The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at NortonLifeLock.com

I need a good scrub (cleaning)

Posted 2/21/2010 8:57 PM
#83098
User avatar

Frank1 Advanced member

Date Joined Nov 2016
Total Posts: 45
I am running Windows Security Essentials (I was running NOD 32) Malawarebytes and Windows Firewall ON. Programs take a while to load and Firefox wasn't loading all of the page on some sites.


Here are my logs:



Logfile of HijackThis v1.99.1
Scan saved at 4:45:49 PM, on 2/21/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
c:\PROGRA~1\MICROS~2\msseces.exe
C:\Documents and Settings\SAM\Local Settings\Apps\2.0\8J7VZOTM.QHY\270585WZ.NHH\rapi..tion_c14d24c3c9280019_0000.0001_c0d10af6569cd6fc\RapidShareManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\SAM\Desktop\FIX\HiJack This\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=https://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - https://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240187843000
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - https://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: Domain = norsegods.info
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: NameServer = 10.20.21.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB04B81C-41F0-41C3-9524-6092A2A51307}: NameServer = 192.168.123.254,192.168.123.255
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: Domain = norsegods.info
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: NameServer = 10.20.21.1
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)



Malawarebytes:

Malwarebytes' Anti-Malware 1.44
Database version: 3770
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

2/21/2010 3:13:04 PM
mbam-log-2010-02-21 (15-13-04).txt

Scan type: Full Scan (C:\|D:\|H:\|K:\|L:\|)
Objects scanned: 242685
Time elapsed: 2 hour(s), 12 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\SAM\Desktop\DESKTOP VIDEO TOOLS\TS to AVI converter\OJOsoft.All.Products.Universal.Keygen.v1.0_HAZE\OJOsoft.All.Products.Universal.Keygen.v1.0_HAZE\OJOsoft.All.Products.Universal.Keygen.v1.0-HAZE\Keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\SAM\Desktop\Camtasia Studio v5\TCS5\keygen.exe (Malware.Tool) -> Quarantined and deleted successfully.
L:\NUANCE DRAGON NATURALLY SPEAKING v10.1 PREFERRED-DVTiSO\DVT\Nuance_KeyMaker.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
L:\PROGRAMS\PROGRAMS\WMA MP3 - Converter with Keygen\keymaker.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.



DDS:




DDS (Ver_09-12-01.01) - NTFSx86
Run by SAM at 16:53:27.45 on Sun 02/21/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2015.1336 [GMT -5:00]

AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\WINDOWS\system32\nvsvc32.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
c:\PROGRA~1\MICROS~2\msseces.exe
C:\Documents and Settings\SAM\Local Settings\Apps\2.0\8J7VZOTM.QHY\270585WZ.NHH\rapi..tion_c14d24c3c9280019_0000.0001_c0d10af6569cd6fc\RapidShareManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\SAM\Desktop\Virus removal\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No File
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking9\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\nuance\naturallyspeaking9\Ereg.ini
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\windows\system32\imon.dll
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240187843000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {0F17472E-F1BD-4DD2-93B4-689C270E632F} = 10.20.21.1
TCP: {EB04B81C-41F0-41C3-9524-6092A2A51307} = 192.168.123.254,192.168.123.255
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sam\applic~1\mozilla\firefox\profiles\yozei8i9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-11-11 207280]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 142832]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-1-31 15424]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2008-10-28 156968]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 sympxchm;sympxchm;c:\windows\system32\drivers\sympxchm.sys [2008-7-20 19741]
R3 vidcap;vidcap;c:\windows\system32\drivers\vidcap.sys [2006-12-27 9006]
S1 SASDIFSV;SASDIFSV;\??\c:\program files\superantispyware\sasdifsv.sys --> c:\program files\superantispyware\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\saskutil.sys --> c:\program files\superantispyware\SASKUTIL.sys [?]
S3 HRFUSB;Symphony HRF USB Adapter Driver;c:\windows\system32\drivers\hrfusbxp.sys [2008-7-20 125309]
S3 KLIF;KLIF;c:\windows\system32\drivers\klif.sys [2008-1-25 194320]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2008-12-23 50704]
S3 RSC4_A02;U.S. Robotics Wireless USB Adapter Driver;c:\windows\system32\drivers\rsc4usb.sys --> c:\windows\system32\drivers\RSC4USB.sys [?]
S3 SASENUM;SASENUM;\??\c:\program files\superantispyware\sasenum.sys --> c:\program files\superantispyware\SASENUM.SYS [?]
S4 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2008-1-31 552064]
S4 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-11-11 358600]
S4 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-11-11 1141200]

=============== Created Last 30 ================

2010-02-21 20:14:50 54016 ----a-w- c:\windows\system32\drivers\gspprc.sys
2010-02-20 03:27:08 0 d-----w- c:\windows\system32\wbem\Repository
2010-02-17 22:34:58 2274 ----a-w- c:\docume~1\sam\applic~1\SAS7_000.DAT
2010-02-17 21:51:03 0 d-----w- c:\docume~1\sam\applic~1\Nuance
2010-02-17 21:48:00 0 d-----w- c:\program files\common files\ScanSoft Shared
2010-02-17 21:47:59 0 d-----w- c:\program files\common files\Nuance
2010-02-17 21:46:49 0 d-----w- c:\program files\Nuance
2010-02-17 21:46:49 0 d-----w- c:\docume~1\alluse~1\applic~1\Nuance
2010-02-17 21:40:02 0 d-----w- c:\windows\speech
2010-02-08 18:31:48 0 d-----w- c:\windows\ServicePackFiles
2010-02-08 18:02:32 0 d-----w- c:\program files\MSXML 4.0
2010-02-08 17:21:51 0 d-----w- c:\windows\system32\CatRoot_bak
2010-02-08 16:58:06 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-08 16:42:52 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-02-08 16:38:27 0 d-----w- c:\program files\Microsoft Security Essentials
2010-01-29 21:16:57 0 d-----w- c:\windows\WinAVI Video Converter 9.0
2010-01-29 20:34:24 0 d-----w- c:\program files\Solveig Multimedia
2010-01-29 20:34:24 0 d-----w- c:\program files\common files\Solveig Multimedia
2010-01-29 02:55:54 0 d-----w- c:\program files\WinAVI Video Converter 9.0

==================== Find3M ====================

2010-01-07 21:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07:04 19160 -c--a-w- c:\windows\system32\drivers\mbam.sys
2009-12-31 16:14:12 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-31 16:14:12 352640 ----a-w- c:\windows\system32\dllcache\srv.sys
2009-12-16 13:35:58 18432 ----a-w- c:\windows\system32\dllcache\iedw.exe
2009-12-16 12:58:04 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-16 12:58:04 343040 ----a-w- c:\windows\system32\dllcache\mspaint.exe
2009-12-14 07:35:35 33280 ----a-w- c:\windows\system32\dllcache\csrsrv.dll
2009-12-14 07:35:35 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 18:14:02 2185984 ----a-w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-12-08 18:11:44 2142720 ----a-w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-08 18:11:44 2142720 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-08 17:35:25 2020864 ----a-w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-08 17:35:25 2020864 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 17:35:22 2063104 ----a-w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-08 08:59:48 474112 ----a-w- c:\windows\system32\dllcache\shlwapi.dll
2009-12-04 14:41:55 453760 ----a-w- c:\windows\system32\dllcache\mrxsmb.sys
2009-11-27 17:04:16 1291776 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:04:16 1291776 ----a-w- c:\windows\system32\dllcache\quartz.dll
2009-11-27 17:04:15 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 17:04:15 17920 ----a-w- c:\windows\system32\dllcache\msyuv.dll
2009-11-27 16:37:27 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:37:27 8704 ----a-w- c:\windows\system32\dllcache\tsbyuv.dll
2009-11-27 16:37:27 84992 ----a-w- c:\windows\system32\dllcache\avifil32.dll
2009-11-27 16:37:27 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:37:27 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:37:27 48128 ----a-w- c:\windows\system32\dllcache\iyuv_32.dll
2009-11-27 16:37:27 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:37:27 28672 ----a-w- c:\windows\system32\dllcache\msvidc32.dll
2009-11-27 16:37:27 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:37:27 11264 ----a-w- c:\windows\system32\dllcache\msrle32.dll
2007-04-24 15:33:23 22 -csha-w- c:\windows\sminst\HPCD.sys
2006-05-03 09:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll
2008-02-14 03:57:33 4704 -csha-w- c:\windows\system32\KGyGaAvL.sys
2007-02-21 10:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-01-31 15:20:17 2066208 -csha-w- c:\windows\system32\drivers\fidbox.dat
2008-01-31 15:20:17 25376 -csha-w- c:\windows\system32\drivers\fidbox2.dat

