32\X3DAudio1_4.dll
+ 2011-06-03 21:00 . 2008-03-05 20:00	25608 c:\windows\system32\X3DAudio1_3.dll
+ 2011-06-03 21:00 . 2007-10-22 07:37	17928 c:\windows\system32\X3DAudio1_2.dll
- 2006-10-23 17:46 . 2006-10-23 17:46	15128 c:\windows\system32\x3daudio1_1.dll
+ 2006-10-23 17:46 . 2007-03-05 16:42	15128 c:\windows\system32\x3daudio1_1.dll
+ 2006-10-23 17:45 . 2009-08-06 23:24	44768 c:\windows\system32\wups2.dll
+ 2009-06-02 21:41 . 2009-08-06 23:24	35552 c:\windows\system32\wups.dll
+ 2009-06-02 21:41 . 2009-08-06 23:24	53472 c:\windows\system32\wuauclt.exe
+ 2006-11-02 11:00 . 2006-11-02 11:00	24136 c:\windows\system32\winusb.dll
+ 2009-06-02 22:15 . 2001-08-18 03:36	87040 c:\windows\system32\wiafbdrv.dll
- 2009-06-02 22:15 . 2001-08-18 02:36	87040 c:\windows\system32\wiafbdrv.dll
+ 2009-09-15 01:31 . 2008-11-20 19:19	88560 c:\windows\system32\vxblock.dll
+ 2009-06-02 17:38 . 2008-04-14 10:42	53760 c:\windows\system32\vfwwdm32.dll
- 2009-06-02 17:38 . 2008-04-14 09:42	53760 c:\windows\system32\vfwwdm32.dll
+ 2009-12-17 23:18 . 2009-12-17 23:18	75264 c:\windows\system32\uc_holybeast_launching.dll
+ 2009-06-02 22:23 . 2011-07-08 13:49	46080 c:\windows\system32\tzchange.exe
- 2009-06-02 22:23 . 2009-07-14 11:03	46080 c:\windows\system32\tzchange.exe
+ 2008-07-30 02:10 . 2008-07-30 02:10	26112 c:\windows\system32\TsWpfWrp.exe
- 2004-08-04 12:00 . 2008-04-14 09:42	75776 c:\windows\system32\strmfilt.dll
+ 2004-08-04 12:00 . 2009-10-21 05:38	75776 c:\windows\system32\strmfilt.dll
+ 2006-10-23 17:45 . 2010-08-27 05:57	99840 c:\windows\system32\srvsvc.dll
+ 2006-10-23 17:45 . 2010-08-17 13:17	58880 c:\windows\system32\spoolsv.exe
+ 2010-01-22 00:52 . 2009-09-29 00:34	47416 c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2010-01-22 00:52 . 2009-09-29 00:34	52536 c:\windows\system32\spool\drivers\w32x86\LMIprinterui.dll
+ 2010-01-22 00:52 . 2009-09-29 00:34	52536 c:\windows\system32\spool\drivers\w32x86\LMIprinterdat.dll
+ 2010-01-22 00:52 . 2009-09-29 00:34	40248 c:\windows\system32\spool\drivers\w32x86\LMIprinter.dll
+ 2007-11-21 12:02 . 2007-11-21 12:02	57344 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnwbgc.dll
+ 2009-04-28 14:58 . 2009-04-28 14:58	77824 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnview.exe
+ 2009-04-28 14:58 . 2009-04-28 14:58	77824 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnupld.exe
+ 2009-07-14 14:10 . 2009-07-14 14:10	90112 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnupdr.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	65536 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnupd.dll
+ 2009-04-28 14:58 . 2009-04-28 14:58	77824 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdntime.exe
+ 2009-04-28 14:58 . 2009-04-28 14:58	98304 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdntime.dll
+ 2009-04-28 14:58 . 2009-04-28 14:58	94208 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnserv.exe
+ 2009-07-14 14:10 . 2009-07-14 14:10	36864 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdncur.dll
+ 2009-07-14 14:08 . 2009-07-14 14:08	90112 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdncub.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	77824 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdncu.dll
+ 2007-11-05 11:32 . 2007-11-05 11:32	77906 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdncfg.dll
+ 2007-03-26 12:39 . 2007-03-26 12:39	73728 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdncats.dll
+ 2007-07-06 19:41 . 2007-07-06 19:41	45056 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnbubl.dll
+ 2007-11-21 12:02 . 2007-11-21 12:02	57344 c:\windows\system32\spool\drivers\w32x86\3\lxdnwbgc.dll
+ 2009-04-28 14:58 . 2009-04-28 14:58	77824 c:\windows\system32\spool\drivers\w32x86\3\lxdnview.exe
+ 2009-04-28 14:58 . 2009-04-28 14:58	77824 c:\windows\system32\spool\drivers\w32x86\3\lxdnupld.exe
+ 2009-07-14 14:10 . 2009-07-14 14:10	90112 c:\windows\system32\spool\drivers\w32x86\3\lxdnupdr.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	65536 c:\windows\system32\spool\drivers\w32x86\3\lxdnupd.dll
+ 2009-04-28 14:58 . 2009-04-28 14:58	77824 c:\windows\system32\spool\drivers\w32x86\3\lxdntime.exe
+ 2009-04-28 14:58 . 2009-04-28 14:58	98304 c:\windows\system32\spool\drivers\w32x86\3\lxdntime.dll
+ 2009-04-28 14:58 . 2009-04-28 14:58	94208 c:\windows\system32\spool\drivers\w32x86\3\lxdnserv.exe
+ 2009-07-14 14:10 . 2009-07-14 14:10	36864 c:\windows\system32\spool\drivers\w32x86\3\lxdncur.dll
+ 2009-07-14 14:08 . 2009-07-14 14:08	90112 c:\windows\system32\spool\drivers\w32x86\3\lxdncub.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	77824 c:\windows\system32\spool\drivers\w32x86\3\lxdncu.dll
+ 2007-11-05 11:32 . 2007-11-05 11:32	77906 c:\windows\system32\spool\drivers\w32x86\3\lxdncfg.dll
+ 2007-03-26 12:39 . 2007-03-26 12:39	73728 c:\windows\system32\spool\drivers\w32x86\3\lxdncats.dll
+ 2007-07-06 19:41 . 2007-07-06 19:41	45056 c:\windows\system32\spool\drivers\w32x86\3\lxdnbubl.dll
+ 2010-01-22 00:52 . 2009-09-29 00:34	52536 c:\windows\system32\spool\drivers\w32x86\3\LMIprinterui.dll
+ 2010-01-22 00:52 . 2009-09-29 00:34	52536 c:\windows\system32\spool\drivers\w32x86\3\LMIprinterdat.dll
+ 2010-01-22 00:52 . 2009-09-29 00:34	40248 c:\windows\system32\spool\drivers\w32x86\3\LMIprinter.dll
+ 2011-05-18 00:53 . 2008-03-21 17:57	14640 c:\windows\system32\spmsgXP_2k3.dll
+ 2009-07-30 01:24 . 2010-07-05 13:15	17272 c:\windows\system32\spmsg.dll
+ 2009-10-27 12:26 . 2009-08-06 23:24	44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-27 12:26 . 2009-08-06 23:24	35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2011-01-20 00:10 . 2006-11-02 21:30	12288 c:\windows\system32\shwMirror.dll
+ 2011-06-03 20:15 . 2011-03-25 22:03	15592 c:\windows\system32\roboot.exe
+ 2009-10-04 02:46 . 2008-12-04 13:17	15312 c:\windows\system32\ReinstallBackups\0021\DriverFiles\RaCoInst.dat
+ 2009-10-03 02:52 . 2008-12-04 13:17	15312 c:\windows\system32\ReinstallBackups\0020\DriverFiles\RaCoInst.dat
+ 2009-10-03 02:47 . 2008-12-04 13:17	15312 c:\windows\system32\ReinstallBackups\0019\DriverFiles\RaCoInst.dat
+ 2004-08-04 12:00 . 2009-10-12 13:38	79872 c:\windows\system32\raschap.dll
- 2004-08-04 12:00 . 2008-04-14 09:42	79872 c:\windows\system32\raschap.dll
+ 2009-10-03 00:58 . 2008-12-04 13:17	15312 c:\windows\system32\RaCoInst.dat
+ 2009-09-15 01:31 . 2008-11-20 19:19	72176 c:\windows\system32\pxhpinst.exe
+ 2010-06-25 17:03 . 2010-06-25 17:03	53299 c:\windows\system32\pthreadVC.dll
+ 2010-03-31 07:16 . 2010-03-31 07:16	99176 c:\windows\system32\PresentationHostProxy.dll
+ 2004-08-04 12:00 . 2011-08-20 22:09	72568 c:\windows\system32\perfc009.dat
+ 2009-11-07 08:07 . 2009-11-07 08:07	49488 c:\windows\system32\netfxperf.dll
+ 2009-11-06 05:17 . 2009-11-06 05:17	11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2004-08-04 00:56 . 2009-11-27 17:11	17920 c:\windows\system32\msyuv.dll
+ 2011-05-29 00:22 . 2010-12-13 21:56	24576 c:\windows\system32\msxml3a.dll
+ 2004-08-04 12:00 . 2009-11-27 16:07	28672 c:\windows\system32\msvidc32.dll
- 2004-08-04 12:00 . 2008-04-14 09:42	11264 c:\windows\system32\msrle32.dll
+ 2004-08-04 12:00 . 2009-11-27 16:07	11264 c:\windows\system32\msrle32.dll
- 2006-10-23 17:44 . 2009-03-08 08:31	66560 c:\windows\system32\mshtmled.dll
+ 2006-10-23 17:44 . 2011-06-23 18:36	66560 c:\windows\system32\mshtmled.dll
+ 2009-03-08 08:31 . 2011-06-23 18:36	55296 c:\windows\system32\msfeedsbs.dll
- 2009-03-08 08:31 . 2009-07-03 17:09	55296 c:\windows\system32\msfeedsbs.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	83968 c:\windows\system32\mscories.dll
+ 2004-08-04 12:00 . 2009-09-04 21:03	58880 c:\windows\system32\msasn1.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00	98304 c:\windows\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00	86016 c:\windows\system32\Macromed\Shockwave 10\SwMenuX.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00	77824 c:\windows\system32\Macromed\Shockwave 10\SwInit.exe
+ 2009-07-16 11:00 . 2009-07-16 11:00	24576 c:\windows\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2009-03-16 08:59 . 2009-03-16 08:59	53248 c:\windows\system32\Macromed\Common\SwSupport.dll
+ 2008-04-01 00:47 . 2008-04-01 00:47	40960 c:\windows\system32\lxdnvs.dll
+ 2007-11-28 20:10 . 2007-11-28 20:10	53248 c:\windows\system32\lxdnprox.dll
+ 2009-07-14 14:10 . 2009-07-14 14:10	36864 c:\windows\system32\lxdncur.dll
+ 2009-07-14 14:08 . 2009-07-14 14:08	90112 c:\windows\system32\lxdncub.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	77824 c:\windows\system32\lxdncu.dll
+ 2007-10-02 19:51 . 2007-10-02 19:51	69632 c:\windows\system32\lxdncnv4.dll
+ 2007-11-05 11:32 . 2007-11-05 11:32	77906 c:\windows\system32\lxdncfg.dll
+ 2009-05-14 18:46 . 2009-05-14 18:46	81920 c:\windows\system32\lxdncaps.dll
+ 2010-01-22 00:52 . 2009-09-29 00:34	83288 c:\windows\system32\LMIRfsClientNP.dll
+ 2010-01-22 00:52 . 2009-09-29 00:34	28984 c:\windows\system32\LMIport.dll
+ 2008-08-11 17:40 . 2008-08-11 17:40	11552 c:\windows\system32\lmimirr2.dll
+ 2008-08-11 17:40 . 2008-08-11 17:40	25248 c:\windows\system32\lmimirr.dll
+ 2010-01-22 00:52 . 2009-09-29 00:34	87352 c:\windows\system32\LMIinit.dll
+ 2006-10-23 17:43 . 2011-06-23 18:36	25600 c:\windows\system32\jsproxy.dll
- 2006-10-23 17:43 . 2009-07-03 17:09	25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 00:56 . 2009-11-27 16:07	48128 c:\windows\system32\iyuv_32.dll
- 2009-06-02 21:41 . 2008-04-14 09:41	81920 c:\windows\system32\isign32.dll
+ 2009-06-02 21:41 . 2010-11-18 18:12	81920 c:\windows\system32\isign32.dll
+ 2008-07-30 00:24 . 2008-07-30 00:24	97800 c:\windows\system32\infocardapi.dll
+ 2011-02-01 16:54 . 2010-03-24 21:56	62048 c:\windows\system32\ijjiProcessRestarter.exe
- 2004-08-04 12:00 . 2008-04-14 09:41	80384 c:\windows\system32\iccvid.dll
+ 2004-08-04 12:00 . 2010-06-17 14:03	80384 c:\windows\system32\iccvid.dll
+ 2008-07-30 00:24 . 2008-07-30 00:24	11264 c:\windows\system32\icardres.dll
+ 2004-08-04 12:00 . 2009-10-21 05:38	25088 c:\windows\system32\httpapi.dll
+ 2010-12-25 23:25 . 2008-04-14 10:41	21504 c:\windows\system32\hidserv.dll
+ 2006-10-23 17:43 . 2009-10-15 16:28	81920 c:\windows\system32\fontsub.dll
- 2006-10-23 17:43 . 2009-06-16 14:36	81920 c:\windows\system32\fontsub.dll
+ 2008-07-30 02:10 . 2008-07-30 02:10	73720 c:\windows\system32\dxva2.dll
+ 2007-02-14 00:35 . 2007-02-14 00:35	65536 c:\windows\system32\dwAXExtn.dll
+ 2009-10-03 00:57 . 2008-12-04 13:17	15312 c:\windows\system32\DRVSTORE\rt2870_5954B493B0C8D1AABA9F1868B686DAD0107D2009\RaCoInst.dat
+ 2009-10-03 01:00 . 2008-12-12 22:05	25264 c:\windows\system32\DRVSTORE\purendis_2BB5C0100CC7696D211EF8B1803C647F3FC3AE04\purendis.sys
+ 2009-10-03 01:00 . 2008-12-12 22:05	23984 c:\windows\system32\DRVSTORE\pnarp_A922F7B3F866D334887D355D2A481D18B7F7B54E\pnarp.sys
+ 2006-11-02 11:00 . 2006-11-02 11:00	39368 c:\windows\system32\drivers\winusb.sys
+ 2008-03-27 20:27 . 2008-03-27 20:27	35040 c:\windows\system32\drivers\wdfldr.sys
+ 2009-06-02 22:15 . 2008-04-14 05:15	15104 c:\windows\system32\drivers\usbscan.sys
- 2009-06-02 22:15 . 2008-04-14 04:15	15104 c:\windows\system32\drivers\usbscan.sys
+ 2008-11-20 19:19 . 2008-11-20 19:19	43872 c:\windows\system32\drivers\pxhelp20.sys
+ 2009-10-03 01:00 . 2008-12-12 22:05	25264 c:\windows\system32\drivers\purendis.sys
+ 2011-05-18 00:52 . 2010-09-02 21:49	13312 c:\windows\system32\drivers\pneteth.sys
+ 2009-10-03 01:00 . 2008-12-12 22:05	23984 c:\windows\system32\drivers\pnarp.sys
+ 2010-06-25 17:07 . 2010-06-25 17:07	35088 c:\windows\system32\drivers\npf.sys
+ 2004-08-04 12:00 . 2010-11-02 15:17	40960 c:\windows\system32\drivers\ndproxy.sys
+ 2010-01-22 00:52 . 2008-08-11 17:41	47640 c:\windows\system32\drivers\LMIRfsDriver.sys
+ 2008-08-11 17:40 . 2008-08-11 17:40	10144 c:\windows\system32\drivers\lmimirr.sys
+ 2004-08-04 12:00 . 2009-04-20 17:17	45568 c:\windows\system32\dnsrslvr.dll
- 2004-08-04 12:00 . 2008-04-14 09:41	45568 c:\windows\system32\dnsrslvr.dll
+ 2009-06-11 05:22 . 2011-06-23 18:36	12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-06-11 05:22 . 2009-07-03 17:09	12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-06-02 21:41 . 2009-08-06 23:24	35552 c:\windows\system32\dllcache\wups.dll
+ 2009-06-02 21:41 . 2009-08-06 23:24	53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2009-06-02 22:15 . 2001-08-18 03:36	87040 c:\windows\system32\dllcache\wiafbdrv.dll
- 2009-06-02 22:15 . 2001-08-18 02:36	87040 c:\windows\system32\dllcache\wiafbdrv.dll
+ 2010-12-15 02:18 . 2010-10-11 14:59	45568 c:\windows\system32\dllcache\wab.exe
+ 2009-06-02 17:38 . 2008-04-14 10:42	53760 c:\windows\system32\dllcache\vfwwdm32.dll
- 2009-06-02 17:38 . 2008-04-14 09:42	53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2009-06-02 22:15 . 2008-04-14 05:15	15104 c:\windows\system32\dllcache\usbscan.sys
+ 2009-12-10 10:07 . 2009-10-21 05:38	75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2010-10-28 11:36 . 2010-08-27 05:57	99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2010-10-28 11:36 . 2010-08-17 13:17	58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2009-12-10 10:06 . 2009-10-12 13:38	79872 c:\windows\system32\dllcache\raschap.dll
+ 2010-12-15 02:16 . 2010-11-02 15:17	40960 c:\windows\system32\dllcache\ndproxy.sys
+ 2004-08-04 00:56 . 2009-11-27 17:11	17920 c:\windows\system32\dllcache\msyuv.dll
+ 2004-08-04 12:00 . 2009-11-27 16:07	28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2010-02-10 06:44 . 2009-11-27 16:07	11264 c:\windows\system32\dllcache\msrle32.dll
- 2009-03-08 08:31 . 2009-03-08 08:31	66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 08:31 . 2011-06-23 18:36	66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-07-29 10:40 . 2011-06-23 18:36	55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-07-29 10:40 . 2009-07-03 17:09	55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-10-15 23:45 . 2009-09-04 21:03	58880 c:\windows\system32\dllcache\msasn1.dll
+ 2009-03-08 08:34 . 2011-06-23 18:36	43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 08:33 . 2011-06-23 18:36	25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-03-08 08:33 . 2009-07-03 17:09	25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 00:56 . 2009-11-27 16:07	48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2010-12-15 02:18 . 2010-11-18 18:12	81920 c:\windows\system32\dllcache\isign32.dll
+ 2009-12-10 10:07 . 2009-10-21 05:38	25088 c:\windows\system32\dllcache\httpapi.dll
+ 2010-12-25 23:25 . 2008-04-14 10:41	21504 c:\windows\system32\dllcache\hidserv.dll
+ 2009-07-21 21:41 . 2009-10-15 16:28	81920 c:\windows\system32\dllcache\fontsub.dll
- 2009-07-21 21:41 . 2009-06-16 14:36	81920  c:\windows\system32\dllcache\fontsub.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	89088 c:\windows\system32\dllcache\filterpipelineprintproc.dll
+ 2011-04-15 04:45 . 2009-04-20 17:17	45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2010-02-10 06:44 . 2011-04-26 11:07	33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2009-11-13 22:57 . 2009-11-13 22:57	62592 c:\windows\system32\dllcache\cdrom.sys
+ 2006-10-23 17:43 . 2009-08-06 23:24	96480 c:\windows\system32\dllcache\cdm.dll
+ 2010-10-28 11:04 . 2010-01-13 14:01	86016 c:\windows\system32\dllcache\cabview.dll
+ 2009-08-13 06:26 . 2009-11-27 16:07	84992 c:\windows\system32\dllcache\avifil32.dll
- 2009-08-13 06:26 . 2009-06-10 14:13	84992 c:\windows\system32\dllcache\avifil32.dll
+ 2010-10-28 11:35 . 2010-03-05 14:37	65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-04 12:00 . 2011-04-26 11:07	33280 c:\windows\system32\csrsrv.dll
- 2009-06-02 21:52 . 2009-09-09 10:39	32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-02 21:52 . 2011-02-10 01:41	32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-06-02 21:52 . 2009-09-09 10:39	32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-06-02 21:52 . 2011-02-10 01:41	32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-10-07 16:01 . 2011-02-10 01:41	16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-06-02 21:52 . 2009-09-09 10:39	16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2006-10-23 17:43 . 2009-08-06 23:24	96480 c:\windows\system32\cdm.dll
+ 2004-08-04 12:00 . 2010-01-13 14:01	86016 c:\windows\system32\cabview.dll
- 2004-08-04 12:00 . 2009-06-10 14:13	84992 c:\windows\system32\avifil32.dll
+ 2004-08-04 12:00 . 2009-11-27 16:07	84992 c:\windows\system32\avifil32.dll
+ 2004-08-04 12:00 . 2010-03-05 14:37	65536 c:\windows\system32\asycfilt.dll
+ 2009-10-04 21:10 . 2009-10-04 21:10	87618 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2009-07-31 13:26 . 2009-07-31 13:26	94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2009-07-31 12:54 . 2009-07-31 12:54	79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2009-07-31 13:42 . 2009-07-31 13:42	67000 c:\windows\system32\Adobe\Director\SWDNLD.EXE
+ 2008-07-30 04:40 . 2008-07-30 04:40	70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40	91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40	41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40	40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40	95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40	78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40	41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40	41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40	41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-30 02:10 . 2008-07-30 02:10	46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-30 00:59 . 2008-07-30 00:59	32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 02:10 . 2008-07-30 02:10	71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-30 00:32 . 2008-07-30 00:32	17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2010-04-08 06:48 . 2010-04-08 06:48	32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16	73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16	20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16	11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 16:17 . 2008-07-25 16:17	77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16	18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16	97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2010-09-22 16:43 . 2010-09-22 16:43	30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16	34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16	33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16	24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16	84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16	98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2009-06-24 23:56 . 2009-06-24 23:56	73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2010-09-23 22:55 . 2010-09-23 22:55	81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2010-09-23 09:26 . 2010-09-23 09:26	77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-14 00:58 . 2007-04-14 00:58	77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-09-23 09:26 . 2010-09-23 09:26	86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-14 00:57 . 2007-04-14 00:57	86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-14 00:57 . 2007-04-14 00:57	81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-09-23 09:26 . 2010-09-23 09:26	81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-09-23 10:17 . 2010-09-23 10:17	32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-14 01:30 . 2007-04-14 01:30	32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-09-23 10:17 . 2010-09-23 10:17	24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2003-02-20 23:19 . 2003-02-20 23:19	24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2011-06-03 21:00 . 2005-03-18 20:23	12800 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2011-06-03 21:00 . 2005-03-18 20:23	53248 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-11-14 22:07 . 2009-11-14 22:07	49664 c:\windows\Installer\d42a3c9.msi
+ 2008-07-30 04:07 . 2008-07-30 04:07	23040 c:\windows\Installer\ca02cd3.msp
+ 2009-11-07 19:05 . 2009-11-07 19:05	88576 c:\windows\Installer\c9d7a9e.msi
+ 2011-08-01 04:16 . 2011-08-01 04:16	22016 c:\windows\Installer\36ccb92a.msi
+ 2011-06-14 03:11 . 2011-06-14 03:11	94208 c:\windows\Installer\24501b3d.msi
+ 2011-05-24 04:26 . 2011-05-24 04:26	28160 c:\windows\Installer\1f57d516.msi
+ 2010-01-30 03:20 . 2010-01-30 03:20	67072 c:\windows\Installer\1f3d0e1f.msi
+ 2009-10-04 21:12 . 2009-10-04 21:12	24064 c:\windows\Installer\1e60546d.msi
+ 2011-08-13 21:44 . 2011-08-13 21:44	15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_E25433D73F7938C35146D8.exe
+ 2011-08-13 21:44 . 2011-08-13 21:44	15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_B0C0DA3A9D7B7F456011DB.exe
+ 2011-02-07 00:09 . 2011-02-07 00:09	15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_9C60B3547C61BA870512A6.exe
+ 2010-10-29 23:26 . 2010-10-29 23:26	15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_8437F8F4486D1C3FB9C443.exe
+ 2011-08-13 21:44 . 2011-08-13 21:44	15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_6FEFF9B68218417F98F549.exe
+ 2010-10-29 23:26 . 2010-10-29 23:26	15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_4B4DFEE143B5B8450B9F3D.exe
+ 2011-01-08 05:36 . 2011-01-08 05:36	15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_27A36ECDCBF3E91911F530.exe
+ 2011-02-07 00:09 . 2011-02-07 00:09	15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_0F799CEEF76883540C8EEE.exe
+ 2011-01-08 05:36 . 2011-01-08 05:36	15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_0A6B83C1EA7C93970D31CB.exe
+ 2009-11-25 08:00 . 2009-11-25 08:00	32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2011-02-14 03:07 . 2011-02-14 03:07	25214 c:\windows\Installer\{C768790F-04FB-11E0-9B2C-001AA037B01E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2011-06-15 12:17 . 2011-06-15 12:17	65536 c:\windows\Installer\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2011-06-15 12:17 . 2011-06-15 12:17	65536 c:\windows\Installer\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2011-06-15 12:17 . 2011-06-15 12:17	65536 c:\windows\Installer\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2011-06-15 12:17 . 2011-06-15 12:17	65536 c:\windows\Installer\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2011-06-15 12:17 . 2011-06-15 12:17	65536 c:\windows\Installer\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2011-06-15 12:17 . 2011-06-15 12:17	65536 c:\windows\Installer\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2011-06-15 12:17 . 2011-06-15 12:17	65536 c:\windows\Installer\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}\ARPPRODUCTICON.exe
+ 2011-03-05 23:05 . 2011-03-05 23:05	98304 c:\windows\Installer\{B2042D5E-986D-44EC-AEE3-AFE4108CCC93}\python_icon.exe
+ 2011-03-08 02:23 . 2011-03-08 02:23	77610 c:\windows\Installer\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}\_853F67D554F05449430E7E.exe
+ 2011-06-16 07:05 . 2011-06-16 07:05	38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-10-29 10:19 . 2011-06-16 07:05	49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2009-12-31 03:43 . 2009-12-31 03:43	57344 c:\windows\Installer\{53735ECE-E461-4FD0-B742-23A352436D3A}\ARPPRODUCTICON.exe
+ 2007-03-22 23:13 . 2007-03-22 23:13	23904 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\IPDMCTRL.DLL
+ 2009-04-03 22:01 . 2009-04-03 22:01	71504 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\XL12CNVP.DLL
+ 2009-04-03 21:57 . 2009-04-03 21:57	21320 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\WRD12EXE.EXE
+ 2009-04-02 18:35 . 2009-04-02 18:35	16712 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\PXBPROXY.DLL
+ 2009-04-02 18:35 . 2009-04-02 18:35	68496 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\PXBCOM.EXE
+ 2006-10-27 01:13 . 2006-10-27 01:13	72472 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\XL12CNVP.DLL
+ 2007-03-21 22:58 . 2007-03-21 22:58	24416 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\WRD12EXE.EXE
+ 2006-10-27 01:07 . 2006-10-27 01:07	17680 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PXBPROXY.DLL
+ 2007-03-21 23:00 . 2007-03-21 23:00	72096 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2010-01-23 08:00 . 2009-10-29 07:45	12800 c:\windows\ie8updates\KB978207-IE8\xpshims.dll
+ 2010-01-23 08:00 . 2009-10-29 07:45	55296 c:\windows\ie8updates\KB978207-IE8\msfeedsbs.dll
+ 2010-01-23 08:00 . 2009-10-29 07:45	25600 c:\windows\ie8updates\KB978207-IE8\jsproxy.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	12800 c:\windows\ie8updates\KB976325-IE8\xpshims.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	55296 c:\windows\ie8updates\KB976325-IE8\msfeedsbs.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	25600 c:\windows\ie8updates\KB976325-IE8\jsproxy.dll
+ 2009-10-16 07:05 . 2009-07-03 17:09	12800 c:\windows\ie8updates\KB974455-IE8\xpshims.dll
+ 2009-10-16 07:05 . 2009-07-03 17:09	55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll
+ 2009-10-16 07:05 . 2009-07-03 17:09	25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	12800 c:\windows\ie8updates\KB2530548-IE8\xpshims.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	66560 c:\windows\ie8updates\KB2530548-IE8\mshtmled.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	55296 c:\windows\ie8updates\KB2530548-IE8\msfeedsbs.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	43520 c:\windows\ie8updates\KB2530548-IE8\licmgr10.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	25600 c:\windows\ie8updates\KB2530548-IE8\jsproxy.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	12800 c:\windows\ie8updates\KB2497640-IE8\xpshims.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	66560 c:\windows\ie8updates\KB2497640-IE8\mshtmled.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	55296 c:\windows\ie8updates\KB2497640-IE8\msfeedsbs.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	43520 c:\windows\ie8updates\KB2497640-IE8\licmgr10.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	25600 c:\windows\ie8updates\KB2497640-IE8\jsproxy.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	12800 c:\windows\ie8updates\KB2416400-IE8\xpshims.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	66560 c:\windows\ie8updates\KB2416400-IE8\mshtmled.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	55296 c:\windows\ie8updates\KB2416400-IE8\msfeedsbs.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	43520 c:\windows\ie8updates\KB2416400-IE8\licmgr10.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	25600 c:\windows\ie8updates\KB2416400-IE8\jsproxy.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll
+ 2010-10-29 10:19 . 2009-03-08 08:31	66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll
+ 2010-10-29 10:19 . 2009-03-08 08:34	43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll
+ 2010-02-10 06:44 . 2009-11-27 17:11	17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2010-02-10 06:44 . 2009-11-27 16:07	48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2009-10-16 22:24 . 2009-10-16 22:24	65536 c:\windows\Downloaded Program Files\ChannelingPluginforReactor.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_27919efb\System.Drawing.Design.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_aff4c089\CustomMarshalers.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	24576 c:\windows\assembly\NativeImages_v2.0.50727_32\WiaProxy32\d5cd392b58b4fca02e9b69425633375e\WiaProxy32.ni.exe
+ 2011-06-28 07:06 . 2011-06-28 07:06	60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1492e9393417d6e91b5ddc746b5ef320\UIAutomationProvider.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\343c52b741531ce9ae874ea7508831a7\System.Windows.Presentation.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\246110974e3c48733458819b07464b23\System.Web.DynamicData.Design.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-06-28 07:09 . 2011-06-28 07:09	82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\177a17af98d803ab79006d6785706462\System.AddIn.Contract.ni.dll
+ 2011-08-12 18:34 . 2011-08-12 18:34	47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\40ee65aacd9d7472cd6f8dddbfca604b\PresentationFontCache.ni.exe
+ 2011-08-12 18:34 . 2011-08-12 18:34	39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\12c424eed7ee0e9c017bf72ff09eb78c\PresentationCFFRasterizer.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f9c514544c8e23220493cd42a0e20678\Microsoft.Vsa.ni.dll
+ 2011-06-28 07:08 . 2011-06-28 07:08	15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a96b02abbfcaae424cfb91a198a9e0e9\Microsoft.VisualC.ni.dll
+ 2011-06-28 07:09 . 2011-06-28 07:09	65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
+ 2011-06-28 07:09 . 2011-06-28 07:09	74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
+ 2011-06-28 07:08 . 2011-06-28 07:08	94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WIA\98c93980bcd7a4ce51a2f11bf2a35543\Interop.WIA.ni.dll
+ 2011-06-28 07:08 . 2011-06-28 07:08	14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
+ 2011-06-28 07:07 . 2011-06-28 07:07	25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2010-10-29 10:11 . 2010-10-29 10:11	32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-11-07 19:07 . 2009-11-07 19:07	32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-10-29 10:07 . 2010-10-29 10:07	81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-06-20 21:17 . 2011-06-20 22:46	49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll
+ 2011-06-20 21:17 . 2011-06-20 22:47	81920 c:\windows\.jagex_cache_32\runescape\hw3d.dll
+ 2010-10-29 10:01 . 2008-04-14 09:41	80384 c:\windows\$NtUninstallKB982665$\iccvid.dll
+ 2010-10-29 10:11 . 2008-04-14 09:41	65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2010-10-29 10:12 . 2008-04-14 09:41	84480 c:\windows\$NtUninstallKB979309$\cabview.dll
+ 2010-02-10 08:01 . 2008-04-14 09:41	32256 c:\windows\$NtUninstallKB978037$\csrsrv.dll
+ 2010-02-10 08:01 . 2004-08-04 12:00	25600 c:\windows\$NtUninstallKB977914$\msvidc32.dll
+ 2010-02-10 08:01 . 2008-04-14 09:42	11264 c:\windows\$NtUninstallKB977914$\msrle32.dll
+ 2010-02-10 08:01 . 2008-04-14 10:41	47616 c:\windows\$NtUninstallKB977914$\iyuv_32.dll
+ 2010-02-10 08:01 . 2009-06-10 14:13	84992 c:\windows\$NtUninstallKB977914$\avifil32.dll
+ 2009-11-25 08:00 . 2009-07-14 11:03	46080 c:\windows\$NtUninstallKB976098-v2$\tzchange.exe
+ 2009-11-25 08:00 . 2009-10-29 02:03	16896 c:\windows\$NtUninstallKB976098-v2$\spuninst\tzchange.dll
+ 2010-02-10 08:01 . 2008-04-14 10:42	16896 c:\windows\$NtUninstallKB975560$\msyuv.dll
+ 2009-10-16 07:02 . 2008-04-14 09:42	57344 c:\windows\$NtUninstallKB974571$\msasn1.dll
+ 2009-12-11 08:02 . 2008-04-14 09:42	79872 c:\windows\$NtUninstallKB974318$\raschap.dll
+ 2010-01-13 08:02 . 2009-06-16 14:36	81920 c:\windows\$NtUninstallKB972270$\fontsub.dll
+ 2009-12-11 08:03 . 2008-04-14 09:42	75776 c:\windows\$NtUninstallKB970430$\strmfilt.dll
+ 2009-12-11 08:03 . 2008-04-14 09:41	24576 c:\windows\$NtUninstallKB970430$\httpapi.dll
+ 2011-04-15 07:01 . 2008-04-14 09:41	45568 c:\windows\$NtUninstallKB2509553$\dnsrslvr.dll
+ 2011-07-14 07:03 . 2010-12-09 14:30	33280 c:\windows\$NtUninstallKB2507938$\csrsrv.dll
+ 2011-02-10 08:01 . 2009-12-14 07:08	33280 c:\windows\$NtUninstallKB2476687$\csrsrv.dll
+ 2010-12-15 08:05 . 2010-06-21 14:46	46080 c:\windows\$NtUninstallKB2443685$\tzchange.exe
+ 2010-12-15 08:05 . 2010-11-05 05:57	16896 c:\windows\$NtUninstallKB2443685$\spuninst\tzchange.dll
+ 2010-12-15 08:06 . 2008-04-14 09:41	81920 c:\windows\$NtUninstallKB2443105$\isign32.dll
+ 2010-12-15 08:05 . 2008-04-14 04:27	40576 c:\windows\$NtUninstallKB2440591$\ndproxy.sys
+ 2010-12-15 08:01 . 2008-04-14 09:42	46080 c:\windows\$NtUninstallKB2423089$\wab.exe
+ 2010-10-29 10:27 . 2008-04-14 09:42	57856 c:\windows\$NtUninstallKB2347290$\spoolsv.exe
+ 2010-10-29 10:31 . 2008-04-14 09:42	96768 c:\windows\$NtUninstallKB2345886$\srvsvc.dll
+ 2010-10-29 10:02 . 2009-10-28 15:07	46080 c:\windows\$NtUninstallKB2158563$\tzchange.exe
+ 2010-10-29 10:02 . 2010-06-23 00:54	16896 c:\windows\$NtUninstallKB2158563$\spuninst\tzchange.dll
+ 2010-10-29 10:01 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll
+ 2010-10-29 10:01 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB982665\spmsg.dll
+ 2010-10-28 11:28 . 2010-06-17 14:02	80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll
+ 2010-10-29 10:32 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB982214\update\spcustom.dll
+ 2010-10-29 10:32 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB982214\spmsg.dll
+ 2010-10-29 10:29 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB982132\update\spcustom.dll
+ 2010-10-29 10:29 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB982132\spmsg.dll
+ 2010-10-29 10:11 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll
+ 2010-10-29 10:11 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB981997\spmsg.dll
+ 2010-10-29 10:12 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB981957\update\spcustom.dll
+ 2010-10-29 10:12 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB981957\spmsg.dll
+ 2010-10-29 10:27 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB981852\update\spcustom.dll
+ 2010-10-28 11:23 . 2010-06-18 06:28	16896 c:\windows\$hf_mig$\KB981852\update\mpsyschk.dll
+ 2010-10-29 10:27 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB981852\spmsg.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB981332-IE8\update\spcustom.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB981332-IE8\spmsg.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB981322\spmsg.dll
+ 2010-10-29 10:16 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll
+ 2010-10-29 10:16 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB980436\spmsg.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	26488 c:\windows\$hf_mig$\KB980232\update\spcustom.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	17272 c:\windows\$hf_mig$\KB980232\spmsg.dll
+ 2010-10-29 10:31 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB980195\update\spcustom.dll
+ 2010-10-29 10:31 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB980195\spmsg.dll
+ 2010-10-29 10:23 . 2009-05-26 09:01	26488 c:\windows\$hf_mig$\KB979687\update\spcustom.dll
+ 2010-10-29 10:23 . 2009-05-26 09:01	17272 c:\windows\$hf_mig$\KB979687\spmsg.dll
+ 2010-10-29 10:11 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll
+ 2010-10-29 10:11 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB979482\spmsg.dll
+ 2010-10-28 11:35 . 2010-03-05 14:52	65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll
+ 2010-10-29 10:12 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB979309\update\spcustom.dll
+ 2010-10-29 10:12 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB979309\spmsg.dll
+ 2010-10-28 11:04 . 2010-01-13 13:48	86016 c:\windows\$hf_mig$\KB979309\SP3QFE\cabview.dll
+ 2010-02-10 08:00 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB978706\update\spcustom.dll
+ 2010-02-10 08:00 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB978706\spmsg.dll
+ 2010-10-29 10:16 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB978601\update\spcustom.dll
+ 2010-10-29 10:16 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB978601\spmsg.dll
+ 2010-10-29 10:12 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-10-29 10:12 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB978542\spmsg.dll
+ 2010-10-29 10:28 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB978338\update\spcustom.dll
+ 2010-10-29 10:28 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB978338\spmsg.dll
+ 2010-02-10 08:04 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB978262\update\spcustom.dll
+ 2010-02-10 08:04 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB978262\spmsg.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB978251\update\spcustom.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB978251\spmsg.dll
+ 2010-01-23 08:00 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB978207-IE8\update\spcustom.dll
+ 2010-01-23 08:00 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB978207-IE8\spmsg.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	12800 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\xpshims.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	55296 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\msfeedsbs.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	25600 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\jsproxy.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB978037\update\spcustom.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB978037\spmsg.dll
+ 2010-02-10 06:44 . 2009-12-14 07:10	33280 c:\windows\$hf_mig$\KB978037\SP3QFE\csrsrv.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB977914\update\spcustom.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB977914\spmsg.dll
+ 2010-02-10 06:44 . 2009-11-27 16:28	28672 c:\windows\$hf_mig$\KB977914\SP3QFE\msvidc32.dll
+ 2010-02-10 06:44 . 2009-11-27 16:28	11264 c:\windows\$hf_mig$\KB977914\SP3QFE\msrle32.dll
+ 2010-02-10 06:44 . 2009-11-27 16:28	48128 c:\windows\$hf_mig$\KB977914\SP3QFE\iyuv_32.dll
+ 2010-02-10 06:44 . 2009-11-27 16:28	84992 c:\windows\$hf_mig$\KB977914\SP3QFE\avifil32.dll
+ 2010-10-29 10:18 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB977816\update\spcustom.dll
+ 2010-10-29 10:18 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB977816\spmsg.dll
+ 2010-02-10 08:00 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB977165\update\spcustom.dll
+ 2010-02-10 08:00 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB977165\spmsg.dll
+ 2009-11-05 08:00 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB976749-IE8\update\spcustom.dll
+ 2009-11-05 08:00 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB976749-IE8\spmsg.dll
+ 2010-10-29 10:32 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB976662-IE8\update\spcustom.dll
+ 2010-10-29 10:32 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB976662-IE8\spmsg.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB976325-IE8\update\spcustom.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB976325-IE8\spmsg.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	12800 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\xpshims.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	55296 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\msfeedsbs.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	25600 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\jsproxy.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB975713\update\spcustom.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB975713\spmsg.dll
+ 2010-10-29 10:11 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll
+ 2010-10-29 10:11 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB975562\spmsg.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB975560\update\spcustom.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB975560\spmsg.dll
+ 2010-02-10 06:44 . 2009-11-27 17:23	17920 c:\windows\$hf_mig$\KB975560\SP3QFE\msyuv.dll
+ 2009-10-16 07:00 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB975467\update\spcustom.dll
+ 2009-10-16 07:00 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB975467\spmsg.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB975025\update\spcustom.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB975025\spmsg.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB974571\update\spcustom.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB974571\spmsg.dll
+ 2009-10-15 23:45 . 2009-09-04 20:57	58880 c:\windows\$hf_mig$\KB974571\SP3QFE\msasn1.dll
+ 2009-10-16 07:05 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB974455-IE8\update\spcustom.dll
+ 2009-10-16 07:05 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB974455-IE8\spmsg.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	12800 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\xpshims.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	55296 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeedsbs.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	25600 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\jsproxy.dll
+ 2009-12-11 08:01 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB974392\update\spcustom.dll
+ 2009-12-11 08:01 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB974392\spmsg.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB974318\update\spcustom.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB974318\spmsg.dll
+ 2009-12-10 10:06 . 2009-10-12 13:28	79872 c:\windows\$hf_mig$\KB974318\SP3QFE\raschap.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB974112\update\spcustom.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB974112\spmsg.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB973904\update\spcustom.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB973904\spmsg.dll
+ 2009-11-25 08:00 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB973687\update\spcustom.dll
+ 2009-11-25 08:00 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB973687\spmsg.dll
+ 2009-10-16 07:01 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB973525\update\spcustom.dll
+ 2009-10-16 07:01 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB973525\spmsg.dll
+ 2010-01-13 08:02 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB972270\update\spcustom.dll
+ 2010-01-13 08:02 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB972270\spmsg.dll
+ 2010-01-13 05:17 . 2009-10-15 16:39	81920 c:\windows\$hf_mig$\KB972270\SP3QFE\fontsub.dll
+ 2009-12-11 08:01 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB971737\update\spcustom.dll
+ 2009-12-11 08:01 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB971737\spmsg.dll
+ 2009-10-16 07:01 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB971486\update\spcustom.dll
+ 2009-10-16 07:01 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB971486\spmsg.dll
+ 2010-02-10 08:04 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB971468\update\spcustom.dll
+ 2010-02-10 08:04 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB971468\spmsg.dll
+ 2011-03-16 07:01 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2011-03-16 07:01 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2009-12-11 08:03 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB970430\update\spcustom.dll
+ 2009-12-11 08:03 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB970430\spmsg.dll
+ 2009-12-10 10:07 . 2009-10-21 05:40	75776 c:\windows\$hf_mig$\KB970430\SP3QFE\strmfilt.dll
+ 2009-12-10 10:07 . 2009-10-21 05:40	25088 c:\windows\$hf_mig$\KB970430\SP3QFE\httpapi.dll
+ 2009-11-12 08:00 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB969947\update\spcustom.dll
+ 2009-11-12 08:00 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB969947\spmsg.dll
+ 2009-10-16 07:03 . 2008-07-08 13:02	26488 c:\windows\$hf_mig$\KB969059\update\spcustom.dll
+ 2009-10-16 07:03 . 2008-07-08 13:02	17272 c:\windows\$hf_mig$\KB969059\spmsg.dll
+ 2010-01-13 08:03 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB955759\update\spcustom.dll
+ 2010-01-13 08:03 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB955759\spmsg.dll
+ 2011-07-14 07:00 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2555917\update\spcustom.dll
+ 2011-07-14 07:00 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2555917\spmsg.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2544893\update\spcustom.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2544893\spmsg.dll
+ 2011-06-16 07:00 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2544521-IE8\update\spcustom.dll
+ 2011-06-16 07:00 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2544521-IE8\spmsg.dll
+ 2011-06-29 07:00 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2541763\update\spcustom.dll
+ 2011-06-29 07:00 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2541763\spmsg.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2536276\update\spcustom.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2536276\spmsg.dll
+ 2011-06-16 07:03 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2535512\update\spcustom.dll
+ 2011-06-16 07:03 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2535512\spmsg.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2530548-IE8\update\spcustom.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2530548-IE8\spmsg.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	12800 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\xpshims.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	66560 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtmled.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	55296 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeedsbs.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	43520 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\licmgr10.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	25600 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\jsproxy.dll
+ 2011-03-25 07:00 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2524375\update\spcustom.dll
+ 2011-03-25 07:00 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2524375\spmsg.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2511455\update\spcustom.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2511455\spmsg.dll
+ 2011-04-15 07:00 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2510531-IE8\update\spcustom.dll
+ 2011-04-15 07:00 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2510531-IE8\spmsg.dll
+ 2011-04-15 07:01 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2509553\update\spcustom.dll
+ 2011-04-15 07:01 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2509553\spmsg.dll
+ 2011-04-15 04:45 . 2009-04-20 17:06	45568 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsrslvr.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2508429\update\spcustom.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2508429\spmsg.dll
+ 2011-04-15 07:05 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2508272\update\spcustom.dll
+ 2011-04-15 07:05 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2508272\spmsg.dll
+ 2011-07-14 07:03 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll
+ 2011-07-14 07:03 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2507938\spmsg.dll
+ 2011-07-14 03:50 . 2011-04-26 11:02	33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2507618\update\spcustom.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2507618\spmsg.dll
+ 2011-04-15 07:09 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2506223\update\spcustom.dll
+ 2011-04-15 07:09 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2506223\spmsg.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2506212\update\spcustom.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2506212\spmsg.dll
+ 2011-06-16 07:04 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2503665\update\spcustom.dll
+ 2011-06-16 07:04 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2503665\spmsg.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2503658\update\spcustom.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2503658\spmsg.dll
+ 2011-04-15 07:09 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2497640-IE8\update\spcustom.dll
+ 2011-04-15 07:09 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2497640-IE8\spmsg.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	12800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\xpshims.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	66560 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtmled.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	55296 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeedsbs.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	43520 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\licmgr10.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	25600 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\jsproxy.dll
+ 2011-04-15 07:11 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2485663\update\spcustom.dll
+ 2011-04-15 07:11 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2485663\spmsg.dll
+ 2011-02-10 08:04 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2485376\update\spcustom.dll
+ 2011-02-10 08:04 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2485376\spmsg.dll
+ 2011-02-10 08:03 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2483185\update\spcustom.dll
+ 2011-02-10 08:03 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2483185\spmsg.dll
+ 2011-02-10 08:01 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2482017-IE8\update\spcustom.dll
+ 2011-02-10 08:01 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2482017-IE8\spmsg.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	12800 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\xpshims.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	66560 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtmled.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	55296 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeedsbs.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	43520 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\licmgr10.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	25600 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\jsproxy.dll
+ 2011-03-10 08:01 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
+ 2011-03-10 08:01 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2481109\spmsg.dll
+ 2011-03-09 19:36 . 2011-02-02 07:57	53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
+ 2011-03-10 08:04 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-10 08:04 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2011-02-10 08:03 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2479628\update\spcustom.dll
+ 2011-02-10 08:03 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2479628\spmsg.dll
+ 2011-02-10 08:04 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2478971\update\spcustom.dll
+ 2011-02-10 08:04 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2478971\spmsg.dll
+ 2011-02-10 08:00 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2478960\update\spcustom.dll
+ 2011-02-10 08:00 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2478960\spmsg.dll
+ 2011-02-10 08:01 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2476687\update\spcustom.dll
+ 2011-02-10 08:01 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2476687\spmsg.dll
+ 2011-02-09 19:21 . 2010-12-09 14:29	33280 c:\windows\$hf_mig$\KB2476687\SP3QFE\csrsrv.dll
+ 2011-06-16 07:04 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll
+ 2011-06-16 07:04 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2476490\spmsg.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2467659\update\spcustom.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2467659\spmsg.dll
+ 2010-12-15 08:06 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2443105\update\spcustom.dll
+ 2010-12-15 08:06 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2443105\spmsg.dll
+ 2010-12-15 02:18 . 2010-11-18 18:12	81920 c:\windows\$hf_mig$\KB2443105\SP3QFE\isign32.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB2440591\update\spcustom.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB2440591\spmsg.dll
+ 2010-12-15 02:16 . 2010-11-03 05:55	40960 c:\windows\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys
+ 2010-12-15 08:05 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB2436673\update\spcustom.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB2436673\spmsg.dll
+ 2010-12-15 08:01 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2423089\update\spcustom.dll
+ 2010-12-15 08:01 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2423089\spmsg.dll
+ 2010-12-15 02:18 . 2010-10-11 14:55	45568 c:\windows\$hf_mig$\KB2423089\SP3QFE\wab.exe
+ 2011-01-13 08:01 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2419632\update\spcustom.dll
+ 2011-01-13 08:01 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2419632\spmsg.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2416400-IE8\update\spcustom.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2416400-IE8\spmsg.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	12800 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\xpshims.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	66560 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtmled.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	55296 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\msfeedsbs.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	43520 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\licmgr10.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	25600 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\jsproxy.dll
+ 2011-02-10 08:00 . 2010-07-05 13:15	26488 c:\windows\$hf_mig$\KB2393802\update\spcustom.dll
+ 2011-02-09 19:21 . 2010-12-09 15:15	16896 c:\windows\$hf_mig$\KB2393802\update\mpsyschk.dll
+ 2011-02-10 08:00 . 2010-07-05 13:15	17272 c:\windows\$hf_mig$\KB2393802\spmsg.dll
+ 2010-10-29 10:33 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2387149\update\spcustom.dll
+ 2010-10-29 10:33 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2387149\spmsg.dll
+ 2010-10-29 10:01 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2360937\update\spcustom.dll
+ 2010-10-29 10:01 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2360937\spmsg.dll
+ 2010-10-29 10:19 . 2009-05-26 09:01	26488  c:\windows\$hf_mig$\KB2360131-IE8\update\spcustom.dll
+ 2010-10-29 10:19 . 2009-05-26 09:01	17272 c:\windows\$hf_mig$\KB2360131-IE8\spmsg.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	12800 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\xpshims.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	66560 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtmled.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	55296 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeedsbs.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	43520 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\licmgr10.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	25600 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\jsproxy.dll
+ 2010-10-29 10:27 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll
+ 2010-10-29 10:27 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB2347290\spmsg.dll
+ 2010-10-28 11:36 . 2010-08-17 13:19	58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
+ 2010-10-29 10:31 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2345886\update\spcustom.dll
+ 2010-10-29 10:31 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2345886\spmsg.dll
+ 2010-10-28 11:36 . 2010-08-27 06:05	99840 c:\windows\$hf_mig$\KB2345886\SP3QFE\srvsvc.dll
+ 2010-12-15 08:06 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB2296199\update\spcustom.dll
+ 2010-12-15 08:06 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB2296199\spmsg.dll
+ 2010-10-29 10:12 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll
+ 2010-10-29 10:12 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2286198\spmsg.dll
+ 2010-10-29 10:33 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2279986\update\spcustom.dll
+ 2010-10-29 10:33 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2279986\spmsg.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	26488 c:\windows\$hf_mig$\KB2259922\update\spcustom.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	17272 c:\windows\$hf_mig$\KB2259922\spmsg.dll
+ 2010-10-29 10:30 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-10-29 10:30 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB2229593\spmsg.dll
+ 2010-10-29 10:05 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2141007\update\spcustom.dll
+ 2010-10-29 10:05 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2141007\spmsg.dll
+ 2010-10-29 10:23 . 2010-02-22 14:23	26488 c:\windows\$hf_mig$\KB2121546\update\spcustom.dll
+ 2010-10-29 10:23 . 2010-02-22 14:23	17272 c:\windows\$hf_mig$\KB2121546\spmsg.dll
+ 2010-10-29 10:31 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB2115168\update\spcustom.dll
+ 2010-10-29 10:31 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB2115168\spmsg.dll
+ 2010-10-29 10:27 . 2009-05-26 11:40	26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll
+ 2010-10-29 10:27 . 2009-05-26 11:40	17272 c:\windows\$hf_mig$\KB2079403\spmsg.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-06-02 22:45 . 2011-02-17 12:32	5120 c:\windows\system32\xpsp4res.dll
+ 2011-02-14 23:00 . 2011-02-14 23:00	2154 c:\windows\system32\wbers.dat
+ 2001-08-17 22:36 . 2009-11-27 16:07	8704 c:\windows\system32\tsbyuv.dll
+ 2009-12-31 03:44 . 2001-08-18 03:36	5632 c:\windows\system32\ptpusb.dll
+ 2009-12-29 06:53 . 2004-12-31 15:43	4682 c:\windows\system32\npptNT2.sys
+ 2002-04-05 01:00 . 2002-04-05 01:00	7680 c:\windows\system32\kbdhebz.dll
+ 2011-01-20 00:10 . 2006-11-02 21:31	3584 c:\windows\system32\drivers\shwMirror.sys
+ 2009-09-15 01:31 . 2008-11-20 19:19	9200 c:\windows\system32\drivers\cdralw2k.sys
+ 2009-09-15 01:31 . 2008-11-20 19:19	9072 c:\windows\system32\drivers\cdr4_xp.sys
+ 2001-08-17 22:36 . 2009-11-27 16:07	8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2009-07-31 13:28 . 2009-07-31 13:28	9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-05-07 20:00 . 2011-05-07 20:00	2855 c:\windows\PIF\SAS_83428242.PIF
+ 2011-01-20 00:38 . 2011-01-20 00:38	2855 c:\windows\PIF\SAS_460912D.PIF
+ 2011-01-19 04:14 . 2011-01-19 04:14	2855 c:\windows\PIF\SAS_050259.PIF
+ 2008-07-30 04:40 . 2008-07-30 04:40	5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16	5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2010-02-10 06:44 . 2009-11-27 16:07	8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-02-10 08:01 . 2001-08-18 03:36	8192 c:\windows\$NtUninstallKB977914$\tsbyuv.dll
+ 2011-04-15 07:04 . 2010-08-26 12:52	5120 c:\windows\$NtUninstallKB2508429$\xpsp4res.dll
+ 2010-10-29 10:01 . 2008-05-03 11:55	2560 c:\windows\$NtUninstallKB2360937$\xpsp4res.dll
+ 2010-10-29 10:31 . 2010-08-13 12:53	5120 c:\windows\$NtUninstallKB2345886$\xpsp4res.dll
+ 2010-10-28 11:36 . 2010-07-12 12:53	5120 c:\windows\$hf_mig$\KB979687\SP3QFE\xpsp4res.dll
+ 2010-02-10 06:44 . 2009-11-27 16:28	8704 c:\windows\$hf_mig$\KB977914\SP3QFE\tsbyuv.dll
+ 2011-04-15 04:45 . 2011-02-17 12:32	5120 c:\windows\$hf_mig$\KB2508429\SP3QFE\xpsp4res.dll
+ 2010-10-28 11:04 . 2010-08-13 12:53	5120 c:\windows\$hf_mig$\KB2360937\SP3QFE\xpsp4res.dll
+ 2010-10-28 11:36 . 2010-08-26 12:52	5120 c:\windows\$hf_mig$\KB2345886\SP3QFE\xpsp4res.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-06-14 03:11 . 2011-06-14 03:11	132096 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.1002.3_x-ww_88ef1b2a\rtcres.dll
+ 2011-06-14 03:11 . 2011-06-14 03:11	833536 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.1002.3_x-ww_021cfae0\dxmrtp.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcr90.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcp90.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcm90.dll
+ 2011-03-05 18:39 . 2011-03-05 18:39	653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2011-03-05 18:39 . 2011-03-05 18:39	569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2011-03-05 18:39 . 2011-03-05 18:39	225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2007-11-07 07:19 . 2007-11-07 07:19	655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 07:19 . 2007-11-07 07:19	568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-07 02:23 . 2007-11-07 02:23	224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_65b7a93a\atl90.dll
+ 2010-11-17 04:41 . 2010-11-17 04:41	159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2011-05-14 05:17 . 2011-05-14 05:17	632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 05:12 . 2011-05-14 05:12	554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 05:11 . 2011-05-14 05:11	479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
+ 2005-09-23 03:48 . 2005-09-23 03:48	626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2005-09-23 03:48 . 2005-09-23 03:48	548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2005-09-23 03:48 . 2005-09-23 03:48	479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2009-07-12 05:12 . 2009-07-12 05:12	632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 05:09 . 2009-07-12 05:09	554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 05:08 . 2009-07-12 05:08	479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2011-03-05 18:39 . 2011-03-05 18:39	624448 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcr90.dll
+ 2011-03-05 18:39 . 2011-03-05 18:39	853312 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcp90.dll
+ 2011-03-05 18:39 . 2011-03-05 18:39	245760 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcm90.dll
+ 2011-03-05 18:39 . 2011-03-05 18:39	176456 c:\windows\WinSxS\amd64_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_673f7fa2\atl90.dll
+ 2011-05-20 02:41 . 1996-07-18 17:06	297472 c:\windows\uninst.exe
+ 2008-05-28 18:41 . 2008-05-28 18:41	520192 c:\windows\twain_32\Lexmark\2600 Series\lxdnTWUI.dll
+ 2008-05-28 18:26 . 2008-05-28 18:26	311296 c:\windows\twain_32\Lexmark\2600 Series\lxdnTwPro.dll
+ 2007-10-12 23:24 . 2007-10-12 23:24	364544 c:\windows\twain_32\Lexmark\2600 Series\lxdnIPTK.dll
+ 2009-07-24 00:49 . 2009-07-24 00:49	782336 c:\windows\twain_32\Lexmark\2600 Series\lxdndrs.dll
+ 2008-07-30 02:26 . 2008-07-30 02:26	301568 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2009-11-07 19:06 . 2008-07-06 12:06	575488 c:\windows\system32\xpsshhdr.dll
+ 2011-06-03 21:00 . 2010-06-02 08:55	527192 c:\windows\system32\XAudio2_7.dll
+ 2011-06-03 21:00 . 2010-02-04 14:01	528216 c:\windows\system32\XAudio2_6.dll
+ 2011-06-03 21:00 . 2009-09-04 21:44	515416 c:\windows\system32\XAudio2_5.dll
+ 2011-06-03 21:00 . 2009-03-16 18:18	517448 c:\windows\system32\XAudio2_4.dll
+ 2011-06-03 21:00 . 2008-10-27 14:04	514384 c:\windows\system32\XAudio2_3.dll
+ 2011-06-03 21:00 . 2008-07-31 14:40	509448 c:\windows\system32\XAudio2_2.dll
+ 2011-06-03 21:00 . 2008-05-30 18:19	507400 c:\windows\system32\XAudio2_1.dll
+ 2011-06-03 21:00 . 2008-03-05 20:03	479752 c:\windows\system32\XAudio2_0.dll
+ 2011-06-03 21:00 . 2010-06-02 08:55	239960 c:\windows\system32\xactengine3_7.dll
+ 2011-06-03 21:00 . 2010-02-04 14:01	238936 c:\windows\system32\xactengine3_6.dll
+ 2011-06-03 21:00 . 2009-09-04 21:44	238936 c:\windows\system32\xactengine3_5.dll
+ 2011-06-03 21:00 . 2009-03-16 18:18	235352 c:\windows\system32\xactengine3_4.dll
+ 2011-06-03 21:00 . 2008-10-27 14:04	235856 c:\windows\system32\xactengine3_3.dll
+ 2011-06-03 21:00 . 2008-07-31 14:41	238088 c:\windows\system32\xactengine3_2.dll
+ 2011-06-03 21:00 . 2008-05-30 18:18	238088 c:\windows\system32\xactengine3_1.dll
+ 2011-06-03 21:00 . 2008-03-05 20:03	238088 c:\windows\system32\xactengine3_0.dll
+ 2011-06-03 21:00 . 2007-07-20 04:57	267112 c:\windows\system32\xactengine2_9.dll
+ 2011-06-03 21:00 . 2007-06-21 00:46	266088 c:\windows\system32\xactengine2_8.dll
+ 2011-06-03 21:00 . 2007-04-04 22:55	261480 c:\windows\system32\xactengine2_7.dll
+ 2011-06-03 21:00 . 2007-01-24 19:27	255848 c:\windows\system32\xactengine2_6.dll
+ 2011-06-03 21:00 . 2006-12-08 16:02	251672 c:\windows\system32\xactengine2_5.dll
+ 2011-06-03 21:00 . 2007-10-22 07:39	267272 c:\windows\system32\xactengine2_10.dll
+ 2009-06-02 21:41 . 2009-08-06 23:24	209632 c:\windows\system32\wuweb.dll