============= FINISH: 16:54:16.48 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/15/2007 10:03:43 AM
System Uptime: 2/20/2010 10:49:59 PM (18 hours ago)

Motherboard: Quanta | | 30B7
Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-50 | Socket S1 | 1607/200mhz
Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-50 | Socket S1 | 1607/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 62 GiB total, 3.903 GiB free.
D: is FIXED (FAT32) - 11 GiB total, 1.088 GiB free.
E: is CDROM ()
H: is FIXED (NTFS) - 153 GiB total, 22.928 GiB free.
K: is FIXED (NTFS) - 298 GiB total, 15.24 GiB free.
L: is FIXED (NTFS) - 298 GiB total, 22.951 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP27: 2/11/2010 6:33:06 PM - System Checkpoint
RP28: 2/11/2010 9:45:32 PM - Microsoft Antimalware Checkpoint
RP29: 2/12/2010 3:00:23 AM - Software Distribution Service 3.0
RP30: 2/13/2010 2:16:47 AM - Software Distribution Service 3.0
RP31: 2/13/2010 3:00:19 AM - Software Distribution Service 3.0
RP32: 2/13/2010 6:50:31 PM - Microsoft Antimalware Checkpoint
RP33: 2/14/2010 2:01:51 AM - Software Distribution Service 3.0
RP34: 2/14/2010 3:00:20 AM - Software Distribution Service 3.0
RP35: 2/15/2010 3:00:30 AM - Software Distribution Service 3.0
RP36: 2/16/2010 3:00:18 AM - Software Distribution Service 3.0
RP37: 2/16/2010 5:11:17 PM - Software Distribution Service 3.0
RP38: 2/17/2010 3:00:19 AM - Software Distribution Service 3.0
RP39: 2/17/2010 4:32:19 PM - Before Dragon Naturally speaking
RP40: 2/17/2010 4:44:36 PM - Installed Dragon NaturallySpeaking 9
RP41: 2/17/2010 4:46:37 PM - Installed Dragon NaturallySpeaking 9
RP42: 2/18/2010 3:00:22 AM - Software Distribution Service 3.0
RP43: 2/18/2010 5:06:52 PM - Software Distribution Service 3.0
RP44: 2/19/2010 3:00:27 AM - Software Distribution Service 3.0
RP45: 2/19/2010 5:07:30 PM - Software Distribution Service 3.0
RP46: 2/19/2010 10:26:21 PM - Restore Operation
RP47: 2/19/2010 10:31:50 PM - Software Distribution Service 3.0
RP48: 2/20/2010 3:00:50 AM - Software Distribution Service 3.0
RP49: 2/20/2010 8:43:35 AM - Microsoft Antimalware Checkpoint
RP50: 2/20/2010 11:02:25 PM - Software Distribution Service 3.0
RP51: 2/21/2010 3:00:18 AM - Software Distribution Service 3.0

==== Installed Programs ======================


Acrobat.com
Active@ File Recovery
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader 9.1
Adobe Shockwave Player
AMP Font Viewer
Auslogics Disk Defrag
Auslogics Duplicate File Finder
Avatar Sizer
Avidemux 2.4
Belarc Advisor 8.1
Boilosft AVI to VCD SVCD DVD Converter 3.81
BufferChm
Cain & Abel v4.9.31
CCleaner
Conexant HD Audio
ConvertXtoDVD 2.99.10.600
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CueTour
Customer Experience Enhancement
Destinations
DeviceManagementQFolder
DivX
Dragon NaturallySpeaking 9
EVEREST Ultimate Edition v4.50
Free M4a to MP3 Converter 5.9
Free Mp3 Wma Converter V 1.8.0
FullDPAppQFolder
GetDiz 3.0
HDAUDIO Soft Data Fax Modem with SmartCP
HijackThis 1.99.1
HP Help and Support
HP Imaging Device Functions 6.0
HP Photosmart Premier Software 6.0
HP Quick Launch Buttons 6.10 A2
HP QuickPlay 2.3
HP Update
HP User Guides 0031
HP Wireless Assistant 2.00 G2
HPNetworkAssistant
HpSdpAppCoreApp
InstantShareDevices
Internet Music Capture
Jessica Alba!
LightScribe 1.4.97.1
Logitech MouseWare 9.79.1
Macromedia Flash Player 8
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
Mayoko
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft MPEG-4 VKI Video Codec V1/V2/V3
Microsoft Office Standard Edition 2003
Microsoft Security Essentials
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Mozilla Firefox (3.5.7)
MPEG Video Wizard DVD
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
muvee autoProducer 5.0
NetWaiting
NOD32 antivirus system
NOD32 FiX v2.1
Office 2003 Trial Assistant
oggcodecs 0.71.0946
OJOsoft Total Video Converter
OptionalContentQFolder
Photo To Color Sketch 6.51
PhotoGallery
PL-2303 USB-to-Serial
PowerISO
Privoxy 3.0.6
RandMap
RapidShare Manager
Registry Defragmenter and Compactor 1.3
Registry Finder 1.2
Registry Mechanic 8.0
Registry TuneUp
RegVac Registry Cleaner 5.01 (Registered Version)
Replay Music
Rio Internet Update
Rio Music Manager
Satellite Finder 4.0
Seagate Manager Installer
Security Update for CAPICOM (KB931906)
SIM MAX
SkinsHP1
SnagIt 8
SolveigMM AVI Trimmer
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
Sonic_PrimoSDK
SonicAC3Encoder
SonicMPEGEncoder
Spybot - Search & Destroy
Spyware Doctor 7.0
SUPER © Version 2007.bld.22 (Mar 14, 2007)
Synaptics Pointing Device Driver
The KMPlayer (remove only)
Tor 0.1.2.19
TourSetup
U.S. Robotics Wireless USB Adapter
Uniblue RegistryBooster 2
Unload
Vidalia 0.0.16
VideoReDo TVSuite Version 3.1.5.565
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.3
Vongo
WebFldrs XP
WinAVI Video Converter 9.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Live OneCare safety scanner
Windows Media Connect
Windows Media Format Runtime
Winferno Registry Power Cleaner
WinPcap 4.1 beta5
WinRAR archiver
WinX Video Converter 4.0
XP Repair Pro 2007
XviD MPEG-4 Video Codec
ZD Soft Video Recorder

==== Event Viewer Messages From Past Week ========

2/20/2010 5:28:22 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
2/20/2010 5:28:08 PM, error: Microsoft Antimalware [5008] - Microsoft Antimalware engine has been terminated due to an unexpected error. Failure Type: Hang Exception code: Resource: file:K:\PROGRAMS\Plasmaquarium\Plasmaquarium_2008_DVD\Plasmaquarium_www.Wrestle-Zone.net.daa
2/20/2010 10:39:10 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
2/20/2010 10:23:18 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 BANTExt Fips IPSec MpFilter MRxSmb NetBIOS NetBT nod32drv RasAcd Rdbss SASDIFSV SASKUTIL SCDEmu Tcpip WS2IFSL
2/20/2010 10:23:18 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
2/20/2010 10:23:18 AM, error: Service Control Manager [7001] - The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start.
2/20/2010 10:23:18 AM, error: Service Control Manager [7001] - The Message Queuing service depends on the Distributed Transaction Coordinator service which failed to start because of the following error: The dependency service or group failed to start.
2/20/2010 10:23:18 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/20/2010 10:23:18 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/20/2010 10:23:18 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
2/20/2010 10:22:58 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/20/2010 10:22:55 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
2/19/2010 10:29:10 PM, error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 0.0.0.0;0.0.0.0 Engine version: 0.0.0.0
2/18/2010 2:13:15 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.123.101 with the system having network hardware address 00:C0:49:DF:00:01. Network operations on this system may be disrupted as a result.
2/18/2010 2:13:15 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.123.101 with the system having network hardware address 00:18:41:71:13:22. Network operations on this system may be disrupted as a result.
2/17/2010 5:05:45 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.75.831.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: https://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.5406.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
2/16/2010 5:11:02 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
2/14/2010 3:04:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL
2/14/2010 3:02:58 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office Outlook 2003 Junk Email Filter (KB977713).
2/14/2010 3:01:54 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Office 2003 (KB907417).
2/14/2010 3:01:24 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Office 2003 Service Pack 3 (SP3).

==== End Of File ===========================
Posted 2/23/2010 2:04 AM
#83154
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Please download Combofix from:

Combofix



And save to the desktop.


Close all other browser windows.



Double-click on the combofix icon found on your desktop.



Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.


When finished, it will produce a logfile located at C:\combofix.txt.




Post the contents of that log in your next reply


The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.



[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 2/23/2010 2:19 AM
#83155
User avatar

Frank1 Advanced member

Date Joined Nov 2016
Total Posts: 45
ComboFix 10-02-21.02 - SAM 02/22/2010 13:40:56.11.2 - x86
Running from: c:\documents and settings\SAM\Desktop\Virus removal\456out.com
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\gspprc.sys
K:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_lsuturvk


((((((((((((((((((((((((( Files Created from 2010-01-22 to 2010-02-22 )))))))))))))))))))))))))))))))
.

2010-02-20 03:30 . 2010-02-20 03:30 -------- d-----w- c:\documents and settings\SAM\Local Settings\Application Data\Scansoft
2010-02-20 03:27 . 2010-02-20 03:27 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-17 22:05 . 2010-02-17 22:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\PCHealth
2010-02-17 21:51 . 2010-02-17 21:51 -------- d-----w- c:\documents and settings\SAM\Application Data\Nuance
2010-02-17 21:48 . 2010-02-17 21:48 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2010-02-17 21:48 . 2010-02-17 21:48 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2010-02-17 21:47 . 2010-02-17 21:47 -------- d-----w- c:\program files\Common Files\Nuance
2010-02-17 21:46 . 2010-02-17 21:46 -------- d-----w- c:\program files\Nuance
2010-02-17 21:46 . 2010-02-17 21:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Nuance
2010-02-17 21:40 . 2010-02-17 21:51 -------- d-----w- c:\windows\speech
2010-02-09 04:59 . 2010-02-09 04:59 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2010-02-08 18:31 . 2010-02-08 18:31 -------- d-----w- c:\windows\ServicePackFiles
2010-02-08 18:02 . 2010-02-08 18:02 -------- d-----w- c:\program files\MSXML 4.0
2010-02-08 17:21 . 2010-02-08 22:44 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-08 16:58 . 2008-06-13 13:10 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-08 16:42 . 2010-01-14 16:12 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-02-08 16:38 . 2010-02-08 16:38 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-01-29 21:16 . 2010-01-29 21:16 -------- d-----w- c:\windows\WinAVI Video Converter 9.0
2010-01-29 20:34 . 2010-01-29 20:34 -------- d-----w- c:\program files\Common Files\Solveig Multimedia
2010-01-29 20:34 . 2010-01-29 20:34 -------- d-----w- c:\program files\Solveig Multimedia
2010-01-29 20:18 . 2010-02-14 21:03 -------- d-----w- c:\documents and settings\SAM\Application Data\dvdcss
2010-01-29 19:18 . 2010-01-29 19:31 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-01-29 02:56 . 2010-02-19 15:05 -------- d-----w- c:\documents and settings\SAM\Local Settings\Application Data\WinAVI
2010-01-29 02:55 . 2010-01-29 21:17 -------- d-----w- c:\program files\WinAVI Video Converter 9.0
2010-01-27 17:31 . 2010-02-22 07:04 -------- d-----w- c:\documents and settings\SAM\Application Data\vlc