+ 2009-06-02 21:41 . 2009-08-06 23:24	327896 c:\windows\system32\wucltui.dll
+ 2009-06-02 21:41 . 2009-08-06 23:23	575704 c:\windows\system32\wuapi.dll
+ 2010-06-25 17:07 . 2010-06-25 17:07	281104 c:\windows\system32\wpcap.dll
+ 2004-08-04 12:00 . 2009-04-02 03:02	604160 c:\windows\system32\wmspdmod.dll
+ 2010-10-29 12:37 . 2008-04-14 09:42	221184 c:\windows\system32\wmpns.dll
+ 2011-05-18 00:52 . 2009-11-08 06:41	581192 c:\windows\system32\WinUSBCoInstaller.dll
+ 2004-08-04 12:00 . 2009-12-24 06:59	177664 c:\windows\system32\wintrust.dll
+ 2004-08-04 12:00 . 2009-08-25 09:17	354816 c:\windows\system32\winhttp.dll
+ 2006-10-23 17:45 . 2011-03-04 06:37	420864 c:\windows\system32\vbscript.dll
+ 1998-06-18 03:00 . 1998-06-18 03:00	102912 c:\windows\system32\VB6STKIT.DLL
- 2004-08-04 12:00 . 2008-04-14 09:42	406016 c:\windows\system32\usp10.dll
+ 2004-08-04 12:00 . 2010-04-16 15:36	406016 c:\windows\system32\usp10.dll
- 2004-08-04 12:00 . 2009-03-08 08:34	105984 c:\windows\system32\url.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36	105984 c:\windows\system32\url.dll
+ 2008-07-30 00:59 . 2008-07-30 00:59	161296 c:\windows\system32\UIAutomationCore.dll
+ 2009-12-15 22:21 . 2009-12-15 22:21	427008 c:\windows\system32\uc_wepic_launching.dll
- 2006-10-23 17:45 . 2009-06-16 14:36	119808 c:\windows\system32\t2embed.dll
+ 2006-10-23 17:45 . 2010-08-27 08:02	119808 c:\windows\system32\t2embed.dll
- 2004-08-04 12:00 . 2008-10-03 10:02	247326 c:\windows\system32\strmdll.dll
+ 2004-08-04 12:00 . 2009-08-26 08:00	247326 c:\windows\system32\strmdll.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2009-11-07 19:06 . 2008-07-06 10:50	597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
+ 2009-08-13 17:02 . 2009-08-13 17:02	147968 c:\windows\system32\spool\prtprocs\w32x86\lxdndrpp.dll
+ 2009-06-17 19:20 . 2009-06-17 19:20	122880 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnxmlu.dll
+ 2007-11-21 12:01 . 2007-11-21 12:01	135168 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnwbgw.exe
+ 2008-04-01 18:34 . 2008-04-01 18:34	343086 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnwavs.exe
+ 2009-07-14 14:03 . 2009-07-14 14:03	540672 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnutil.dll
+ 2007-11-21 12:02 . 2007-11-21 12:02	114688 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnuplr.dll
+ 2009-07-14 14:09 . 2009-07-14 14:09	126976 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnupdb.dll
+ 2009-04-28 14:58 . 2009-04-28 14:58	364544 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnuldr.dll
+ 2008-04-01 18:34 . 2008-04-01 18:34	253952 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnsk0.dll
+ 2009-04-28 14:58 . 2009-04-28 14:58	327680 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnretv.dll
+ 2009-05-27 13:58 . 2009-05-27 13:58	811008 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnptpc.dll
+ 2009-07-14 12:24 . 2009-07-14 12:24	745472 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnpswx.exe
+ 2009-07-14 14:10 . 2009-07-14 14:10	139264 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnpswr.dll
+ 2009-07-14 14:05 . 2009-07-14 14:05	692224 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnpsw.dll
+ 2009-07-14 14:10 . 2009-07-14 14:10	155648 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnprpr.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	933888 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnprp.dll
+ 2009-07-14 12:23 . 2009-07-14 12:23	548864 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnppx.dll
+ 2009-07-14 14:10 . 2009-07-14 14:10	237568 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnlpar.dll
+ 2006-12-07 08:28 . 2006-12-07 08:28	126976 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnlnks.dll
+ 2009-07-14 12:25 . 2009-07-14 12:25	700416 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnjswx.exe
+ 2009-07-14 14:10 . 2009-07-14 14:10	147456 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnjswr.dll
+ 2009-07-14 14:08 . 2009-07-14 14:08	688128 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnjswb.dll
+ 2009-07-14 14:05 . 2009-07-14 14:05	192512 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnjsw.dll
+ 2009-07-14 14:10 . 2009-07-14 14:10	106496 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdninsr.dll
+ 2009-07-14 14:08 . 2009-07-14 14:08	200704 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdninsb.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	176128 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnins.dll
+ 2007-01-08 19:33 . 2007-01-08 19:33	253952 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnibuf.dll
+ 2007-11-28 20:09 . 2007-11-28 20:09	438272 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnhcp.dll
+ 2008-04-01 18:34 . 2008-04-01 18:34	983121 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdngf.dll
+ 2007-08-14 08:01 . 2007-08-14 08:01	434176 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnedf.dll
+ 2009-08-13 17:03 . 2009-08-13 17:03	162304 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdndrui.dll
+ 2009-08-13 17:02 . 2009-08-13 17:02	230400 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdndr.dll
+ 2007-05-29 12:39 . 2007-05-29 12:39	589824 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdndatr.dll
+ 2009-07-14 12:24 . 2009-07-14 12:24	335872 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdncomx.dll
+ 2007-11-05 11:30 . 2007-11-05 11:30	111067 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdncfgx.exe
+ 2009-06-02 21:53 . 2008-03-13 04:52	761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
- 2009-06-02 21:53 . 2007-05-15 17:38	761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2009-06-02 21:53 . 2008-07-06 12:06	744960  c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
- 2009-06-02 21:53 . 2008-04-14 09:42	373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2009-06-02 21:53 . 2008-07-06 12:06	373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2009-06-17 19:20 . 2009-06-17 19:20	122880 c:\windows\system32\spool\drivers\w32x86\3\lxdnxmlu.dll
+ 2007-11-21 12:01 . 2007-11-21 12:01	135168 c:\windows\system32\spool\drivers\w32x86\3\lxdnwbgw.exe
+ 2008-04-01 18:34 . 2008-04-01 18:34	343086 c:\windows\system32\spool\drivers\w32x86\3\lxdnwavs.exe
+ 2009-07-14 14:03 . 2009-07-14 14:03	540672 c:\windows\system32\spool\drivers\w32x86\3\lxdnutil.dll
+ 2007-11-21 12:02 . 2007-11-21 12:02	114688 c:\windows\system32\spool\drivers\w32x86\3\lxdnuplr.dll
+ 2009-07-14 14:09 . 2009-07-14 14:09	126976 c:\windows\system32\spool\drivers\w32x86\3\lxdnupdb.dll
+ 2009-04-28 14:58 . 2009-04-28 14:58	364544 c:\windows\system32\spool\drivers\w32x86\3\lxdnuldr.dll
+ 2008-04-01 18:34 . 2008-04-01 18:34	253952 c:\windows\system32\spool\drivers\w32x86\3\lxdnsk0.dll
+ 2009-04-28 14:58 . 2009-04-28 14:58	327680 c:\windows\system32\spool\drivers\w32x86\3\lxdnretv.dll
+ 2009-05-27 13:58 . 2009-05-27 13:58	811008 c:\windows\system32\spool\drivers\w32x86\3\lxdnptpc.dll
+ 2009-07-14 12:24 . 2009-07-14 12:24	745472 c:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe
+ 2009-07-14 14:10 . 2009-07-14 14:10	139264 c:\windows\system32\spool\drivers\w32x86\3\lxdnpswr.dll
+ 2009-07-14 14:05 . 2009-07-14 14:05	692224 c:\windows\system32\spool\drivers\w32x86\3\lxdnpsw.dll
+ 2009-07-14 14:10 . 2009-07-14 14:10	155648 c:\windows\system32\spool\drivers\w32x86\3\lxdnprpr.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	933888 c:\windows\system32\spool\drivers\w32x86\3\lxdnprp.dll
+ 2009-07-14 12:23 . 2009-07-14 12:23	548864 c:\windows\system32\spool\drivers\w32x86\3\lxdnppx.dll
+ 2009-07-14 14:10 . 2009-07-14 14:10	237568 c:\windows\system32\spool\drivers\w32x86\3\lxdnlpar.dll
+ 2006-12-07 08:28 . 2006-12-07 08:28	126976 c:\windows\system32\spool\drivers\w32x86\3\lxdnlnks.dll
+ 2009-07-14 12:25 . 2009-07-14 12:25	700416 c:\windows\system32\spool\drivers\w32x86\3\lxdnjswx.exe
+ 2009-07-14 14:10 . 2009-07-14 14:10	147456 c:\windows\system32\spool\drivers\w32x86\3\lxdnjswr.dll
+ 2009-07-14 14:08 . 2009-07-14 14:08	688128 c:\windows\system32\spool\drivers\w32x86\3\lxdnjswb.dll
+ 2009-07-14 14:05 . 2009-07-14 14:05	192512 c:\windows\system32\spool\drivers\w32x86\3\lxdnjsw.dll
+ 2009-07-14 14:10 . 2009-07-14 14:10	106496 c:\windows\system32\spool\drivers\w32x86\3\lxdninsr.dll
+ 2009-07-14 14:08 . 2009-07-14 14:08	200704 c:\windows\system32\spool\drivers\w32x86\3\lxdninsb.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	176128 c:\windows\system32\spool\drivers\w32x86\3\lxdnins.dll
+ 2007-01-08 19:33 . 2007-01-08 19:33	253952 c:\windows\system32\spool\drivers\w32x86\3\lxdnibuf.dll
+ 2007-11-28 20:09 . 2007-11-28 20:09	438272 c:\windows\system32\spool\drivers\w32x86\3\lxdnhcp.dll
+ 2008-04-01 18:34 . 2008-04-01 18:34	983121 c:\windows\system32\spool\drivers\w32x86\3\lxdngf.dll
+ 2007-08-14 08:01 . 2007-08-14 08:01	434176 c:\windows\system32\spool\drivers\w32x86\3\lxdnedf.dll
+ 2009-08-13 17:03 . 2009-08-13 17:03	162304 c:\windows\system32\spool\drivers\w32x86\3\lxdndrui.dll
+ 2009-08-13 17:02 . 2009-08-13 17:02	230400 c:\windows\system32\spool\drivers\w32x86\3\lxdndr.dll
+ 2007-05-29 12:39 . 2007-05-29 12:39	589824 c:\windows\system32\spool\drivers\w32x86\3\lxdndatr.dll
+ 2009-07-14 12:24 . 2009-07-14 12:24	335872 c:\windows\system32\spool\drivers\w32x86\3\lxdncomx.dll
+ 2007-11-05 11:30 . 2007-11-05 11:30	111067 c:\windows\system32\spool\drivers\w32x86\3\lxdncfgx.exe
+ 2004-08-04 12:00 . 2009-07-27 23:17	135168 c:\windows\system32\shsvcs.dll
- 2004-08-04 12:00 . 2008-04-14 09:42	135168 c:\windows\system32\shsvcs.dll
+ 2006-10-23 17:45 . 2009-12-08 09:23	474112 c:\windows\system32\shlwapi.dll
- 2006-10-23 17:45 . 2008-04-14 09:42	474112 c:\windows\system32\shlwapi.dll
+ 2004-08-04 12:00 . 2011-01-21 14:44	439296 c:\windows\system32\shimgvw.dll
+ 2004-08-04 12:00 . 2011-04-29 17:25	151552 c:\windows\system32\schannel.dll
+ 2004-08-04 12:00 . 2011-02-09 13:53	270848 c:\windows\system32\sbe.dll
- 2004-08-04 12:00 . 2008-04-14 09:42	270848 c:\windows\system32\sbe.dll
+ 2006-10-23 17:45 . 2010-08-16 08:45	590848 c:\windows\system32\rpcrt4.dll
+ 2006-08-24 21:15 . 2006-08-24 21:15	150808 c:\windows\system32\rgb9rast_2.dll
+ 2009-10-04 02:46 . 2008-12-04 13:17	627072 c:\windows\system32\ReinstallBackups\0021\DriverFiles\rt2870.sys
+ 2009-10-04 02:46 . 2008-12-04 13:17	221184 c:\windows\system32\ReinstallBackups\0021\DriverFiles\RaCoInst.dll
+ 2009-10-03 02:52 . 2008-12-04 13:17	627072 c:\windows\system32\ReinstallBackups\0020\DriverFiles\rt2870.sys
+ 2009-10-03 02:47 . 2008-12-04 13:17	627072 c:\windows\system32\ReinstallBackups\0019\DriverFiles\rt2870.sys
+ 2004-08-04 12:00 . 2009-10-12 13:38	149504 c:\windows\system32\rastls.dll
+ 2009-10-03 00:58 . 2008-12-04 13:17	221184 c:\windows\system32\RaCoInst.dll
+ 2009-09-15 01:31 . 2008-11-20 19:19	379376 c:\windows\system32\pxwave.dll
+ 2009-09-15 01:31 . 2008-11-20 19:19	186864 c:\windows\system32\pxmas.dll
+ 2009-09-15 01:31 . 2008-11-20 19:19	543216 c:\windows\system32\pxdrv.dll
+ 2009-09-15 01:31 . 2008-11-20 19:19	588272 c:\windows\system32\px.dll
+ 2009-12-31 03:44 . 2008-04-14 10:42	159232 c:\windows\system32\ptpusd.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	117760 c:\windows\system32\prntvpt.dll
+ 2008-07-30 00:59 . 2008-07-30 00:59	781344 c:\windows\system32\PresentationNative_v0300.dll
+ 2010-03-31 07:10 . 2010-03-31 07:10	295264 c:\windows\system32\PresentationHost.exe
+ 2008-07-30 00:59 . 2008-07-30 00:59	105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2004-08-04 12:00 . 2011-08-20 22:09	444818 c:\windows\system32\perfh009.dat
+ 2010-06-25 17:07 . 2010-06-25 17:07	100880 c:\windows\system32\Packet.dll
+ 2004-08-04 12:00 . 2010-12-20 17:32	551936 c:\windows\system32\oleaut32.dll
- 2004-08-04 12:00 . 2008-04-14 09:42	551936 c:\windows\system32\oleaut32.dll
+ 2004-08-04 12:00 . 2010-11-09 14:52	249856 c:\windows\system32\odbc32.dll
- 2004-08-04 12:00 . 2008-04-14 09:42	249856 c:\windows\system32\odbc32.dll
- 2004-08-04 12:00 . 2009-07-03 17:09	206848 c:\windows\system32\occache.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36	206848 c:\windows\system32\occache.dll
+ 2006-10-23 17:44 . 2009-10-13 10:30	270336 c:\windows\system32\oakley.dll
- 2006-10-23 17:44 . 2008-04-14 09:42	270336 c:\windows\system32\oakley.dll
+ 2004-08-04 12:00 . 2010-12-09 15:15	718336  c:\windows\system32\ntdll.dll
+ 2006-10-23 17:44 . 2009-08-06 23:23	215920 c:\windows\system32\muweb.dll
+ 2009-06-03 03:01 . 2009-08-06 23:23	274288 c:\windows\system32\mucltui.dll
- 2004-08-04 12:00 . 2008-06-20 17:46	245248 c:\windows\system32\mswsock.dll
+ 2004-08-04 12:00 . 2008-06-20 16:02	245248 c:\windows\system32\mswsock.dll
+ 2009-07-31 12:47 . 2009-07-31 12:47	348160 c:\windows\system32\msvcr71.dll
+ 2009-07-31 12:47 . 2009-07-31 12:47	499712 c:\windows\system32\msvcp71.dll
- 2004-08-04 12:00 . 2009-06-25 08:25	136192 c:\windows\system32\msv1_0.dll
+ 2004-08-04 12:00 . 2009-09-11 14:18	136192 c:\windows\system32\msv1_0.dll
+ 2009-06-02 21:40 . 2011-01-27 11:57	677888 c:\windows\system32\mstsc.exe
- 2009-06-02 21:40 . 2008-04-14 09:42	677888 c:\windows\system32\mstsc.exe
+ 2006-10-23 17:44 . 2011-06-23 18:36	611840 c:\windows\system32\mstime.dll
- 2006-10-23 17:44 . 2009-03-08 08:32	611840 c:\windows\system32\mstime.dll
+ 2009-06-02 21:40 . 2009-12-16 18:43	343040 c:\windows\system32\mspaint.exe
- 2009-06-02 21:40 . 2008-04-14 09:42	343040 c:\windows\system32\mspaint.exe
+ 2004-08-04 00:56 . 2008-04-14 10:42	294912 c:\windows\system32\msh263.drv
- 2004-08-04 00:56 . 2008-04-14 09:42	294912 c:\windows\system32\msh263.drv
+ 2009-03-08 08:32 . 2011-06-23 18:36	602112 c:\windows\system32\msfeeds.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	158720 c:\windows\system32\mscorier.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07	297808 c:\windows\system32\mscoree.dll
- 2006-10-19 01:47 . 2006-10-19 01:47	317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-19 01:47 . 2010-03-30 19:24	317440 c:\windows\system32\mp4sdecd.dll
+ 2004-08-04 12:00 . 2011-02-08 23:03	974848 c:\windows\system32\mfc42u.dll
+ 2004-08-04 12:00 . 2011-02-08 13:33	978944 c:\windows\system32\mfc42.dll
+ 2004-08-04 12:00 . 2010-09-18 06:53	953856 c:\windows\system32\mfc40u.dll
+ 2004-08-04 12:00 . 2010-09-18 06:53	954368 c:\windows\system32\mfc40.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00	180224 c:\windows\system32\Macromed\Shockwave 10\Proj.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00	475136 c:\windows\system32\Macromed\Shockwave 10\PluginPing.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00	339968 c:\windows\system32\Macromed\Shockwave 10\Plugin.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00	606208 c:\windows\system32\Macromed\Shockwave 10\iml32X.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00	581632 c:\windows\system32\Macromed\Shockwave 10\Control.dll
+ 2011-06-11 00:15 . 2011-06-11 00:15	240288 c:\windows\system32\Macromed\Flash\FlashUtil10s_ActiveX.exe
+ 2011-06-11 00:15 . 2011-06-11 00:15	321184 c:\windows\system32\Macromed\Flash\FlashUtil10s_ActiveX.dll
+ 2011-06-03 21:36 . 2011-06-03 21:36	239776 c:\windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe
+ 2009-07-14 14:03 . 2009-07-14 14:03	540672 c:\windows\system32\lxdnutil.dll
+ 2007-11-28 20:12 . 2007-11-28 20:12	843776 c:\windows\system32\lxdnusb1.dll
+ 2007-11-28 20:19 . 2007-11-28 20:19	647168 c:\windows\system32\lxdnpmui.dll
+ 2007-11-28 20:13 . 2007-11-28 20:13	569344 c:\windows\system32\lxdnlmpm.dll
+ 2009-07-14 14:10 . 2009-07-14 14:10	147456 c:\windows\system32\lxdnjswr.dll
+ 2009-07-14 14:10 . 2009-07-14 14:10	106496 c:\windows\system32\lxdninsr.dll
+ 2009-07-14 14:08 . 2009-07-14 14:08	200704 c:\windows\system32\lxdninsb.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	176128 c:\windows\system32\lxdnins.dll
+ 2007-11-28 20:09 . 2007-11-28 20:09	364544 c:\windows\system32\lxdninpa.dll
+ 2007-11-28 20:12 . 2007-11-28 20:12	315392 c:\windows\system32\lxdnih.exe
+ 2007-11-28 20:13 . 2007-11-28 20:13	339968 c:\windows\system32\lxdniesc.dll
+ 2007-11-28 20:12 . 2007-11-28 20:12	663552 c:\windows\system32\lxdnhbn3.dll
+ 2009-07-14 14:02 . 2009-07-14 14:02	208896 c:\windows\system32\lxdngrd.dll
+ 2008-04-01 18:34 . 2008-04-01 18:34	983121 c:\windows\system32\lxdngf.dll
+ 2009-07-24 00:49 . 2009-07-24 00:49	782336 c:\windows\system32\lxdndrs.dll
+ 2007-11-28 20:12 . 2007-11-28 20:12	589824 c:\windows\system32\lxdncoms.exe
+ 2007-11-28 20:13 . 2007-11-28 20:13	376832 c:\windows\system32\lxdncomm.dll
+ 2007-11-28 20:11 . 2007-11-28 20:11	851968 c:\windows\system32\lxdncomc.dll
+ 2009-10-20 22:59 . 2009-10-20 22:59	409600 c:\windows\system32\lxdncoin.dll
+ 2007-11-28 20:13 . 2007-11-28 20:13	360448 c:\windows\system32\lxdncfg.exe
- 2006-10-23 17:43 . 2009-06-25 08:25	730112 c:\windows\system32\lsasrv.dll
+ 2006-10-23 17:43 . 2010-12-20 17:26	730112 c:\windows\system32\lsasrv.dll
- 2006-10-23 17:43 . 2009-06-25 08:25	301568 c:\windows\system32\kerberos.dll
+ 2006-10-23 17:43 . 2010-12-22 12:34	301568 c:\windows\system32\kerberos.dll
+ 2006-10-23 17:43 . 2011-03-04 06:37	726528 c:\windows\system32\jscript.dll
- 2006-10-23 17:43 . 2009-06-22 06:44	726528 c:\windows\system32\jscript.dll
+ 2011-06-18 21:58 . 2011-05-04 08:52	157472 c:\windows\system32\javaws.exe
+ 2011-06-18 21:58 . 2011-05-04 08:52	145184 c:\windows\system32\javaw.exe
+ 2011-06-18 21:58 . 2011-05-04 08:52	145184 c:\windows\system32\java.exe
+ 2009-06-02 21:41 . 2011-05-02 15:31	692736 c:\windows\system32\inetcomm.dll
+ 2009-11-13 22:57 . 2009-11-13 22:57	922112 c:\windows\system32\imapi2fs.dll
+ 2009-11-13 22:57 . 2009-11-13 22:57	426496 c:\windows\system32\imapi2.dll
+ 2011-02-01 16:54 . 2010-03-24 21:57	713312 c:\windows\system32\ijjiSetup.exe
- 2006-10-23 17:43 . 2009-07-03 17:09	184320 c:\windows\system32\iepeers.dll
+ 2006-10-23 17:43 . 2011-06-23 18:36	184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2011-06-23 18:36	387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2011-06-23 12:05	173568 c:\windows\system32\ie4uinit.exe
+ 2008-07-30 00:24 . 2008-07-30 00:24	622080 c:\windows\system32\icardagt.exe
+ 2009-06-02 17:33 . 2011-07-14 23:00	362528 c:\windows\system32\FNTCACHE.DAT
+ 2008-07-30 02:10 . 2008-07-30 02:10	493048 c:\windows\system32\evr.dll
+ 2004-08-04 12:00 . 2011-02-09 13:53	186880 c:\windows\system32\encdec.dll
- 2004-08-04 12:00 . 2008-04-14 09:41	186880 c:\windows\system32\encdec.dll
+ 2009-10-03 00:57 . 2008-12-04 13:17	627072 c:\windows\system32\DRVSTORE\rt2870_5954B493B0C8D1AABA9F1868B686DAD0107D2009\rt2870.sys
+ 2009-10-03 00:57 . 2008-12-04 13:17	221184 c:\windows\system32\DRVSTORE\rt2870_5954B493B0C8D1AABA9F1868B686DAD0107D2009\RaCoInst.dll
+ 2009-10-03 00:58 . 2008-12-04 13:17	627072 c:\windows\system32\drivers\WUSB54GCv3.sys
+ 2008-03-27 20:27 . 2008-03-27 20:27	503008 c:\windows\system32\drivers\wdf01000.sys
+ 2006-10-23 17:45 . 2010-02-11 12:02	226880 c:\windows\system32\drivers\tcpip6.sys
+ 2006-10-23 17:45 . 2011-02-17 13:18	357888 c:\windows\system32\drivers\srv.sys
+ 2006-10-23 17:44 . 2011-04-21 13:37	105472 c:\windows\system32\drivers\mup.sys
- 2004-08-03 23:15 . 2008-04-14 04:46	141056 c:\windows\system32\drivers\ks.sys
+ 2004-08-03 23:15 . 2008-04-14 05:46	141056 c:\windows\system32\drivers\ks.sys
+ 2006-10-23 17:43 . 2009-10-20 16:20	265728 c:\windows\system32\drivers\http.sys
+ 2009-11-11 03:31 . 2008-03-11 13:14	941784 c:\windows\system32\drivers\CAMTHWDM.sys
- 2004-08-04 12:00 . 2008-08-14 10:04	138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-04 12:00 . 2011-02-16 13:22	138496 c:\windows\system32\drivers\afd.sys
+ 2006-10-23 17:43 . 2011-03-03 06:55	149504 c:\windows\system32\dnsapi.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	575488 c:\windows\system32\dllcache\xpsshhdr.dll
+ 2009-06-02 21:41 . 2009-08-06 23:24	209632 c:\windows\system32\dllcache\wuweb.dll
+ 2009-06-02 21:41 . 2009-08-06 23:24	327896 c:\windows\system32\dllcache\wucltui.dll
+ 2009-06-02 21:41 . 2009-08-06 23:23	575704 c:\windows\system32\dllcache\wuapi.dll
+ 2009-06-02 22:45 . 2010-07-12 12:55	218112 c:\windows\system32\dllcache\wordpad.exe
+ 2004-08-04 12:00 . 2009-04-02 03:02	604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2010-10-28 11:05 . 2009-12-24 06:59	177664 c:\windows\system32\dllcache\wintrust.dll
+ 2010-10-28 11:36 . 2011-06-20 17:44	293376 c:\windows\system32\dllcache\winsrv.dll
+ 2009-06-02 22:46 . 2011-06-23 18:36	916480 c:\windows\system32\dllcache\wininet.dll
+ 2009-06-02 22:45 . 2009-08-25 09:17	354816 c:\windows\system32\dllcache\winhttp.dll
+ 2009-03-08 08:33 . 2011-04-30 03:01	758784 c:\windows\system32\dllcache\vgx.dll
+ 2009-06-02 22:43 . 2011-03-04 06:37	420864 c:\windows\system32\dllcache\vbscript.dll
+ 2010-10-28 11:35 . 2010-04-16 15:36	406016 c:\windows\system32\dllcache\usp10.dll
+ 2009-03-08 08:34 . 2011-06-23 18:36	105984 c:\windows\system32\dllcache\url.dll
- 2009-03-08 08:34 . 2009-03-08 08:34	105984 c:\windows\system32\dllcache\url.dll
+ 2009-06-02 22:43 . 2010-02-11 12:02	226880 c:\windows\system32\dllcache\tcpip6.sys
- 2009-07-21 21:41 . 2009-06-16 14:36	119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-07-21 21:41 . 2010-08-27 08:02	119808 c:\windows\system32\dllcache\t2embed.dll
- 2004-08-04 12:00 . 2008-10-03 10:02	247326 c:\windows\system32\dllcache\strmdll.dll
+ 2004-08-04 12:00 . 2009-08-26 08:00	247326 c:\windows\system32\dllcache\strmdll.dll
+ 2009-06-02 22:44 . 2011-02-17 13:18	357888 c:\windows\system32\dllcache\srv.sys
+ 2011-03-15 22:33 . 2009-07-27 23:17	135168 c:\windows\system32\dllcache\shsvcs.dll
- 2009-01-07 22:20 . 2009-01-07 22:20	474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2009-01-07 22:20 . 2009-12-08 09:23	474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2011-02-09 19:21 . 2011-01-21 14:44	439296 c:\windows\system32\dllcache\shimgvw.dll
+ 2009-06-02 22:44 . 2011-04-29 17:25	151552 c:\windows\system32\dllcache\schannel.dll
+ 2011-03-09 19:36 . 2011-02-09 13:53	270848 c:\windows\system32\dllcache\sbe.dll
+ 2009-06-11 05:22 . 2010-08-16 08:45	590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2009-12-10 10:06 . 2009-10-12 13:38	149504 c:\windows\system32\dllcache\rastls.dll
+ 2009-11-07 19:06 . 2008-07-06 10:50	597504 c:\windows\system32\dllcache\printfilterpipelinesvc.exe
+ 2011-06-15 11:17 . 2010-12-20 17:32	551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2011-01-12 11:17 . 2010-11-09 14:52	249856 c:\windows\system32\dllcache\odbc32.dll
- 2009-03-08 08:34 . 2009-07-03 17:09	206848 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 08:34 . 2011-06-23 18:36	206848 c:\windows\system32\dllcache\occache.dll
+ 2009-12-10 10:06 . 2009-10-13 10:30	270336 c:\windows\system32\dllcache\oakley.dll
+ 2009-06-02 22:45 . 2010-12-09 15:15	718336 c:\windows\system32\dllcache\ntdll.dll
+ 2011-06-15 11:16 . 2011-04-21 13:37	105472 c:\windows\system32\dllcache\mup.sys
+ 2009-06-02 22:43 . 2008-06-20 16:02	245248 c:\windows\system32\dllcache\mswsock.dll
- 2009-06-02 22:43 . 2008-06-20 17:46	245248 c:\windows\system32\dllcache\mswsock.dll
+ 2009-08-26 20:56 . 2009-09-11 14:18	136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-08-26 20:56 . 2009-06-25 08:25	136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-03-08 08:32 . 2009-03-08 08:32	611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 08:32 . 2011-06-23 18:36	611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-06-02 21:40 . 2009-12-16 18:43	343040 c:\windows\system32\dllcache\mspaint.exe
- 2009-06-02 21:40 . 2008-04-14 09:42	343040 c:\windows\system32\dllcache\mspaint.exe
+ 2011-01-12 11:17 . 2010-11-09 14:52	102400 c:\windows\system32\dllcache\msjro.dll
+ 2009-07-29 10:40 . 2011-06-23 18:36	602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2011-01-12 11:17 . 2010-11-09 14:52	200704 c:\windows\system32\dllcache\msadox.dll
+ 2011-01-12 11:17 . 2010-11-09 14:52	180224 c:\windows\system32\dllcache\msadomd.dll
+ 2011-01-12 11:17 . 2010-11-09 14:52	536576 c:\windows\system32\dllcache\msado15.dll
+ 2011-01-12 11:17 . 2010-11-09 14:52	143360 c:\windows\system32\dllcache\msadco.dll
+ 2009-06-02 22:44 . 2011-07-15 13:29	456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-03-30 19:24 . 2010-03-30 19:24	317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2010-09-18 19:23 . 2011-02-08 23:03	974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2010-10-28 11:33 . 2011-02-08 13:33	978944 c:\windows\system32\dllcache\mfc42.dll
+ 2010-10-28 11:33 . 2010-09-18 06:53	953856 c:\windows\system32\dllcache\mfc40u.dll
+ 2004-08-04 12:00 . 2010-09-18 06:53	954368 c:\windows\system32\dllcache\mfc40.dll
+ 2009-06-02 22:45 . 2010-12-20 17:26	730112 c:\windows\system32\dllcache\lsasrv.dll
- 2009-06-02 22:45 . 2009-06-25 08:25	730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2011-03-09 19:36 . 2011-01-27 11:57	677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2004-08-03 23:15 . 2008-04-14 05:46	141056 c:\windows\system32\dllcache\ks.sys
- 2004-08-03 23:15 . 2008-04-14 04:46	141056 c:\windows\system32\dllcache\ks.sys
+ 2009-08-26 20:56 . 2010-12-22 12:34	301568 c:\windows\system32\dllcache\kerberos.dll
- 2009-08-26 20:56 . 2009-06-25 08:25	301568 c:\windows\system32\dllcache\kerberos.dll
- 2009-06-02 22:43 . 2009-06-22 06:44	726528 c:\windows\system32\dllcache\jscript.dll
+ 2009-06-02 22:43 . 2011-03-04 06:37	726528 c:\windows\system32\dllcache\jscript.dll
+ 2009-06-02 22:43 . 2011-05-02 15:31	692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-11-13 22:57 . 2009-11-13 22:57	922112 c:\windows\system32\dllcache\imapi2fs.dll
+ 2009-11-13 22:57 . 2009-11-13 22:57	426496 c:\windows\system32\dllcache\imapi2.dll
+ 2009-06-11 05:22 . 2011-06-23 18:36	247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-03-08 08:31 . 2009-07-03 17:09	184320 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 08:31 . 2011-06-23 18:36	184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-10-28 11:20 . 2011-06-23 18:36	743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2009-03-08 18:09 . 2011-06-23 18:36	387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 08:32 . 2011-06-23 12:05	173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-12-10 10:07 . 2009-10-20 16:20	265728 c:\windows\system32\dllcache\http.sys
+ 2010-10-28 11:27 . 2010-06-14 14:31	744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2011-03-09 19:36 . 2011-02-09 13:53	186880 c:\windows\system32\dllcache\encdec.dll
+ 2009-06-02 22:43 . 2011-03-03 06:55	149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2010-10-28 11:30 . 2010-08-23 16:12	617472 c:\windows\system32\dllcache\comctl32.dll
+ 2010-10-28 11:37 . 2011-02-15 12:56	290432 c:\windows\system32\dllcache\atmfd.dll
- 2009-06-02 22:43 . 2008-08-14 10:04	138496 c:\windows\system32\dllcache\afd.sys
+ 2009-06-02 22:43 . 2011-02-16 13:22	138496 c:\windows\system32\dllcache\afd.sys
+ 2010-01-13 05:17 . 2009-11-21 15:51	471552 c:\windows\system32\dllcache\aclayers.dll
+ 2010-10-28 11:36 . 2010-02-12 04:33	100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2010-07-12 12:39 . 2010-07-12 12:39	159838 c:\windows\system32\DirShowEXDD.dll
+ 2005-02-28 15:50 . 2005-02-28 15:50	240640 c:\windows\system32\diCryptoSys.dll
+ 2004-05-26 12:37 . 2004-05-26 12:37	719872 c:\windows\system32\devil.dll
+ 2011-02-01 18:52 . 2011-05-04 08:52	472808 c:\windows\system32\deployJava1.dll
+ 2011-06-19 20:19 . 2009-01-26 03:36	679936 c:\windows\system32\D3DX81ab.dll
+ 2011-06-03 21:00 . 2010-05-26 15:41	248672 c:\windows\system32\d3dx11_43.dll
+ 2011-06-03 21:00 . 2009-09-04 21:29	235344 c:\windows\system32\d3dx11_42.dll
+ 2011-06-03 21:00 . 2010-05-26 15:41	470880 c:\windows\system32\d3dx10_43.dll
+ 2011-06-03 21:00 . 2009-09-04 21:29	453456 c:\windows\system32\d3dx10_42.dll
+ 2011-06-03 21:00 . 2009-03-09 19:27	453456 c:\windows\system32\d3dx10_41.dll
+ 2011-06-03 21:00 . 2008-10-10 08:52	452440 c:\windows\system32\d3dx10_40.dll
+ 2011-06-03 21:00 . 2008-07-10 15:01	467984 c:\windows\system32\d3dx10_39.dll
+ 2011-06-03 21:00 . 2008-05-30 18:11	467984 c:\windows\system32\d3dx10_38.dll
+ 2011-06-03 21:00 . 2008-02-06 03:07	462864 c:\windows\system32\d3dx10_37.dll
+ 2011-06-03 21:00 . 2007-10-02 13:56	444776 c:\windows\system32\d3dx10_36.dll
+ 2011-06-03 21:00 . 2007-07-19 22:14	444776 c:\windows\system32\d3dx10_35.dll
+ 2011-06-03 21:00 . 2007-05-16 20:45	443752 c:\windows\system32\d3dx10_34.dll
+ 2011-06-03 21:00 . 2007-03-15 20:57	443752 c:\windows\system32\d3dx10_33.dll
+ 2006-10-23 17:43 . 2010-08-23 16:12	617472 c:\windows\system32\comctl32.dll
- 2006-10-23 17:43 . 2008-04-14 09:41	617472 c:\windows\system32\comctl32.dll
+ 2008-12-21 21:46 . 2008-12-21 21:46	351744 c:\windows\system32\avisynth.dll
+ 2004-08-04 12:00 . 2011-02-15 12:56	290432 c:\windows\system32\atmfd.dll
+ 2009-07-31 12:54 . 2009-07-31 12:54	132472 c:\windows\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 2009-07-31 13:26 . 2009-07-31 13:26	114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2009-07-31 13:40 . 2009-07-31 13:40	468408 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe
+ 2009-07-31 13:28 . 2009-07-31 13:28	446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2009-07-31 13:26 . 2009-07-31 13:26	372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2009-07-31 12:54 . 2009-07-31 12:54	714752 c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2009-07-31 13:25 . 2009-07-31 13:25	614400 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2009-07-31 13:41 . 2009-07-31 13:41	206264 c:\windows\system32\Adobe\Director\SwDir.dll
+ 2009-07-31 13:27 . 2009-07-31 13:27	131072 c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2006-10-23 17:43 . 2010-02-12 04:33	100864 c:\windows\system32\6to4svc.dll
- 2009-06-02 21:41 . 2008-04-14 09:42	744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2009-06-02 21:41 . 2010-06-14 14:31	744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40	196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-30 04:40 . 2008-07-30 04:40	802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 23:47 . 2008-07-29 23:47	110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 23:47 . 2008-07-29 23:47	177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-30 04:15 . 2008-07-30 04:15	225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-30 04:40 . 2008-07-30 04:40	233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40	168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-30 01:35 . 2008-07-30 01:35	864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2010-03-31 07:16 . 2010-03-31 07:16	130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-30 02:10 . 2008-07-30 02:10	806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16	152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2010-04-08 06:48 . 2010-04-08 06:48	970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16	132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2010-04-08 06:48 . 2010-04-08 06:48	110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16	156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-30 00:16 . 2008-07-30 00:16	163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-30 00:16 . 2008-07-30 00:16	397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-30 00:24 . 2008-07-30 00:24	881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-30 00:16 . 2008-07-30 00:16	168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2010-09-22 16:43 . 2010-09-22 16:43	435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2010-02-09 19:22 . 2010-02-09 19:22	258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 09:59 . 2008-11-25 09:59	486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15	388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15	363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15	989016