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-20 10:16 . 2007-10-03 00:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-02-17 22:34 . 2010-02-17 22:34 2274 ----a-w- c:\documents and settings\SAM\Application Data\SAS7_000.DAT
2010-01-29 19:30 . 2006-09-01 12:11 -------- d-----w- c:\program files\Windows Media Connect 2
2010-01-28 23:08 . 2009-12-15 19:33 -------- d-----w- c:\program files\Xilisoft
2010-01-28 23:06 . 2008-02-12 04:25 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-25 02:33 . 2009-12-12 06:34 -------- d-----w- c:\program files\Duplicate File Remover
2010-01-25 00:08 . 2008-10-19 17:26 -------- d-----w- c:\program files\CCleaner2
2010-01-14 20:15 . 2008-10-19 17:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-14 20:15 . 2009-03-16 02:50 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 21:07 . 2008-10-19 17:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07 . 2008-10-19 17:55 19160 -c--a-w- c:\windows\system32\drivers\mbam.sys
2009-12-31 16:14 . 2005-05-10 08:17 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-30 08:02 . 2009-12-30 08:02 -------- d-----w- c:\program files\Digiarty
2009-12-22 05:35 . 2006-03-16 04:00 668672 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:35 . 2006-03-16 04:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-16 12:58 . 2006-03-16 04:00 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:35 . 2006-03-16 04:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 18:11 . 2006-03-16 04:00 2142720 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-08 17:35 . 2006-03-16 04:00 2020864 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 14:41 . 2005-01-19 12:26 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:04 . 2005-08-30 12:13 1291776 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:04 . 2006-03-16 04:00 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:37 . 2006-03-16 04:00 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:37 . 2006-03-16 04:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:37 . 2006-03-16 04:00 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:37 . 2006-03-16 04:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:37 . 2006-03-16 04:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2007-04-24 15:33 . 2007-04-24 15:33 22 -csha-w- c:\windows\SMINST\HPCD.sys
2006-05-03 09:06 . 2007-04-20 06:47 163328 --sha-r- c:\windows\system32\flvDX.dll
2008-02-14 03:57 . 2008-02-14 03:56 4704 -csha-w- c:\windows\system32\KGyGaAvL.sys
2007-02-21 10:47 . 2007-04-20 06:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-01-31 15:20 . 2008-01-26 04:36 2066208 -csha-w- c:\windows\system32\drivers\fidbox.dat
2008-01-31 15:20 . 2008-01-26 04:36 25376 -csha-w- c:\windows\system32\drivers\fidbox2.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-10-11_07.19.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 07:19 . 2007-11-07 07:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2005-09-23 06:35 . 2005-09-23 06:35 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
+ 2005-09-23 05:58 . 2005-09-23 05:58 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2005-09-23 05:58 . 2005-09-23 05:58 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2005-09-23 05:58 . 2005-09-23 05:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2005-09-23 05:58 . 2005-09-23 05:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2005-09-23 05:58 . 2005-09-23 05:58 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2005-09-23 05:58 . 2005-09-23 05:58 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2005-09-23 05:58 . 2005-09-23 05:58 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2005-09-23 05:58 . 2005-09-23 05:58 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2005-09-23 05:58 . 2005-09-23 05:58 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2005-09-23 06:16 . 2005-09-23 06:16 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2005-09-23 06:16 . 2005-09-23 06:16 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2005-09-23 04:49 . 2005-09-23 04:49 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2009-07-12 00:41 . 2009-07-12 00:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2009-06-29 04:42 . 2009-06-29 04:42 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2005-05-26 12:16 . 2009-08-07 00:24 44768 c:\windows\system32\wups2.dll
+ 2006-03-16 04:00 . 2009-08-07 00:24 35552 c:\windows\system32\wups.dll
+ 2006-03-16 04:00 . 2009-08-07 00:24 53472 c:\windows\system32\wuauclt.exe
+ 2006-03-16 04:00 . 2009-06-25 08:44 59392 c:\windows\system32\wdigest.dll
+ 2007-01-29 08:58 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
+ 2006-03-16 04:00 . 2009-06-12 11:50 80896 c:\windows\system32\tlntsess.exe
+ 2006-03-16 04:00 . 2009-06-12 11:50 76288 c:\windows\system32\telnet.exe
+ 2006-03-16 04:00 . 2009-10-21 06:00 75776 c:\windows\system32\strmfilt.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 75776 c:\windows\system32\strmfilt.dll
+ 2005-10-14 03:22 . 2008-07-09 07:38 26488 c:\windows\system32\spupdsvc.exe
+ 2006-09-01 11:30 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2010-02-08 16:37 . 2009-08-07 00:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2010-02-08 16:37 . 2009-08-07 00:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2006-03-16 04:00 . 2009-06-25 08:44 56320 c:\windows\system32\secur32.dll
+ 2006-03-16 04:00 . 2009-02-06 16:54 35328 c:\windows\system32\sc.exe
- 2006-03-16 04:00 . 2006-03-16 04:00 69632 c:\windows\system32\raschap.dll
+ 2006-03-16 04:00 . 2009-10-12 13:54 69632 c:\windows\system32\raschap.dll
- 2005-07-03 10:11 . 2007-12-07 00:44 39424 c:\windows\system32\pngfilt.dll
+ 2005-07-03 10:11 . 2009-12-22 05:35 39424 c:\windows\system32\pngfilt.dll
- 2006-06-29 18:27 . 2009-09-11 19:56 66888 c:\windows\system32\perfc009.dat
+ 2006-06-29 18:27 . 2010-02-10 08:24 66888 c:\windows\system32\perfc009.dat
+ 2006-03-16 04:00 . 2008-06-12 14:16 91648 c:\windows\system32\mtxoci.dll
- 2006-03-16 04:00 . 2006-03-02 03:42 66560 c:\windows\system32\mtxclu.dll
+ 2006-03-16 04:00 . 2008-06-12 14:16 66560 c:\windows\system32\mtxclu.dll
+ 2006-03-16 04:00 . 2008-06-12 14:16 58880 c:\windows\system32\msdtclog.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 58880 c:\windows\system32\msdtclog.dll
+ 2006-03-16 04:00 . 2008-06-24 16:23 74240 c:\windows\system32\mscms.dll
- 2006-03-16 04:00 . 2005-06-29 09:46 74240 c:\windows\system32\mscms.dll
+ 2006-03-16 04:00 . 2009-09-04 20:45 58880 c:\windows\system32\msasn1.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 48640 c:\windows\system32\mqupgrd.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 48640 c:\windows\system32\mqupgrd.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 95744 c:\windows\system32\mqsec.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 95744 c:\windows\system32\mqsec.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 16896 c:\windows\system32\mqise.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 16896 c:\windows\system32\mqise.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 47104 c:\windows\system32\mqdscli.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 47104 c:\windows\system32\mqdscli.dll
+ 2006-03-16 04:00 . 2009-06-22 11:49 19968 c:\windows\system32\mqbkup.exe
- 2006-03-16 04:00 . 2006-03-16 04:00 19968 c:\windows\system32\mqbkup.exe
+ 2006-06-22 16:44 . 2006-06-22 16:44 20480 c:\windows\system32\Macromed\Flash\UninstFl.exe
- 2009-09-25 23:43 . 2009-09-25 23:43 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-09-25 23:43 . 2010-02-15 01:14 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2005-08-04 09:29 . 2005-08-04 09:29 96768 c:\windows\system32\logagent.exe
+ 2005-08-04 09:29 . 2008-06-11 07:47 96768 c:\windows\system32\logagent.exe
- 2006-03-16 04:00 . 2007-12-07 00:44 16384 c:\windows\system32\jsproxy.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 16384 c:\windows\system32\jsproxy.dll
- 2005-07-03 10:11 . 2007-12-07 00:44 96256 c:\windows\system32\inseng.dll
+ 2005-07-03 10:11 . 2009-12-22 05:35 96256 c:\windows\system32\inseng.dll
+ 2006-03-16 04:00 . 2009-10-21 06:00 25088 c:\windows\system32\httpapi.dll
+ 2005-10-18 05:14 . 2009-10-15 17:21 82432 c:\windows\system32\fontsub.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 55808 c:\windows\system32\extmgr.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 55808 c:\windows\system32\extmgr.dll
+ 2009-11-11 19:29 . 2009-09-03 14:45 70408 c:\windows\system32\drivers\pctplsg.sys
+ 2009-11-11 19:30 . 2009-10-06 21:31 87784 c:\windows\system32\drivers\PCTAppEvent.sys
+ 2006-03-16 04:00 . 2009-06-22 11:48 91776 c:\windows\system32\drivers\mqac.sys
+ 2006-03-16 04:00 . 2009-06-22 11:34 92544 c:\windows\system32\drivers\ksecdd.sys
+ 2006-03-16 04:00 . 2009-08-07 00:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2006-03-16 04:00 . 2009-08-07 00:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2006-03-16 04:00 . 2009-06-25 08:44 59392 c:\windows\system32\dllcache\wdigest.dll
+ 2006-03-16 04:00 . 2009-06-12 11:50 80896 c:\windows\system32\dllcache\tlntsess.exe
+ 2006-03-16 04:00 . 2009-06-12 11:50 76288 c:\windows\system32\dllcache\telnet.exe
+ 2006-03-16 04:00 . 2009-10-21 06:00 75776 c:\windows\system32\dllcache\strmfilt.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2006-03-16 04:00 . 2009-06-25 08:44 56320 c:\windows\system32\dllcache\secur32.dll
+ 2006-03-16 04:00 . 2009-02-06 16:54 35328 c:\windows\system32\dllcache\sc.exe