----------



## danielstern96 (Aug 16, 2011)

Part 2:

c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 16:16 . 2008-07-25 16:16	507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 16:17 . 2008-07-25 16:17	147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2007-04-14 00:58 . 2007-04-14 00:58	102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 09:26 . 2010-09-23 09:26	102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 09:25 . 2010-09-23 09:25	315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 00:56 . 2007-04-14 00:56	315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 01:30 . 2007-04-14 01:30	258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-09-23 10:17 . 2010-09-23 10:17	258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-06-03 21:00 . 2006-03-31 15:27	578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2006-02-03 11:40	578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2005-12-05 21:20	577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2005-09-28 18:11	577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2005-07-22 21:21	577024 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2005-05-26 19:15	576000 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2005-03-18 21:23	567296 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2005-02-05 23:32	563712 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2005-03-18 20:23	223232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2011-06-03 21:00 . 2005-03-18 20:23	178176 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2011-06-03 21:00 . 2005-03-18 20:23	364544 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2011-06-03 21:00 . 2005-03-18 20:23	159232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2011-06-03 21:00 . 2005-03-18 20:23	145920 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2011-06-03 21:00 . 2005-03-18 20:23	473600 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2002-09-18 05:45 . 2002-09-18 05:45	119808 c:\windows\lsb_un20.exe
+ 2011-03-05 23:05 . 2011-03-05 23:05	608256 c:\windows\Installer\cb747e1.msi
+ 2009-11-07 19:08 . 2009-11-07 19:08	648192 c:\windows\Installer\ca13436.msi
+ 2008-07-30 04:23 . 2008-07-30 04:23	250880 c:\windows\Installer\ca02cdc.msp
+ 2008-07-30 04:28 . 2008-07-30 04:28	278016 c:\windows\Installer\ca02cda.msp
+ 2008-07-30 02:40 . 2008-07-30 02:40	291840 c:\windows\Installer\ca02cd8.msp
+ 2009-11-07 19:07 . 2009-11-07 19:07	137728 c:\windows\Installer\ca02cd2.msi
+ 2008-07-30 00:35 . 2008-07-30 00:35	553472 c:\windows\Installer\c9d7aa3.msp
+ 2008-07-30 00:33 . 2008-07-30 00:33	506368 c:\windows\Installer\c9d7aa1.msp
+ 2008-07-30 00:37 . 2008-07-30 00:37	911360 c:\windows\Installer\c9d7aa0.msp
+ 2011-02-04 01:37 . 2011-02-04 01:37	228352 c:\windows\Installer\bd301f6.msi
+ 2011-06-03 22:06 . 2011-06-03 22:06	223232 c:\windows\Installer\96ad6d9.msi
+ 2011-06-18 21:59 . 2011-06-18 21:59	203776 c:\windows\Installer\66c7f.msi
+ 2009-12-31 03:43 . 2009-12-31 03:43	257024 c:\windows\Installer\636e2426.msi
+ 2011-08-13 21:44 . 2011-08-13 21:44	224768 c:\windows\Installer\5d5e95c.msi
+ 2009-10-29 10:44 . 2009-10-29 10:44	355328 c:\windows\Installer\43b4f39d.msi
+ 2010-11-12 16:08 . 2010-11-12 16:08	889344 c:\windows\Installer\2fd291dc.msp
+ 2011-06-16 07:05 . 2011-06-16 07:05	223744 c:\windows\Installer\2f6ea317.msi
+ 2011-06-16 07:02 . 2011-06-16 07:02	467456 c:\windows\Installer\2f6ea2c0.msi
+ 2011-03-17 07:01 . 2011-03-17 07:01	988160 c:\windows\Installer\2ca4cb7.msi
+ 2008-12-13 14:58 . 2008-12-13 14:58	754688 c:\windows\Installer\2beeb41.msp
+ 2009-03-20 16:48 . 2009-03-20 16:48	183808 c:\windows\Installer\2beeb1d.msp
+ 2010-01-30 03:20 . 2010-01-30 03:20	164864 c:\windows\Installer\1f3d0e38.msi
+ 2010-01-30 03:18 . 2010-01-30 03:18	576000 c:\windows\Installer\1f3d0e0c.msi
+ 2010-09-24 04:02 . 2010-09-24 04:02	798208 c:\windows\Installer\1993c0e.msp
+ 2010-02-25 07:14 . 2010-02-25 07:14	543232 c:\windows\Installer\1993b4e.msp
+ 2009-09-09 20:40 . 2009-09-09 20:40	632320 c:\windows\Installer\1972493d.msp
+ 2009-11-25 08:00 . 2009-11-25 08:00	429568 c:\windows\Installer\18189d7.msi
+ 2011-03-08 02:23 . 2011-03-08 02:23	490496 c:\windows\Installer\17b87523.msi
+ 2011-02-05 08:00 . 2011-02-05 08:00	195584 c:\windows\Installer\125840fd.msi
+ 2011-07-14 03:53 . 2011-07-14 03:53	371272 c:\windows\Installer\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}\SkypeIcon.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-06-02 22:40 . 2011-08-12 05:20	593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2009-06-02 22:40 . 2009-09-09 07:31	593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-04-19 17:53 . 2007-04-19 17:53	109408 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OUTLCTL.DLL
+ 2007-05-10 18:35 . 2007-05-10 18:35	120160 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSCONV97.DLL
+ 2007-04-19 18:01 . 2007-04-19 18:01	238424 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSCDM.DLL
+ 2007-01-17 00:32 . 2007-01-17 00:32	136032 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSAEXP30.DLL
+ 2009-07-22 07:01 . 2009-07-22 07:01	103776 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\IPATHPIA.DLL
+ 2007-04-19 17:54 . 2007-04-19 17:54	169312 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ACCWIZ.DLL
+ 2006-10-27 00:49 . 2006-10-27 00:49	509200 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\WRD12CVR.DLL
+ 2007-05-10 13:04 . 2007-05-10 13:04	846248 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OICE.EXE
+ 2006-10-27 00:12 . 2006-10-27 00:12	396592 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MOC.EXE
+ 2010-10-29 10:15 . 2009-03-08 08:33	420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	382840 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	231288 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2010-01-23 08:00 . 2009-10-29 07:45	916480 c:\windows\ie8updates\KB978207-IE8\wininet.dll
+ 2010-01-23 08:00 . 2009-05-26 11:40	382840 c:\windows\ie8updates\KB978207-IE8\spuninst\updspapi.dll
+ 2010-01-23 08:00 . 2008-07-08 13:02	231288 c:\windows\ie8updates\KB978207-IE8\spuninst\spuninst.exe
+ 2010-01-23 08:00 . 2009-10-29 07:45	206848 c:\windows\ie8updates\KB978207-IE8\occache.dll
+ 2010-01-23 08:00 . 2009-10-29 07:45	594432 c:\windows\ie8updates\KB978207-IE8\msfeeds.dll
+ 2010-01-23 08:00 . 2009-10-29 07:45	246272 c:\windows\ie8updates\KB978207-IE8\ieproxy.dll
+ 2010-01-23 08:00 . 2009-10-29 07:45	184320 c:\windows\ie8updates\KB978207-IE8\iepeers.dll
+ 2010-01-23 08:00 . 2009-10-29 07:45	387584 c:\windows\ie8updates\KB978207-IE8\iedkcs32.dll
+ 2010-01-23 08:00 . 2009-10-28 14:40	173056 c:\windows\ie8updates\KB978207-IE8\ie4uinit.exe
+ 2009-11-05 08:00 . 2008-07-08 13:02	382840 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll
+ 2009-11-05 08:00 . 2008-07-08 13:02	231288 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe
+ 2010-10-29 10:32 . 2008-07-08 13:02	382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-10-29 10:32 . 2008-07-08 13:02	231288 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-10-29 10:32 . 2009-06-22 06:44	726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	916480 c:\windows\ie8updates\KB976325-IE8\wininet.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	382840 c:\windows\ie8updates\KB976325-IE8\spuninst\updspapi.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	231288 c:\windows\ie8updates\KB976325-IE8\spuninst\spuninst.exe
+ 2009-12-11 08:02 . 2009-08-29 08:08	206848 c:\windows\ie8updates\KB976325-IE8\occache.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	594432 c:\windows\ie8updates\KB976325-IE8\msfeeds.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	246272 c:\windows\ie8updates\KB976325-IE8\ieproxy.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	184320 c:\windows\ie8updates\KB976325-IE8\iepeers.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	387584 c:\windows\ie8updates\KB976325-IE8\iedkcs32.dll
+ 2009-12-11 08:02 . 2009-08-28 10:35	173056 c:\windows\ie8updates\KB976325-IE8\ie4uinit.exe
+ 2009-10-16 07:05 . 2009-07-03 17:09	915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll
+ 2009-10-16 07:05 . 2009-05-26 11:40	382840 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll
+ 2009-10-16 07:05 . 2008-07-08 13:02	231288 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe
+ 2009-10-16 07:05 . 2009-07-03 17:09	206848 c:\windows\ie8updates\KB974455-IE8\occache.dll
+ 2009-10-16 07:05 . 2009-07-03 17:09	594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll
+ 2009-10-16 07:05 . 2009-07-03 17:09	246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll
+ 2009-10-16 07:05 . 2009-07-03 17:09	184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll
+ 2009-10-16 07:05 . 2009-07-03 17:09	386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll
+ 2009-10-16 07:05 . 2009-07-03 11:01	173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe
+ 2011-08-12 05:19 . 2011-04-25 16:11	916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll
+ 2011-08-12 05:19 . 2009-03-08 08:34	105984 c:\windows\ie8updates\KB2559049-IE8\url.dll
+ 2011-08-12 05:19 . 2010-07-05 13:16	382840 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
+ 2011-08-12 05:19 . 2010-07-05 13:15	231288 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
+ 2011-08-12 05:19 . 2011-04-25 16:11	206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
+ 2011-08-12 05:19 . 2011-04-25 12:01	173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
+ 2011-06-16 07:00 . 2009-03-08 08:33	759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
+ 2011-06-16 07:00 . 2010-07-05 13:16	382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2011-06-16 07:00 . 2010-07-05 13:15	231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2011-06-16 07:02 . 2011-02-22 23:06	916480 c:\windows\ie8updates\KB2530548-IE8\wininet.dll
+ 2011-06-16 07:02 . 2010-07-05 13:16	382840 c:\windows\ie8updates\KB2530548-IE8\spuninst\updspapi.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	231288 c:\windows\ie8updates\KB2530548-IE8\spuninst\spuninst.exe
+ 2011-06-16 07:02 . 2011-02-22 23:06	206848 c:\windows\ie8updates\KB2530548-IE8\occache.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	611840 c:\windows\ie8updates\KB2530548-IE8\mstime.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	602112 c:\windows\ie8updates\KB2530548-IE8\msfeeds.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	247808 c:\windows\ie8updates\KB2530548-IE8\ieproxy.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	184320 c:\windows\ie8updates\KB2530548-IE8\iepeers.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	743424 c:\windows\ie8updates\KB2530548-IE8\iedvtool.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	387584 c:\windows\ie8updates\KB2530548-IE8\iedkcs32.dll
+ 2011-06-16 07:02 . 2011-02-18 11:49	173568 c:\windows\ie8updates\KB2530548-IE8\ie4uinit.exe
+ 2011-04-15 07:00 . 2010-03-10 06:15	420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2011-04-15 07:00 . 2010-07-05 13:16	382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2011-04-15 07:00 . 2010-07-05 13:15	231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
+ 2011-04-15 07:00 . 2009-12-09 05:53	726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	916480 c:\windows\ie8updates\KB2497640-IE8\wininet.dll
+ 2011-04-15 07:09 . 2010-07-05 13:16	382840 c:\windows\ie8updates\KB2497640-IE8\spuninst\updspapi.dll
+ 2011-04-15 07:09 . 2010-07-05 13:15	231288 c:\windows\ie8updates\KB2497640-IE8\spuninst\spuninst.exe
+ 2011-04-15 07:09 . 2010-12-20 23:59	206848 c:\windows\ie8updates\KB2497640-IE8\occache.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	611840 c:\windows\ie8updates\KB2497640-IE8\mstime.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	602112 c:\windows\ie8updates\KB2497640-IE8\msfeeds.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	247808 c:\windows\ie8updates\KB2497640-IE8\ieproxy.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	184320 c:\windows\ie8updates\KB2497640-IE8\iepeers.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	743424 c:\windows\ie8updates\KB2497640-IE8\iedvtool.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	387584 c:\windows\ie8updates\KB2497640-IE8\iedkcs32.dll
+ 2011-04-15 07:09 . 2010-12-20 12:55	173568 c:\windows\ie8updates\KB2497640-IE8\ie4uinit.exe
+ 2011-02-10 08:01 . 2010-11-06 00:26	916480 c:\windows\ie8updates\KB2482017-IE8\wininet.dll
+ 2011-02-10 08:01 . 2010-07-05 13:16	382840 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll
+ 2011-02-10 08:01 . 2010-07-05 13:15	231288 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe
+ 2011-02-10 08:01 . 2010-11-06 00:26	206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll
+ 2011-02-10 08:01 . 2010-11-03 12:26	173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe
+ 2010-12-15 08:05 . 2010-09-10 05:58	916480 c:\windows\ie8updates\KB2416400-IE8\wininet.dll
+ 2010-12-15 08:05 . 2010-07-05 13:16	382840 c:\windows\ie8updates\KB2416400-IE8\spuninst\updspapi.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23	231288 c:\windows\ie8updates\KB2416400-IE8\spuninst\spuninst.exe
+ 2010-12-15 08:05 . 2010-09-10 05:58	206848 c:\windows\ie8updates\KB2416400-IE8\occache.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	611840 c:\windows\ie8updates\KB2416400-IE8\mstime.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	602112 c:\windows\ie8updates\KB2416400-IE8\msfeeds.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	247808 c:\windows\ie8updates\KB2416400-IE8\ieproxy.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	184320 c:\windows\ie8updates\KB2416400-IE8\iepeers.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	743424 c:\windows\ie8updates\KB2416400-IE8\iedvtool.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	387584 c:\windows\ie8updates\KB2416400-IE8\iedkcs32.dll
+ 2010-12-15 08:05 . 2010-08-26 12:22	173056 c:\windows\ie8updates\KB2416400-IE8\ie4uinit.exe
+ 2010-10-29 10:19 . 2009-12-21 19:14	916480 c:\windows\ie8updates\KB2360131-IE8\wininet.dll
+ 2010-10-29 10:19 . 2010-07-05 13:16	382840 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll
+ 2010-10-29 10:19 . 2009-05-26 09:01	231288 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe
+ 2010-10-29 10:19 . 2009-12-21 19:14	206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll
+ 2010-10-29 10:19 . 2009-03-08 08:32	611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	594432 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	246272 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll
+ 2010-10-29 10:19 . 2009-03-08 08:35	742912 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll
+ 2010-10-29 10:19 . 2009-12-21 13:19	173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe
+ 2011-03-17 00:19 . 2011-03-17 00:19	473600 c:\windows\Freecorder\uninstall.exe
+ 2009-11-07 19:06 . 2008-03-13 04:52	761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-06-02 22:44 . 2011-07-15 13:29	456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-12-10 10:07 . 2009-10-20 16:20	265728 c:\windows\Driver Cache\i386\http.sys
+ 2011-02-01 16:54 . 2010-05-11 22:28	173232  c:\windows\Downloaded Program Files\PubPlugin.dll
+ 2009-05-20 17:17 . 2009-05-20 17:17	689536 c:\windows\Downloaded Program Files\Manager.exe
+ 2011-02-01 16:54 . 2010-03-24 21:56	143968 c:\windows\Downloaded Program Files\ijjiSetup1010.dll
+ 2010-01-14 20:38 . 2010-01-14 20:38	208656 c:\windows\Downloaded Program Files\ijjiPCPlugin.dll
+ 2009-11-10 16:12 . 2009-11-10 16:12	811008 c:\windows\Downloaded Program Files\ijjiOptimizer.exe
+ 2010-01-09 17:05 . 2004-01-29 14:25	226563 c:\windows\Cache\Adobe Reader 6.0\HEBMIN\setup.exe
+ 2010-10-29 10:08 . 2010-10-29 10:08	835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_296ff7bd\System.Drawing.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_53b82cf6\System.Drawing.Design.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_164a455d\CustomMarshalers.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe
+ 2011-08-12 18:37 . 2011-08-12 18:37	240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961\WindowsFormsIntegration.ni.dll
+ 2011-06-28 07:06 . 2011-06-28 07:06	187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll
+ 2011-08-12 18:37 . 2011-08-12 18:37	447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\431e918aee8da919f5b9e3a5195ccf93\UIAutomationClient.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\System.Web.Routing.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54\System.Web.Extensions.Design.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\2314ff800782dc85224e69e802a073f7\System.Web.Entity.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c\System.Web.Entity.Design.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c5c96400424b85536443623f96f64581\System.Web.DynamicData.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Net.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad\System.Management.Instrumentation.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
+ 2011-08-12 18:37 . 2011-08-12 18:37	208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\822c996e6ad4901219b7de399a6f78bf\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8\System.Data.Services.Design.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6\System.Data.Services.Client.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead\System.Data.Entity.Design.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b\System.Data.DataSetExtensions.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\585e68739b2a8aff61ee6b2786513245\System.Configuration.Install.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fbf6ef12d1456058acde29f2640092fb\System.AddIn.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe
+ 2011-08-12 22:46 . 2011-08-12 22:46	256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575a6beb3a416bd480b98a7\ServiceModelReg.ni.exe
+ 2011-08-12 18:34 . 2011-08-12 18:34	224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f52e48f55258d0a04fbab3a1f93752e9\PresentationFramework.Classic.ni.dll
+ 2011-08-12 18:34 . 2011-08-12 18:34	368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\cf812b99f587ab514afb36fa9d4c1567\PresentationFramework.Aero.ni.dll
+ 2011-08-12 18:34 . 2011-08-12 18:34	539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b7795999cc67f3a6cec40f5b24005e00\PresentationFramework.Luna.ni.dll
+ 2011-08-12 18:35 . 2011-08-12 18:35	258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09f5af61ea2af04eb32c04b3091ffc86\PresentationFramework.Royale.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	900096 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\359964375cbd59cebf5b5248e700980f\PaintDotNet.SystemLayer.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	161280 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\2447b346de034dfb6df8bddb5d37fe67\PaintDotNet.SystemLayer.Native.x86.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	388608 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Resourc#\e083236b043754bb73c6c94cabd3b81f\PaintDotNet.Resources.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	813056 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Effects\92e7ce899af8113e239c1d816587972e\PaintDotNet.Effects.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	568832 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Data\5640218f2347b5a6936cf0ed70339d66\PaintDotNet.Data.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	816128 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Base\fb5351d952ad079475d47ccf4980327c\PaintDotNet.Base.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe
+ 2011-08-12 22:46 . 2011-08-12 22:46	386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	547840 c:\windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\1e25a95f3506bace6c9475638c730dbb\ICSharpCode.SharpZipLib.ni.dll
+ 2011-06-28 07:09 . 2011-06-28 07:09	220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe
+ 2011-08-12 22:45 . 2011-08-12 22:45	842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetMMCExt.ni.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-11-08 08:04 . 2009-11-08 08:04	139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-11-08 08:04 . 2009-11-08 08:04	229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-10-29 10:11 . 2010-10-29 10:11	970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2010-10-29 10:11 . 2010-10-29 10:11	438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-11-08 08:04 . 2009-11-08 08:04	442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-11-08 08:04 . 2009-11-08 08:04	294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-10-29 10:11 . 2010-10-29 10:11	110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-10-29 10:01 . 2010-10-29 10:01	111624 c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2006-10-23 17:43 . 2009-11-21 15:51	471552 c:\windows\AppPatch\aclayers.dll
+ 2011-06-20 21:17 . 2011-06-20 22:46	937984 c:\windows\.jagex_cache_32\runescape\sw3d.dll
+ 2011-06-20 21:17 . 2011-06-20 22:47	137216 c:\windows\.jagex_cache_32\runescape\jaggl.dll
+ 2011-06-20 21:17 . 2011-06-20 22:47	102400 c:\windows\.jagex_cache_32\runescape\jagdx.dll
+ 2011-06-20 21:17 . 2011-06-20 22:46	148992 c:\windows\.jagex_cache_32\runescape\jaclib.dll
+ 2011-05-18 00:54 . 2006-10-09 01:53	379184 c:\windows\$NtUninstallwinusb0100$\spuninst\updspapi.dll
+ 2011-05-18 00:54 . 2006-10-09 01:53	221488 c:\windows\$NtUninstallwinusb0100$\spuninst\spuninst.exe
+ 2011-05-18 00:53 . 2008-03-21 17:57	379184 c:\windows\$NtUninstallWdf01007$\spuninst\updspapi.dll
+ 2011-05-18 00:53 . 2008-03-21 17:57	221488 c:\windows\$NtUninstallWdf01007$\spuninst\spuninst.exe
+ 2010-10-29 10:01 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB982665$\spuninst\updspapi.dll
+ 2010-10-29 10:01 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB982665$\spuninst\spuninst.exe
+ 2010-10-29 10:32 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB982214$\spuninst\updspapi.dll
+ 2010-10-29 10:32 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB982214$\spuninst\spuninst.exe
+ 2010-10-29 10:29 . 2009-10-15 16:28	119808 c:\windows\$NtUninstallKB982132$\t2embed.dll
+ 2010-10-29 10:29 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB982132$\spuninst\updspapi.dll
+ 2010-10-29 10:29 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB982132$\spuninst\spuninst.exe
+ 2010-10-29 10:11 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB981997$\spuninst\updspapi.dll
+ 2010-10-29 10:11 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB981997$\spuninst\spuninst.exe
+ 2010-10-29 10:12 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB981957$\spuninst\updspapi.dll
+ 2010-10-29 10:12 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB981957$\spuninst\spuninst.exe
+ 2010-10-29 10:27 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB981852$\spuninst\updspapi.dll
+ 2010-10-29 10:27 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB981852$\spuninst\spuninst.exe
+ 2010-10-29 10:15 . 2008-04-14 09:42	406016 c:\windows\$NtUninstallKB981322$\usp10.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB981322$\spuninst\updspapi.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB981322$\spuninst\spuninst.exe
+ 2010-10-29 10:16 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB980436$\spuninst\updspapi.dll
+ 2010-10-29 10:16 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB980436$\spuninst\spuninst.exe
+ 2010-10-29 10:16 . 2009-06-25 08:25	147456 c:\windows\$NtUninstallKB980436$\schannel.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	382840 c:\windows\$NtUninstallKB980232$\spuninst\updspapi.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	231288 c:\windows\$NtUninstallKB980232$\spuninst\spuninst.exe
+ 2010-10-29 10:31 . 2009-12-04 18:22	455424 c:\windows\$NtUninstallKB980232$\mrxsmb.sys
+ 2010-10-29 10:31 . 2008-07-08 13:02	382840 c:\windows\$NtUninstallKB980195$\spuninst\updspapi.dll
+ 2010-10-29 10:31 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB980195$\spuninst\spuninst.exe
+ 2010-10-29 10:23 . 2008-04-21 12:08	215552 c:\windows\$NtUninstallKB979687$\wordpad.exe
+ 2010-10-29 10:23 . 2009-05-26 09:01	382840 c:\windows\$NtUninstallKB979687$\spuninst\updspapi.dll
+ 2010-10-29 10:23 . 2009-05-26 09:01	231288 c:\windows\$NtUninstallKB979687$\spuninst\spuninst.exe
+ 2010-10-29 10:11 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB979482$\spuninst\updspapi.dll
+ 2010-10-29 10:11 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB979482$\spuninst\spuninst.exe
+ 2010-10-29 10:12 . 2008-07-08 13:02	382840 c:\windows\$NtUninstallKB979309$\spuninst\updspapi.dll
+ 2010-10-29 10:12 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB979309$\spuninst\spuninst.exe
+ 2010-02-10 08:00 . 2009-05-26 22:10	382840 c:\windows\$NtUninstallKB978706$\spuninst\updspapi.dll
+ 2010-02-10 08:00 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB978706$\spuninst\spuninst.exe
+ 2010-02-10 08:00 . 2008-04-14 09:42	343040 c:\windows\$NtUninstallKB978706$\mspaint.exe
+ 2010-10-29 10:15 . 2007-07-28 06:11	382840 c:\windows\$NtUninstallKB978695_WM9$\spuninst\updspapi.dll
+ 2010-10-29 10:15 . 2007-07-28 06:11	231288 c:\windows\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe
+ 2010-10-29 10:16 . 2008-04-14 09:42	176640 c:\windows\$NtUninstallKB978601$\wintrust.dll
+ 2010-10-29 10:16 . 2008-07-08 13:02	382840 c:\windows\$NtUninstallKB978601$\spuninst\updspapi.dll
+ 2010-10-29 10:16 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB978601$\spuninst\spuninst.exe
+ 2010-10-29 10:12 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB978542$\spuninst\updspapi.dll
+ 2010-10-29 10:12 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB978542$\spuninst\spuninst.exe
+ 2010-10-29 10:28 . 2008-06-20 11:08	225856 c:\windows\$NtUninstallKB978338$\tcpip6.sys
+ 2010-10-29 10:28 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB978338$\spuninst\updspapi.dll
+ 2010-10-29 10:28 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB978338$\spuninst\spuninst.exe
+ 2010-10-29 10:28 . 2008-04-14 09:41	100352 c:\windows\$NtUninstallKB978338$\6to4svc.dll
+ 2010-02-10 08:04 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB978262$\spuninst\updspapi.dll
+ 2010-02-10 08:04 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB978262$\spuninst\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB978251$\spuninst\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB978251$\spuninst\spuninst.exe
+ 2010-02-10 08:01 . 2008-10-24 11:21	455296 c:\windows\$NtUninstallKB978251$\mrxsmb.sys
+ 2010-02-10 08:01 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB978037$\spuninst\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB978037$\spuninst\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB977914$\spuninst\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB977914$\spuninst\spuninst.exe
+ 2010-10-29 10:18 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB977816$\spuninst\updspapi.dll
+ 2010-10-29 10:18 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB977816$\spuninst\spuninst.exe
+ 2010-02-10 08:00 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB977165$\spuninst\updspapi.dll
+ 2010-02-10 08:00 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB977165$\spuninst\spuninst.exe
+ 2009-11-25 08:00 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB976098-v2$\spuninst\updspapi.dll
+ 2009-11-25 08:00 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB976098-v2$\spuninst\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB975713$\spuninst\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB975713$\spuninst\spuninst.exe
+ 2010-02-10 08:01 . 2008-04-14 09:42	474112 c:\windows\$NtUninstallKB975713$\shlwapi.dll
+ 2010-10-29 10:11 . 2010-02-23 02:53	382840 c:\windows\$NtUninstallKB975562$\spuninst\updspapi.dll
+ 2010-10-29 10:11 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB975562$\spuninst\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 22:10	382840 c:\windows\$NtUninstallKB975560$\spuninst\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB975560$\spuninst\spuninst.exe
+ 2010-10-29 10:30 . 2007-07-28 06:11	382840 c:\windows\$NtUninstallKB975558_WM8$\spuninst\updspapi.dll
+ 2010-10-29 10:30 . 2007-07-28 06:11	231288 c:\windows\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe
+ 2010-10-29 10:30 . 2006-10-19 01:47	317440 c:\windows\$NtUninstallKB975558_WM8$\mp4sdecd.dll
+ 2009-10-16 07:00 . 2008-07-08 13:02	382840 c:\windows\$NtUninstallKB975467$\spuninst\updspapi.dll
+ 2009-10-16 07:00 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe
+ 2009-10-16 07:00 . 2009-06-25 08:25	136192 c:\windows\$NtUninstallKB975467$\msv1_0.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB975025$\spuninst\updspapi.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe
+ 2009-10-16 07:02 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB974571$\spuninst\updspapi.dll
+ 2009-10-16 07:02 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe
+ 2009-12-11 08:01 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB974392$\spuninst\updspapi.dll
+ 2009-12-11 08:01 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB974392$\spuninst\spuninst.exe
+ 2009-12-11 08:01 . 2008-04-14 09:42	270336 c:\windows\$NtUninstallKB974392$\oakley.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB974318$\spuninst\updspapi.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB974318$\spuninst\spuninst.exe
+ 2009-12-11 08:02 . 2008-04-14 09:42	150016 c:\windows\$NtUninstallKB974318$\rastls.dll
+ 2009-10-16 07:03 . 2008-10-03 10:02	247326 c:\windows\$NtUninstallKB974112$\strmdll.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB974112$\spuninst\updspapi.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe
+ 2009-12-11 08:02 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB973904$\spuninst\updspapi.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB973904$\spuninst\spuninst.exe
+ 2009-11-25 08:00 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB973687$\spuninst\updspapi.dll
+ 2009-11-25 08:00 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB973687$\spuninst\spuninst.exe
+ 2009-10-16 07:01 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB973525$\spuninst\updspapi.dll
+ 2009-10-16 07:01 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe
+ 2010-01-13 08:02 . 2009-06-16 14:36	119808 c:\windows\$NtUninstallKB972270$\t2embed.dll
+ 2010-01-13 08:02 . 2008-07-08 13:02	382840 c:\windows\$NtUninstallKB972270$\spuninst\updspapi.dll
+ 2010-01-13 08:02 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB972270$\spuninst\spuninst.exe
+ 2009-12-11 08:01 . 2008-12-16 12:30	354304 c:\windows\$NtUninstallKB971737$\winhttp.dll
+ 2009-12-11 08:01 . 2008-07-08 13:02	382840 c:\windows\$NtUninstallKB971737$\spuninst\updspapi.dll
+ 2009-12-11 08:01 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB971737$\spuninst\spuninst.exe
+ 2009-10-16 07:01 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB971486$\spuninst\updspapi.dll
+ 2009-10-16 07:01 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe
+ 2010-02-10 08:04 . 2008-12-11 10:57	333952 c:\windows\$NtUninstallKB971468$\srv.sys
+ 2010-02-10 08:04 . 2008-07-08 13:02	382840 c:\windows\$NtUninstallKB971468$\spuninst\updspapi.dll
+ 2010-02-10 08:04 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB971468$\spuninst\spuninst.exe
+ 2011-03-16 07:01 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB971029$\spuninst\updspapi.dll
+ 2011-03-16 07:01 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB971029$\spuninst\spuninst.exe
+ 2011-03-16 07:01 . 2008-04-14 09:42	135168 c:\windows\$NtUninstallKB971029$\shsvcs.dll
+ 2009-12-11 08:03 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB970430$\spuninst\updspapi.dll
+ 2009-12-11 08:03 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB970430$\spuninst\spuninst.exe
+ 2009-12-11 08:03 . 2008-04-14 04:23	264832 c:\windows\$NtUninstallKB970430$\http.sys
+ 2009-11-12 08:00 . 2008-07-08 13:02	382840 c:\windows\$NtUninstallKB969947$\spuninst\updspapi.dll
+ 2009-11-12 08:00 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB969947$\spuninst\spuninst.exe
+ 2009-10-16 07:03 . 2008-07-08 13:02	382840 c:\windows\$NtUninstallKB969059$\spuninst\updspapi.dll
+ 2009-10-16 07:03 . 2008-07-08 13:02	231288 c:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe
+ 2009-11-08 08:04 . 2007-11-30 11:18	382840 c:\windows\$NtUninstallKB961118$\spuninst\updspapi.dll
+ 2009-11-08 08:04 . 2007-11-30 11:18	231288 c:\windows\$NtUninstallKB961118$\spuninst\spuninst.exe
+ 2009-10-16 07:05 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB958869$\spuninst\updspapi.dll
+ 2009-10-16 07:05 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe
+ 2010-01-13 08:03 . 2009-05-26 22:10	382840 c:\windows\$NtUninstallKB955759$\spuninst\updspapi.dll
+ 2010-01-13 08:03 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB955759$\spuninst\spuninst.exe
+ 2010-01-13 08:03 . 2008-04-14 09:41	451072 c:\windows\$NtUninstallKB955759$\aclayers.dll
+ 2009-10-16 07:03 . 2006-10-19 01:47	603648 c:\windows\$NtUninstallKB954155_WM9$\wmspdmod.dll
+ 2009-10-16 07:03 . 2007-07-27 14:41	382840 c:\windows\$NtUninstallKB954155_WM9$\spuninst\updspapi.dll
+ 2009-10-16 07:03 . 2007-07-27 14:41	231288 c:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe
+ 2010-01-12 01:42 . 2009-11-13 22:57	379184 c:\windows\$NtUninstallKB952011$\spuninst\updspapi.dll
+ 2010-01-12 01:42 . 2009-11-13 22:57	221488 c:\windows\$NtUninstallKB952011$\spuninst\spuninst.exe
+ 2011-07-14 07:00 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2555917$\spuninst\updspapi.dll
+ 2011-07-14 07:00 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2555917$\spuninst\spuninst.exe
+ 2011-06-16 07:02 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2544893$\spuninst\updspapi.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2544893$\spuninst\spuninst.exe
+ 2011-06-16 07:02 . 2011-03-07 05:33	692736 c:\windows\$NtUninstallKB2544893$\inetcomm.dll
+ 2011-06-29 07:00 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2541763$\spuninst\updspapi.dll
+ 2011-06-29 07:00 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2541763$\spuninst\spuninst.exe
+ 2011-06-29 07:00 . 2010-06-30 12:31	149504 c:\windows\$NtUninstallKB2541763$\schannel.dll
+ 2011-06-16 07:02 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2536276$\spuninst\updspapi.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2536276$\spuninst\spuninst.exe
+ 2011-06-16 07:02 . 2011-02-17 13:18	455936 c:\windows\$NtUninstallKB2536276$\mrxsmb.sys
+ 2011-06-16 07:03 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2535512$\spuninst\updspapi.dll
+ 2011-06-16 07:03 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2535512$\spuninst\spuninst.exe
+ 2011-06-16 07:03 . 2008-04-14 04:47	105344 c:\windows\$NtUninstallKB2535512$\mup.sys
+ 2011-03-25 07:00 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2524375$\spuninst\updspapi.dll
+ 2011-03-25 07:00 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2524375$\spuninst\spuninst.exe
+ 2011-04-15 07:03 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2511455$\spuninst\updspapi.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2511455$\spuninst\spuninst.exe
+ 2011-04-15 07:03 . 2010-02-24 13:11	455680 c:\windows\$NtUninstallKB2511455$\mrxsmb.sys
+ 2011-04-15 07:01 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2509553$\spuninst\updspapi.dll
+ 2011-04-15 07:01 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2509553$\spuninst\spuninst.exe
+ 2011-04-15 07:01 . 2008-06-20 17:46	245248 c:\windows\$NtUninstallKB2509553$\mswsock.dll
+ 2011-04-15 07:01 . 2008-06-20 17:46	147968 c:\windows\$NtUninstallKB2509553$\dnsapi.dll
+ 2011-04-15 07:01 . 2008-08-14 10:04	138496 c:\windows\$NtUninstallKB2509553$\afd.sys
+ 2011-04-15 07:04 . 2010-08-26 13:39	357248 c:\windows\$NtUninstallKB2508429$\srv.sys
+ 2011-04-15 07:04 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2508429$\spuninst\updspapi.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2508429$\spuninst\spuninst.exe
+ 2011-04-15 07:05 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2508272$\spuninst\updspapi.dll
+ 2011-04-15 07:05 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2508272$\spuninst\spuninst.exe
+ 2011-07-14 07:03 . 2010-06-18 17:45	293376 c:\windows\$NtUninstallKB2507938$\winsrv.dll
+ 2011-07-14 07:03 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2507938$\spuninst\updspapi.dll
+ 2011-07-14 07:03 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2507938$\spuninst\spuninst.exe
+ 2011-04-15 07:04 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2507618$\spuninst\updspapi.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2507618$\spuninst\spuninst.exe
+ 2011-04-15 07:04 . 2011-01-07 14:09	290048 c:\windows\$NtUninstallKB2507618$\atmfd.dll
+ 2011-04-15 07:09 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2506223$\spuninst\updspapi.dll
+ 2011-04-15 07:09 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2506223$\spuninst\spuninst.exe
+ 2011-04-15 07:03 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2506212$\spuninst\updspapi.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2506212$\spuninst\spuninst.exe
+ 2011-04-15 07:03 . 2010-09-18 19:23	974848 c:\windows\$NtUninstallKB2506212$\mfc42u.dll
+ 2011-04-15 07:03 . 2010-09-18 06:53	974848 c:\windows\$NtUninstallKB2506212$\mfc42.dll
+ 2011-06-16 07:04 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2503665$\spuninst\updspapi.dll
+ 2011-06-16 07:04 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2503665$\spuninst\spuninst.exe
+ 2011-06-16 07:04 . 2008-10-16 14:43	138496 c:\windows\$NtUninstallKB2503665$\afd.sys
+ 2011-04-15 07:04 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2503658$\spuninst\updspapi.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2503658$\spuninst\spuninst.exe
+ 2011-04-15 07:04 . 2010-06-09 07:43	692736 c:\windows\$NtUninstallKB2503658$\inetcomm.dll
+ 2011-04-15 07:11 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2485663$\spuninst\updspapi.dll
+ 2011-04-15 07:11 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2485663$\spuninst\spuninst.exe
+ 2011-02-10 08:04 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2485376$\spuninst\updspapi.dll
+ 2011-02-10 08:04 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2485376$\spuninst\spuninst.exe
+ 2011-02-10 08:04 . 2010-10-28 13:13	290048 c:\windows\$NtUninstallKB2485376$\atmfd.dll
+ 2011-02-10 08:03 . 2010-07-05 23:46	382840 c:\windows\$NtUninstallKB2483185$\spuninst\updspapi.dll
+ 2011-02-10 08:03 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2483185$\spuninst\spuninst.exe
+ 2011-02-10 08:03 . 2008-04-14 09:42	438272 c:\windows\$NtUninstallKB2483185$\shimgvw.dll
+ 2011-03-10 08:01 . 2010-07-05 23:46	382840 c:\windows\$NtUninstallKB2481109$\spuninst\updspapi.dll
+ 2011-03-10 08:01 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2481109$\spuninst\spuninst.exe
+ 2011-03-10 08:01 . 2008-04-14 09:42	677888 c:\windows\$NtUninstallKB2481109$\mstsc.exe
+ 2011-03-10 08:04 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2479943$\spuninst\updspapi.dll
+ 2011-03-10 08:04 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2479943$\spuninst\spuninst.exe
+ 2011-03-10 08:04 . 2008-04-14 09:42	270848 c:\windows\$NtUninstallKB2479943$\sbe.dll
+ 2011-03-10 08:04 . 2008-04-14 09:41	186880 c:\windows\$NtUninstallKB2479943$\encdec.dll
+ 2011-02-10 08:03 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2479628$\spuninst\updspapi.dll
+ 2011-02-10 08:03 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2479628$\spuninst\spuninst.exe
+ 2011-02-10 08:04 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2478971$\spuninst\updspapi.dll
+ 2011-02-10 08:04 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2478971$\spuninst\spuninst.exe
+ 2011-02-10 08:04 . 2009-06-25 08:25	301568 c:\windows\$NtUninstallKB2478971$\kerberos.dll
+ 2011-02-10 08:00 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2478960$\spuninst\updspapi.dll
+ 2011-02-10 08:00 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2478960$\spuninst\spuninst.exe
+ 2011-02-10 08:00 . 2009-06-25 08:25	730112 c:\windows\$NtUninstallKB2478960$\lsasrv.dll
+ 2011-02-10 08:01 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2476687$\spuninst\updspapi.dll
+ 2011-02-10 08:01 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2476687$\spuninst\spuninst.exe
+ 2011-06-16 07:04 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2476490$\spuninst\updspapi.dll
+ 2011-06-16 07:04 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2476490$\spuninst\spuninst.exe
+ 2011-06-16 07:04 . 2008-04-14 09:42	551936 c:\windows\$NtUninstallKB2476490$\oleaut32.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2467659$\spuninst\updspapi.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2467659$\spuninst\spuninst.exe
+ 2010-12-15 08:05 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB2443685$\spuninst\updspapi.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB2443685$\spuninst\spuninst.exe
+ 2010-12-15 08:06 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2443105$\spuninst\updspapi.dll
+ 2010-12-15 08:06 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2443105$\spuninst\spuninst.exe
+ 2010-12-15 08:05 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB2440591$\spuninst\updspapi.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB2440591$\spuninst\spuninst.exe
+ 2010-12-15 08:05 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB2436673$\spuninst\updspapi.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB2436673$\spuninst\spuninst.exe
+ 2010-12-15 08:01 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2423089$\spuninst\updspapi.dll
+ 2010-12-15 08:01 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2423089$\spuninst\spuninst.exe
+ 2011-01-13 08:01 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2419632$\spuninst\updspapi.dll
+ 2011-01-13 08:01 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2419632$\spuninst\spuninst.exe
+ 2011-01-13 08:01 . 2008-04-14 09:42	249856 c:\windows\$NtUninstallKB2419632$\odbc32.dll
+ 2011-01-13 08:01 . 2008-04-14 09:42	102400 c:\windows\$NtUninstallKB2419632$\msjro.dll
+ 2011-01-13 08:01 . 2008-04-14 09:42	200704 c:\windows\$NtUninstallKB2419632$\msadox.dll
+ 2011-01-13 08:01 . 2008-04-14 09:42	180224 c:\windows\$NtUninstallKB2419632$\msadomd.dll
+ 2011-01-13 08:01 . 2008-04-14 09:42	536576 c:\windows\$NtUninstallKB2419632$\msado15.dll
+ 2011-01-13 08:01 . 2008-04-14 09:42	143360 c:\windows\$NtUninstallKB2419632$\msadco.dll
+ 2011-04-15 07:09 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB2412687$\spuninst\updspapi.dll
+ 2011-04-15 07:09 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB2412687$\spuninst\spuninst.exe
+ 2011-02-10 08:00 . 2010-07-05 13:16	382840 c:\windows\$NtUninstallKB2393802$\spuninst\updspapi.dll
+ 2011-02-10 08:00 . 2010-07-05 13:15	231288 c:\windows\$NtUninstallKB2393802$\spuninst\spuninst.exe
+ 2011-02-10 08:00 . 2009-02-09 12:10	714752 c:\windows\$NtUninstallKB2393802$\ntdll.dll
+ 2010-10-29 10:33 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2387149$\spuninst\updspapi.dll
+ 2010-10-29 10:33 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2387149$\spuninst\spuninst.exe
+ 2010-10-29 10:33 . 2007-04-03 12:44	981760 c:\windows\$NtUninstallKB2387149$\mfc42u.dll
+ 2010-10-29 10:33 . 2008-04-14 09:41	927504 c:\windows\$NtUninstallKB2387149$\mfc40u.dll
+ 2010-10-29 10:33 . 2004-08-04 12:00	924432 c:\windows\$NtUninstallKB2387149$\mfc40.dll
+ 2010-10-29 10:30 . 2007-07-28 06:11	382840 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\updspapi.dll
+ 2010-10-29 10:30 . 2007-07-28 06:11	231288 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe
+ 2010-10-29 10:01 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2360937$\spuninst\updspapi.dll
+ 2010-10-29 10:01 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2360937$\spuninst\spuninst.exe
+ 2010-10-29 10:01 . 2009-04-15 14:51	585216 c:\windows\$NtUninstallKB2360937$\rpcrt4.dll
+ 2010-10-29 10:27 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB2347290$\spuninst\updspapi.dll
+ 2010-10-29 10:27 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB2347290$\spuninst\spuninst.exe
+ 2010-10-29 10:31 . 2009-12-31 16:50	353792 c:\windows\$NtUninstallKB2345886$\srv.sys
+ 2010-10-29 10:31 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2345886$\spuninst\updspapi.dll
+ 2010-10-29 10:31 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2345886$\spuninst\spuninst.exe
+ 2010-12-15 08:06 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB2296199$\spuninst\updspapi.dll
+ 2010-12-15 08:06 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB2296199$\spuninst\spuninst.exe
+ 2010-12-15 08:06 . 2010-09-01 11:51	285824 c:\windows\$NtUninstallKB2296199$\atmfd.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	382840 c:\windows\$NtUninstallKB2296011$\spuninst\updspapi.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	231288 c:\windows\$NtUninstallKB2296011$\spuninst\spuninst.exe
+ 2010-10-29 10:31 . 2008-04-14 09:41	617472 c:\windows\$NtUninstallKB2296011$\comctl32.dll
+ 2010-10-29 10:12 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2286198$\spuninst\updspapi.dll
+ 2010-10-29 10:12 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2286198$\spuninst\spuninst.exe
+ 2010-10-29 10:33 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2279986$\spuninst\updspapi.dll
+ 2010-10-29 10:33 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2279986$\spuninst\spuninst.exe
+ 2010-10-29 10:33 . 2008-04-14 09:39	285696 c:\windows\$NtUninstallKB2279986$\atmfd.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	382840 c:\windows\$NtUninstallKB2259922$\spuninst\updspapi.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	231288 c:\windows\$NtUninstallKB2259922$\spuninst\spuninst.exe
+ 2010-10-29 10:30 . 2010-02-23 02:53	382840 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll
+ 2010-10-29 10:30 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe
+ 2010-10-29 10:30 . 2008-04-14 09:42	744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe
+ 2010-10-29 10:02 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2158563$\spuninst\updspapi.dll