+ 2006-03-16 04:00 . 2009-10-12 13:54 69632 c:\windows\system32\dllcache\raschap.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 69632 c:\windows\system32\dllcache\raschap.dll
- 2005-07-03 10:11 . 2007-12-07 00:44 39424 c:\windows\system32\dllcache\pngfilt.dll
+ 2005-07-03 10:11 . 2009-12-22 05:35 39424 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-03-16 04:00 . 2008-06-12 14:16 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2006-03-16 04:00 . 2008-06-12 14:16 66560 c:\windows\system32\dllcache\mtxclu.dll
- 2006-03-16 04:00 . 2006-03-02 03:42 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2006-03-16 04:00 . 2009-11-27 17:04 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2006-03-16 04:00 . 2009-11-27 16:37 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2006-03-16 04:00 . 2009-11-27 16:37 11264 c:\windows\system32\dllcache\msrle32.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 11264 c:\windows\system32\dllcache\msrle32.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2006-03-16 04:00 . 2008-06-12 14:16 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2006-03-16 04:00 . 2008-06-24 16:23 74240 c:\windows\system32\dllcache\mscms.dll
- 2006-03-16 04:00 . 2005-06-29 09:46 74240 c:\windows\system32\dllcache\mscms.dll
+ 2006-03-16 04:00 . 2009-09-04 20:45 58880 c:\windows\system32\dllcache\msasn1.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 48640 c:\windows\system32\dllcache\mqupgrd.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 48640 c:\windows\system32\dllcache\mqupgrd.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 95744 c:\windows\system32\dllcache\mqsec.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 95744 c:\windows\system32\dllcache\mqsec.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 16896 c:\windows\system32\dllcache\mqise.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 16896 c:\windows\system32\dllcache\mqise.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 47104 c:\windows\system32\dllcache\mqdscli.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 47104 c:\windows\system32\dllcache\mqdscli.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 19968 c:\windows\system32\dllcache\mqbkup.exe
+ 2006-03-16 04:00 . 2009-06-22 11:49 19968 c:\windows\system32\dllcache\mqbkup.exe
+ 2006-03-16 04:00 . 2009-06-22 11:48 91776 c:\windows\system32\dllcache\mqac.sys
+ 2005-08-04 09:29 . 2008-06-11 07:47 96768 c:\windows\system32\dllcache\logagent.exe
- 2005-08-04 09:29 . 2005-08-04 09:29 96768 c:\windows\system32\dllcache\logagent.exe
+ 2006-03-16 04:00 . 2009-06-22 11:34 92544 c:\windows\system32\dllcache\ksecdd.sys
+ 2006-03-16 04:00 . 2009-12-22 05:35 16384 c:\windows\system32\dllcache\jsproxy.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 16384 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-03-16 04:00 . 2009-11-27 16:37 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2005-07-03 10:11 . 2009-12-22 05:35 96256 c:\windows\system32\dllcache\inseng.dll
- 2005-07-03 10:11 . 2007-12-07 00:44 96256 c:\windows\system32\dllcache\inseng.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 81920 c:\windows\system32\dllcache\ieencode.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 81920 c:\windows\system32\dllcache\ieencode.dll
- 2005-07-03 07:33 . 2007-12-06 10:05 18432 c:\windows\system32\dllcache\iedw.exe
+ 2005-07-03 07:33 . 2009-12-16 13:35 18432 c:\windows\system32\dllcache\iedw.exe
+ 2006-03-16 04:00 . 2009-10-21 06:00 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2005-10-18 05:14 . 2009-10-15 17:21 82432 c:\windows\system32\dllcache\fontsub.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 55808 c:\windows\system32\dllcache\extmgr.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 55808 c:\windows\system32\dllcache\extmgr.dll
+ 2006-03-16 04:00 . 2009-12-14 07:35 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2006-03-16 04:00 . 2009-08-07 00:24 96480 c:\windows\system32\dllcache\cdm.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2006-03-16 04:00 . 2009-11-27 16:37 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2006-03-16 04:00 . 2009-07-17 18:55 58880 c:\windows\system32\dllcache\atl.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 58880 c:\windows\system32\dllcache\atl.dll
- 2009-02-26 23:58 . 2009-10-08 03:00 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-02-26 23:58 . 2009-11-25 17:46 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2006-03-16 04:00 . 2009-08-07 00:24 96480 c:\windows\system32\cdm.dll
+ 2006-03-16 04:00 . 2009-07-17 18:55 58880 c:\windows\system32\atl.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 58880 c:\windows\system32\atl.dll
+ 2009-10-14 07:39 . 2009-10-14 07:39 73216 c:\windows\ST6UNST.EXE
+ 1999-01-12 16:35 . 1999-01-12 16:35 53760 c:\windows\speech\WrapSAPI.dll
+ 2009-06-25 00:56 . 2009-06-25 00:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-14 03:58 . 2007-04-14 03:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-28 05:49 . 2008-05-28 05:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-14 03:57 . 2007-04-14 03:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-28 05:49 . 2008-05-28 05:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-28 05:49 . 2008-05-28 05:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-14 03:57 . 2007-04-14 03:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-28 06:30 . 2008-05-28 06:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-14 04:30 . 2007-04-14 04:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2004-09-30 02:11 . 2009-06-24 17:56 86016 c:\windows\Microsoft.NET\Framework\v1.0.3705\ToGac.exe
+ 2004-10-08 01:36 . 2009-06-24 17:56 73728 c:\windows\Microsoft.NET\Framework\v1.0.3705\SetRegNI.exe
+ 2004-08-04 13:12 . 2009-06-24 03:01 86016 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorld.dll
- 2004-08-04 13:12 . 2007-01-02 23:29 86016 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorld.dll
- 2004-08-04 13:12 . 2007-01-02 23:29 73728 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorie.dll
+ 2004-08-04 13:12 . 2009-06-24 03:01 73728 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorie.dll
+ 2004-08-04 13:11 . 2009-06-24 03:12 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe
- 2004-08-04 13:11 . 2007-01-02 23:34 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe
- 2002-06-22 08:31 . 2002-06-22 08:31 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe
+ 2002-06-22 08:31 . 2009-06-24 03:12 32768 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe
+ 2010-02-08 18:02 . 2010-02-08 18:02 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2010-02-17 21:51 . 2010-02-17 21:51 40960 c:\windows\Installer\{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}\TAgent_Shortcut_DDDD90B280F2413A8A8E38C5076A7DBA.exe
+ 2010-02-17 21:51 . 2010-02-17 21:51 65536 c:\windows\Installer\{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
+ 2010-02-17 21:51 . 2010-02-17 21:51 49152 c:\windows\Installer\{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}\Setuplog_Shortcut_DDDD90B280F2413A8A8E38C5076A7DBA.exe
+ 2010-02-17 21:51 . 2010-02-17 21:51 49152 c:\windows\Installer\{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}\NatSpeakD_Shortcut_DDDD90B280F2413A8A8E38C5076A7DBA.exe
+ 2010-02-17 21:51 . 2010-02-17 21:51 49152 c:\windows\Installer\{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}\NatSpeak_Shortcut_DDDD90B280F2413A8A8E38C5076A7DBA.exe
+ 2010-02-17 21:51 . 2010-02-17 21:51 49152 c:\windows\Installer\{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}\Dragonlog_Shortcut_DDDD90B280F2413A8A8E38C5076A7DBA.exe
+ 2010-02-17 21:51 . 2010-02-17 21:51 49152 c:\windows\Installer\{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}\ARPPRODUCTICON.exe
+ 2010-02-08 18:03 . 2010-02-08 18:03 32768 c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2009-11-27 17:04 . 2009-11-27 17:04 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:37 . 2009-11-27 16:37 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-02-08 19:15 . 2010-02-08 19:15 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f2025c05\System.Drawing.Design.dll
+ 2010-02-08 19:15 . 2010-02-08 19:15 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_06da96da\CustomMarshalers.dll
+ 2010-02-08 18:01 . 2010-02-08 18:01 90112 c:\windows\assembly\NativeImages1_v1.0.3705\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a_90667e44\System.Drawing.Design.dll
+ 2010-02-08 18:00 . 2010-02-08 18:00 61440 c:\windows\assembly\NativeImages1_v1.0.3705\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a_ee3aaf3c\CustomMarshalers.dll
+ 2010-02-08 20:13 . 2010-02-08 20:13 81920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e299fd71b4c71854673c47f85b4cf180\Microsoft.Build.Framework.ni.dll
+ 2010-02-08 20:07 . 2010-02-08 20:07 15360 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\662febc2f309e92a880682f527f4e426\dfsvc.ni.exe