+ 2010-10-29 10:02 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2158563$\spuninst\spuninst.exe
+ 2010-10-29 10:05 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2141007$\spuninst\updspapi.dll
+ 2010-10-29 10:05 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2141007$\spuninst\spuninst.exe
+ 2010-10-29 10:05 . 2008-04-11 19:04	691712 c:\windows\$NtUninstallKB2141007$\inetcomm.dll
+ 2010-10-29 10:23 . 2008-04-14 09:42	293376 c:\windows\$NtUninstallKB2121546$\winsrv.dll
+ 2010-10-29 10:23 . 2010-02-22 14:23	382840 c:\windows\$NtUninstallKB2121546$\spuninst\updspapi.dll
+ 2010-10-29 10:23 . 2010-02-22 14:23	231288 c:\windows\$NtUninstallKB2121546$\spuninst\spuninst.exe
+ 2010-10-29 10:31 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB2115168$\spuninst\updspapi.dll
+ 2010-10-29 10:31 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB2115168$\spuninst\spuninst.exe
+ 2010-10-29 10:27 . 2009-05-26 11:40	382840 c:\windows\$NtUninstallKB2079403$\spuninst\updspapi.dll
+ 2010-10-29 10:27 . 2009-05-26 11:40	231288 c:\windows\$NtUninstallKB2079403$\spuninst\spuninst.exe
+ 2010-10-29 10:01 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB982665\update\updspapi.dll
+ 2010-10-29 10:01 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB982665\update\update.exe
+ 2010-10-29 10:01 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB982665\spuninst.exe
+ 2010-10-29 10:32 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB982214\update\updspapi.dll
+ 2010-10-29 10:32 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB982214\update\update.exe
+ 2010-10-29 10:32 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB982214\spuninst.exe
+ 2010-10-28 11:31 . 2010-06-21 14:18	354304 c:\windows\$hf_mig$\KB982214\SP3QFE\srv.sys
+ 2010-10-29 10:29 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB982132\update\updspapi.dll
+ 2010-10-29 10:29 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB982132\update\update.exe
+ 2010-10-29 10:29 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB982132\spuninst.exe
+ 2010-10-28 11:36 . 2010-08-27 08:01	119808 c:\windows\$hf_mig$\KB982132\SP3QFE\t2embed.dll
+ 2010-10-29 10:11 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB981997\update\updspapi.dll
+ 2010-10-29 10:11 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB981997\update\update.exe
+ 2010-10-29 10:11 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB981997\spuninst.exe
+ 2010-10-29 10:12 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB981957\update\updspapi.dll
+ 2010-10-29 10:12 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB981957\update\update.exe
+ 2010-10-29 10:12 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB981957\spuninst.exe
+ 2010-10-29 10:27 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB981852\update\updspapi.dll
+ 2010-10-29 10:27 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB981852\update\update.exe
+ 2010-10-29 10:27 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB981852\spuninst.exe
+ 2010-10-29 10:15 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB981332-IE8\update\updspapi.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB981332-IE8\update\update.exe
+ 2010-10-29 10:15 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB981332-IE8\spuninst.exe
+ 2010-10-28 11:14 . 2010-03-10 06:18	420352 c:\windows\$hf_mig$\KB981332-IE8\SP3QFE\vbscript.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB981322\update\updspapi.dll
+ 2010-10-29 10:15 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB981322\update\update.exe
+ 2010-10-29 10:15 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB981322\spuninst.exe
+ 2010-10-28 11:35 . 2010-04-16 15:29	406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
+ 2010-10-29 10:16 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB980436\update\updspapi.dll
+ 2010-10-29 10:16 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB980436\update\update.exe
+ 2010-10-29 10:16 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB980436\spuninst.exe
+ 2010-10-28 11:36 . 2010-06-30 12:23	149504 c:\windows\$hf_mig$\KB980436\SP3QFE\schannel.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	382840 c:\windows\$hf_mig$\KB980232\update\updspapi.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	755576 c:\windows\$hf_mig$\KB980232\update\update.exe
+ 2010-10-29 10:31 . 2009-05-26 09:01	231288 c:\windows\$hf_mig$\KB980232\spuninst.exe
+ 2010-10-28 11:30 . 2010-02-24 11:57	457216 c:\windows\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys
+ 2010-10-29 10:31 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB980195\update\updspapi.dll
+ 2010-10-29 10:31 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB980195\update\update.exe
+ 2010-10-29 10:31 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB980195\spuninst.exe
+ 2010-10-29 10:23 . 2009-05-26 09:01	382840 c:\windows\$hf_mig$\KB979687\update\updspapi.dll
+ 2010-10-29 10:23 . 2009-05-26 09:01	755576 c:\windows\$hf_mig$\KB979687\update\update.exe
+ 2010-10-29 10:23 . 2009-05-26 09:01	231288 c:\windows\$hf_mig$\KB979687\spuninst.exe
+ 2010-10-28 11:36 . 2010-07-12 13:02	218112 c:\windows\$hf_mig$\KB979687\SP3QFE\wordpad.exe
+ 2010-10-29 10:11 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB979482\update\updspapi.dll
+ 2010-10-29 10:11 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB979482\update\update.exe
+ 2010-10-29 10:11 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB979482\spuninst.exe
+ 2010-10-29 10:12 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB979309\update\updspapi.dll
+ 2010-10-29 10:12 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB979309\update\update.exe
+ 2010-10-29 10:12 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB979309\spuninst.exe
+ 2010-02-10 08:00 . 2009-05-26 22:10	382840 c:\windows\$hf_mig$\KB978706\update\updspapi.dll
+ 2010-02-10 08:00 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB978706\update\update.exe
+ 2010-02-10 08:00 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB978706\spuninst.exe
+ 2010-02-10 06:44 . 2009-12-16 18:27	343040 c:\windows\$hf_mig$\KB978706\SP3QFE\mspaint.exe
+ 2010-10-29 10:16 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB978601\update\updspapi.dll
+ 2010-10-29 10:16 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB978601\update\update.exe
+ 2010-10-29 10:16 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB978601\spuninst.exe
+ 2010-10-28 11:05 . 2009-12-24 06:42	178176 c:\windows\$hf_mig$\KB978601\SP3QFE\wintrust.dll
+ 2010-10-29 10:12 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-10-29 10:12 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-10-29 10:12 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-10-28 11:35 . 2010-01-29 14:53	691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
+ 2010-10-29 10:28 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB978338\update\updspapi.dll
+ 2010-10-29 10:28 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB978338\update\update.exe
+ 2010-10-29 10:28 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB978338\spuninst.exe
+ 2010-10-28 11:36 . 2010-02-11 11:36	226880 c:\windows\$hf_mig$\KB978338\SP3QFE\tcpip6.sys
+ 2010-10-28 11:36 . 2010-02-12 04:27	100864 c:\windows\$hf_mig$\KB978338\SP3QFE\6to4svc.dll
+ 2010-02-10 08:04 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB978262\update\updspapi.dll
+ 2010-02-10 08:04 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB978262\update\update.exe
+ 2010-02-10 08:04 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB978262\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB978251\update\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB978251\update\update.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB978251\spuninst.exe
+ 2010-02-10 06:44 . 2009-12-04 17:25	456832 c:\windows\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys
+ 2010-01-23 08:00 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB978207-IE8\update\updspapi.dll
+ 2010-01-23 08:00 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB978207-IE8\update\update.exe
+ 2010-01-23 08:00 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB978207-IE8\spuninst.exe
+ 2010-01-22 08:29 . 2009-12-21 19:09	916480 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	206848 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\occache.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	594432 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\msfeeds.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	246272 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ieproxy.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	184320 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iepeers.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	387584 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iedkcs32.dll
+ 2010-01-22 08:29 . 2009-12-21 13:22	173056 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ie4uinit.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB978037\update\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB978037\update\update.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB978037\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB977914\update\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB977914\update\update.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB977914\spuninst.exe
+ 2010-10-29 10:18 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB977816\update\updspapi.dll
+ 2010-10-29 10:18 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB977816\update\update.exe
+ 2010-10-29 10:18 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB977816\spuninst.exe
+ 2010-02-10 08:00 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB977165\update\updspapi.dll
+ 2010-02-10 08:00 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB977165\update\update.exe
+ 2010-02-10 08:00 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB977165\spuninst.exe
+ 2009-11-05 08:00 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB976749-IE8\update\updspapi.dll
+ 2009-11-05 08:00 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB976749-IE8\update\update.exe
+ 2009-11-05 08:00 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB976749-IE8\spuninst.exe
+ 2010-10-29 10:32 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB976662-IE8\update\updspapi.dll
+ 2010-10-29 10:32 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB976662-IE8\update\update.exe
+ 2010-10-29 10:32 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB976662-IE8\spuninst.exe
+ 2010-10-28 11:31 . 2009-12-09 05:51	726528 c:\windows\$hf_mig$\KB976662-IE8\SP3QFE\jscript.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB976325-IE8\update\updspapi.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB976325-IE8\update\update.exe
+ 2009-12-11 08:02 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB976325-IE8\spuninst.exe
+ 2009-12-10 10:06 . 2009-10-29 07:45	916480 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	206848 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\occache.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	594432 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\msfeeds.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	246272 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\ieproxy.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	184320 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\iepeers.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	387584 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\iedkcs32.dll
+ 2009-12-10 10:06 . 2009-10-28 14:10 173056 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\ie4uinit.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB975713\update\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB975713\update\update.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB975713\spuninst.exe
+ 2010-02-10 06:44 . 2009-12-08 09:01	474112 c:\windows\$hf_mig$\KB975713\SP3QFE\shlwapi.dll
+ 2010-10-29 10:11 . 2010-02-23 02:53	382840 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
+ 2010-10-29 10:11 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-10-29 10:11 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB975562\spuninst.exe
+ 2010-02-10 08:01 . 2009-05-26 22:10	382840 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
+ 2010-02-10 08:01 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB975560\update\update.exe
+ 2010-02-10 08:01 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB975560\spuninst.exe
+ 2009-10-16 07:00 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB975467\update\updspapi.dll
+ 2009-10-16 07:00 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB975467\update\update.exe
+ 2009-10-16 07:00 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB975467\spuninst.exe
+ 2009-10-15 23:45 . 2009-09-11 14:13	136704 c:\windows\$hf_mig$\KB975467\SP3QFE\msv1_0.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB975025\update\updspapi.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB975025\update\update.exe
+ 2009-10-16 07:03 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB975025\spuninst.exe
+ 2009-10-16 07:03 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB974571\update\updspapi.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB974571\update\update.exe
+ 2009-10-16 07:03 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB974571\spuninst.exe
+ 2009-10-16 07:05 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB974455-IE8\update\updspapi.dll
+ 2009-10-16 07:05 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB974455-IE8\update\update.exe
+ 2009-10-16 07:05 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB974455-IE8\spuninst.exe
+ 2009-10-15 23:45 . 2009-08-29 08:01	916480 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	206848 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\occache.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	594432 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeeds.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	246272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieproxy.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	184320 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iepeers.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	387584 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iedkcs32.dll
+ 2009-10-15 23:45 . 2009-08-28 10:07	173056 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ie4uinit.exe
+ 2009-12-11 08:01 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB974392\update\updspapi.dll
+ 2009-12-11 08:01 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB974392\update\update.exe
+ 2009-12-11 08:01 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB974392\spuninst.exe
+ 2009-12-10 10:06 . 2009-10-13 10:38	270336 c:\windows\$hf_mig$\KB974392\SP3QFE\oakley.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB974318\update\updspapi.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB974318\update\update.exe
+ 2009-12-11 08:02 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB974318\spuninst.exe
+ 2009-10-12 23:58 . 2009-10-12 23:58	150016 c:\windows\$hf_mig$\KB974318\SP3QFE\rastls.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB974112\update\updspapi.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB974112\update\update.exe
+ 2009-10-16 07:03 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB974112\spuninst.exe
+ 2009-10-15 23:45 . 2009-08-26 08:03	247326 c:\windows\$hf_mig$\KB974112\SP3QFE\strmdll.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB973904\update\updspapi.dll
+ 2009-12-11 08:02 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB973904\update\update.exe
+ 2009-12-11 08:02 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB973904\spuninst.exe
+ 2009-12-10 10:06 . 2009-07-29 14:01	119648 c:\windows\$hf_mig$\KB973904\SP3QFE\msconv97.dll
+ 2009-11-25 08:00 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB973687\update\updspapi.dll
+ 2009-11-25 08:00 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB973687\update\update.exe
+ 2009-11-25 08:00 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB973687\spuninst.exe
+ 2009-10-16 07:01 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB973525\update\updspapi.dll
+ 2009-10-16 07:01 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB973525\update\update.exe
+ 2009-10-16 07:01 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB973525\spuninst.exe
+ 2010-01-13 08:02 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB972270\update\updspapi.dll
+ 2010-01-13 08:02 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB972270\update\update.exe
+ 2010-01-13 08:02 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB972270\spuninst.exe
+ 2010-01-13 05:17 . 2009-10-15 16:39	119808 c:\windows\$hf_mig$\KB972270\SP3QFE\t2embed.dll
+ 2009-12-11 08:01 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB971737\update\updspapi.dll
+ 2009-12-11 08:01 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB971737\update\update.exe
+ 2009-12-11 08:01 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB971737\spuninst.exe
+ 2009-12-10 10:06 . 2009-08-25 09:27	354816 c:\windows\$hf_mig$\KB971737\SP3QFE\winhttp.dll
+ 2009-10-16 07:01 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB971486\update\updspapi.dll
+ 2009-10-16 07:01 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB971486\update\update.exe
+ 2009-10-16 07:01 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB971486\spuninst.exe
+ 2010-02-10 08:04 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB971468\update\updspapi.dll
+ 2010-02-10 08:04 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB971468\update\update.exe
+ 2010-02-10 08:04 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB971468\spuninst.exe
+ 2010-02-10 06:44 . 2010-01-01 07:58	353792 c:\windows\$hf_mig$\KB971468\SP3QFE\srv.sys
+ 2011-03-16 07:01 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-03-16 07:01 . 2008-07-08 13:02	755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-03-16 07:01 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2011-03-15 22:33 . 2009-07-27 22:13	135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2009-12-11 08:03 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB970430\update\updspapi.dll
+ 2009-12-11 08:03 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB970430\update\update.exe
+ 2009-12-11 08:03 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB970430\spuninst.exe
+ 2009-12-10 10:07 . 2009-10-20 15:21	265728 c:\windows\$hf_mig$\KB970430\SP3QFE\http.sys
+ 2009-11-12 08:00 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB969947\update\updspapi.dll
+ 2009-11-12 08:00 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB969947\update\update.exe
+ 2009-11-12 08:00 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB969947\spuninst.exe
+ 2009-10-16 07:03 . 2008-07-08 13:02	382840 c:\windows\$hf_mig$\KB969059\update\updspapi.dll
+ 2009-10-16 07:03 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB969059\update\update.exe
+ 2009-10-16 07:03 . 2008-07-08 13:02	231288 c:\windows\$hf_mig$\KB969059\spuninst.exe
+ 2010-01-13 08:03 . 2009-05-26 22:10	382840 c:\windows\$hf_mig$\KB955759\update\updspapi.dll
+ 2010-01-13 08:03 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB955759\update\update.exe
+ 2010-01-13 08:03 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB955759\spuninst.exe
+ 2010-01-13 05:17 . 2009-11-21 15:40	471552 c:\windows\$hf_mig$\KB955759\SP3QFE\aclayers.dll
+ 2011-07-14 07:00 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll
+ 2011-07-14 07:00 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2555917\update\update.exe
+ 2011-07-14 07:00 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2555917\spuninst.exe
+ 2011-06-16 07:02 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2544893\update\updspapi.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2544893\update\update.exe
+ 2011-06-16 07:02 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2544893\spuninst.exe
+ 2011-06-15 11:16 . 2011-05-02 15:30	692736 c:\windows\$hf_mig$\KB2544893\SP3QFE\inetcomm.dll
+ 2011-06-16 07:00 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2544521-IE8\update\updspapi.dll
+ 2011-06-16 07:00 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2544521-IE8\update\update.exe
+ 2011-06-16 07:00 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2544521-IE8\spuninst.exe
+ 2011-06-15 11:16 . 2011-04-30 02:59	758784 c:\windows\$hf_mig$\KB2544521-IE8\SP3QFE\vgx.dll
+ 2011-06-29 07:00 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2541763\update\updspapi.dll
+ 2011-06-29 07:00 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2541763\update\update.exe
+ 2011-06-29 07:00 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2541763\spuninst.exe
+ 2011-06-28 23:05 . 2011-04-29 17:23	151552 c:\windows\$hf_mig$\KB2541763\SP3QFE\schannel.dll
+ 2011-06-16 07:02 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2536276\update\updspapi.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2536276\update\update.exe
+ 2011-06-16 07:02 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2536276\spuninst.exe
+ 2011-06-15 11:16 . 2011-04-29 16:47	457856 c:\windows\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys
+ 2011-06-16 07:03 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2535512\update\updspapi.dll
+ 2011-06-16 07:03 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2535512\update\update.exe
+ 2011-06-16 07:03 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2535512\spuninst.exe
+ 2011-06-15 11:16 . 2011-04-21 13:52	105472 c:\windows\$hf_mig$\KB2535512\SP3QFE\mup.sys
+ 2011-06-16 07:02 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2530548-IE8\update\updspapi.dll
+ 2011-06-16 07:02 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2530548-IE8\update\update.exe
+ 2011-06-16 07:02 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2530548-IE8\spuninst.exe
+ 2011-06-15 11:16 . 2011-04-25 16:09	919552 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	206848 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\occache.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	611840 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mstime.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	602112 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeeds.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	247808 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieproxy.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	184320 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iepeers.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	743424 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedvtool.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	387584 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedkcs32.dll
+ 2011-06-15 11:16 . 2011-04-25 11:37	173568 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ie4uinit.exe
+ 2011-03-25 07:00 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2524375\update\updspapi.dll
+ 2011-03-25 07:00 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2524375\update\update.exe
+ 2011-03-25 07:00 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2524375\spuninst.exe
+ 2011-04-15 07:03 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2511455\update\updspapi.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2511455\update\update.exe
+ 2011-04-15 07:03 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2511455\spuninst.exe
+ 2011-04-15 04:44 . 2011-02-17 13:19	457472 c:\windows\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys
+ 2011-04-15 07:00 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2510531-IE8\update\updspapi.dll
+ 2011-04-15 07:00 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2510531-IE8\update\update.exe
+ 2011-04-15 07:00 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2510531-IE8\spuninst.exe
+ 2011-04-15 04:44 . 2011-03-04 06:35	420864 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\vbscript.dll
+ 2011-04-15 04:44 . 2011-03-04 06:35	726528 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\jscript.dll
+ 2011-04-15 07:01 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2509553\update\updspapi.dll
+ 2011-04-15 07:01 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2509553\update\update.exe
+ 2011-04-15 07:01 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2509553\spuninst.exe
+ 2011-04-15 04:45 . 2008-06-20 11:16	225856 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys
+ 2011-04-15 04:45 . 2008-06-20 11:59	361600 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
+ 2011-04-15 04:45 . 2008-06-20 17:43	245248 c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
+ 2011-04-15 04:45 . 2011-03-03 06:53	149504 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsapi.dll
+ 2011-04-15 04:45 . 2008-10-16 15:07	138496 c:\windows\$hf_mig$\KB2509553\SP3QFE\afd.sys
+ 2011-04-15 07:04 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2508429\update\updspapi.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2508429\update\update.exe
+ 2011-04-15 07:04 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2508429\spuninst.exe
+ 2011-04-15 04:45 . 2011-02-17 13:19	357888 c:\windows\$hf_mig$\KB2508429\SP3QFE\srv.sys
+ 2011-04-15 07:05 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2508272\update\updspapi.dll
+ 2011-04-15 07:05 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2508272\update\update.exe
+ 2011-04-15 07:05 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2508272\spuninst.exe
+ 2011-07-14 07:03 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll
+ 2011-07-14 07:03 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2507938\update\update.exe
+ 2011-07-14 07:03 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2507938\spuninst.exe
+ 2011-07-14 03:50 . 2011-04-26 11:02	293376 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
+ 2011-04-15 07:04 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2507618\update\updspapi.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2507618\update\update.exe
+ 2011-04-15 07:04 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2507618\spuninst.exe
+ 2011-04-15 04:45 . 2011-02-15 13:05	290432 c:\windows\$hf_mig$\KB2507618\SP3QFE\atmfd.dll
+ 2011-04-15 07:09 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2506223\update\updspapi.dll
+ 2011-04-15 07:09 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2506223\update\update.exe
+ 2011-04-15 07:09 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2506223\spuninst.exe
+ 2011-04-15 07:03 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2506212\update\updspapi.dll
+ 2011-04-15 07:03 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2506212\update\update.exe
+ 2011-04-15 07:03 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2506212\spuninst.exe
+ 2011-04-15 04:45 . 2011-02-08 13:32	974848 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42u.dll
+ 2011-04-15 04:45 . 2011-02-08 13:32	978944 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42.dll
+ 2011-06-16 07:04 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2503665\update\updspapi.dll
+ 2011-06-16 07:04 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2503665\update\update.exe
+ 2011-06-16 07:04 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2503665\spuninst.exe
+ 2011-06-15 11:16 . 2011-02-16 13:25	138496 c:\windows\$hf_mig$\KB2503665\SP3QFE\afd.sys
+ 2011-04-15 07:04 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2503658\update\updspapi.dll
+ 2011-04-15 07:04 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2503658\update\update.exe
+ 2011-04-15 07:04 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2503658\spuninst.exe
+ 2011-04-15 04:45 . 2011-03-07 05:31	692736 c:\windows\$hf_mig$\KB2503658\SP3QFE\inetcomm.dll
+ 2011-04-15 07:09 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2497640-IE8\update\updspapi.dll
+ 2011-04-15 07:09 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2497640-IE8\update\update.exe
+ 2011-04-15 07:09 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2497640-IE8\spuninst.exe
+ 2011-04-15 04:45 . 2011-02-22 23:27	919552 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	206848 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\occache.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	611840 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mstime.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	602112 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeeds.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	247808 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieproxy.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	184320 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iepeers.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	743424 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedvtool.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	387584 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedkcs32.dll
+ 2011-04-15 04:45 . 2011-02-22 12:08	173568 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ie4uinit.exe
+ 2011-04-15 07:11 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2485663\update\updspapi.dll
+ 2011-04-15 07:11 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2485663\update\update.exe
+ 2011-04-15 07:11 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2485663\spuninst.exe
+ 2011-02-10 08:04 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2485376\update\updspapi.dll
+ 2011-02-10 08:04 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2485376\update\update.exe
+ 2011-02-10 08:04 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2485376\spuninst.exe
+ 2011-02-09 19:21 . 2011-01-07 14:09	290048 c:\windows\$hf_mig$\KB2485376\SP3QFE\atmfd.dll
+ 2011-02-10 08:03 . 2010-07-05 23:46	382840 c:\windows\$hf_mig$\KB2483185\update\updspapi.dll
+ 2011-02-10 08:03 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2483185\update\update.exe
+ 2011-02-10 08:03 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2483185\spuninst.exe
+ 2011-02-09 19:21 . 2011-01-21 14:42	439808 c:\windows\$hf_mig$\KB2483185\SP3QFE\shimgvw.dll
+ 2011-02-10 08:01 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2482017-IE8\update\updspapi.dll
+ 2011-02-10 08:01 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2482017-IE8\update\update.exe
+ 2011-02-10 08:01 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2482017-IE8\spuninst.exe
+ 2011-02-09 19:21 . 2010-12-20 23:58	919552 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	206848 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\occache.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	611840 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mstime.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	602112 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeeds.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	247808 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieproxy.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	184320 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iepeers.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	743424 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iedvtool.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	387584 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iedkcs32.dll
+ 2011-02-09 19:21 . 2010-12-20 12:48	173568 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ie4uinit.exe
+ 2011-03-10 08:01 . 2010-07-05 23:46	382840 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-03-10 08:01 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-03-10 08:01 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-03-09 19:36 . 2011-01-27 11:41	677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-03-09 19:36 . 2011-02-02 07:57	136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-03-10 08:04 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-10 08:04 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-10 08:04 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-03-09 19:36 . 2011-02-09 13:52	270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-03-09 19:36 . 2011-02-09 13:52	186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-02-10 08:03 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2479628\update\updspapi.dll
+ 2011-02-10 08:03 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2479628\update\update.exe
+ 2011-02-10 08:03 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2479628\spuninst.exe
+ 2011-02-10 08:04 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2478971\update\updspapi.dll
+ 2011-02-10 08:04 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2478971\update\update.exe
+ 2011-02-10 08:04 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2478971\spuninst.exe
+ 2011-02-09 19:21 . 2010-12-22 12:32	301568 c:\windows\$hf_mig$\KB2478971\SP3QFE\kerberos.dll
+ 2011-02-10 08:00 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2478960\update\updspapi.dll
+ 2011-02-10 08:00 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2478960\update\update.exe
+ 2011-02-10 08:00 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2478960\spuninst.exe
+ 2011-02-09 19:21 . 2010-12-20 17:24	730112 c:\windows\$hf_mig$\KB2478960\SP3QFE\lsasrv.dll
+ 2011-02-10 08:01 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2476687\update\updspapi.dll
+ 2011-02-10 08:01 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2476687\update\update.exe
+ 2011-02-10 08:01 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2476687\spuninst.exe
+ 2011-06-16 07:04 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
+ 2011-06-16 07:04 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
+ 2011-06-16 07:04 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
+ 2011-06-15 11:17 . 2010-12-20 17:30	552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2467659\update\updspapi.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2467659\update\update.exe
+ 2010-12-15 08:05 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2467659\spuninst.exe
+ 2010-12-15 08:06 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2443105\update\updspapi.dll
+ 2010-12-15 08:06 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2443105\update\update.exe
+ 2010-12-15 08:06 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2443105\spuninst.exe
+ 2010-12-15 08:05 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB2440591\update\updspapi.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB2440591\update\update.exe
+ 2010-12-15 08:05 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB2440591\spuninst.exe
+ 2010-12-15 08:05 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB2436673\update\updspapi.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB2436673\update\update.exe
+ 2010-12-15 08:05 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB2436673\spuninst.exe
+ 2010-12-15 08:01 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2423089\update\updspapi.dll
+ 2010-12-15 08:01 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2423089\update\update.exe
+ 2010-12-15 08:01 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2423089\spuninst.exe
+ 2011-01-13 08:01 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2419632\update\updspapi.dll
+ 2011-01-13 08:01 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2419632\update\update.exe
+ 2011-01-13 08:01 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2419632\spuninst.exe
+ 2011-01-12 11:17 . 2010-11-09 14:50	253952 c:\windows\$hf_mig$\KB2419632\SP3QFE\odbc32.dll
+ 2011-01-12 11:17 . 2010-11-09 14:50	102400 c:\windows\$hf_mig$\KB2419632\SP3QFE\msjro.dll
+ 2011-01-12 11:17 . 2010-11-09 14:50	200704 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadox.dll
+ 2011-01-12 11:17 . 2010-11-09 14:50	180224 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadomd.dll
+ 2010-11-10 01:20 . 2010-11-10 01:20	565248 c:\windows\$hf_mig$\KB2419632\SP3QFE\msado15.dll
+ 2011-01-12 11:17 . 2010-11-09 14:50	143360 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadco.dll
+ 2010-12-15 08:05 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2416400-IE8\update\updspapi.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2416400-IE8\update\update.exe
+ 2010-12-15 08:05 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2416400-IE8\spuninst.exe
+ 2010-12-15 02:17 . 2010-11-06 00:27	919552 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	206848 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\occache.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	611840 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mstime.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	602112 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\msfeeds.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	247808 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ieproxy.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	184320 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iepeers.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	743424 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iedvtool.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	387584 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iedkcs32.dll
+ 2010-12-15 02:17 . 2010-11-03 12:01	173568 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ie4uinit.exe
+ 2011-02-10 08:00 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2393802\update\updspapi.dll
+ 2011-02-10 08:00 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2393802\update\update.exe
+ 2011-02-10 08:00 . 2010-07-05 13:15	231288 c:\windows\$hf_mig$\KB2393802\spuninst.exe
+ 2011-02-09 19:21 . 2010-12-09 15:15	718336 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
+ 2010-10-29 10:33 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2387149\update\updspapi.dll
+ 2010-10-29 10:33 . 2010-07-05 13:15	755576 c:\windows\$hf_mig$\KB2387149\update\update.exe
+ 2010-10-29 10:33 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2387149\spuninst.exe
+ 2010-10-28 11:33 . 2010-09-18 07:18	974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42u.dll
+ 2010-10-28 11:33 . 2010-09-18 07:18	974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42.dll
+ 2010-10-28 11:33 . 2010-09-18 07:18	953856 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
+ 2010-10-28 11:33 . 2010-09-18 07:18	954368 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40.dll
+ 2010-10-29 10:01 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2360937\update\updspapi.dll
+ 2010-10-29 10:01 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2360937\update\update.exe
+ 2010-10-29 10:01 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2360937\spuninst.exe
+ 2010-10-28 11:04 . 2010-08-16 08:43	590848 c:\windows\$hf_mig$\KB2360937\SP3QFE\rpcrt4.dll
+ 2010-10-29 10:19 . 2010-07-05 13:16	382840 c:\windows\$hf_mig$\KB2360131-IE8\update\updspapi.dll
+ 2010-10-29 10:19 . 2009-05-26 09:01	755576 c:\windows\$hf_mig$\KB2360131-IE8\update\update.exe
+ 2010-10-29 10:19 . 2009-05-26 09:01	231288 c:\windows\$hf_mig$\KB2360131-IE8\spuninst.exe
+ 2010-10-28 11:20 . 2010-09-10 05:57	919552 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	206848 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\occache.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	611840 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mstime.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	602112 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeeds.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	247808 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieproxy.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	184320 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iepeers.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	743424 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iedvtool.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	387584 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iedkcs32.dll
+ 2010-10-28 11:20 . 2010-09-08 15:48	173056 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ie4uinit.exe
+ 2010-10-29 10:27 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll
+ 2010-10-29 10:27 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB2347290\update\update.exe
+ 2010-10-29 10:27 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB2347290\spuninst.exe
+ 2010-10-29 10:31 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2345886\update\updspapi.dll
+ 2010-10-29 10:31 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2345886\update\update.exe
+ 2010-10-29 10:31 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2345886\spuninst.exe
+ 2010-10-28 11:36 . 2010-08-26 13:37	357248 c:\windows\$hf_mig$\KB2345886\SP3QFE\srv.sys
+ 2010-12-15 08:06 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB2296199\update\updspapi.dll
+ 2010-12-15 08:06 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB2296199\update\update.exe
+ 2010-12-15 08:06 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB2296199\spuninst.exe
+ 2010-12-15 02:18 . 2010-10-28 13:08	290048 c:\windows\$hf_mig$\KB2296199\SP3QFE\atmfd.dll
+ 2010-10-29 10:12 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2286198\update\updspapi.dll
+ 2010-10-29 10:12 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2286198\update\update.exe
+ 2010-10-29 10:12 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2286198\spuninst.exe
+ 2010-10-29 10:33 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2279986\update\updspapi.dll
+ 2010-10-29 10:33 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2279986\update\update.exe
+ 2010-10-29 10:33 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2279986\spuninst.exe
+ 2010-10-28 11:37 . 2010-09-01 11:48	285824 c:\windows\$hf_mig$\KB2279986\SP3QFE\atmfd.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	382840 c:\windows\$hf_mig$\KB2259922\update\updspapi.dll
+ 2010-10-29 10:31 . 2009-05-26 09:01	755576 c:\windows\$hf_mig$\KB2259922\update\update.exe
+ 2010-10-29 10:31 . 2009-05-26 09:01	231288 c:\windows\$hf_mig$\KB2259922\spuninst.exe
+ 2010-10-29 10:30 . 2010-02-23 02:53	382840 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
+ 2010-10-29 10:30 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB2229593\update\update.exe
+ 2010-10-29 10:30 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB2229593\spuninst.exe
+ 2010-10-28 11:27 . 2010-06-14 14:38	744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe
+ 2010-10-29 10:05 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2141007\update\updspapi.dll
+ 2010-10-29 10:05 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2141007\update\update.exe
+ 2010-10-29 10:05 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2141007\spuninst.exe
+ 2010-10-28 11:34 . 2010-06-09 07:41	692736 c:\windows\$hf_mig$\KB2141007\SP3QFE\inetcomm.dll
+ 2010-10-29 10:23 . 2010-02-22 14:23	382840 c:\windows\$hf_mig$\KB2121546\update\updspapi.dll
+ 2010-10-29 10:23 . 2010-02-22 14:23	755576 c:\windows\$hf_mig$\KB2121546\update\update.exe
+ 2010-10-29 10:23 . 2010-02-22 14:23	231288 c:\windows\$hf_mig$\KB2121546\spuninst.exe
+ 2010-10-28 11:36 . 2010-06-18 17:43	293376 c:\windows\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
+ 2010-10-29 10:31 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB2115168\update\updspapi.dll
+ 2010-10-29 10:31 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB2115168\update\update.exe
+ 2010-10-29 10:31 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB2115168\spuninst.exe
+ 2010-10-29 10:27 . 2009-05-26 11:40	382840 c:\windows\$hf_mig$\KB2079403\update\updspapi.dll
+ 2010-10-29 10:27 . 2009-05-26 11:40	755576 c:\windows\$hf_mig$\KB2079403\update\update.exe
+ 2010-10-29 10:27 . 2009-05-26 11:40	231288 c:\windows\$hf_mig$\KB2079403\spuninst.exe
+ 2011-06-14 03:11 . 2011-06-14 03:11	1055744 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.1002.3_x-ww_92561fce\rtcdll.dll
+ 2011-04-15 04:45 . 2010-10-23 00:51	1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2009-10-15 23:45 . 2009-08-13 13:55	1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2010-10-28 11:30 . 2010-08-23 16:12	1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51	3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	3780936 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfc90u.dll
+ 2011-01-11 14:59 . 2011-01-11 14:59	3766088 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfc90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05	3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25	1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-02 05:25 . 2006-12-02 05:25	1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2011-05-14 00:04 . 2011-05-14 00:04	1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
+ 2011-05-14 00:04 . 2011-05-14 00:04	1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
+ 2009-07-12 00:46 . 2009-07-12 00:46	1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-12 00:46 . 2009-07-12 00:46	1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2009-07-21 05:03 . 2009-07-21 05:03	1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	1676288 c:\windows\system32\xpssvcs.dll
+ 2009-06-02 21:41 . 2009-08-06 23:23	1929952 c:\windows\system32\wuaueng.dll
+ 2004-08-04 12:00 . 2010-04-06 11:52	2462720 c:\windows\system32\WMVCore.dll
+ 2006-10-23 17:45 . 2011-06-02 14:02	1858944 c:\windows\system32\win32k.sys
+ 2011-05-18 00:52 . 2009-11-08 06:41	1112288 c:\windows\system32\WdfCoInstaller01007.dll
+ 2008-08-09 12:30 . 2008-08-09 12:30	1003520 c:\windows\system32\vsfilter.dll
+ 2006-10-23 17:45 . 2011-06-23 18:36	1212416 c:\windows\system32\urlmon.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2009-11-07 19:06 . 2008-07-06 22:36	2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2009-11-07 19:06 . 2008-07-06 22:36	2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2009-07-14 14:09 . 2009-07-14 14:09	1392640 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnpswb.dll
+ 2009-07-14 14:09 . 2009-07-14 14:09	4038656 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnprpb.dll