+ 2010-02-08 20:07 . 2010-02-08 20:07 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1a67452bf4558b2574698b6008e7af74\Accessibility.ni.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 90112 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 90112 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 77824 c:\windows\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\SonicMCEBurnEngine.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 77824 c:\windows\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\SonicMCEBurnEngine.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 45056 c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 45056 c:\windows\assembly\GAC\Microsoft.MediaCenter\6.0.3100.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 53248 c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3856ad364e35\ehiWUapi.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 53248 c:\windows\assembly\GAC\ehiWUapi\6.0.3000.0__31bf3856ad364e35\ehiWUapi.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 18944 c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 18944 c:\windows\assembly\GAC\ehiUserXp\6.0.3000.0__31bf3856ad364e35\ehiuserxp.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 73728 c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\ehiExtens.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 73728 c:\windows\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\ehiExtens.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2006-03-16 04:00 . 2009-06-22 11:49 4608 c:\windows\system32\mqsvc.exe
- 2006-03-16 04:00 . 2006-03-16 04:00 4608 c:\windows\system32\mqsvc.exe
+ 2006-03-16 04:00 . 2009-11-27 16:37 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2006-03-16 04:00 . 2009-06-22 11:49 4608 c:\windows\system32\dllcache\mqsvc.exe
- 2006-03-16 04:00 . 2006-03-16 04:00 4608 c:\windows\system32\dllcache\mqsvc.exe
+ 2004-07-20 09:54 . 2009-06-29 16:57 8192 c:\windows\Microsoft.NET\Framework\v1.0.3705\IEExec.exe
- 2004-07-20 09:54 . 2007-01-02 23:29 8192 c:\windows\Microsoft.NET\Framework\v1.0.3705\IEExec.exe
+ 2009-11-27 16:37 . 2009-11-27 16:37 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-04-03 05:39 . 2008-04-03 05:39 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-04-03 05:39 . 2008-04-03 05:39 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 8192 c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\ehiExtCOM.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 8192 c:\windows\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\ehiExtCOM.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-12 05:02 . 2009-07-12 05:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2010-01-29 21:16 . 2010-01-29 21:16 451072 c:\windows\WinAVI Video Converter 9.0\uninstall.exe
+ 2006-02-01 08:28 . 2009-12-16 13:33 352768 c:\windows\system32\xpsp3res.dll
+ 2006-03-16 04:00 . 2009-08-07 00:24 209632 c:\windows\system32\wuweb.dll
+ 2006-03-16 04:00 . 2009-08-07 00:24 327896 c:\windows\system32\wucltui.dll
+ 2006-03-16 04:00 . 2009-08-07 00:23 575704 c:\windows\system32\wuapi.dll
+ 2005-08-04 09:29 . 2009-04-10 06:01 413544 c:\windows\system32\wmspdmod.dll
+ 2006-03-16 04:00 . 2009-07-13 15:08 286720 c:\windows\system32\wmpdxm.dll
- 2005-08-04 09:29 . 2005-08-04 09:29 988672 c:\windows\system32\wmnetmgr.dll
+ 2005-08-04 09:29 . 2008-06-11 07:58 988672 c:\windows\system32\WMNetmgr.dll
+ 2006-03-16 04:00 . 2009-06-10 06:32 132096 c:\windows\system32\wkssvc.dll
- 2006-03-16 04:00 . 2006-08-17 12:28 132096 c:\windows\system32\wkssvc.dll
+ 2006-03-16 04:00 . 2009-08-25 09:47 352256 c:\windows\system32\winhttp.dll
+ 2006-03-16 04:00 . 2009-02-06 16:39 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2006-03-16 04:00 . 2009-02-09 10:20 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2006-03-16 04:00 . 2009-02-09 10:20 473088 c:\windows\system32\wbem\fastprox.dll
+ 2006-03-16 04:00 . 2007-12-18 14:40 417792 c:\windows\system32\vbscript.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 628224 c:\windows\system32\urlmon.dll
+ 2005-10-18 05:14 . 2009-10-16 03:51 119808 c:\windows\system32\t2embed.dll
+ 2006-03-16 04:00 . 2009-08-26 08:16 247326 c:\windows\system32\strmdll.dll
+ 2006-03-16 04:00 . 2009-12-08 08:59 474112 c:\windows\system32\shlwapi.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 474112 c:\windows\system32\shlwapi.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 169472 c:\windows\system32\Setup\msmqocm.dll
+ 2006-03-16 04:00 . 2009-02-06 17:14 110592 c:\windows\system32\services.exe
+ 2006-03-16 04:00 . 2009-06-25 08:44 168448 c:\windows\system32\schannel.dll
+ 2006-03-16 04:00 . 2005-08-06 05:01 282112 c:\windows\system32\sbe(2).dll
+ 2006-03-16 04:00 . 2009-02-09 10:20 399360 c:\windows\system32\rpcss.dll
+ 2006-03-16 04:00 . 2009-04-15 15:11 584192 c:\windows\system32\rpcrt4.dll
- 2006-03-16 04:00 . 2007-07-09 13:09 584192 c:\windows\system32\rpcrt4.dll
+ 2008-01-26 03:28 . 2010-02-20 03:27 151636 c:\windows\system32\Restore\rstrlog.dat
- 2006-03-16 04:00 . 2006-03-16 04:00 112128 c:\windows\system32\rastls.dll
+ 2006-03-16 04:00 . 2009-10-12 13:54 112128 c:\windows\system32\rastls.dll
- 2006-06-29 18:27 . 2009-09-11 19:56 417616 c:\windows\system32\perfh009.dat
+ 2006-06-29 18:27 . 2010-02-10 08:24 417616 c:\windows\system32\perfh009.dat
+ 2006-03-16 04:00 . 2009-03-06 14:44 283648 c:\windows\system32\pdh.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 283648 c:\windows\system32\pdh.dll
+ 2006-03-16 04:00 . 2009-10-13 10:53 266752 c:\windows\system32\oakley.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 266752 c:\windows\system32\oakley.dll
+ 2006-03-16 04:00 . 2009-02-09 10:20 714752 c:\windows\system32\ntdll.dll
+ 2006-03-16 04:00 . 2008-10-15 16:57 332800 c:\windows\system32\netapi32.dll
+ 2007-07-31 02:18 . 2009-08-07 00:23 215920 c:\windows\system32\muweb.dll
+ 2007-10-25 06:59 . 2009-08-07 00:23 274288 c:\windows\system32\mucltui.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 245248 c:\windows\system32\mswsock.dll
+ 2006-03-16 04:00 . 2008-06-20 17:41 245248 c:\windows\system32\mswsock.dll
+ 2006-03-16 04:00 . 2009-08-05 09:11 204800 c:\windows\system32\mswebdvd.dll
+ 2006-03-16 04:00 . 2009-09-11 14:33 133632 c:\windows\system32\msv1_0.dll
+ 2006-03-16 04:00 . 2009-06-05 07:42 655872 c:\windows\system32\mstscax.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 532480 c:\windows\system32\mstime.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 532480 c:\windows\system32\mstime.dll
- 2005-07-03 10:11 . 2007-12-07 00:44 146432 c:\windows\system32\msrating.dll
+ 2005-07-03 10:11 . 2009-12-22 05:35 146432 c:\windows\system32\msrating.dll
+ 2005-07-03 10:11 . 2009-12-22 05:35 449024 c:\windows\system32\mshtmled.dll
- 2005-07-03 10:11 . 2007-12-07 00:44 449024 c:\windows\system32\mshtmled.dll
+ 2006-03-02 03:42 . 2008-06-12 14:16 161792 c:\windows\system32\msdtcuiu.dll
+ 2006-03-16 04:00 . 2008-06-12 14:16 956928 c:\windows\system32\msdtctm.dll
+ 2006-03-16 04:00 . 2008-06-12 14:16 428032 c:\windows\system32\msdtcprx.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 471552 c:\windows\system32\mqutil.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 471552 c:\windows\system32\mqutil.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 186880 c:\windows\system32\mqtrig.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 186880 c:\windows\system32\mqtrig.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 117248 c:\windows\system32\mqtgsvc.exe
+ 2006-03-16 04:00 . 2009-06-22 11:49 117248 c:\windows\system32\mqtgsvc.exe
+ 2006-03-16 04:00 . 2009-06-25 18:36 517120 c:\windows\system32\mqsnap.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 123392 c:\windows\system32\mqrtdep.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 123392 c:\windows\system32\mqrtdep.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 177152 c:\windows\system32\mqrt.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 177152 c:\windows\system32\mqrt.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 661504 c:\windows\system32\mqqm.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 225280 c:\windows\system32\mqoa.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 225280 c:\windows\system32\mqoa.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 138240 c:\windows\system32\mqad.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 138240 c:\windows\system32\mqad.dll
+ 2010-01-27 01:07 . 2010-01-27 01:07 256280 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2006-06-22 18:44 . 2006-06-22 18:44 128648 c:\windows\system32\Macromed\Flash\GetFlash.exe
+ 2006-03-16 04:00 . 2009-06-25 08:44 724480 c:\windows\system32\lsasrv.dll
+ 2006-03-16 04:00 . 2009-05-07 15:44 344064 c:\windows\system32\localspl.dll
+ 2005-11-05 23:34 . 2005-11-05 23:34 145408 c:\windows\system32\Lame.exe
+ 2006-03-16 04:00 . 2009-03-21 14:18 986112 c:\windows\system32\kernel32.dll
+ 2006-03-16 04:00 . 2009-06-25 08:44 298496 c:\windows\system32\kerberos.dll
- 2006-03-16 04:00 . 2007-11-14 07:26 450560 c:\windows\system32\jscript.dll
+ 2006-03-16 04:00 . 2009-08-21 09:46 450560 c:\windows\system32\jscript.dll
+ 2006-03-16 04:00 . 2008-04-11 18:50 683520 c:\windows\system32\inetcomm.dll
- 2006-03-16 04:00 . 2007-08-21 06:15 683520 c:\windows\system32\inetcomm.dll
- 2006-01-25 10:54 . 2007-12-07 00:44 251904 c:\windows\system32\iepeers.dll
+ 2006-01-25 10:54 . 2009-12-22 05:35 251904 c:\windows\system32\iepeers.dll
+ 2006-06-29 22:19 . 2006-06-29 22:19 135168 c:\windows\system32\id3vx_ocx.dll
+ 2006-03-16 04:00 . 2008-10-23 13:01 283648 c:\windows\system32\gdi32.dll
+ 2006-06-29 18:18 . 2010-02-08 23:58 443720 c:\windows\system32\FNTCACHE.DAT
- 2006-06-29 18:18 . 2009-09-15 23:30 443720 c:\windows\system32\FNTCACHE.DAT
+ 2006-03-16 04:00 . 2008-07-07 20:32 253952 c:\windows\system32\es.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 205312 c:\windows\system32\dxtrans.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 357888 c:\windows\system32\dxtmsft.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 357888 c:\windows\system32\dxtmsft.dll
+ 2006-03-16 04:00 . 2008-06-20 09:52 225920 c:\windows\system32\drivers\tcpip6.sys