+ 2009-07-14 14:08 . 2009-07-14 14:08	3665920 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnlpab.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	1380352 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnlpa.dll
+ 2007-11-14 03:55 . 2007-11-14 03:55	1339392 c:\windows\system32\spool\drivers\w32x86\lexmark_2600_seriesaa0d\lxdnhpec.dll
+ 2009-11-07 19:06 . 2008-07-06 12:06	1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2009-07-14 14:09 . 2009-07-14 14:09	1392640 c:\windows\system32\spool\drivers\w32x86\3\lxdnpswb.dll
+ 2009-07-14 14:09 . 2009-07-14 14:09	4038656 c:\windows\system32\spool\drivers\w32x86\3\lxdnprpb.dll
+ 2009-07-14 14:08 . 2009-07-14 14:08	3665920 c:\windows\system32\spool\drivers\w32x86\3\lxdnlpab.dll
+ 2009-07-14 14:06 . 2009-07-14 14:06	1380352 c:\windows\system32\spool\drivers\w32x86\3\lxdnlpa.dll
+ 2007-11-14 03:55 . 2007-11-14 03:55	1339392 c:\windows\system32\spool\drivers\w32x86\3\lxdnhpec.dll
+ 2006-10-23 17:45 . 2011-01-21 14:44	8462336 c:\windows\system32\shell32.dll
- 2006-10-23 17:45 . 2008-04-14 09:42	1435648 c:\windows\system32\query.dll
+ 2006-10-23 17:45 . 2009-07-17 16:22	1435648 c:\windows\system32\query.dll
+ 2006-10-23 17:45 . 2010-02-05 18:27	1291776 c:\windows\system32\quartz.dll
+ 2011-02-21 02:29 . 2011-02-21 02:29	2227712 c:\windows\system32\python32.dll
+ 2006-10-23 17:44 . 2010-07-16 12:05	1288192 c:\windows\system32\ole32.dll
+ 2006-10-23 17:44 . 2010-12-09 13:42	2148864 c:\windows\system32\ntoskrnl.exe
+ 2006-04-11 20:27 . 2010-12-09 13:07	2027008 c:\windows\system32\ntkrnlpa.exe
+ 2006-10-23 17:44 . 2009-07-31 15:05	1372672 c:\windows\system32\msxml6.dll
+ 2009-07-21 05:05 . 2009-07-21 05:05	1348432 c:\windows\system32\msxml4.dll
+ 2006-10-23 17:44 . 2010-06-14 07:41	1172480 c:\windows\system32\msxml3.dll
+ 2009-06-02 21:40 . 2011-02-02 07:58	2067456 c:\windows\system32\mstscax.dll
+ 2006-10-23 17:44 . 2011-07-25 15:17	5969920 c:\windows\system32\mshtml.dll
+ 2009-07-16 11:00 . 2009-07-16 11:00	1490944 c:\windows\system32\Macromed\Shockwave 10\dirapiX.dll
+ 2011-06-03 21:36 . 2011-06-03 21:36	6271136 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-28 20:16 . 2007-11-28 20:16	1101824 c:\windows\system32\lxdnserv.dll
+ 2009-03-08 08:32 . 2011-06-23 18:36	1991680 c:\windows\system32\iertutil.dll
+ 2011-04-13 22:40 . 2011-04-13 22:40	4284416 c:\windows\system32\GPhotos.scr
+ 2011-05-29 00:22 . 2010-12-13 21:56	1700352 c:\windows\system32\GdiPlus.dll
+ 2009-08-04 23:52 . 2009-08-04 23:52	1193832 c:\windows\system32\FM20.DLL
+ 2009-11-07 19:06 . 2008-07-06 12:06	1676288 c:\windows\system32\dllcache\xpssvcs.dll
+ 2009-06-02 21:41 . 2009-08-06 23:23	1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2004-08-04 12:00 . 2010-04-06 11:52	2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2009-06-02 22:44 . 2011-06-02 14:02	1858944 c:\windows\system32\dllcache\win32k.sys
+ 2009-06-02 22:46 . 2011-06-23 18:36	1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2009-06-02 22:45 . 2011-01-21 14:44	8462336 c:\windows\system32\dllcache\shell32.dll
+ 2009-10-15 23:46 . 2009-07-17 16:22	1435648 c:\windows\system32\dllcache\query.dll
+ 2009-06-02 22:45 . 2010-02-05 18:27	1291776 c:\windows\system32\dllcache\quartz.dll
+ 2010-10-28 11:36 . 2010-07-16 12:05	1288192 c:\windows\system32\dllcache\ole32.dll
+ 2009-06-02 22:45 . 2010-12-09 13:38	2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-06-02 22:45 . 2010-12-09 13:07	2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-07 23:02 . 2010-12-09 13:07	2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-06-02 22:45 . 2010-12-09 13:42	2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-06-02 22:23 . 2009-07-31 15:05	1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2009-06-02 22:43 . 2010-06-14 07:41	1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-08-13 06:26 . 2010-01-30 03:31	1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-13 06:26 . 2009-07-10 13:27	1315328 c:\windows\system32\dllcache\msoe.dll
+ 2009-06-02 22:46 . 2011-07-25 15:17	5969920 c:\windows\system32\dllcache\mshtml.dll
+ 2010-10-28 11:11 . 2010-06-18 13:36	3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2011-03-09 19:36 . 2011-02-02 07:58	2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2009-06-11 05:22 . 2011-06-23 18:36	1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2009-11-07 08:06 . 2009-11-07 08:06	1130824 c:\windows\system32\dfshim.dll
+ 2011-06-03 21:00 . 2010-05-26 15:41	1998168 c:\windows\system32\D3DX9_43.dll
+ 2011-02-10 04:30 . 2009-09-04 22:29	1892184 c:\windows\system32\D3DX9_42.dll
+ 2011-06-03 21:00 . 2009-03-09 19:27	4178264 c:\windows\system32\D3DX9_41.dll
+ 2011-06-03 21:00 . 2008-10-10 08:52	4379984 c:\windows\system32\D3DX9_40.dll
+ 2011-06-03 20:15 . 2011-03-25 09:35	3851784 c:\windows\system32\d3dx9_39.dll
+ 2011-06-03 21:00 . 2008-05-30 18:11	3850760 c:\windows\system32\D3DX9_38.dll
+ 2011-06-03 21:00 . 2008-03-05 19:56	3786760 c:\windows\system32\D3DX9_37.dll
+ 2011-06-03 21:00 . 2007-10-12 19:14	3734536 c:\windows\system32\d3dx9_36.dll
+ 2011-06-03 21:00 . 2007-07-19 22:14	3727720 c:\windows\system32\d3dx9_35.dll
+ 2011-06-03 21:00 . 2007-05-16 20:45	3497832 c:\windows\system32\d3dx9_34.dll
+ 2011-06-03 21:00 . 2007-03-12 20:42	3495784 c:\windows\system32\d3dx9_33.dll
+ 2011-06-03 21:00 . 2006-11-29 17:06	3426072 c:\windows\system32\d3dx9_32.dll
+ 2011-06-19 20:19 . 2009-01-26 03:36	1970176 c:\windows\system32\d3dx9.dll
+ 2011-06-03 21:00 . 2010-05-26 15:41	1868128 c:\windows\system32\d3dcsx_43.dll
+ 2011-06-03 21:00 . 2009-09-04 21:29	5501792 c:\windows\system32\d3dcsx_42.dll
+ 2011-06-03 21:00 . 2010-05-26 15:41	2106216 c:\windows\system32\D3DCompiler_43.dll
+ 2011-06-03 21:00 . 2009-09-04 21:29	1974616 c:\windows\system32\D3DCompiler_42.dll
+ 2011-06-03 21:00 . 2009-03-09 19:27	1846632 c:\windows\system32\D3DCompiler_41.dll
+ 2011-06-03 21:00 . 2008-10-10 08:52	2036576 c:\windows\system32\D3DCompiler_40.dll
+ 2011-06-03 21:00 . 2008-07-10 15:00	1493528 c:\windows\system32\D3DCompiler_39.dll
+ 2011-06-03 21:00 . 2008-05-30 18:11	1491992 c:\windows\system32\D3DCompiler_38.dll
+ 2011-06-03 21:00 . 2008-03-05 19:56	1420824 c:\windows\system32\D3DCompiler_37.dll
+ 2011-06-03 21:00 . 2007-10-12 19:14	1374232 c:\windows\system32\D3DCompiler_36.dll
+ 2011-06-03 21:00 . 2007-07-19 22:14	1358192 c:\windows\system32\D3DCompiler_35.dll
+ 2011-06-03 21:00 . 2007-05-16 20:45	1124720 c:\windows\system32\D3DCompiler_34.dll
+ 2011-06-03 21:00 . 2007-03-12 20:42	1123696 c:\windows\system32\D3DCompiler_33.dll
+ 2009-07-31 13:00 . 2009-07-31 13:00	1011712 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2009-07-31 12:54 . 2009-07-31 12:54	1886320 c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2009-07-31 13:04 . 2009-07-31 13:04	1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40	1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 23:47 . 2008-07-29 23:47	1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 23:47 . 2008-07-29 23:47	1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-30 04:40 . 2008-07-30 04:40	1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-06 00:35 . 2008-12-06 00:35	1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-30 02:10 . 2008-07-30 02:10	2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-30 02:10 . 2008-07-30 02:10	4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2010-04-08 06:48 . 2010-04-08 06:48	5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 09:59 . 2008-11-25 09:59	2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15	5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2010-09-22 16:44 . 2010-09-22 16:44	5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-04-29 01:50 . 2011-04-29 01:50	3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 16:17 . 2008-07-25 16:17	2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15	5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15	4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 16:16 . 2008-07-25 16:16	1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
- 2007-04-14 01:35 . 2007-04-14 01:35	1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 22:55 . 2010-09-23 22:55	1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 22:55 . 2010-09-23 22:55	1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-14 01:35 . 2007-04-14 01:35	1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-14 00:57 . 2007-04-14 00:57	2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-09-23 09:26 . 2010-09-23 09:26	2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-09-23 09:25 . 2010-09-23 09:25	2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-14 00:57 . 2007-04-14 00:57	2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-09-23 22:55 . 2010-09-23 22:55	2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2007-04-14 00:50 . 2007-04-14 00:50	2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-06-03 21:00 . 2004-12-01 19:53	2846720 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2004-09-29 16:38	2676224 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2008-07-30 02:26 . 2008-07-30 02:26	1043456 c:\windows\Installer\ca02cdb.msp
+ 2008-07-30 03:37 . 2008-07-30 03:37	2679808 c:\windows\Installer\ca02cd9.msp
+ 2008-07-30 04:15 . 2008-07-30 04:15	3697664 c:\windows\Installer\ca02cd7.msp
+ 2008-07-30 02:34 . 2008-07-30 02:34	1448448 c:\windows\Installer\ca02cd6.msp
+ 2008-07-30 03:22 . 2008-07-30 03:22	4137984 c:\windows\Installer\ca02cd5.msp
+ 2008-07-30 02:18 . 2008-07-30 02:18	3376640 c:\windows\Installer\ca02cd4.msp
+ 2008-07-30 00:45 . 2008-07-30 00:45	2543616 c:\windows\Installer\c9d7aa7.msp
+ 2008-07-30 00:29 . 2008-07-30 00:29	2926080 c:\windows\Installer\c9d7aa6.msp
+ 2008-07-30 00:41 . 2008-07-30 00:41	6487040 c:\windows\Installer\c9d7aa5.msp
+ 2008-07-30 00:39 . 2008-07-30 00:39	3403264 c:\windows\Installer\c9d7aa4.msp
+ 2008-07-30 00:43 . 2008-07-30 00:43	1013248 c:\windows\Installer\c9d7aa2.msp
+ 2008-07-30 00:31 . 2008-07-30 00:31	6083072 c:\windows\Installer\c9d7a9f.msp
+ 2011-05-23 18:15 . 2011-05-23 18:15	3617792 c:\windows\Installer\be1851.msp
+ 2011-06-03 21:27 . 2011-06-03 21:27	1065984 c:\windows\Installer\9471cd2.msi
+ 2011-06-21 03:48 . 2011-06-21 03:48	3940352 c:\windows\Installer\68f9c37.msi
+ 2009-05-04 11:46 . 2009-05-04 11:46	8299008 c:\windows\Installer\4d34a475.msp
+ 2009-04-24 16:31 . 2009-04-24 16:31	1425920 c:\windows\Installer\4d34a46c.msp
+ 2009-04-24 16:30 . 2009-04-24 16:30	2583552 c:\windows\Installer\4d34a462.msp
+ 2009-07-27 08:31 . 2009-07-27 08:31	3738624 c:\windows\Installer\4d34a431.msp
+ 2008-06-19 22:28 . 2008-06-19 22:28	1573376 c:\windows\Installer\480e2302.msp
+ 2007-07-21 17:26 . 2007-07-21 17:26	7574016 c:\windows\Installer\480e22cf.msp
+ 2008-10-20 14:18 . 2008-10-20 14:18	6474240 c:\windows\Installer\480e22c8.msp
+ 2011-05-02 04:06 . 2011-05-02 04:06	2705920 c:\windows\Installer\403df.msp
+ 2011-07-26 17:50 . 2011-07-26 17:50	5522432 c:\windows\Installer\403d8.msp
+ 2010-09-17 11:04 . 2010-09-17 11:04	9401856 c:\windows\Installer\3ccf598a.msp
+ 2010-10-01 22:42 . 2010-10-01 22:42	5054464 c:\windows\Installer\3ccf596d.msp
+ 2010-10-22 18:25 . 2010-10-22 18:25	5521408 c:\windows\Installer\3ccf5958.msp
+ 2009-12-11 15:29 . 2009-12-11 15:29	5521408 c:\windows\Installer\31d206b6.msp
+ 2010-10-22 20:45 . 2010-10-22 20:45	8444928 c:\windows\Installer\2fd291f2.msp
+ 2010-12-06 20:02 . 2010-12-06 20:02	5518848 c:\windows\Installer\2fd291c2.msp
+ 2010-10-02 02:53 . 2010-10-02 02:53	4147712 c:\windows\Installer\2fd291ad.msp
+ 2011-04-29 16:28 . 2011-04-29 16:28	1995264 c:\windows\Installer\2f6ea31e.msp
+ 2011-04-27 23:51 . 2011-04-27 23:51	6825472 c:\windows\Installer\2f6ea306.msp
+ 2011-05-20 21:31 . 2011-05-20 21:31	5518848 c:\windows\Installer\2f6ea2f1.msp
+ 2011-05-17 22:28 . 2011-05-17 22:28	6862848 c:\windows\Installer\2f6ea2dc.msp
+ 2011-04-29 16:33 . 2011-04-29 16:33	8173568 c:\windows\Installer\2f6ea2c7.msp
+ 2008-12-13 14:57 . 2008-12-13 14:57	8397824 c:\windows\Installer\2beeb2c.msp
+ 2011-06-15 12:17 . 2011-06-15 12:17	1529344 c:\windows\Installer\2b698603.msi
+ 2011-01-19 03:36 . 2011-01-19 03:36	2687488 c:\windows\Installer\2b4cd619.msp
+ 2009-12-17 03:58 . 2009-12-17 03:58	5382144 c:\windows\Installer\268e253a.msp
+ 2010-01-22 00:52 . 2010-01-22 00:52	4298752 c:\windows\Installer\24acbcfa.msi
+ 2011-02-22 15:32 . 2011-02-22 15:32	5520384 c:\windows\Installer\233b3e77.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51	5524480 c:\windows\Installer\1fb0943a.msp
+ 2010-01-19 23:29 . 2010-01-19 23:29	5050368 c:\windows\Installer\1fb09425.msp
+ 2011-05-24 04:27 . 2011-05-24 04:27	3567616 c:\windows\Installer\1f57d522.msi
+ 2010-01-30 03:20 . 2010-01-30 03:20	6280192 c:\windows\Installer\1f3d0e2e.msp
+ 2010-01-30 03:20 . 2010-01-30 03:20	2317312 c:\windows\Installer\1f3d0e1a.msi
+ 2010-08-05 17:57 . 2010-08-05 17:57	4066304 c:\windows\Installer\1993cef.msp
+ 2009-10-17 01:07 . 2009-10-17 01:07	6115328 c:\windows\Installer\1993ccb.msp
+ 2010-05-25 18:45 . 2010-05-25 18:45	8445440 c:\windows\Installer\1993ca1.msp
+ 2010-06-12 00:55 . 2010-06-12 00:55	1827328 c:\windows\Installer\1993c61.msp
+ 2010-08-14 00:59 . 2010-08-14 00:59	8182272 c:\windows\Installer\1993c48.msp
+ 2010-08-14 01:02 . 2010-08-14 01:02	2545664 c:\windows\Installer\1993c40.msp
+ 2010-05-03 23:11 . 2010-05-03 23:11	4149760 c:\windows\Installer\1993c38.msp
+ 2010-08-24 00:09 . 2010-08-24 00:09	7673344 c:\windows\Installer\1993c23.msp
+ 2009-11-09 07:25 . 2009-11-09 07:25	1935360 c:\windows\Installer\1993bfb.msp
+ 2010-09-23 14:39 . 2010-09-23 14:39	4265472 c:\windows\Installer\1993bd1.msp
+ 2010-10-04 23:32 . 2010-10-04 23:32	5517824 c:\windows\Installer\1993bc7.msp
+ 2010-08-26 00:06 . 2010-08-26 00:06	6479360 c:\windows\Installer\1993bab.msp
+ 2010-04-12 05:17 . 2010-04-12 05:17	2607104 c:\windows\Installer\1993b88.msp
+ 2010-04-12 05:17 . 2010-04-12 05:17	4210688 c:\windows\Installer\1993b87.msp
+ 2010-08-24 16:49 . 2010-08-24 16:49	6825472 c:\windows\Installer\1993b63.msp
+ 2010-05-03 23:06 . 2010-05-03 23:06	5053952 c:\windows\Installer\1993b47.msp
+ 2010-03-30 19:34 . 2010-03-30 19:34	3826688 c:\windows\Installer\1993b32.msp
+ 2009-11-20 20:00 . 2009-11-20 20:00	5521408 c:\windows\Installer\19724952.msp
+ 2011-04-27 15:14 . 2011-04-27 15:14	5520384 c:\windows\Installer\16c42f04.msp
+ 2011-04-29 17:04 . 2011-04-29 17:04	5053440 c:\windows\Installer\16c42eef.msp
+ 2011-04-29 16:30 . 2011-04-29 16:30	1197056 c:\windows\Installer\16c42eda.msp
+ 2011-01-27 18:49 . 2011-01-27 18:49	6825472 c:\windows\Installer\167208d.msp
+ 2011-04-05 16:52 . 2011-04-05 16:52	5519872 c:\windows\Installer\1672063.msp
+ 2010-11-21 03:34 . 2010-11-21 03:34	1198080 c:\windows\Installer\1672043.msp
+ 2011-03-18 00:01 . 2011-03-18 00:01	9563648 c:\windows\Installer\167203b.msp
+ 2011-03-03 15:25 . 2011-03-03 15:25	5051904 c:\windows\Installer\1672033.msp
+ 2011-01-11 21:50 . 2011-01-11 21:50	8177152 c:\windows\Installer\167201e.msp
+ 2009-10-03 01:00 . 2009-10-03 01:00	2747392 c:\windows\Installer\14e42cc4.msi
+ 2009-10-22 17:46 . 2009-10-22 17:46	6821888 c:\windows\Installer\14843610.msp
+ 2009-08-18 17:58 . 2009-08-18 17:58	8301056 c:\windows\Installer\148435fb.msp
+ 2009-10-06 23:40 . 2009-10-06 23:40	7681024 c:\windows\Installer\148435f3.msp
+ 2009-10-22 17:28 . 2009-10-22 17:28	5521408 c:\windows\Installer\148435de.msp
+ 2009-08-21 14:14 . 2009-08-21 14:14	8363008 c:\windows\Installer\12a62c5b.msp
+ 2009-08-20 09:02 . 2009-08-20 09:02	5204992 c:\windows\Installer\12a62c40.msp
+ 2009-09-29 13:08 . 2009-09-29 13:08	6747648 c:\windows\Installer\12a62c2b.msp
+ 2009-09-21 20:53 . 2009-09-21 20:53	5518848 c:\windows\Installer\12a62c00.msp
+ 2011-07-14 03:53 . 2011-07-14 03:53	1214464 c:\windows\Installer\11e71d.msi
+ 2011-07-14 03:53 . 2011-07-14 03:53	1541120 c:\windows\Installer\11e713.msi
+ 2011-01-17 21:06 . 2011-01-17 21:06	5518848 c:\windows\Installer\11827ad.msp
+ 2007-04-19 17:49 . 2007-04-19 17:49	1661280 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\PPTVIEW.EXE
+ 2007-04-19 18:09 . 2007-04-19 18:09	1061720 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OMFC.DLL
+ 2007-05-10 17:43 . 2007-05-10 17:43	6688096 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSACCESS.EXE
+ 2007-04-30 18:57 . 2007-04-30 18:57	7084384 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\INFOPATH.EXE
+ 2007-06-06 14:53 . 2007-06-06 14:53	1195888 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\FM20.DLL
+ 2009-04-03 21:57 . 2009-04-03 21:57	4671320 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\WRD12CNV.DLL
+ 2009-04-02 18:35 . 2009-04-02 18:35	1787216 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\PPCNV.DLL
+ 2007-03-21 22:58 . 2007-03-21 22:58	4145520 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\WRD12CNV.DLL
+ 2007-05-10 14:11 . 2007-05-10 14:11	1767256 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2006-10-27 19:18 . 2006-10-27 19:18	1658152 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OGL.DLL
+ 2007-03-21 22:56 . 2007-03-21 22:56	8425856 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2010-01-23 08:00 . 2009-10-29 07:45	1208832 c:\windows\ie8updates\KB978207-IE8\urlmon.dll
+ 2010-01-23 08:00 . 2009-10-29 07:45	5940736 c:\windows\ie8updates\KB978207-IE8\mshtml.dll
+ 2010-01-23 08:00 . 2009-10-29 07:45	1985536 c:\windows\ie8updates\KB978207-IE8\iertutil.dll
+ 2009-11-05 08:00 . 2009-08-29 08:08	5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	1208832 c:\windows\ie8updates\KB976325-IE8\urlmon.dll
+ 2009-12-11 08:02 . 2009-10-22 09:19	5939712 c:\windows\ie8updates\KB976325-IE8\mshtml.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	1985536 c:\windows\ie8updates\KB976325-IE8\iertutil.dll
+ 2009-10-16 07:05 . 2009-07-03 17:09	1208832 c:\windows\ie8updates\KB974455-IE8\urlmon.dll
+ 2009-10-16 07:05 . 2009-07-19 13:18	5937152 c:\windows\ie8updates\KB974455-IE8\mshtml.dll
+ 2009-10-16 07:05 . 2009-07-03 17:09	1985536 c:\windows\ie8updates\KB974455-IE8\iertutil.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-08-12 05:19 . 2011-05-30 22:19	5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
+ 2011-08-12 05:19 . 2011-04-25 16:11	1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	1210880 c:\windows\ie8updates\KB2530548-IE8\urlmon.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	5962240 c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	1991680 c:\windows\ie8updates\KB2530548-IE8\iertutil.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	1210880 c:\windows\ie8updates\KB2497640-IE8\urlmon.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	5961216 c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
+ 2011-04-15 07:09 . 2010-12-20 23:59	1991680 c:\windows\ie8updates\KB2497640-IE8\iertutil.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	1210880 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	5959168 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	1991680 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	1210880 c:\windows\ie8updates\KB2416400-IE8\urlmon.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	5957120 c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	1986560 c:\windows\ie8updates\KB2416400-IE8\iertutil.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	1208832 c:\windows\ie8updates\KB2360131-IE8\urlmon.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	5942784 c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	1985536 c:\windows\ie8updates\KB2360131-IE8\iertutil.dll
+ 2009-06-02 22:45 . 2010-12-09 13:38	2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-06-02 22:45 . 2010-12-09 13:07	2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-07 23:02 . 2010-12-09 13:07	2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-06-02 22:45 . 2010-12-09 13:42	2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-01-09 17:04 . 2004-01-29 14:25	2321408 c:\windows\Cache\Adobe Reader 6.0\HEBMIN\Adobe Reader 6.0 ME.msi
+ 2010-10-29 10:07 . 2010-10-29 10:07	1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e87575be\System.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_d3104b21\System.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_bf8b334c\System.Xml.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_5941c700\System.Xml.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_67e9239e\System.Windows.Forms.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_5ac9f444\System.Windows.Forms.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_08b66101\System.Drawing.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7eff7ab4\System.Design.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_437727d2\System.Design.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b20e3736\mscorlib.dll
+ 2010-10-29 10:08 . 2010-10-29 10:08	3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_8e770040\mscorlib.dll
+ 2011-08-12 18:34 . 2011-08-12 18:34	3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsBase.ni.dll
+ 2011-08-12 18:37 . 2011-08-12 18:37	1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\162600dde59fbaa0c048a949158ecba3\UIAutomationClientsideProviders.ni.dll
+ 2011-08-12 18:34 . 2011-08-12 18:34	7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
+ 2011-08-12 18:37 . 2011-08-12 18:37	5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\22229a30650a9afbac984e1093898b13\System.WorkflowServices.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a\System.Workflow.Runtime.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e\System.Workflow.ComponentModel.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\ab4b50c7c789e46a485903365765fde8\System.Workflow.Activities.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll
+ 2011-08-12 18:37 . 2011-08-12 18:37	1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e1208f0d981c420fc59f806bfbaa713b\System.Speech.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69\System.ServiceModel.Web.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
+ 2011-08-12 18:37 . 2011-08-12 18:37	1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\90b444d02047ef27921153d46967ef0e\System.Printing.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll
+ 2011-08-12 18:37 . 2011-08-12 18:37	1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll
+ 2011-08-12 18:35 . 2011-08-12 18:35	6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\c1b9b8ce390548dcca661a5e6a908408\System.Data.Services.ni.dll
+ 2011-08-12 18:36 . 2011-08-12 18:36	2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\571af34939797a7c1cd05b0b925a45bf\System.Data.Linq.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\2b58cc071d6bf0c741e91f86c09de5d7\System.Data.Entity.ni.dll
+ 2011-08-12 18:35 . 2011-08-12 18:35	2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll
+ 2011-08-12 18:35 . 2011-08-12 18:35	2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24ab0cacc77e8696ceff3157942a2de4\ReachFramework.ni.dll
+ 2011-08-12 18:35 . 2011-08-12 18:35	1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fac1ca86f4fea17de40d7fdaba38563e\PresentationUI.ni.dll
+ 2011-08-12 18:34 . 2011-08-12 18:34	1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b187becbc388c4ce7f33ede4da76e7b1\PresentationBuildTasks.ni.dll
+ 2011-08-12 22:45 . 2011-08-12 22:45	3192832 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet\2b62afd29286711f88d12defd79a667c\PaintDotNet.ni.exe
+ 2011-08-12 22:45 . 2011-08-12 22:45	1850880 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Core\bd787cb864d5f5b726e61af6413af823\PaintDotNet.Core.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-12 22:47 . 2011-08-12 22:47	2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\345abd035c9378667b1cac54c1f21c97\Microsoft.JScript.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
+ 2010-10-29 10:26 . 2010-10-29 10:26	1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-11-07 19:07 . 2009-11-07 19:07	1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-10-29 10:26 . 2010-10-29 10:26	1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-10-29 10:11 . 2010-10-29 10:11	5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-11-07 19:08 . 2009-11-07 19:08	2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2010-10-29 10:26 . 2010-10-29 10:26	5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-10-29 10:26 . 2010-10-29 10:26	4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-08-12 05:24 . 2011-08-12 05:24	4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-10-29 10:07 . 2010-10-29 10:07	1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-06-29 07:00 . 2009-06-29 07:00	1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-06-29 07:00 . 2009-06-29 07:00	1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-10-29 10:07 . 2010-10-29 10:07	1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-06-03 21:00 . 2011-06-03 21:00	2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-11-02 20:20 . 2009-11-02 20:20	1228240 c:\windows\ADBEPHSPCS4_LS1.exe
+ 2010-10-29 10:11 . 2008-04-14 09:42	3558912 c:\windows\$NtUninstallKB981997$\moviemk.exe
+ 2010-10-29 10:12 . 2009-08-14 13:21	1850624 c:\windows\$NtUninstallKB981957$\win32k.sys
+ 2010-10-29 10:27 . 2009-12-08 19:26	2145280 c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
+ 2010-10-29 10:27 . 2009-12-08 18:43	2023936 c:\windows\$NtUninstallKB981852$\ntkrpamp.exe
+ 2010-10-29 10:27 . 2009-12-08 18:43	2023936 c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
+ 2010-10-29 10:27 . 2009-12-08 19:26	2145280 c:\windows\$NtUninstallKB981852$\ntkrnlmp.exe
+ 2010-10-29 10:23 . 2008-04-14 09:42	1287168 c:\windows\$NtUninstallKB979687$\ole32.dll
+ 2010-10-29 10:15 . 2009-05-20 08:56	2458112 c:\windows\$NtUninstallKB978695_WM9$\wmvcore.dll
+ 2010-10-29 10:12 . 2009-07-10 13:27	1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-02-10 08:00 . 2009-08-04 15:13	2145280 c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
+ 2010-02-10 08:00 . 2009-08-04 14:20	2023936 c:\windows\$NtUninstallKB977165$\ntkrpamp.exe
+ 2010-02-10 08:00 . 2009-08-04 14:20	2023936 c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
+ 2010-02-10 08:00 . 2009-08-04 15:13	2145280 c:\windows\$NtUninstallKB977165$\ntkrnlmp.exe
+ 2010-10-29 10:11 . 2009-11-27 17:11	1291776 c:\windows\$NtUninstallKB975562$\quartz.dll
+ 2010-02-10 08:01 . 2009-06-03 19:09	1291264 c:\windows\$NtUninstallKB975560$\quartz.dll
+ 2009-11-25 08:00 . 2008-09-10 01:14	1307648 c:\windows\$NtUninstallKB973687$\msxml6.dll
+ 2009-11-25 08:00 . 2008-09-04 17:15	1106944 c:\windows\$NtUninstallKB973687$\msxml3.dll
+ 2009-10-16 07:01 . 2009-02-06 11:06	2145280 c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
+ 2009-10-16 07:01 . 2009-02-06 10:32	2023936 c:\windows\$NtUninstallKB971486$\ntkrpamp.exe
+ 2009-10-16 07:01 . 2009-02-06 10:32	2023936 c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
+ 2009-10-16 07:01 . 2009-02-06 11:06	2145280 c:\windows\$NtUninstallKB971486$\ntkrnlmp.exe
+ 2009-11-12 08:00 . 2009-04-17 12:26	1847168 c:\windows\$NtUninstallKB969947$\win32k.sys
+ 2009-10-16 07:03 . 2008-04-14 09:42	1435648 c:\windows\$NtUninstallKB969059$\query.dll
+ 2011-07-14 07:00 . 2011-03-03 13:21	1857920 c:\windows\$NtUninstallKB2555917$\win32k.sys
+ 2011-04-15 07:09 . 2010-12-31 13:10	1854976 c:\windows\$NtUninstallKB2506223$\win32k.sys
+ 2011-02-10 08:03 . 2010-07-27 06:30	8462336 c:\windows\$NtUninstallKB2483185$\shell32.dll
+ 2011-03-10 08:01 . 2009-06-10 13:19	2066432 c:\windows\$NtUninstallKB2481109$\mstscax.dll
+ 2011-02-10 08:03 . 2010-10-26 13:25	1853312 c:\windows\$NtUninstallKB2479628$\win32k.sys
+ 2010-12-15 08:05 . 2010-08-31 13:42	1852800 c:\windows\$NtUninstallKB2436673$\win32k.sys
+ 2011-02-10 08:00 . 2010-04-27 13:59	2146304 c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
+ 2011-02-10 08:00 . 2010-04-27 13:05	2024448 c:\windows\$NtUninstallKB2393802$\ntkrpamp.exe
+ 2011-02-10 08:00 . 2010-04-27 13:05	2024448 c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
+ 2011-02-10 08:00 . 2010-04-27 13:59	2146304 c:\windows\$NtUninstallKB2393802$\ntkrnlmp.exe
+ 2010-10-29 10:33 . 2008-04-14 09:41	1028096 c:\windows\$NtUninstallKB2387149$\mfc42.dll
+ 2010-10-29 10:12 . 2008-06-17 19:02	8461312 c:\windows\$NtUninstallKB2286198$\shell32.dll
+ 2010-10-29 10:27 . 2009-07-31 04:35	1172480 c:\windows\$NtUninstallKB2079403$\msxml3.dll
+ 2010-10-28 11:11 . 2010-06-18 13:43	3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe
+ 2010-10-28 11:35 . 2010-08-31 13:38	1861888 c:\windows\$hf_mig$\KB981957\SP3QFE\win32k.sys
+ 2010-10-28 11:23 . 2010-04-27 13:50	2190080 c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
+ 2010-10-28 11:23 . 2010-04-27 13:14	2024448 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrpamp.exe
+ 2010-04-28 14:14 . 2010-04-28 14:14	2066944 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
+ 2010-10-28 11:23 . 2010-04-27 13:54	2146304 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlmp.exe
+ 2010-10-28 11:36 . 2010-07-16 12:04	1289216 c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
+ 2010-10-28 11:35 . 2010-01-29 14:53	1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	1209344 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\urlmon.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	5945856 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
+ 2010-01-22 08:29 . 2009-12-21 19:09	1986048 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iertutil.dll
+ 2009-12-09 04:52 . 2009-12-09 04:52	2189312 c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
+ 2010-02-10 06:44 . 2009-12-08 17:40	2023936 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrpamp.exe
+ 2009-12-09 04:10 . 2009-12-09 04:10	2066176 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
+ 2010-02-10 06:44 . 2009-12-08 18:20	2145280 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlmp.exe
+ 2009-11-04 09:29 . 2009-10-22 09:18	5943296 c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	1209344 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\urlmon.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	5944320 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
+ 2009-12-10 10:06 . 2009-10-29 07:45	1986048 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\iertutil.dll
+ 2010-10-28 11:34 . 2010-02-05 18:29	1291776 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll
+ 2010-02-10 06:44 . 2009-11-27 17:23	1291776 c:\windows\$hf_mig$\KB975560\SP3QFE\quartz.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	1209344 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\urlmon.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	5942272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
+ 2009-10-15 23:45 . 2009-08-29 08:01	1986048 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iertutil.dll
+ 2009-11-25 01:09 . 2009-07-31 04:24	1447424 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml6.dll
+ 2009-11-25 01:09 . 2009-07-31 04:24	1172480 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml3.dll
+ 2009-10-15 23:44 . 2009-08-04 13:56	2189312 c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
+ 2009-10-15 23:44 . 2009-08-04 13:17	2023936 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrpamp.exe
+ 2009-08-04 22:47 . 2009-08-04 22:47	2066176 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
+ 2009-10-15 23:44 . 2009-08-04 13:54	2145280 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlmp.exe
+ 2011-03-15 22:33 . 2009-07-27 22:13	8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2009-08-14 22:49 . 2009-08-14 22:49	1859712 c:\windows\$hf_mig$\KB969947\SP3QFE\win32k.sys
+ 2009-10-15 23:46 . 2009-07-17 16:01	1435648 c:\windows\$hf_mig$\KB969059\SP3QFE\query.dll
+ 2011-07-14 03:50 . 2011-06-02 14:07	1867904 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys
+ 2011-06-15 11:16 . 2011-04-25 16:09	1213952 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\urlmon.dll
+ 2011-06-15 11:16 . 2011-05-30 22:17	5967360 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	1992192 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iertutil.dll
+ 2011-04-15 04:45 . 2011-03-03 13:27	1866880 c:\windows\$hf_mig$\KB2506223\SP3QFE\win32k.sys
+ 2011-04-15 04:45 . 2011-02-22 23:27	1212928 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\urlmon.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	5964800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
+ 2011-04-15 04:45 . 2011-02-22 23:27	1992192 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iertutil.dll
+ 2011-02-09 19:21 . 2011-01-21 14:42	8463360 c:\windows\$hf_mig$\KB2483185\SP3QFE\shell32.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	1211904 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\urlmon.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	5962240 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	1992192 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iertutil.dll
+ 2011-03-09 19:36 . 2011-02-02 07:57	2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2011-02-09 19:21 . 2010-12-31 13:14	1864064 c:\windows\$hf_mig$\KB2479628\SP3QFE\win32k.sys
+ 2010-12-15 02:18 . 2010-10-26 13:27	1862272 c:\windows\$hf_mig$\KB2436673\SP3QFE\win32k.sys
+ 2010-12-15 02:17 . 2010-11-06 00:27	1211904 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\urlmon.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	5960704 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
+ 2010-12-15 02:17 . 2010-11-06 00:27	1992192 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iertutil.dll
+ 2011-02-09 19:21 . 2010-12-09 13:43	2192768 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
+ 2011-02-09 19:21 . 2010-12-09 13:09	2027008 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe
+ 2010-12-09 23:39 . 2010-12-09 23:39	2069376 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
+ 2011-02-09 19:21 . 2010-12-09 13:47	2148864 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe
+ 2010-10-28 11:20 . 2010-09-10 05:57	1211904 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\urlmon.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	5958656 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
+ 2010-10-28 11:20 . 2010-09-10 05:57	1987072 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iertutil.dll
+ 2010-10-28 11:35 . 2010-07-27 06:28	8463360 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll
+ 2010-10-28 11:36 . 2010-06-14 07:39	1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll
+ 2004-08-04 12:00 . 2010-08-26 06:36	10841088 c:\windows\system32\wmp.dll
- 2004-08-04 12:00 . 2009-07-14 03:43	10841088 c:\windows\system32\wmp.dll
+ 2006-10-23 17:44 . 2011-08-12 05:20	52390856 c:\windows\system32\MRT.exe
+ 2011-05-29 00:22 . 2010-12-13 21:55	10833920 c:\windows\system32\libmfxsw32.dll
+ 2011-05-29 00:22 . 2010-12-13 21:55	10915840 c:\windows\system32\libmfxhw32.dll
+ 2009-03-08 08:39 . 2011-06-23 18:36	11081728 c:\windows\system32\ieframe.dll
+ 2004-08-04 12:00 . 2010-08-26 06:36	10841088 c:\windows\system32\dllcache\wmp.dll
- 2004-08-04 12:00 . 2009-07-14 03:43	10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-06-11 05:22 . 2011-06-23 18:36	11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2010-09-24 21:08 . 2010-09-24 21:08	11430400 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp
+ 2009-11-14 22:07 . 2009-11-14 22:07	15709696 c:\windows\Installer\d42a3cf.msp
+ 2011-04-21 07:00 . 2011-04-21 07:00	20314624 c:\windows\Installer\7ef8407.msp
+ 2009-04-04 11:35 . 2009-04-04 11:35	38325760 c:\windows\Installer\4d34a458.msp
+ 2008-08-11 15:51 . 2008-08-11 15:51	15916544 c:\windows\Installer\480e230a.msp
+ 2008-08-11 15:49 . 2008-08-11 15:49	22457344 c:\windows\Installer\480e22f9.msp
+ 2008-09-24 16:05 . 2008-09-24 16:05	16381440 c:\windows\Installer\480e22f1.msp
+ 2007-10-15 03:33 . 2007-10-15 03:33	26646016 c:\windows\Installer\480e22ea.msp
+ 2009-02-25 23:07 . 2009-02-25 23:07	11646464 c:\windows\Installer\480e22d7.msp
+ 2010-10-14 21:57 . 2010-10-14 21:57	11189248 c:\windows\Installer\3ccf5982.msp
+ 2011-06-16 07:04 . 2011-06-16 07:04	20333056 c:\windows\Installer\2f6ea311.msp
+ 2009-08-15 01:32 . 2009-08-15 01:32	11110912 c:\windows\Installer\2beeb4a.msp
+ 2008-12-13 15:21 . 2008-12-13 15:21	10473472 c:\windows\Installer\2beeb36.msp
+ 2011-03-28 07:27 . 2011-03-28 07:27	15456256 c:\windows\Installer\2b4cd625.msp
+ 2010-01-20 08:00 . 2010-01-20 08:00	15710720 c:\windows\Installer\1be7e955.msp
+ 2010-05-11 18:30 . 2010-05-11 18:30	11194880 c:\windows\Installer\1993cb6.msp
+ 2010-04-25 00:09 . 2010-04-25 00:09	11750912 c:\windows\Installer\1993c6a.msp
+ 2010-06-12 00:52 . 2010-06-12 00:52	45542912 c:\windows\Installer\1993c62.msp
+ 2010-03-31 08:23 . 2010-03-31 08:23	15638528 c:\windows\Installer\1993c07.msp
+ 2010-05-19 20:08 . 2010-05-19 20:08	11408896 c:\windows\Installer\1993be2.msp
+ 2010-10-29 10:19 . 2010-10-29 10:19	20303872 c:\windows\Installer\1993bd9.msp
+ 2010-10-29 10:12 . 2010-10-29 10:12	15710720 c:\windows\Installer\1993bb3.msp
+ 2010-04-12 05:17 . 2010-04-12 05:17	14599680 c:\windows\Installer\1993b96.msp
+ 2010-09-24 14:08 . 2010-09-24 14:08	17518080 c:\windows\Installer\1993b7d.msp
+ 2011-03-08 08:00 . 2011-03-08 08:00	20308992 c:\windows\Installer\18ee5d3a.msp
+ 2011-01-06 08:00 . 2011-01-06 08:00	20304384 c:\windows\Installer\16b90032.msp
+ 2011-02-24 13:38 . 2011-02-24 13:38	10984448 c:\windows\Installer\1672078.msp
+ 2011-02-12 00:47 . 2011-02-12 00:47	12028928 c:\windows\Installer\167204e.msp
+ 2009-08-10 18:09 . 2009-08-10 18:09	17254912 c:\windows\Installer\12a62c17.msp
+ 2009-04-03 22:01 . 2009-04-03 22:01	15108448 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\XL12CNV.EXE
+ 2009-04-03 22:46 . 2009-04-03 22:46	17314688 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\MSO.DLL
+ 2007-05-10 14:25 . 2007-05-10 14:25	14677368 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\XL12CNV.EXE
+ 2007-05-08 15:10 . 2007-05-08 15:10	16874376 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MSO.DLL
+ 2010-01-23 08:00 . 2009-10-29 07:45	11069952 c:\windows\ie8updates\KB978207-IE8\ieframe.dll
+ 2009-12-11 08:02 . 2009-08-29 08:08	11069440 c:\windows\ie8updates\KB976325-IE8\ieframe.dll
+ 2009-10-16 07:05 . 2009-07-19 22:48	11067392 c:\windows\ie8updates\KB974455-IE8\ieframe.dll
+ 2011-08-12 05:19 . 2011-04-26 14:11	11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-06-16 07:02 . 2011-02-22 23:06	11080704 c:\windows\ie8updates\KB2530548-IE8\ieframe.dll
+ 2011-04-15 07:09 . 2010-12-21 10:29	11080704 c:\windows\ie8updates\KB2497640-IE8\ieframe.dll
+ 2011-02-10 08:01 . 2010-11-06 00:26	11080704 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58	11080192 c:\windows\ie8updates\KB2416400-IE8\ieframe.dll
+ 2010-10-29 10:19 . 2009-12-21 19:14	11070464 c:\windows\ie8updates\KB2360131-IE8\ieframe.dll
+ 2010-10-29 10:26 . 2010-10-29 10:26	13725184 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAE2.tmp\PresentationFramework.dll
+ 2010-10-29 10:24 . 2010-10-29 10:24	13725184 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA08.tmp\PresentationFramework.dll
+ 2011-08-12 18:37 . 2011-08-12 18:37	12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
+ 2011-08-12 22:48 . 2011-08-12 22:48	11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
+ 2011-08-12 22:46 . 2011-08-12 22:46	17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll
+ 2011-08-12 18:36 . 2011-08-12 18:36	10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038c8e2e41415657db8fc\System.Design.ni.dll
+ 2011-08-12 18:34 . 2011-08-12 18:34	14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll
+ 2011-08-12 18:34 . 2011-08-12 18:34	12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03eca57419c4f0e884092ee\PresentationCore.ni.dll
+ 2011-06-28 07:04 . 2011-06-28 07:04	11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
+ 2010-10-29 10:30 . 2009-07-14 03:43	10841088 c:\windows\$NtUninstallKB2378111_WM9$\wmp.dll
+ 2009-12-22 19:09 . 2009-12-22 19:09	11070976 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ieframe.dll
+ 2009-10-29 18:15 . 2009-10-29 18:15	11070464 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\ieframe.dll
+ 2009-08-29 17:31 . 2009-08-29 17:31	11069952 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieframe.dll
+ 2011-06-15 11:16 . 2011-04-25 16:09	11083776 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll
+ 2011-02-23 08:57 . 2011-02-23 08:57	11082752 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieframe.dll
+ 2011-02-09 19:21 . 2010-12-20 23:58	11082752 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieframe.dll
+ 2010-11-06 10:57 . 2010-11-06 10:57	11082752 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ieframe.dll
+ 2010-09-10 18:27 . 2010-09-10 18:27	11082240 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pdfSaver3"="c:\program files\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe" [2004-07-28 368640]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-04 39408]
"SurfSecret Privacy Vaults"="c:\program files\SurfSecret PrivacyVaults\PriVault.exe" [2009-04-20 712536]
"Aim"="c:\program files\AIM\aim.exe" [2011-05-03 4321112]
"Steam"="c:\program files\Steam\Steam.exe" [2011-08-07 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008]
"FaxCenterServer"="c:\program files\Dell PC Fax\fm3032.exe" [2006-11-03 312200]
"dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 926\memcard.exe" [2006-11-03 304008]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-12 642856]
"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-16 1358384]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2010-06-26 167936]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"UnlockerAssistant"="c:\documents and settings\dan\Desktop\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Anti-phishing Domain Advisor"="c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2010-12-13 223400]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
.
c:\documents and settings\dan\Start Menu\Programs\Startup\
fliptoast.lnk - c:\program files\fliptoast\fliptoast.exe [N/A]
KeyPad.lnk - c:\documents and settings\dan\Desktop\SurfSecret Keypad\SSKeyPad.exe [N/A]
PdaNet Desktop.lnk - c:\program files\PdaNet for Android\PdaNetPC.exe [N/A]
Xfire.lnk - c:\program files\Xfire\xfire.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-29 00:34	87352	----a-w-	c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\WINDOWS\\system32\\lxdncoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnjswx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\Downloaded Program Files\\ijjiOptimizer.exe"=
"c:\\WINDOWS\\system32\\dlcxcoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdntime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnpswx.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Documents and Settings\\dan\\Desktop\\Little_fighter_3\\LF3??????.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\oovoosetup (7).exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\ooVooSetup (8).exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\dan\\Desktop\\Unlocker\\Unlocker.exe"=
"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"=
"c:\\Program Files\\SurfSecret PrivacyVaults\\PriVault.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Anti-phishing Domain Advisor\\visicom_antiphishing.exe"=
"c:\\WINDOWS\\system32\\Adobe\\Shockwave 11\\SwHelper_1151601.exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\SUPERAntiSpyware (4).exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\SUPERAntiSpyware (5).exe"=
"c:\\Program Files\\SurfSecret PrivacyProtector\\SS2-FULL.exe"=
"c:\\Program Files\\Defraggler\\Defraggler.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:*isabledoVoo TCP port 443
"443:UDP"= 443:UDP:*isabledoVoo UDP port 443
"37674:TCP"= 37674:TCP:*isabledoVoo TCP port 37674
"37674:UDP"= 37674:UDP:*isabledoVoo UDP port 37674
"37675:UDP"= 37675:UDP:*isabledoVoo UDP port 37675
"37676:TCP"= 37676:TCP:*isabledoVoo TCP port 37676
"37676:UDP"= 37676:UDP:*isabledoVoo UDP port 37676
"37677:UDP"= 37677:UDP:*isabledoVoo UDP port 37677
.
R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [8/11/2008 1:41 PM 12856]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6/25/2010 1:07 PM 35088]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/2/2009 8:28 PM 24652]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/13/2011 11:01 PM 136176]
S3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2/28/2011 6:44 PM 183560]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/13/2011 11:01 PM 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [5/17/2011 8:52 PM 13312]
S3 shwMirror;shwMirror;c:\windows\system32\drivers\shwMirror.sys [1/19/2011 8:10 PM 3584]
S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [10/2/2009 8:58 PM 627072]
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
2011-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-14 03:01]
.
2011-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-14 03:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.landing.savetubevideo.com/index.php?from=3
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:62364
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 167.206.245.130 167.206.245.129
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-NTServiceManager - c:\program files\YoutubeDownloader.org\YoutubeDownloader\YoutubeDownloader Updater.exe
HKLM-Run-SurfSecret - (no file)
AddRemove-Cain & Abel v4.9.40 - f:\cain\UNINSTAL.EXE
AddRemove-QuestBrowse - c:\program files\QuestBrwSearch\uninstall.exe
AddRemove-Wireshark - f:\wireshark\uninstall.exe
AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\docume~1\ALLUSE~1\APPLIC~1\TARMAI~1\{889DF~1\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-04 23:01
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(704)
c:\windows\system32\LMIinit.dll
.
- - - - - - - > 'explorer.exe'(3040)
c:\windows\system32\WININET.dll
c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.dll
c:\documents and settings\dan\Desktop\Unlocker\UnlockerHook.dll
c:\documents and settings\dan\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\dlcxcoms.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\lxdncoms.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-09-04 23:05:16 - machine was rebooted
ComboFix-quarantined-files.txt 2011-09-05 03:05
ComboFix2.txt 2009-09-10 20:14
.
Pre-Run: 46,546,472,960 bytes free
Post-Run: 47,607,451,648 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - ADCD0D5413024C7FBF31541EF5E089BE


----------



## danielstern96 (Aug 16, 2011)

also just in case you wanted to know, before the scan actually started ComboFix said something about detecting a "Rootkit.Zeroaccess" virus and that it is very hard to get rid of.


----------



## jeffce (May 10, 2011)

Hi danielstern96,



> ComboFix said something about detecting a "Rootkit.Zeroaccess" virus and that it is very hard to get rid of.


Yes there was a particularly nasty piece of malware on your system. 
----------

I need some information on some unidentified files. We will use * Virustotal* Please submit these files for analysis

To submit a file to *virustotal*, please click *VirusTotal*

*copy and paste* the following into the *upload a file* box (one at a time if more than one file is listed)

*c:\Documents and Settings\dan\Desktop\Little_fighter_3\LF3??????.exe *

scroll down a bit and click "*send file*", wait for the results and post them in your next reply.

*Please note* _that sometimes the scans take a few minutes. *Please ensure* that the scan* has completed *and the *results are complete* before submitting the next sample. Also please make sure each result is *clearly identified* as to which sample they belong to._
----------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open *notepad* and copy/paste the text in the quotebox below into it:



> DDS::
> uInternet Settings,ProxyServer = http=127.0.0.1:62364
> 
> Folder::
> ...


Save this as *"CFScript.txt"*, and as Type: All Files (*.*) in the same location as ComboFix.exe










Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at *C:\ComboFix.txt* which I will require in your next reply.
----------


----------



## danielstern96 (Aug 16, 2011)

*File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:

MD5:	add23a97b66da2b313d598502229d6f1
Date first seen:	2010-04-21 05:03:42 (UTC)
Date last seen:	2011-09-06 03:08:02 (UTC)
Detection ratio:	0/44
What do you wish to do?

Reanalyse	View last report
*

^that message appeared when i tried to send it to you through virustotal.


----------



## danielstern96 (Aug 16, 2011)

the combofix log report:

ComboFix 11-09-04.03 - dan 09/05/2011 23:30:07.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1255 [GMT -4:00]
Running from: c:\documents and settings\dan\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\dan\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\dan\Application Data\WhiteSmoke
c:\documents and settings\dan\Application Data\WhiteSmoke\stat.log
c:\program files\WhiteSmoke
c:\program files\WhiteSmoke\HookDllOE.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-08-06 to 2011-09-06 )))))))))))))))))))))))))))))))
.
.
2011-09-06 03:15 . 2011-09-06 03:15	--------	d-----w-	c:\program files\SUPERAntiSpyware
2011-09-05 02:44 . 2008-04-14 04:10	57600	----a-w-	c:\windows\system32\drivers\redbook.sys
2011-08-31 17:35 . 2011-08-31 17:35	--------	d-----w-	c:\program files\YoutubeDownloader.org
2011-08-24 07:00 . 2011-08-24 07:00	--------	d-----w-	c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2011-08-19 19:27 . 2011-08-19 19:27	--------	d-----w-	C:\_OTL
2011-08-14 03:01 . 2011-08-21 00:46	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-08-13 20:57 . 2011-08-13 20:57	--------	d-----w-	c:\documents and settings\dan\Local Settings\Application Data\antiphishing-webblog1_1dn
2011-08-13 20:57 . 2011-09-05 03:01	--------	d-----w-	c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor
2011-08-13 20:57 . 2011-08-13 20:57	--------	d-----w-	c:\program files\Yontoo Layers Client
2011-08-13 20:56 . 2011-08-13 23:06	--------	d-----w-	c:\documents and settings\dan\Application Data\FileHunter
2011-08-11 22:20 . 2011-06-24 14:10	139656	-c----w-	c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 22:19 . 2011-07-08 14:02	10496	-c----w-	c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-15 13:29 . 2006-10-23 17:44	456320	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-04 12:00	10496	----a-w-	c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2009-06-02 21:40	139656	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2006-10-23 17:45	916480	----a-w-	c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2004-08-04 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-06-23 18:36 . 2004-08-04 12:00	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-04 12:00	385024	----a-w-	c:\windows\system32\html.iec
2011-06-20 17:44 . 2006-10-23 17:45	293376	----a-w-	c:\windows\system32\winsrv.dll
2011-06-19 20:51 . 2011-01-27 16:33	444952	----a-w-	c:\windows\system32\wrap_oal.dll
2011-06-19 20:51 . 2011-01-27 16:33	109080	----a-w-	c:\windows\system32\OpenAL32.dll
2011-06-11 00:15 . 2011-06-03 21:36	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-03-23 17:03 . 2011-05-12 03:01	108424	----a-w-	c:\program files\Common Files\APNStub.exe
2011-03-23 16:26 . 2011-05-12 03:01	3325832	----a-w-	c:\program files\Common Files\APNToolbarInstaller.exe
2010-10-01 06:11 . 2011-05-12 03:42	462112	----a-w-	c:\program files\Common Files\ZugoInstaller.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pdfSaver3"="c:\program files\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe" [2004-07-28 368640]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-04 39408]
"SurfSecret Privacy Vaults"="c:\program files\SurfSecret PrivacyVaults\PriVault.exe" [2009-04-20 712536]
"Aim"="c:\program files\AIM\aim.exe" [2011-05-03 4321112]
"Steam"="c:\program files\Steam\Steam.exe" [2011-08-07 1242448]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-12 4603264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008]
"FaxCenterServer"="c:\program files\Dell PC Fax\fm3032.exe" [2006-11-03 312200]
"dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 926\memcard.exe" [2006-11-03 304008]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-12 642856]
"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-16 1358384]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2010-06-26 167936]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"UnlockerAssistant"="c:\documents and settings\dan\Desktop\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Anti-phishing Domain Advisor"="c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2010-12-13 223400]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
.
c:\documents and settings\dan\Start Menu\Programs\Startup\
fliptoast.lnk - c:\program files\fliptoast\fliptoast.exe [N/A]
KeyPad.lnk - c:\documents and settings\dan\Desktop\SurfSecret Keypad\SSKeyPad.exe [N/A]
PdaNet Desktop.lnk - c:\program files\PdaNet for Android\PdaNetPC.exe [N/A]
Xfire.lnk - c:\program files\Xfire\xfire.exe [N/A]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54	551296	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-29 00:34	87352	----a-w-	c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\WINDOWS\\system32\\lxdncoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnjswx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\Downloaded Program Files\\ijjiOptimizer.exe"=
"c:\\WINDOWS\\system32\\dlcxcoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdntime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnpswx.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Documents and Settings\\dan\\Desktop\\Little_fighter_3\\LF3??????.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\oovoosetup (7).exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\ooVooSetup (8).exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\dan\\Desktop\\Unlocker\\Unlocker.exe"=
"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"=
"c:\\Program Files\\SurfSecret PrivacyVaults\\PriVault.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Anti-phishing Domain Advisor\\visicom_antiphishing.exe"=
"c:\\WINDOWS\\system32\\Adobe\\Shockwave 11\\SwHelper_1151601.exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\SUPERAntiSpyware (4).exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\SUPERAntiSpyware (5).exe"=
"c:\\Program Files\\SurfSecret PrivacyProtector\\SS2-FULL.exe"=
"c:\\Program Files\\Defraggler\\Defraggler.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCPoVoo TCP port 443
"443:UDP"= 443:UDPoVoo UDP port 443
"37674:TCP"= 37674:TCPoVoo TCP port 37674
"37674:UDP"= 37674:UDPoVoo UDP port 37674
"37675:UDP"= 37675:UDPoVoo UDP port 37675
"37676:TCP"= 37676:TCP:*isabledoVoo TCP port 37676
"37676:UDP"= 37676:UDP:*isabledoVoo UDP port 37676
"37677:UDP"= 37677:UDP:*isabledoVoo UDP port 37677
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 7:38 PM 116608]
R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [8/11/2008 1:41 PM 12856]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6/25/2010 1:07 PM 35088]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/2/2009 8:28 PM 24652]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/13/2011 11:01 PM 136176]
S3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2/28/2011 6:44 PM 183560]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/13/2011 11:01 PM 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [5/17/2011 8:52 PM 13312]
S3 shwMirror;shwMirror;c:\windows\system32\drivers\shwMirror.sys [1/19/2011 8:10 PM 3584]
S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [10/2/2009 8:58 PM 627072]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - !SASCORE
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
2011-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-14 03:01]
.
2011-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-14 03:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 167.206.245.130 167.206.245.129
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-05 23:36
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(704)
c:\windows\system32\LMIinit.dll
.
Completion time: 2011-09-05 23:37:39
ComboFix-quarantined-files.txt 2011-09-06 03:37
ComboFix2.txt 2011-09-05 03:05
ComboFix3.txt 2009-09-10 20:14
.
Pre-Run: 47,656,902,656 bytes free
Post-Run: 47,646,760,960 bytes free
.
- - End Of File - - 056C811D2190C2B52E9DF4BCE867523C


----------



## jeffce (May 10, 2011)

Hi danielstern96,

I notice that you already have Malwarebytes on your system. Please open that program, update it and run a _Quick Scan_. Save the log that is created and post that into your next reply.
----------

*ESET Online Scanner*
*I'd like us to scan your machine with ESET Online Scan*

*Note:* *It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.*



Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
Click the







button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on







to download the ESET Smart Installer. *Save* it to your desktop.
Double click on the







icon on your desktop.

Check








Click the *Start* button.
Accept any security warnings from your browser.
Check








Make sure that the option "Remove found threats" is Unchecked
Push the *Start* button.
ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
When the scan completes, push








Push







, and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply.
Push the *Back* button.
Push *Finish*

http://www.eset.com/onlinescan/
----------

In your next reply please post the logs created by both Malwarebytes and ESET Online Scanner.


----------



## danielstern96 (Aug 16, 2011)

i cant seem to find my malwarbytes program on my computer. the program folder doesnt have the actual program in it, and its not on my desktop. i think i may have put it in the recycling bin. should i take it out or redownload it?

and also the esetscan.txt file:

C:\Documents and Settings\dan\Application Data\FileHunter\update.exe	Win32/Adware.WinPump.T application
C:\Documents and Settings\dan\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk	Win32/Adware.ADON application
C:\Documents and Settings\dan\Application Data\OpenCandy\OpenCandy_70294E6BFA1942B0AB214F073901E009\registrybooster(7).exe	a variant of Win32/RegistryBooster application
C:\Documents and Settings\dan\Application Data\Sun\Java\Deployment\cache\6.0\1\27e8c01-54294c33	a variant of Java/TrojanDownloader.OpenStream.NBF trojan
C:\Documents and Settings\dan\Application Data\Sun\Java\Deployment\cache\6.0\10\1d57f04a-5acb8938	probably a variant of Win32/Agent.FQWXKXL trojan
C:\Documents and Settings\dan\Application Data\Sun\Java\Deployment\cache\6.0\44\5202502c-58a800f0	probably a variant of Win32/Agent.FQWXKXL trojan
C:\Documents and Settings\dan\Application Data\Sun\Java\Deployment\cache\6.0\53\62f39f75-7c11e2b2	multiple threats
C:\Documents and Settings\dan\My Documents\Downloads\FreeYouTubeDownloaderSetup.exe	Win32/Toolbar.Zugo application
C:\Documents and Settings\dan\My Documents\Downloads\katana-v2.0.rar	multiple threats
C:\Documents and Settings\dan\My Documents\Downloads\Keygen.oovoo.key.3.0.4.38.serial.free (1).exe	a variant of Win32/Adware.WinPump.U application
C:\Documents and Settings\dan\My Documents\Downloads\Keygen.oovoo.key.3.0.4.38.serial.free.exe	a variant of Win32/Adware.WinPump.U application
C:\Documents and Settings\dan\My Documents\Downloads\nirsoft_package_1.11.11.zip	a variant of Win32/NirSoft.AdapterWatch.A application
C:\Documents and Settings\dan\My Documents\Downloads\ooVoo 3.0.1.46 Keygen __.rar	a variant of MSIL/TrojanClicker.NAU trojan
C:\Documents and Settings\dan\My Documents\Downloads\Unlocker1.9.1.exe	Win32/Adware.ADON application
C:\Documents and Settings\dan\My Documents\Downloads\nirsoft_package_1.11.11\NirSoft\awatch.exe	a variant of Win32/NirSoft.AdapterWatch.A application
C:\Documents and Settings\dan\My Documents\Downloads\ooVoo 3.0.1.46 Keygen __\ooVoo 3.0.1.46 Keygen __.exe	a variant of MSIL/TrojanClicker.NAU trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\AdapterWatch\awatch.exe	a variant of Win32/NirSoft.AdapterWatch.A application
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\AdapterWatch\awatch.zip	a variant of Win32/NirSoft.AdapterWatch.A application
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\vncdll.dll	probably a variant of Win32/Agent.KWMYICG trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\.svn\text-base\vncdll.dll.svn-base	probably a variant of Win32/Agent.KWMYICG trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\CVE-2008-5353.jar	multiple threats
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\CVE-2009-3867.jar	a variant of OSX/Exploit.Smid.B trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\CVE-2010-1297.swf	SWF/Exploit.Agent.BX trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\java_signed_applet.jar	probably a variant of Java/MalRunner.C trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\.svn\text-base\CVE-2008-5353.jar.svn-base	multiple threats
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\.svn\text-base\CVE-2009-3867.jar.svn-base	a variant of OSX/Exploit.Smid.B trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\.svn\text-base\CVE-2010-1297.swf.svn-base	SWF/Exploit.Agent.BX trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\.svn\text-base\java_signed_applet.jar.svn-base	probably a variant of Java/MalRunner.C trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\kitrap0d\vdmexploit.dll	Win32/Exploit.CVE-2010-0232 trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\kitrap0d\.svn\text-base\vdmexploit.dll.svn-base	Win32/Exploit.CVE-2010-0232 trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\meterpreter\metsrv.dll	probably a variant of Win32/Agent.DNLWSM trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\meterpreter\.svn\text-base\metsrv.dll.svn-base	probably a variant of Win32/Agent.DNLWSM trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\templates\service.exe	a variant of Win32/Inject.NEX trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\templates\template.dll	a variant of Win32/Inject.NEK trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\templates\.svn\text-base\service.exe.svn-base	a variant of Win32/Inject.NEX trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\templates\.svn\text-base\template.dll.svn-base	a variant of Win32/Inject.NEK trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source\exploits\CVE-2008-5353\bin\msf\x\AppletX.class	Java/Exploit.CVE-2008-5353.C trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source\exploits\CVE-2008-5353\bin\msf\x\LoaderX.class	Java/TrojanDownloader.Agent.AK trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source\exploits\CVE-2008-5353\bin\msf\x\PayloadX.class	a variant of Java/MalRunner.C trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source\exploits\CVE-2008-5353\bin\msf\x\.svn\text-base\AppletX.class.svn-base	Java/Exploit.CVE-2008-5353.C trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source\exploits\CVE-2008-5353\bin\msf\x\.svn\text-base\LoaderX.class.svn-base	Java/TrojanDownloader.Agent.AK trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source\exploits\CVE-2008-5353\bin\msf\x\.svn\text-base\PayloadX.class.svn-base	a variant of Java/MalRunner.C trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source\vncdll\output\vncdll.dll	probably a variant of Win32/Agent.KWMYICG trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source\vncdll\output\.svn\text-base\vncdll.dll.svn-base	probably a variant of Win32/Agent.KWMYICG trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\lib\rex\exploitation\heaplib.js.b64	JS/TrojanDownloader.Agent.GJ trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\lib\rex\exploitation\.svn\text-base\heaplib.js.b64.svn-base	JS/TrojanDownloader.Agent.GJ trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ie_createobject.rb	JS/TrojanDownloader.Psyme.NCX trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\java_ws_arginject_altjvm.rb	JS/Exploit.JavaDepKit.A trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms10_002_aurora.rb	JS/Exploit.CVE-2010-0249 trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms10_018_ie_behaviors.rb	JS/Exploit.CVE-2010-0806.NAH trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms10_042_helpctr_xss_cmd_exec.rb	HTML/Exploit.CVE-2010-1885 trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ie_createobject.rb.svn-base	JS/TrojanDownloader.Psyme.NCX trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\java_ws_arginject_altjvm.rb.svn-base	JS/Exploit.JavaDepKit.A trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms10_002_aurora.rb.svn-base	JS/Exploit.CVE-2010-0249 trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms10_018_ie_behaviors.rb.svn-base	JS/Exploit.CVE-2010-0806.NAH trojan
C:\Documents and Settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms10_042_helpctr_xss_cmd_exec.rb.svn-base	HTML/Exploit.CVE-2010-1885 trojan
C:\Documents and Settings\dan\Start Menu\QuickStores.lnk	Win32/Adware.ADON application
C:\Program Files\Common Files\ZugoInstaller.exe	Win32/Toolbar.Zugo application
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE	Win32/Patched.HN trojan
C:\Program Files\LogMeIn\x86\LMIGuardian.exe	Win32/Patched.HN trojan
C:\Program Files\Yontoo Layers Client\YontooIEClient.dll	a variant of Win32/Adware.Yontoo.A application
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir	a variant of Win32/Adware.Yontoo.B application
C:\Qoobox\Quarantine\C\Program Files\Bonjour\mDNSResponder.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\Program Files\Java\jre6\bin\jqs.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\Program Files\LogMeIn\x86\LogMeIn.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\Program Files\LogMeIn\x86\RaMaint.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\Program Files\Microsoft\BingBar\SeaPort.EXE.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul.vir	Win32/Dursg.A trojan
C:\Qoobox\Quarantine\C\Program Files\Search Toolbar\SearchToolbar.dll.vir	Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\Program Files\Viewpoint\Common\ViewpointService.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\WINDOWS\assembly\GAC_MSIL\desktop.ini.vir	Win32/Sirefef.CH trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\dlcxcoms.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\lxdncoms.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\wuauclt.exe.vir	Win32/Patched.HN trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\redbook.sys.vir	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP667\A0079678.lnk	Win32/Adware.ADON application
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP704\A0085304.dll	Win32/Adware.Yontoo.A application
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP704\A0085306.dll	Win32/Adware.Yontoo.B application
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086038.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086039.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086105.exe	a variant of Win32/Adware.WinPump.T application
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086111.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086112.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086152.exe	a variant of MSIL/TrojanClicker.NAU trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086212.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086213.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086225.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086226.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086239.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086240.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086264.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086281.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086282.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086288.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0086289.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0087288.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0087289.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0087296.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0087297.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0088296.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0088297.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0088304.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0088305.ini	a variant of Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0088309.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP710\A0088310.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP711\A0088333.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP711\A0088334.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP711\A0088359.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP711\A0088360.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP711\A0089359.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP711\A0089360.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP713\A0089435.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP713\A0089446.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP713\A0089447.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP713\A0089452.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP713\A0089453.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP713\A0089468.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP713\A0089469.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP714\A0089479.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP714\A0089480.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP714\A0090479.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP714\A0090480.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP715\A0091479.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP715\A0091480.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP721\A0092479.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP721\A0092480.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092656.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092657.ini	Win32/Sirefef.CH trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092846.sys	Win32/Sirefef.CO trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092879.dll	a variant of Win32/Adware.Yontoo.B application
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092886.dll	Win32/Toolbar.Zugo application
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092891.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092892.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092893.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092894.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092895.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092896.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092897.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092898.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092899.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092900.EXE	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092901.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092902.EXE	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092903.exe	Win32/Patched.HN trojan
C:\System Volume Information\_restore{CE34C467-3DCC-4ACF-B6DD-B37170E5BF5B}\RP724\A0092904.EXE	Win32/Patched.HN trojan
Operating memory	Win32/Patched.HN trojan


----------



## jeffce (May 10, 2011)

Thanks for the ESET scan. Go ahead and restore Malwarebytes from the Recycle Bin if it is there. Be sure to update it and then run the Quick Scan. If you do not have it go ahead and download it from here. Once the scan is complete please post that log into your next reply.


----------



## danielstern96 (Aug 16, 2011)

malwarebytes log:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7665

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/6/2011 7:13:45 PM
mbam-log-2011-09-06 (19-13-38).txt

Scan type: Quick scan
Objects scanned: 169292
Time elapsed: 3 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 3
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\Software\SkyMedia (Adware.SkyMedia) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowse (Adware.QuestBrowse) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_XMLLookup (Hijacker.XMLLookup) -> Value: bak_XMLLookup -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_intl (Hijacker.intl) -> Value: bak_intl -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\XMLLookup (Hijacker.XMLLookup) -> Bad: (http://www.helpmeopen.com/?n=app&l=x&ext=%s) Good: (http://shell.windows.com/fileassoc/fileassoc.asp?LangID=x&Ext=%s) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&l=x&ext=%s) Good: (http://shell.windows.com/fileassoc/x/xml/redir.asp?Ext=%s) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\intl (Hijacker.intl) -> Bad: (http://www.helpmeopen.com/?n=app&l=x&ext=%s) Good: (http://shell.windows.com/fileassoc/fileassoc.asp?LangID=x&Ext=%s) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\dan\my documents\downloads\keygen.oovoo.key.3.0.4.38.serial.free (1).exe (PUP.FileHunter) -> No action taken.
c:\documents and settings\dan\my documents\downloads\keygen.oovoo.key.3.0.4.38.serial.free.exe (PUP.FileHunter) -> No action taken.


----------



## jeffce (May 10, 2011)

Hi danielstern96,

Download *CKScanner* by askey127 from *Here* & *save it to your Desktop*. 

 Doubleclick *CKScanner.exe* then click *Search For Files*
 When the cursor hourglass disappears, click *Save List To File*
 A message box will verify the file saved
 Double-click the *CKFiles.txt* icon on your desktop then copy/paste the contents in your next reply


----------



## danielstern96 (Aug 16, 2011)

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\dan\my documents\downloads\keygen.oovoo.key.3.0.4.38.serial.free (1).exe
c:\documents and settings\dan\my documents\downloads\keygen.oovoo.key.3.0.4.38.serial.free.exe
c:\documents and settings\dan\my documents\downloads\oovoo 3.0.1.46 keygen __.rar
c:\documents and settings\dan\my documents\downloads\oovoo+3.0.1.46+keygen+__.rar (1).torrent
c:\documents and settings\dan\my documents\downloads\oovoo+3.0.1.46+keygen+__.rar (2).torrent
c:\documents and settings\dan\my documents\downloads\oovoo+3.0.1.46+keygen+__.rar.torrent
c:\documents and settings\dan\my documents\downloads\oovoo-3.0.1.46-keygen-.rar.torrent
c:\documents and settings\dan\my documents\downloads\oovoo_3_0_1_46_keygen.exe
c:\documents and settings\dan\my documents\downloads\oovoo_3_0_1_46_keygen.zip
c:\documents and settings\dan\my documents\downloads\oovoo_3_0_7_16_keygen.exe
c:\documents and settings\dan\my documents\downloads\oovoo_v2_9_0_76_keygen (1).exe
c:\documents and settings\dan\my documents\downloads\oovoo_v2_9_0_76_keygen.exe
c:\documents and settings\dan\my documents\downloads\ophcrack-xp-livecd-2.3.1 (1).iso
c:\documents and settings\dan\my documents\downloads\ophcrack-xp-livecd-2.3.1.iso
c:\documents and settings\dan\my documents\downloads\821 greatest hit singles of the 2000s [flac] [h33t] - kitlope\eminem - crack a bottle.flac
c:\documents and settings\dan\my documents\downloads\821 greatest hit singles of the 2000s [flac] [h33t] - kitlope\snow patrol - crack the shutters.flac
c:\documents and settings\dan\my documents\downloads\boot\menus\ophcrack.cfg
c:\documents and settings\dan\my documents\downloads\boot\syslinux\ophcrack\bzimage
c:\documents and settings\dan\my documents\downloads\boot\syslinux\ophcrack\gpxe
c:\documents and settings\dan\my documents\downloads\boot\syslinux\ophcrack\rootfs.gz
c:\documents and settings\dan\my documents\downloads\boot\syslinux\ophcrack\vesamenu.c32
c:\documents and settings\dan\my documents\downloads\boot\syslinux\ophcrack\vmlinuz-2.6.29.3-slitaz
c:\documents and settings\dan\my documents\downloads\oovoo 3.0.1.46 keygen __\oovoo 3.0.1.46 keygen __.exe
c:\documents and settings\dan\my documents\downloads\oovoo 3.0.1.46 keygen __\settings.dat
c:\documents and settings\dan\my documents\downloads\oovoo_3_0_1_46_keygen\oovoo_3_0_1_46_keygen.exe
c:\documents and settings\dan\my documents\downloads\oovoo_3_0_1_46_keygen\readme.txt
c:\documents and settings\dan\my documents\downloads\portableapps\cygwinportable\app\cygwin\bin\ssh-keygen.exe
c:\documents and settings\dan\my documents\downloads\portableapps\cygwinportable\app\cygwin\lib\python2.6\lib-dynload\crypt.dll
c:\documents and settings\dan\my documents\downloads\portableapps\cygwinportable\app\cygwin\usr\share\man\man1\ssh-keygen.1.gz
c:\documents and settings\dan\my documents\downloads\portableapps\metasploit\metasploit\bin\ssh-keygen.exe
c:\documents and settings\dan\my documents\downloads\portableapps\metasploit\metasploit\msf3\tools\lm2ntcrack.rb
c:\documents and settings\dan\my documents\downloads\portableapps\metasploit\metasploit\msf3\tools\.svn\prop-base\lm2ntcrack.rb.svn-base
c:\documents and settings\dan\my documents\downloads\portableapps\metasploit\metasploit\msf3\tools\.svn\text-base\lm2ntcrack.rb.svn-base
scanner sequence 3.ZZ.11.QOAPAE
----- EOF -----


----------



## jeffce (May 10, 2011)

Hi danielstern96,

CKScanner has detected illegal software on your system. Besides being illegal, it's the number one way of infecting your system as all cracked/keygen software is infected. This forum, as well as all the other malware removal forums, do not support the use of illegal software except for their removal. If I were to continue helping you with illegal software installed, it could be construed in the eyes of the law as aiding and abetting a crime. 

I have worked up a fix for their removal. If you do not agree to this then this thread will be closed and no further help will be offered. Please let me know if you wish to continue.


----------



## danielstern96 (Aug 16, 2011)

i do wish to continue.


----------



## jeffce (May 10, 2011)

Hi danielstern96,

*P2P* - I see you have *P2P* software *uTorrent* installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections and possibly *Identity Theft*. It likely contributed to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall these now. You can do so via *Control Panel >> Add or Remove Programs*.
----------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open *notepad* and copy/paste the text in the quotebox below into it:



> File::
> c:\documents and settings\dan\my documents\downloads\keygen.oovoo.key.3.0.4.38.serial.free (1).exe
> c:\documents and settings\dan\my documents\downloads\keygen.oovoo.key.3.0.4.38.serial.free.exe
> C:\Documents and Settings\dan\Application Data\FileHunter\update.exe Win32/Adware.WinPump.T application
> ...


Save this as *"CFScript.txt"*, and as Type: All Files (*.*) in the same location as ComboFix.exe










Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at *C:\ComboFix.txt* which I will require in your next reply.
----------


----------



## danielstern96 (Aug 16, 2011)

log:

ComboFix 11-09-04.03 - dan 09/08/2011 18:35:40.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1291 [GMT -4:00]
Running from: c:\documents and settings\dan\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\dan\Desktop\CFScript.txt
.
FILE ::
"c:\documents and settings\dan\Application Data\FileHunter\update.exe Win32/Adware.WinPump.T application"
"c:\documents and settings\dan\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk"
"c:\documents and settings\dan\Application Data\OpenCandy\OpenCandy_70294E6BFA1942B0AB214F073901E009\registrybooster(7 ).exe"
"c:\documents and settings\dan\My Documents\Downloads\FreeYouTubeDownloaderSetup.exe"
"c:\documents and settings\dan\My Documents\Downloads\katana-v2.0.rar"
"c:\documents and settings\dan\my documents\downloads\keygen.oovoo.key.3.0.4.38.serial.free (1).exe"
"c:\documents and settings\dan\my documents\downloads\keygen.oovoo.key.3.0.4.38.serial.free.exe"
"c:\documents and settings\dan\My Documents\Downloads\nirsoft_package_1.11.11.zip"
"c:\documents and settings\dan\My Documents\Downloads\nirsoft_package_1.11.11\NirSoft\awatch.exe"
"c:\documents and settings\dan\My Documents\Downloads\ooVoo 3.0.1.46 Keygen __.rar"
"c:\documents and settings\dan\My Documents\Downloads\ooVoo 3.0.1.46 Keygen __\ooVoo 3.0.1.46 Keygen __.exe"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\AdapterWatch\awatch.exe"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\AdapterWatch\awatch.zip"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\.svn\text-base\vncdll.dll.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\. svn\text-base\CVE-2008-5353.jar.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\. svn\text-base\CVE-2009-3867.jar.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\. svn\text-base\CVE-2010-1297.swf.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\. svn\text-base\java_signed_applet.jar.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\C VE-2008-5353.jar"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\C VE-2009-3867.jar"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\C VE-2010-1297.swf"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\j ava_signed_applet.jar"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\k itrap0d\.svn\text-base\vdmexploit.dll.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\exploits\k itrap0d\vdmexploit.dll"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\meterprete r\.svn\text-base\metsrv.dll.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\meterprete r\metsrv.dll"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\templates\ .svn\text-base\service.exe.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\templates\ .svn\text-base\template.dll.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\templates\ service.exe"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\templates\ template.dll"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\vncdll.dll"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source \exploits\CVE-2008-5353\bin\msf\x\.svn\text-base\AppletX.class.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source \exploits\CVE-2008-5353\bin\msf\x\.svn\text-base\LoaderX.class.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source \exploits\CVE-2008-5353\bin\msf\x\.svn\text-base\PayloadX.class.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source \exploits\CVE-2008-5353\bin\msf\x\AppletX.class"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source \exploits\CVE-2008-5353\bin\msf\x\LoaderX.class"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source \exploits\CVE-2008-5353\bin\msf\x\PayloadX.class"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source \vncdll\output\.svn\text-base\vncdll.dll.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\external\source \vncdll\output\vncdll.dll"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\lib\rex\exploit ation\.svn\text-base\heaplib.js.b64.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\lib\rex\exploit ation\heaplib.js.b64"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploit s\windows\browser\.svn\text-base\ie_createobject.rb.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploit s\windows\browser\.svn\text-base\java_ws_arginject_altjvm.rb.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploit s\windows\browser\.svn\text-base\ms10_002_aurora.rb.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploit s\windows\browser\.svn\text-base\ms10_018_ie_behaviors.rb.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploit s\windows\browser\.svn\text-base\ms10_042_helpctr_xss_cmd_exec.rb.svn-base"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploit s\windows\browser\ie_createobject.rb"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploit s\windows\browser\java_ws_arginject_altjvm.rb"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploit s\windows\browser\ms10_002_aurora.rb"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploit s\windows\browser\ms10_018_ie_behaviors.rb"
"c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\modules\exploit s\windows\browser\ms10_042_helpctr_xss_cmd_exec.rb"
"c:\documents and settings\dan\My Documents\Downloads\Unlocker1.9.1.exe"
"c:\documents and settings\dan\Start Menu\QuickStores.lnk"
"c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE"
"c:\program files\Common Files\ZugoInstaller.exe"
"c:\program files\LogMeIn\x86\LMIGuardian.exe"
"c:\program files\Yontoo Layers Client\YontooIEClient.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\dan\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk
c:\documents and settings\dan\My Documents\Downloads\FreeYouTubeDownloaderSetup.exe
c:\documents and settings\dan\My Documents\Downloads\katana-v2.0.rar
c:\documents and settings\dan\my documents\downloads\keygen.oovoo.key.3.0.4.38.serial.free (1).exe
c:\documents and settings\dan\my documents\downloads\keygen.oovoo.key.3.0.4.38.serial.free.exe
c:\documents and settings\dan\My Documents\Downloads\nirsoft_package_1.11.11.zip
c:\documents and settings\dan\My Documents\Downloads\nirsoft_package_1.11.11\NirSoft\awatch.exe
c:\documents and settings\dan\My Documents\Downloads\ooVoo 3.0.1.46 Keygen __.rar
c:\documents and settings\dan\My Documents\Downloads\ooVoo 3.0.1.46 Keygen __\ooVoo 3.0.1.46 Keygen __.exe
c:\documents and settings\dan\My Documents\Downloads\PortableApps\AdapterWatch\awatch.exe
c:\documents and settings\dan\My Documents\Downloads\PortableApps\AdapterWatch\awatch.zip
c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\.svn\text-base\vncdll.dll.svn-base
c:\documents and settings\dan\My Documents\Downloads\PortableApps\Metasploit\Metasploit\msf3\data\vncdll.dll
c:\documents and settings\dan\My Documents\Downloads\Unlocker1.9.1.exe
c:\documents and settings\dan\Start Menu\QuickStores.lnk
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
c:\program files\Common Files\ZugoInstaller.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\Yontoo Layers Client\YontooIEClient.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-08-08 to 2011-09-08 )))))))))))))))))))))))))))))))
.
.
2011-09-06 23:03 . 2011-07-06 23:52	41272	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-06 23:03 . 2011-07-06 23:52	22712	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-09-06 20:25 . 2011-09-06 20:25	--------	d-----w-	c:\program files\ESET
2011-09-06 20:07 . 2011-09-03 10:17	599040	-c----w-	c:\windows\system32\dllcache\crypt32.dll
2011-09-06 03:15 . 2011-09-06 03:15	--------	d-----w-	c:\program files\SUPERAntiSpyware
2011-09-05 02:44 . 2008-04-14 04:10	57600	----a-w-	c:\windows\system32\drivers\redbook.sys
2011-08-31 17:35 . 2011-08-31 17:35	--------	d-----w-	c:\program files\YoutubeDownloader.org
2011-08-24 07:00 . 2011-08-24 07:00	--------	d-----w-	c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2011-08-19 19:27 . 2011-08-19 19:27	--------	d-----w-	C:\_OTL
2011-08-14 03:01 . 2011-09-06 23:16	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-08-13 20:57 . 2011-08-13 20:57	--------	d-----w-	c:\documents and settings\dan\Local Settings\Application Data\antiphishing-webblog1_1dn
2011-08-13 20:57 . 2011-09-07 11:16	--------	d-----w-	c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor
2011-08-13 20:57 . 2011-09-08 22:42	--------	d-----w-	c:\program files\Yontoo Layers Client
2011-08-13 20:56 . 2011-08-13 23:06	--------	d-----w-	c:\documents and settings\dan\Application Data\FileHunter
2011-08-11 22:20 . 2011-06-24 14:10	139656	-c----w-	c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 22:19 . 2011-07-08 14:02	10496	-c----w-	c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-03 10:17 . 2004-08-04 12:00	599040	----a-w-	c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2006-10-23 17:44	456320	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-04 12:00	10496	----a-w-	c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2009-06-02 21:40	139656	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36 . 2006-10-23 17:45	916480	----a-w-	c:\windows\system32\wininet.dll
2011-06-23 18:36 . 2004-08-04 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-06-23 18:36 . 2004-08-04 12:00	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-04 12:00	385024	----a-w-	c:\windows\system32\html.iec
2011-06-20 17:44 . 2006-10-23 17:45	293376	----a-w-	c:\windows\system32\winsrv.dll
2011-06-19 20:51 . 2011-01-27 16:33	444952	----a-w-	c:\windows\system32\wrap_oal.dll
2011-06-19 20:51 . 2011-01-27 16:33	109080	----a-w-	c:\windows\system32\OpenAL32.dll
2011-06-11 00:15 . 2011-06-03 21:36	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-03-23 17:03 . 2011-05-12 03:01	108424	----a-w-	c:\program files\Common Files\APNStub.exe
2011-03-23 16:26 . 2011-05-12 03:01	3325832	----a-w-	c:\program files\Common Files\APNToolbarInstaller.exe
.
.
((((((((((((((((((((((((((((( SnapShot_2011-09-05_03.00.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-07 10:26 . 2011-09-07 10:26	16384 c:\windows\temp\Perflib_Perfdata_74c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pdfSaver3"="c:\program files\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe" [2004-07-28 368640]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-04 39408]
"SurfSecret Privacy Vaults"="c:\program files\SurfSecret PrivacyVaults\PriVault.exe" [2009-04-20 712536]
"Aim"="c:\program files\AIM\aim.exe" [2011-05-03 4321112]
"Steam"="c:\program files\Steam\Steam.exe" [2011-08-07 1242448]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-12 4603264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008]
"FaxCenterServer"="c:\program files\Dell PC Fax\fm3032.exe" [2006-11-03 312200]
"dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 926\memcard.exe" [2006-11-03 304008]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-12 642856]
"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-16 1358384]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2010-06-26 167936]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"UnlockerAssistant"="c:\documents and settings\dan\Desktop\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"Anti-phishing Domain Advisor"="c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2010-12-13 223400]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
.
c:\documents and settings\dan\Start Menu\Programs\Startup\
fliptoast.lnk - c:\program files\fliptoast\fliptoast.exe [N/A]
KeyPad.lnk - c:\documents and settings\dan\Desktop\SurfSecret Keypad\SSKeyPad.exe [N/A]
PdaNet Desktop.lnk - c:\program files\PdaNet for Android\PdaNetPC.exe [N/A]
Xfire.lnk - c:\program files\Xfire\xfire.exe [N/A]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54	551296	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-29 00:34	87352	----a-w-	c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\WINDOWS\\system32\\lxdncoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnjswx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\Downloaded Program Files\\ijjiOptimizer.exe"=
"c:\\WINDOWS\\system32\\dlcxcoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdntime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdnpswx.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Documents and Settings\\dan\\Desktop\\Little_fighter_3\\LF3??????.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\oovoosetup (7).exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\ooVooSetup (8).exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\dan\\Desktop\\Unlocker\\Unlocker.exe"=
"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"=
"c:\\Program Files\\SurfSecret PrivacyVaults\\PriVault.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Anti-phishing Domain Advisor\\visicom_antiphishing.exe"=
"c:\\WINDOWS\\system32\\Adobe\\Shockwave 11\\SwHelper_1151601.exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\SUPERAntiSpyware (4).exe"=
"c:\\Documents and Settings\\dan\\My Documents\\Downloads\\SUPERAntiSpyware (5).exe"=
"c:\\Program Files\\SurfSecret PrivacyProtector\\SS2-FULL.exe"=
"c:\\Program Files\\Defraggler\\Defraggler.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCPoVoo TCP port 443
"443:UDP"= 443:UDPoVoo UDP port 443
"37674:TCP"= 37674:TCPoVoo TCP port 37674
"37674:UDP"= 37674:UDPoVoo UDP port 37674
"37675:UDP"= 37675:UDPoVoo UDP port 37675
"37676:TCP"= 37676:TCP:*isabledoVoo TCP port 37676
"37676:UDP"= 37676:UDP:*isabledoVoo UDP port 37676
"37677:UDP"= 37677:UDP:*isabledoVoo UDP port 37677
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 7:38 PM 116608]
R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [8/11/2008 1:41 PM 12856]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6/25/2010 1:07 PM 35088]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/2/2009 8:28 PM 24652]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/13/2011 11:01 PM 136176]
S3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2/28/2011 6:44 PM 183560]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/13/2011 11:01 PM 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [5/17/2011 8:52 PM 13312]
S3 shwMirror;shwMirror;c:\windows\system32\drivers\shwMirror.sys [1/19/2011 8:10 PM 3584]
S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [10/2/2009 8:58 PM 627072]
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
2011-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-14 03:01]
.
2011-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-14 03:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 167.206.245.130 167.206.245.129
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-08 18:42
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(700)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\LMIinit.dll
.
Completion time: 2011-09-08 18:44:09
ComboFix-quarantined-files.txt 2011-09-08 22:43
ComboFix2.txt 2011-09-06 03:37
ComboFix3.txt 2011-09-05 03:05
ComboFix4.txt 2009-09-10 20:14
.
Pre-Run: 47,374,745,600 bytes free
Post-Run: 47,362,150,400 bytes free
.
- - End Of File - - 18B62DD9915D0AB07605A833B6B8BA02


----------



## jeffce (May 10, 2011)

Hi danielstern96,

I see that Viewpoint is installed. *Viewpoint Manager* is considered as *foistware instead of malware* since it is installed without user's approval but doesn't spy or do anything "bad". This may change, read *Viewpoint to Plunge Into Adware*. I recommend that you remove the *Viewpoint* products; however, decide for yourself.
----------

You have an older version of * Adobe Reader*. You can download the current version *HERE*

You may want to consider  * Foxit Reader* instead. It may be a bit lighter on resources.