+ 2006-01-13 10:28 . 2008-06-20 10:45 360320 c:\windows\system32\drivers\tcpip.sys
+ 2006-03-16 04:00 . 2008-05-08 12:28 202752 c:\windows\system32\drivers\rmcast.sys
+ 2009-11-11 19:30 . 2009-09-24 13:55 229304 c:\windows\system32\drivers\pctgntdi.sys
+ 2009-11-11 19:30 . 2009-09-23 21:10 207280 c:\windows\system32\drivers\PCTCore.sys
+ 2009-06-18 23:48 . 2009-06-18 23:48 142832 c:\windows\system32\drivers\MpFilter.sys
+ 2006-03-16 04:00 . 2009-10-20 14:58 263552 c:\windows\system32\drivers\http.sys
+ 2006-03-16 04:00 . 2008-08-14 09:51 138368 c:\windows\system32\drivers\afd.sys
+ 2006-03-16 04:00 . 2008-06-20 17:41 148992 c:\windows\system32\dnsapi.dll
+ 2006-03-16 04:00 . 2009-08-07 00:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2006-03-16 04:00 . 2009-08-07 00:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2006-03-16 04:00 . 2009-08-07 00:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2006-03-16 04:00 . 2008-04-21 10:02 215552 c:\windows\system32\dllcache\wordpad.exe
+ 2005-08-04 09:29 . 2009-04-10 06:01 413544 c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-03-16 04:00 . 2009-07-13 15:08 286720 c:\windows\system32\dllcache\wmpdxm.dll
+ 2005-08-04 09:29 . 2008-06-11 07:58 988672 c:\windows\system32\dllcache\WMNetmgr.dll
- 2005-08-04 09:29 . 2005-08-04 09:29 988672 c:\windows\system32\dllcache\wmnetmgr.dll
+ 2006-03-16 04:00 . 2009-02-06 16:39 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2006-03-16 04:00 . 2009-02-09 10:20 453120 c:\windows\system32\dllcache\wmiprvsd.dll
- 2006-03-16 04:00 . 2006-08-17 12:28 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2006-03-16 04:00 . 2009-06-10 06:32 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 668672 c:\windows\system32\dllcache\wininet.dll
+ 2006-03-16 04:00 . 2009-08-25 09:47 352256 c:\windows\system32\dllcache\winhttp.dll
+ 2006-03-16 04:00 . 2007-12-18 14:40 417792 c:\windows\system32\dllcache\vbscript.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 628224 c:\windows\system32\dllcache\urlmon.dll
+ 2006-03-16 04:00 . 2009-06-21 22:04 153088 c:\windows\system32\dllcache\triedit.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 153088 c:\windows\system32\dllcache\triedit.dll
+ 2006-03-16 04:00 . 2008-06-20 09:52 225920 c:\windows\system32\dllcache\tcpip6.sys
+ 2006-01-13 10:28 . 2008-06-20 10:45 360320 c:\windows\system32\dllcache\tcpip.sys
+ 2005-10-18 05:14 . 2009-10-16 03:51 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2006-03-16 04:00 . 2009-08-26 08:16 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2005-05-10 08:17 . 2009-12-31 16:14 352640 c:\windows\system32\dllcache\srv.sys
- 2006-03-16 04:00 . 2007-12-07 00:44 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2006-03-16 04:00 . 2009-12-08 08:59 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2006-03-16 04:00 . 2009-02-06 17:14 110592 c:\windows\system32\dllcache\services.exe
+ 2006-03-16 04:00 . 2009-06-25 08:44 168448 c:\windows\system32\dllcache\schannel.dll
+ 2006-03-16 04:00 . 2009-02-09 10:20 399360 c:\windows\system32\dllcache\rpcss.dll
+ 2006-03-16 04:00 . 2009-04-15 15:11 584192 c:\windows\system32\dllcache\rpcrt4.dll
- 2006-03-16 04:00 . 2007-07-09 13:09 584192 c:\windows\system32\dllcache\rpcrt4.dll
+ 2006-03-16 04:00 . 2008-05-08 12:28 202752 c:\windows\system32\dllcache\rmcast.sys
- 2006-03-16 04:00 . 2006-03-16 04:00 112128 c:\windows\system32\dllcache\rastls.dll
+ 2006-03-16 04:00 . 2009-10-12 13:54 112128 c:\windows\system32\dllcache\rastls.dll
+ 2006-03-16 04:00 . 2009-03-06 14:44 283648 c:\windows\system32\dllcache\pdh.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 283648 c:\windows\system32\dllcache\pdh.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 266752 c:\windows\system32\dllcache\oakley.dll
+ 2006-03-16 04:00 . 2009-10-13 10:53 266752 c:\windows\system32\dllcache\oakley.dll
+ 2006-03-16 04:00 . 2009-02-09 10:20 714752 c:\windows\system32\dllcache\ntdll.dll
+ 2006-03-16 04:00 . 2008-10-15 16:57 332800 c:\windows\system32\dllcache\netapi32.dll
+ 2006-03-16 04:00 . 2008-06-20 17:41 245248 c:\windows\system32\dllcache\mswsock.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2006-03-16 04:00 . 2009-08-05 09:11 204800 c:\windows\system32\dllcache\mswebdvd.dll
+ 2006-03-16 04:00 . 2009-09-11 14:33 133632 c:\windows\system32\dllcache\msv1_0.dll
+ 2006-03-16 04:00 . 2009-06-05 07:42 655872 c:\windows\system32\dllcache\mstscax.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 532480 c:\windows\system32\dllcache\mstime.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 532480 c:\windows\system32\dllcache\mstime.dll
- 2005-07-03 10:11 . 2007-12-07 00:44 146432 c:\windows\system32\dllcache\msrating.dll
+ 2005-07-03 10:11 . 2009-12-22 05:35 146432 c:\windows\system32\dllcache\msrating.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 343040 c:\windows\system32\dllcache\mspaint.exe
+ 2006-03-16 04:00 . 2009-12-16 12:58 343040 c:\windows\system32\dllcache\mspaint.exe
+ 2006-03-16 04:00 . 2009-06-25 18:36 169472 c:\windows\system32\dllcache\msmqocm.dll
+ 2005-07-03 10:11 . 2009-12-22 05:35 449024 c:\windows\system32\dllcache\mshtmled.dll
- 2005-07-03 10:11 . 2007-12-07 00:44 449024 c:\windows\system32\dllcache\mshtmled.dll
+ 2006-03-02 03:42 . 2008-06-12 14:16 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2006-03-16 04:00 . 2008-06-12 14:16 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2006-03-16 04:00 . 2008-06-12 14:16 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2006-03-16 04:00 . 2008-05-01 14:30 331776 c:\windows\system32\dllcache\msadce.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 331776 c:\windows\system32\dllcache\msadce.dll
+ 2005-01-19 12:26 . 2009-12-04 14:41 453760 c:\windows\system32\dllcache\mrxsmb.sys
+ 2006-03-16 04:00 . 2009-06-25 18:36 471552 c:\windows\system32\dllcache\mqutil.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 471552 c:\windows\system32\dllcache\mqutil.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 186880 c:\windows\system32\dllcache\mqtrig.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 186880 c:\windows\system32\dllcache\mqtrig.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 117248 c:\windows\system32\dllcache\mqtgsvc.exe
+ 2006-03-16 04:00 . 2009-06-22 11:49 117248 c:\windows\system32\dllcache\mqtgsvc.exe
+ 2006-03-16 04:00 . 2009-06-25 18:36 517120 c:\windows\system32\dllcache\mqsnap.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 123392 c:\windows\system32\dllcache\mqrtdep.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 123392 c:\windows\system32\dllcache\mqrtdep.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 177152 c:\windows\system32\dllcache\mqrt.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 177152 c:\windows\system32\dllcache\mqrt.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 661504 c:\windows\system32\dllcache\mqqm.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 225280 c:\windows\system32\dllcache\mqoa.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 225280 c:\windows\system32\dllcache\mqoa.dll
+ 2006-03-16 04:00 . 2009-06-25 18:36 138240 c:\windows\system32\dllcache\mqad.dll
- 2006-03-16 04:00 . 2007-07-06 12:46 138240 c:\windows\system32\dllcache\mqad.dll
+ 2006-03-16 04:00 . 2009-06-25 08:44 724480 c:\windows\system32\dllcache\lsasrv.dll
+ 2006-03-16 04:00 . 2009-05-07 15:44 344064 c:\windows\system32\dllcache\localspl.dll
+ 2006-03-16 04:00 . 2009-03-21 14:18 986112 c:\windows\system32\dllcache\kernel32.dll
+ 2006-03-16 04:00 . 2009-06-25 08:44 298496 c:\windows\system32\dllcache\kerberos.dll
+ 2006-03-16 04:00 . 2009-08-21 09:46 450560 c:\windows\system32\dllcache\jscript.dll
- 2006-03-16 04:00 . 2007-11-14 07:26 450560 c:\windows\system32\dllcache\jscript.dll
- 2006-03-16 04:00 . 2007-08-21 06:15 683520 c:\windows\system32\dllcache\inetcomm.dll
+ 2006-03-16 04:00 . 2008-04-11 18:50 683520 c:\windows\system32\dllcache\inetcomm.dll
+ 2006-01-25 10:54 . 2009-12-22 05:35 251904 c:\windows\system32\dllcache\iepeers.dll
- 2006-01-25 10:54 . 2007-12-07 00:44 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2006-03-16 04:00 . 2009-10-20 14:58 263552 c:\windows\system32\dllcache\http.sys
+ 2006-03-16 04:00 . 2008-10-23 13:01 283648 c:\windows\system32\dllcache\gdi32.dll
+ 2006-03-16 04:00 . 2009-02-09 10:20 473088 c:\windows\system32\dllcache\fastprox.dll
+ 2006-03-16 04:00 . 2008-07-07 20:32 253952 c:\windows\system32\dllcache\es.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 205312 c:\windows\system32\dllcache\dxtrans.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 357888 c:\windows\system32\dllcache\dxtmsft.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 357888 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-03-16 04:00 . 2008-06-20 17:41 148992 c:\windows\system32\dllcache\dnsapi.dll
+ 2005-07-03 10:11 . 2009-12-22 05:35 151040 c:\windows\system32\dllcache\cdfview.dll
- 2005-07-03 10:11 . 2007-12-07 00:44 151040 c:\windows\system32\dllcache\cdfview.dll
+ 2008-04-12 15:58 . 2008-06-13 13:10 272128 c:\windows\system32\dllcache\bthport.sys
+ 2006-03-16 04:00 . 2008-08-14 09:51 138368 c:\windows\system32\dllcache\afd.sys
+ 2006-03-16 04:00 . 2009-02-09 10:20 616960 c:\windows\system32\dllcache\advapi32.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 616960 c:\windows\system32\dllcache\advapi32.dll
+ 2006-03-16 04:00 . 2009-11-21 16:36 470528 c:\windows\system32\dllcache\aclayers.dll
+ 2005-07-03 10:11 . 2009-12-22 05:35 151040 c:\windows\system32\cdfview.dll