Visit their support forum
*Foxit Forum*

In either case you should uninstall *Adobe Reader 9.2* first. Be sure to move any PDF documents to another folder first though.
----------

Run *OTL.exe*


Copy/paste the following text written *inside of the code box* into the *Custom Scans/Fixes* box located at the bottom of OTL


```
:Services

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"443:TCP"=- 
"443:UDP"=- 
"37674:TCP"=- 
"37674:UDP"=- 
"37675:UDP"=- 
"37676:TCP"=- 
"37676:UDP"=- 
"37677:UDP"=- 
"1900:UDP"=- 
"2869:TCP"=- 

:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
```

Then click the *Run Fix* button at the top
Let the program run unhindered, reboot when it is done
A log will be created from running the fix and then run a new scan and post a new OTL log ( *don't check* the boxes beside LOP Check or Purity this time )

----------

In your next reply please post both of the logs created by OTL and *let me know how your system is running now*.


----------



## danielstern96 (Aug 16, 2011)

log after reboot:

All processes killed
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\443:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\443:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\37674:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\37674:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\37675:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\37676:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\37676:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\37677:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Application Data

User: cs

User: dan
->Temp folder emptied: 528523 bytes
->Temporary Internet Files folder emptied: 1211159 bytes
->Java cache emptied: 15102878 bytes
->Google Chrome cache emptied: 388779176 bytes
->Flash cache emptied: 2939717 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49219 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%\System32 .tmp files removed: 3175441 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 604312 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 395.00 mb

OTL by OldTimer - Version 3.2.26.5 log created on 09092011_155558

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\dan\Local Settings\Temp\Perflib_Perfdata_b98.dat not found!

Registry entries deleted on Reboot...


----------



## danielstern96 (Aug 16, 2011)

and for the new scan am i checking or unchecking LOP check and purity check?


----------



## jeffce (May 10, 2011)

Please make sure that they are NOT checked.


----------



## danielstern96 (Aug 16, 2011)

new scan log:

OTL logfile created on: 9/9/2011 7:02:54 PM - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 51.63% Memory free
3.84 Gb Paging File | 2.77 Gb Available in Paging File | 72.13% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.80 Gb Total Space | 44.10 Gb Free Space | 31.10% Space Free | Partition Type: NTFS

Computer Name: COMPUTER1 | User Name: dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Documents and Settings\dan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\AIM\aim.exe (AOL Inc.)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
PRC - C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\SurfSecret PrivacyVaults\PriVault.exe (SurfSecret, LLC)
PRC - C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\lxdncoms.exe ( )
PRC - C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
PRC - C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
PRC - C:\WINDOWS\system32\dlcxcoms.exe ( )
PRC - C:\Program Files\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe (Tracker Software Products Ltd.)

========== Modules (No Company Name) ==========

MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\Program Files\Steam\bin\libcef.dll ()
MOD - C:\Program Files\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files\Steam\bin\avutil-50.dll ()
MOD - C:\Program Files\Steam\bin\avcodec-52.dll ()
MOD - C:\Program Files\Steam\bin\avformat-52.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\Locales\en-US.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\avutil-50.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\avformat-52.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\avcodec-52.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\gcswf32.dll ()
MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Program Files\AIM\nssckbi.dll ()
MOD - C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerHook.dll ()
MOD - C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerAssistant.exe ()
MOD - C:\Program Files\LogMeIn\x86\ICSAgent32.dll ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdndrui.dll ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdndrpp.dll ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdndr.dll ()
MOD - C:\WINDOWS\system32\lxdndrs.dll ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnptpc.dll ()
MOD - C:\WINDOWS\system32\lxdncaps.dll ()
MOD - C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll ()
MOD - C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll ()
MOD - C:\Program Files\Logitech\QuickCam\LAppRes.DLL ()
MOD - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\LogiVOIPDevicePlugin.dll ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\LogiCordless4001.dll ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\LogiCordless.dll ()
MOD - C:\Program Files\Logitech\QuickCam\EFVal.dll ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\DevMngr.dll ()
MOD - C:\Program Files\Common Files\logishrd\LVCOMSER\LVCSPS.dll ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdnhpec.dll ()
MOD - C:\WINDOWS\system32\lxdncnv4.dll ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdndatr.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll ()
MOD - C:\Program Files\Dell PC Fax\dlctrstr.dll ()
MOD - C:\WINDOWS\system32\DLPRMON.DLL ()
MOD - C:\Program Files\Dell PC Fax\ipcmt.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\DLCXcfg.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\dlcxscw.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\dlcxdrec.dll ()
MOD - C:\Program Files\PDF-XChange 3 Pro\pdfSaver\fm30xmf.dll ()

========== Win32 Services (SafeList) ==========

SRV - (McComponentHostService) -- File not found
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe ()
SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (lxdn_device) -- C:\WINDOWS\System32\lxdncoms.exe ( )
SRV - (dlcx_device) -- C:\WINDOWS\System32\dlcxcoms.exe ( )

========== Driver Services (SafeList) ==========

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (pneteth) -- C:\WINDOWS\system32\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Cisco Systems, Inc.)
DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Cisco Systems, Inc.)
DRV - (WUSB54GCv3) -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys (Ralink Technology, Corp.)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech QuickCam E3500(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (SSKBFD) -- C:\WINDOWS\system32\drivers\sskbfd.sys (Webroot Software Inc (www.webroot.com))
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (shwMirror) -- C:\WINDOWS\system32\drivers\shwMirror.sys (Windows (R) Server 2003 DDK provider)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 62 0F A5 3D A0 B6 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

[2011/02/06 19:13:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dan\Application Data\Mozilla\Extensions
[2011/09/04 22:54:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2011/09/09 15:56:02 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [pdfSaver3] C:\Program Files\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe (Tracker Software Products Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [SurfSecret Privacy Vaults] C:\Program Files\SurfSecret PrivacyVaults\PriVault.exe (SurfSecret, LLC)
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\fliptoast.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\KeyPad.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\PdaNet Desktop.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\Xfire.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1243980282796 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243980267452 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\dan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\dan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Security Packages - (Lsa) - File not found
O30 - LSA: Security Packages - (ity Packages settings...) - File not found
O30 - LSA: Security Packages - (or) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/02 17:44:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/09 15:56:23 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/09/09 15:52:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader 5.0
[2011/09/09 15:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2011/09/06 19:03:46 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/09/06 19:03:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/06 19:03:42 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/06 16:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/09/06 16:07:34 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/05 23:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/09/04 22:39:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/09/04 22:34:02 | 004,194,092 | R--- | C] (Swearware) -- C:\Documents and Settings\dan\Desktop\ComboFix.exe
[2011/08/31 13:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\My Documents\YouTube Downloader
[2011/08/31 13:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\YoutubeDownloader.org
[2011/08/24 03:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2011/08/19 15:27:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/18 15:16:30 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\dan\Desktop\OTL.exe
[2011/08/13 23:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/13 22:50:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\dan\Recent
[2011/08/13 17:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ooVoo
[2011/08/13 16:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\Local Settings\Application Data\antiphishing-webblog1_1dn
[2011/08/13 16:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2011/08/13 16:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Client
[2011/08/13 16:56:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\Application Data\FileHunter
[2011/08/12 18:36:52 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/08/11 18:20:34 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/08/11 18:19:18 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/05/11 23:01:13 | 003,325,832 | ---- | C] (Ask) -- C:\Program Files\Common Files\APNToolbarInstaller.exe
[2011/05/11 23:01:13 | 000,108,424 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\APNStub.exe
[2009/10/20 18:59:04 | 000,409,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncoin.dll
[2009/06/02 18:14:53 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxserv.dll
[2009/06/02 18:14:53 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxusb1.dll
[2009/06/02 18:14:53 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhbn3.dll
[2009/06/02 18:14:53 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomc.dll
[2009/06/02 18:14:53 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpmui.dll
[2009/06/02 18:14:53 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxlmpm.dll
[2009/06/02 18:14:53 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcoms.exe
[2009/06/02 18:14:53 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomm.dll
[2009/06/02 18:14:53 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxinpa.dll
[2009/06/02 18:14:53 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxiesc.dll
[2009/06/02 18:14:53 | 000,381,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcfg.exe
[2009/06/02 18:14:53 | 000,380,928 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxih.exe
[2009/06/02 18:14:53 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhcp.dll
[2009/06/02 18:14:53 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxprox.dll
[2009/06/02 18:14:53 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpplc.dll
[2007/11/28 16:19:08 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnpmui.dll
[2007/11/28 16:16:04 | 001,101,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnserv.dll
[2007/11/28 16:13:38 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnlmpm.dll
[2007/11/28 16:13:30 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdniesc.dll
[2007/11/28 16:13:22 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncomm.dll
[2007/11/28 16:13:08 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncfg.exe
[2007/11/28 16:12:54 | 000,315,392 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnih.exe
[2007/11/28 16:12:40 | 000,589,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncoms.exe
[2007/11/28 16:12:26 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnhbn3.dll
[2007/11/28 16:12:08 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnusb1.dll
[2007/11/28 16:11:48 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncomc.dll
[2007/11/28 16:10:52 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnprox.dll
[2007/11/28 16:09:18 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdninpa.dll

========== Files - Modified Within 30 Days ==========

[2011/09/09 19:02:20 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/09 18:26:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/09 17:15:05 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/09 17:14:40 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/09 17:14:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/09 17:14:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011/09/09 17:13:12 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\dan\Application Data\Microsoft\Internet Explorer\Quick Launch\COWON Media Center - jetAudio.lnk
[2011/09/09 17:13:11 | 000,001,496 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COWON Media Center - jetAudio.lnk
[2011/09/09 17:04:53 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\Shortcut to JetAudio.exe.lnk
[2011/09/09 15:56:02 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/09/09 15:52:17 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\dan\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.0.lnk
[2011/09/09 15:52:17 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader 5.0.lnk
[2011/09/09 13:40:31 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\Microsoft Office Word 2003.lnk
[2011/09/06 19:03:46 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/05 23:15:22 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/04 22:59:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/09/04 22:39:27 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/09/04 22:34:02 | 004,194,092 | R--- | M] (Swearware) -- C:\Documents and Settings\dan\Desktop\ComboFix.exe
[2011/09/03 16:23:42 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/09/03 06:17:37 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/02 23:34:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/02 16:26:37 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\clipbrd.lnk
[2011/08/22 08:28:23 | 008,273,920 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\XPRC.iso
[2011/08/20 18:09:57 | 000,444,818 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/20 18:09:57 | 000,072,568 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/19 17:49:00 | 001,405,744 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\TDSSKiller.exe
[2011/08/18 15:16:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dan\Desktop\OTL.exe
[2011/08/16 00:49:51 | 000,006,096 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/08/13 22:52:44 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/08/13 22:49:42 | 000,517,328 | ---- | M] () -- C:\Documents and Settings\dan\My Documents\cc_20110813_224934.reg
[2011/08/13 17:44:48 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ooVoo.lnk
[2011/08/12 18:36:08 | 000,000,568 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\Shortcut to Unlocker.lnk
[2011/08/12 01:06:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak

========== Files Created - No Company Name ==========

[2011/09/09 17:04:53 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\Shortcut to JetAudio.exe.lnk
[2011/09/09 15:52:17 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\dan\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.0.lnk
[2011/09/09 15:52:17 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader 5.0.lnk
[2011/09/06 19:03:46 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/05 23:15:22 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/04 22:39:27 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/09/04 22:39:24 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/09/04 22:35:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/02 16:26:37 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\clipbrd.lnk
[2011/08/22 08:28:23 | 008,273,920 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\XPRC.iso
[2011/08/20 20:58:07 | 001,405,744 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\TDSSKiller.exe
[2011/08/17 19:15:27 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/16 00:49:51 | 000,006,096 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/08/13 22:49:37 | 000,517,328 | ---- | C] () -- C:\Documents and Settings\dan\My Documents\cc_20110813_224934.reg
[2011/08/13 17:44:48 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ooVoo.lnk
[2011/08/12 18:36:08 | 000,000,568 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\Shortcut to Unlocker.lnk
[2011/08/11 18:12:21 | 000,000,764 | ---- | C] () -- C:\Documents and Settings\dan\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2011/08/11 18:12:21 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\dan\Start Menu\Programs\Startup\Xfire.lnk
[2011/06/19 16:19:08 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2011/05/17 21:21:34 | 000,192,752 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/14 19:00:54 | 000,038,543 | ---- | C] () -- C:\WINDOWS\System32\wbers.dat.dmp
[2011/02/14 19:00:54 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\wbers.dat
[2011/01/29 13:11:14 | 000,000,056 | ---- | C] () -- C:\WINDOWS\SpeederXP.INI
[2010/10/28 02:03:35 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/06/25 13:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/02/04 18:41:04 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/04 18:37:25 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2009/11/30 15:33:46 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/11/10 23:31:43 | 000,941,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009/10/02 20:58:49 | 000,015,312 | R--- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2009/09/10 16:02:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/09/10 16:02:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/09/10 16:02:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/09/10 16:02:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/07/23 20:49:04 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdndrs.dll
[2009/07/14 10:02:58 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdngrd.dll
[2009/06/26 20:24:26 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/02 20:37:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/06/02 18:40:38 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/06/02 18:39:35 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2009/06/02 18:15:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcxvs.dll
[2009/06/02 18:15:15 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlcxcoin.dll
[2009/06/02 18:15:08 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dlcxdrs.dll
[2009/06/02 18:15:08 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcxcaps.dll
[2009/06/02 18:15:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlcxcnv4.dll
[2009/06/02 18:14:53 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\dlcxutil.dll
[2009/06/02 18:14:53 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\dlcxinst.dll
[2009/06/02 18:14:53 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\dlcxgrd.dll
[2009/06/02 18:14:53 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsb.dll
[2009/06/02 18:14:53 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxins.dll
[2009/06/02 18:14:53 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\dlcxjswr.dll
[2009/06/02 18:14:53 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsr.dll
[2009/06/02 18:14:53 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcxcub.dll
[2009/06/02 18:14:53 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcxcu.dll
[2009/06/02 18:14:53 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DLCXcfg.dll
[2009/06/02 18:14:53 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcxcur.dll
[2009/06/02 18:11:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLPRMON.DLL
[2009/06/02 18:11:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLPMONUI.DLL
[2009/06/02 17:58:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/06/02 17:46:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/06/02 17:41:11 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/06/02 13:35:05 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/06/02 13:33:37 | 000,362,528 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/14 14:46:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdncaps.dll
[2008/07/26 14:42:52 | 000,066,482 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/07/26 08:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/03/31 20:47:44 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdnvs.dll
[2007/10/02 15:51:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdncnv4.dll
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,444,818 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,072,568 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/18 01:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2002/04/04 21:00:50 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\kbdhebz.dll

< End of report >


----------



## jeffce (May 10, 2011)

How is your system running?


----------



## danielstern96 (Aug 16, 2011)

great! thank you sooo much for everything. your help was greatly appreciated. 

i have sooo many questions now. i was wondering if maybe you could answer a few of them.
1) do you like helping out like this? what got you involved?
2) is it difficult? do you think a 15 year old would be able to go through a course like you did?


----------



## jeffce (May 10, 2011)

Hi danielstern,

Glad to hear the system is running better!! 



> do you like helping out like this? what got you involved?


Personally I love helping people with their computer problems. I actually got involved doing this about a year ago now after I had a similar problem on my system. I was helped with my system and I asked how someone goes about learning this and I was guided to where to learn. 



> is it difficult? do you think a 15 year old would be able to go through a course like you did?


The course to go through like I have said takes time and commitment. I have been in it almost a year. Day in day out. It IS challenging, but I had very little background in anything more than what an average user might have so I would wager the more experience with computers going in the more familiar you might be with what is shown. In relation to age...I am not sure that matters but I don't know for sure.
----------

I see from your last OTL log that we still have some work to do. That was a really nasty piece of malware that we have been removing so this may take a little bit longer than normal, but we are definitely looking better.








----------

Run *OTL.exe*


Copy/paste the following text written *inside of the code box* into the *Custom Scans/Fixes* box located at the bottom of OTL


```
:Services

:OTL
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\fliptoast.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\KeyPad.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\PdaNet Desktop.lnk = File not found
O4 - Startup: C:\Documents and Settings\dan\Start Menu\Programs\Startup\Xfire.lnk = File not found
[2011/08/13 17:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ooVoo
[2011/09/09 17:14:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011/08/13 22:49:42 | 000,517,328 | ---- | M] () -- C:\Documents and Settings\dan\My Documents\cc_20110813_224934.reg
[2011/08/13 17:44:48 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ooVoo.lnk
[2011/08/13 22:49:37 | 000,517,328 | ---- | C] () -- C:\Documents and Settings\dan\My Documents\cc_20110813_224934.reg

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
```

Then click the *Run Fix* button at the top
Let the program run unhindered, reboot when it is done
There will be a log created and then run a new scan and post a new OTL log ( *don't check* the boxes beside LOP Check or Purity this time )


----------



## danielstern96 (Aug 16, 2011)

after fix:

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
C:\Documents and Settings\dan\Start Menu\Programs\Startup\fliptoast.lnk moved successfully.
C:\Documents and Settings\dan\Start Menu\Programs\Startup\KeyPad.lnk moved successfully.
C:\Documents and Settings\dan\Start Menu\Programs\Startup\PdaNet Desktop.lnk moved successfully.
C:\Documents and Settings\dan\Start Menu\Programs\Startup\Xfire.lnk moved successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\ooVoo folder moved successfully.
C:\WINDOWS\system32\drivers\logiflt.iad moved successfully.
C:\Documents and Settings\dan\My Documents\cc_20110813_224934.reg moved successfully.
C:\Documents and Settings\All Users\Desktop\ooVoo.lnk moved successfully.
File C:\Documents and Settings\dan\My Documents\cc_20110813_224934.reg not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Application Data

User: cs

User: dan
->Temp folder emptied: 11630428 bytes
->Temporary Internet Files folder emptied: 892380 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 352251265 bytes
->Flash cache emptied: 2586 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 627675 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 349.00 mb

OTL by OldTimer - Version 3.2.26.5 log created on 09102011_100858

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


----------



## danielstern96 (Aug 16, 2011)

after new scan:

OTL logfile created on: 9/10/2011 10:13:09 AM - Run 3
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\dan\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.97 Gb Available Physical Memory | 48.89% Memory free
3.84 Gb Paging File | 2.92 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.80 Gb Total Space | 44.32 Gb Free Space | 31.25% Space Free | Partition Type: NTFS

Computer Name: COMPUTER1 | User Name: dan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Documents and Settings\dan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\AIM\aim.exe (AOL Inc.)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
PRC - C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\SurfSecret PrivacyVaults\PriVault.exe (SurfSecret, LLC)
PRC - C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\lxdncoms.exe ( )
PRC - C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
PRC - C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
PRC - C:\WINDOWS\system32\dlcxcoms.exe ( )
PRC - C:\Program Files\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe (Tracker Software Products Ltd.)

========== Modules (No Company Name) ==========

MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\Program Files\Steam\bin\libcef.dll ()
MOD - C:\Program Files\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files\Steam\bin\avutil-50.dll ()
MOD - C:\Program Files\Steam\bin\avcodec-52.dll ()
MOD - C:\Program Files\Steam\bin\avformat-52.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\Locales\en-US.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\avutil-50.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\avformat-52.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\avcodec-52.dll ()
MOD - C:\Program Files\Google\Chrome\Application\13.0.782.220\gcswf32.dll ()
MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Program Files\AIM\nssckbi.dll ()
MOD - C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerHook.dll ()
MOD - C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerAssistant.exe ()
MOD - C:\Program Files\LogMeIn\x86\ICSAgent32.dll ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdndrpp.dll ()
MOD - C:\WINDOWS\system32\lxdndrs.dll ()
MOD - C:\WINDOWS\system32\lxdncaps.dll ()
MOD - C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll ()
MOD - C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll ()
MOD - C:\Program Files\Logitech\QuickCam\LAppRes.DLL ()
MOD - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\LogiVOIPDevicePlugin.dll ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\LogiCordless4001.dll ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\LogiCordless.dll ()
MOD - C:\Program Files\Logitech\QuickCam\EFVal.dll ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe ()
MOD - C:\Program Files\Common Files\logishrd\LComMgr\DevMngr.dll ()
MOD - C:\Program Files\Common Files\logishrd\LVCOMSER\LVCSPS.dll ()
MOD - C:\WINDOWS\system32\lxdncnv4.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcxdrpp.dll ()
MOD - C:\Program Files\Dell PC Fax\dlctrstr.dll ()
MOD - C:\WINDOWS\system32\DLPRMON.DLL ()
MOD - C:\Program Files\Dell PC Fax\ipcmt.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\DLCXcfg.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\dlcxscw.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 926\dlcxdrec.dll ()
MOD - C:\Program Files\PDF-XChange 3 Pro\pdfSaver\fm30xmf.dll ()

========== Win32 Services (SafeList) ==========

SRV - (McComponentHostService) -- File not found
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe ()
SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (lxdn_device) -- C:\WINDOWS\System32\lxdncoms.exe ( )
SRV - (dlcx_device) -- C:\WINDOWS\System32\dlcxcoms.exe ( )

========== Driver Services (SafeList) ==========

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (pneteth) -- C:\WINDOWS\system32\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Cisco Systems, Inc.)
DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Cisco Systems, Inc.)
DRV - (WUSB54GCv3) -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys (Ralink Technology, Corp.)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech QuickCam E3500(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (SSKBFD) -- C:\WINDOWS\system32\drivers\sskbfd.sys (Webroot Software Inc (www.webroot.com))
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (shwMirror) -- C:\WINDOWS\system32\drivers\shwMirror.sys (Windows (R) Server 2003 DDK provider)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 62 0F A5 3D A0 B6 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

[2011/02/06 19:13:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dan\Application Data\Mozilla\Extensions
[2011/09/04 22:54:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2011/09/09 15:56:02 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Documents and Settings\dan\Desktop\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [pdfSaver3] C:\Program Files\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe (Tracker Software Products Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [SurfSecret Privacy Vaults] C:\Program Files\SurfSecret PrivacyVaults\PriVault.exe (SurfSecret, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1243980282796 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243980267452 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\dan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\dan\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Security Packages - (Lsa) - File not found
O30 - LSA: Security Packages - (ity Packages settings...) - File not found
O30 - LSA: Security Packages - (or) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/02 17:44:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/09 15:56:23 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/09/09 15:52:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader 5.0
[2011/09/09 15:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2011/09/06 19:03:46 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/09/06 19:03:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/06 19:03:42 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/09/06 16:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/09/06 16:07:34 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/05 23:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/09/04 22:39:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/09/04 22:34:02 | 004,194,092 | R--- | C] (Swearware) -- C:\Documents and Settings\dan\Desktop\ComboFix.exe
[2011/08/31 13:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\My Documents\YouTube Downloader
[2011/08/31 13:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\YoutubeDownloader.org
[2011/08/24 03:00:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2011/08/19 15:27:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/08/18 15:16:30 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\dan\Desktop\OTL.exe
[2011/08/13 23:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/13 22:50:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\dan\Recent
[2011/08/13 16:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\Local Settings\Application Data\antiphishing-webblog1_1dn
[2011/08/13 16:57:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2011/08/13 16:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Client
[2011/08/13 16:56:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dan\Application Data\FileHunter
[2011/08/12 18:36:52 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/08/11 18:20:34 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011/08/11 18:19:18 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011/05/11 23:01:13 | 003,325,832 | ---- | C] (Ask) -- C:\Program Files\Common Files\APNToolbarInstaller.exe
[2011/05/11 23:01:13 | 000,108,424 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\APNStub.exe
[2009/10/20 18:59:04 | 000,409,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncoin.dll
[2009/06/02 18:14:53 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxserv.dll
[2009/06/02 18:14:53 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxusb1.dll
[2009/06/02 18:14:53 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhbn3.dll
[2009/06/02 18:14:53 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomc.dll
[2009/06/02 18:14:53 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpmui.dll
[2009/06/02 18:14:53 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxlmpm.dll
[2009/06/02 18:14:53 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcoms.exe
[2009/06/02 18:14:53 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcomm.dll
[2009/06/02 18:14:53 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxinpa.dll
[2009/06/02 18:14:53 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxiesc.dll
[2009/06/02 18:14:53 | 000,381,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxcfg.exe
[2009/06/02 18:14:53 | 000,380,928 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxih.exe
[2009/06/02 18:14:53 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxhcp.dll
[2009/06/02 18:14:53 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxprox.dll
[2009/06/02 18:14:53 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcxpplc.dll
[2007/11/28 16:19:08 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnpmui.dll
[2007/11/28 16:16:04 | 001,101,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnserv.dll
[2007/11/28 16:13:38 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnlmpm.dll
[2007/11/28 16:13:30 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdniesc.dll
[2007/11/28 16:13:22 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncomm.dll
[2007/11/28 16:13:08 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncfg.exe
[2007/11/28 16:12:54 | 000,315,392 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnih.exe
[2007/11/28 16:12:40 | 000,589,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncoms.exe
[2007/11/28 16:12:26 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnhbn3.dll
[2007/11/28 16:12:08 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnusb1.dll
[2007/11/28 16:11:48 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncomc.dll
[2007/11/28 16:10:52 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnprox.dll
[2007/11/28 16:09:18 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdninpa.dll

========== Files - Modified Within 30 Days ==========

[2011/09/10 10:12:45 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/10 10:11:03 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/10 10:10:09 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/10 10:09:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/10 09:26:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/09 23:34:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/09 17:13:12 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\dan\Application Data\Microsoft\Internet Explorer\Quick Launch\COWON Media Center - jetAudio.lnk
[2011/09/09 17:13:11 | 000,001,496 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COWON Media Center - jetAudio.lnk
[2011/09/09 17:04:53 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\Shortcut to JetAudio.exe.lnk
[2011/09/09 15:56:02 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/09/09 15:52:17 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\dan\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.0.lnk
[2011/09/09 15:52:17 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader 5.0.lnk
[2011/09/09 13:40:31 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\Microsoft Office Word 2003.lnk
[2011/09/06 19:03:46 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/05 23:15:22 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/04 22:59:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/09/04 22:39:27 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/09/04 22:34:02 | 004,194,092 | R--- | M] (Swearware) -- C:\Documents and Settings\dan\Desktop\ComboFix.exe
[2011/09/03 16:23:42 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/09/03 06:17:37 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/02 16:26:37 | 000,000,631 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\clipbrd.lnk
[2011/08/22 08:28:23 | 008,273,920 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\XPRC.iso
[2011/08/20 18:09:57 | 000,444,818 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/20 18:09:57 | 000,072,568 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/19 17:49:00 | 001,405,744 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\TDSSKiller.exe
[2011/08/18 15:16:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dan\Desktop\OTL.exe
[2011/08/16 00:49:51 | 000,006,096 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/08/13 22:52:44 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/08/12 18:36:08 | 000,000,568 | ---- | M] () -- C:\Documents and Settings\dan\Desktop\Shortcut to Unlocker.lnk
[2011/08/12 01:06:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak

========== Files Created - No Company Name ==========

[2011/09/09 17:04:53 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\Shortcut to JetAudio.exe.lnk
[2011/09/09 15:52:17 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\dan\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.0.lnk
[2011/09/09 15:52:17 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Reader 5.0.lnk
[2011/09/06 19:03:46 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/05 23:15:22 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/09/04 22:39:27 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/09/04 22:39:24 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/09/04 22:35:54 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/02 16:26:37 | 000,000,631 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\clipbrd.lnk
[2011/08/22 08:28:23 | 008,273,920 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\XPRC.iso
[2011/08/20 20:58:07 | 001,405,744 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\TDSSKiller.exe
[2011/08/17 19:15:27 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/16 00:49:51 | 000,006,096 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/08/12 18:36:08 | 000,000,568 | ---- | C] () -- C:\Documents and Settings\dan\Desktop\Shortcut to Unlocker.lnk
[2011/06/19 16:19:08 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2011/05/17 21:21:34 | 000,192,752 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/14 19:00:54 | 000,038,543 | ---- | C] () -- C:\WINDOWS\System32\wbers.dat.dmp
[2011/02/14 19:00:54 | 000,002,154 | ---- | C] () -- C:\WINDOWS\System32\wbers.dat
[2011/01/29 13:11:14 | 000,000,056 | ---- | C] () -- C:\WINDOWS\SpeederXP.INI
[2010/10/28 02:03:35 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/06/25 13:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/02/04 18:41:04 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/04 18:37:25 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2009/11/30 15:33:46 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/11/10 23:31:43 | 000,941,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009/10/02 20:58:49 | 000,015,312 | R--- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2009/09/10 16:02:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/09/10 16:02:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/09/10 16:02:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/09/10 16:02:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/07/23 20:49:04 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdndrs.dll
[2009/07/14 10:02:58 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdngrd.dll
[2009/06/26 20:24:26 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\dan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/02 20:37:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/06/02 18:40:38 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/06/02 18:39:35 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2009/06/02 18:15:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcxvs.dll
[2009/06/02 18:15:15 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlcxcoin.dll
[2009/06/02 18:15:08 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dlcxdrs.dll
[2009/06/02 18:15:08 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dlcxcaps.dll
[2009/06/02 18:15:08 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlcxcnv4.dll
[2009/06/02 18:14:53 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\dlcxutil.dll
[2009/06/02 18:14:53 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\dlcxinst.dll
[2009/06/02 18:14:53 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\dlcxgrd.dll
[2009/06/02 18:14:53 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsb.dll
[2009/06/02 18:14:53 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcxins.dll
[2009/06/02 18:14:53 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\dlcxjswr.dll
[2009/06/02 18:14:53 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcxinsr.dll
[2009/06/02 18:14:53 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcxcub.dll
[2009/06/02 18:14:53 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcxcu.dll
[2009/06/02 18:14:53 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DLCXcfg.dll
[2009/06/02 18:14:53 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcxcur.dll
[2009/06/02 18:11:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLPRMON.DLL
[2009/06/02 18:11:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLPMONUI.DLL
[2009/06/02 17:58:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/06/02 17:46:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/06/02 17:41:11 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/06/02 13:35:05 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/06/02 13:33:37 | 000,362,528 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/14 14:46:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdncaps.dll
[2008/07/26 14:42:52 | 000,066,482 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/07/26 08:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2008/03/31 20:47:44 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdnvs.dll
[2007/10/02 15:51:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdncnv4.dll
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,444,818 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,072,568 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/18 01:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2002/04/04 21:00:50 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\kbdhebz.dll

< End of report >


----------



## jeffce (May 10, 2011)

Hi danielstern96,

*IT APPEARS THAT YOUR LOGS ARE NOW CLEAN*







SO LETS DO A COUPLE OF THINGS TO WRAP THIS UP!!










*This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.*
----------

The following will implement some cleanup procedures as well as reset System Restore points:

Click *Start* >* Run* and copy/paste the following text into the Run box as shown and click OK.
(Note: There is a space between the ..X and the /U that needs to be there.)









----------

Clean up with *OTL:*


Double-click *OTL.exe* to start the program.
Close all other programs apart from OTL as this step will require a reboot
On the OTL main screen, press the *CLEANUP* button
Say *Yes* to the prompt and then allow the program to reboot your computer.

----------

*Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.*

*Here are some tips to reduce the potential for spyware infection in the future:*

*1.* *Make your Internet Explorer more secure* - This can be done by following these simple instructions:


From within Internet Explorer click on the *Tools* menu and then click on *Options*.
Click once on the *Security* tab
Click once on the *Internet* icon so it becomes highlighted.
Click once on the *Custom Level* button.
Change the *Download signed ActiveX controls* to *Prompt*
Change the *Download unsigned ActiveX controls* to *Disable*
Change the *Initialize and script ActiveX controls not marked as safe* to *Disable*
Change the *Installation of desktop items* to *Prompt*
Change the *Launching programs and files in an IFRAME* to *Prompt*
Change the *Navigate sub-frames across different domains* to *Prompt*
When all these settings have been made, click on the *OK* button.
If it prompts you as to whether or not you want to save the settings, press the *Yes* button.
Next press the *Apply* button and then the *OK* to exit the Internet Properties page.

*2.* Enable *Protected Mode* in Internet Explorer. This helps Windows Vista users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps:

Open *Internet Explorer*
Click on *Tools > Internet Options*
Press *Security* tab
Select *Internet* zone then place check next to _Enable Protected Mode_ if not already done
Do the same for *Local Intranet, Trusted Sites* and *Restricted Sites* and then press *Apply*
Restart Internet Explorer and in the bottom right corner of your screen you will see _Protected Mode: On_ showing you it is enabled.

*3.* *Use and Update an Anti-Virus Software* - I can not overemphasize the need for you to use and update your Anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

*4.* *Firewall*
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. A tutorial on Firewalls and a listing of some available ones can be found *here*.
***Do not install more than one firewall program because they will conflict with each other***

*5.* *Make sure you keep your Windows OS current*. _*Windows XP*_ users can visit *Windows update*  regularly to download and install any critical updates and service packs. _*Windows Vista/7*_ users can open the *Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane)* to update these systems. Without these you are leaving the back door open.

*6. Filehippo's Update Checker*. It is free utilitiy that scan your computer for installed software, checks the versions and then sends this information to see if there are any newer releases. Available software updates are displayed and you can decide which ones to download and install. Among many other types of programs, they includes a number of the Anti-Spyware, Firewall/Security and Anti-Virus programs that have been recommended (though not all of them). _Note: Definition files should be updated from within the programs themselves. The Update Checker look for newer versions of the software program, not definition files._

*7.* *Consider a custom hosts file such as MVPS HOSTS*. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the *DNS Client* service *before* installing a custom hosts file.

*8.*  *WOT*  , Web of Trust, As 'Googling' is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

Green to go
Yellow for caution
Red to stop
 WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

*9.* *Install Spybot - Search and Destroy* - Download and install Spybot - Search and Destroy with its TeaTimer option. This will provide real time spyware and hijacker protection on your computer alongside your virus protection. You should scan your computer with the program on a regular basis just as you would with your anti-virus software. A tutorial on installing and using this product can be found here:
*Instructions for - Spybot S & D and Ad-aware*

*10.* Finally, I strongly recommend that you read TonyKlein's good advice *So how did I get infected in the first place? *

*Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.*


----------



## danielstern96 (Aug 16, 2011)

i am more than satisfied. THANK YOU!


----------



## jeffce (May 10, 2011)

You are quite welcome!!


----------



## jeffce (May 10, 2011)

Since this topic seems to be resolved I will be unsubscribing from this thread. Glad that we could be of help.


----------