- 2005-07-03 10:11 . 2007-12-07 00:44 151040 c:\windows\system32\cdfview.dll
+ 2008-10-13 00:58 . 2009-10-14 07:21 323584 c:\windows\system32\AUDIOGENIE2.DLL
- 2008-10-13 00:58 . 2009-09-17 05:14 323584 c:\windows\system32\AUDIOGENIE2.DLL
+ 2006-03-16 04:00 . 2009-02-09 10:20 616960 c:\windows\system32\advapi32.dll
- 2006-03-16 04:00 . 2006-03-16 04:00 616960 c:\windows\system32\advapi32.dll
+ 1999-01-12 20:19 . 1999-01-12 20:19 195584 c:\windows\speech\Xvoice.dll
+ 1999-01-12 20:19 . 1999-01-12 20:19 203776 c:\windows\speech\XTel.Dll
+ 1999-01-12 20:19 . 1999-01-12 20:19 208896 c:\windows\speech\Xlisten.dll
+ 1999-01-12 20:19 . 1999-01-12 20:19 128000 c:\windows\speech\Xcommand.dll
+ 1999-01-12 20:19 . 1999-01-12 20:19 173056 c:\windows\speech\VText.dll
+ 1999-01-12 20:19 . 1999-01-12 20:19 179712 c:\windows\speech\Vdict.dll
+ 1999-01-12 20:19 . 1999-01-12 20:19 156160 c:\windows\speech\vcmshl.dll
+ 1999-01-12 20:09 . 1999-01-12 20:09 380928 c:\windows\speech\vcmd.exe
+ 1999-01-12 20:19 . 1999-01-12 20:19 562176 c:\windows\speech\speech.dll
+ 1999-01-12 20:19 . 1999-01-12 20:19 248832 c:\windows\speech\spchtel.dll
+ 2009-10-14 07:39 . 2009-10-14 07:39 245760 c:\windows\Setup1.exe
+ 2009-08-08 07:35 . 2009-08-08 07:35 819016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2007-04-14 03:58 . 2007-04-14 03:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-28 05:49 . 2008-05-28 05:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-28 05:48 . 2008-05-28 05:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 03:56 . 2007-04-14 03:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 04:30 . 2007-04-14 04:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-28 06:30 . 2008-05-28 06:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2004-07-20 09:54 . 2004-07-20 09:54 303104 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll
+ 2004-07-20 09:54 . 2009-06-24 02:59 303104 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll
- 2004-08-04 13:11 . 2007-01-02 23:34 200704 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll
+ 2004-08-04 13:11 . 2009-06-24 03:12 200704 c:\windows\Microsoft.NET\Framework\v1.0.3705\aspnet_isapi.dll
+ 2009-11-11 19:29 . 2009-11-11 19:29 228352 c:\windows\Installer\f4b27c.msi
+ 2010-02-08 18:56 . 2010-02-08 18:56 195584 c:\windows\Installer\82c6ad.msi
+ 2010-02-17 21:35 . 2010-02-17 21:35 213504 c:\windows\Installer\5121817.msi
+ 2010-02-08 18:03 . 2010-02-08 18:03 432640 c:\windows\Installer\51128c.msi
+ 2010-02-08 18:02 . 2010-02-08 18:02 429568 c:\windows\Installer\51127f.msi
+ 2010-02-08 17:48 . 2010-02-08 17:48 248832 c:\windows\Installer\43ac03.msi
+ 2010-02-08 16:38 . 2010-02-08 16:38 259072 c:\windows\Installer\31012.msi
+ 2010-02-08 16:38 . 2010-02-08 16:38 211968 c:\windows\Installer\3100c.msi
+ 2010-02-08 16:37 . 2010-02-08 16:37 301056 c:\windows\Installer\31006.msi
+ 2010-02-08 23:13 . 2010-02-08 23:13 969728 c:\windows\Installer\16df911.msi
+ 2005-12-16 03:14 . 2005-12-16 03:14 237568 c:\windows\ehome\ehrecvr(2).exe
+ 2004-08-10 19:11 . 2009-08-18 15:55 179712 c:\windows\ehome\ehkeyctl.dll
+ 2005-01-19 12:26 . 2009-12-04 14:41 453760 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2006-03-17 00:33 . 2009-10-20 14:58 263552 c:\windows\Driver Cache\i386\http.sys
+ 2010-02-08 16:58 . 2008-06-13 13:10 272128 c:\windows\Driver Cache\i386\bthport.sys
+ 2010-02-08 19:16 . 2010-02-08 19:16 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7450a98b\System.Drawing.dll
+ 2010-02-08 19:16 . 2010-02-08 19:16 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_01c68123\System.Drawing.Design.dll
+ 2010-02-08 19:16 . 2010-02-08 19:16 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_4cce0e9c\CustomMarshalers.dll
+ 2010-02-08 18:01 . 2010-02-08 18:01 847872 c:\windows\assembly\NativeImages1_v1.0.3705\System.Drawing\1.0.3300.0__b03f5f7f11d50a3a_a7d6adf5\System.Drawing.dll
+ 2010-02-08 20:15 . 2010-02-08 20:15 237568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6b8f2e778eba3931057217c2512b201c\System.Web.RegularExpressions.ni.dll
+ 2010-02-08 20:14 . 2010-02-08 20:14 684032 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4bdd3ce8337c4619dfb09de5ab3f9b62\System.Transactions.ni.dll
+ 2010-02-08 20:14 . 2010-02-08 20:14 233472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\47d862e0dc37c830cc3397decf6c0590\System.ServiceProcess.ni.dll
+ 2010-02-08 20:14 . 2010-02-08 20:14 733184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\428a3be3d5be01f129e0effdc455d831\System.Security.ni.dll
+ 2010-02-08 20:14 . 2010-02-08 20:14 294912 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff85d9d54701c8cde7b513ff808fd5e3\System.EnterpriseServices.Wrapper.dll
+ 2010-02-08 20:14 . 2010-02-08 20:14 659456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff85d9d54701c8cde7b513ff808fd5e3\System.EnterpriseServices.ni.dll
+ 2010-02-08 20:03 . 2010-02-08 20:03 229376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\4593151ab44d4f61e4cafaf9e77a8d25\System.Drawing.Design.ni.dll
+ 2010-02-08 20:14 . 2010-02-08 20:14 512000 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\135aa2f31c01565700d44313b925a205\System.DirectoryServices.Protocols.ni.dll
+ 2010-02-08 20:13 . 2010-02-08 20:13 167936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ab1dd1079764acac4cbe55d6555f4ff7\Microsoft.Build.Utilities.ni.dll
+ 2010-02-08 20:13 . 2010-02-08 20:13 876544 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9e2334dbe9e76dd6fc2bde86c9b515b9\Microsoft.Build.Engine.ni.dll
+ 2010-02-08 20:07 . 2010-02-08 20:07 237568 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\58ec7ce15fd463d65d3e45db4e0613cf\CustomMarshalers.ni.dll
+ 2010-02-08 20:07 . 2010-02-08 20:07 884736 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\2a66ea6b955eabdb437c6cfcac78c45e\AspNetMMCExt.ni.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 884736 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 884736 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 299008 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 299008 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 933888 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 933888 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 741376 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 741376 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 671744 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 671744 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 261120 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 261120 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 483840 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 483840 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 389120 c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 389120 c:\windows\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 122880 c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\ehiwmp.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 122880 c:\windows\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\ehiwmp.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 278528 c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf3856ad364e35\ehiVidCtl.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 278528 c:\windows\assembly\GAC\ehiVidCtl\6.0.3000.0__31bf3856ad364e35\ehiVidCtl.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 389120 c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 389120 c:\windows\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 204800 c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiPlay.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 204800 c:\windows\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiPlay.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 167936 c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf3856ad364e35\ehiMsgr.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 167936 c:\windows\assembly\GAC\ehiMsgr\6.0.3000.0__31bf3856ad364e35\ehiMsgr.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 110592 c:\windows\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3856ad364e35\ehExtCOM.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 110592 c:\windows\assembly\GAC\ehExtCOM\6.0.3000.0__31bf3856ad364e35\ehExtCOM.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 126976 c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 126976 c:\windows\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 864256 c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 864256 c:\windows\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 192512 c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3856ad364e35\ehcommon.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 192512 c:\windows\assembly\GAC\ehcommon\6.0.3000.0__31bf3856ad364e35\ehcommon.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 102400 c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 102400 c:\windows\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 117248 c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 117248 c:\windows\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
+ 2006-03-16 04:00 . 2009-11-21 16:36 470528 c:\windows\AppPatch\aclayers.dll
+ 2010-02-08 16:54 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2005-09-23 06:16 . 2005-09-23 06:16 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2005-09-23 06:16 . 2005-09-23 06:16 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2009-07-21 05:03 . 2009-07-21 05:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2008-09-30 21:42 . 2008-09-30 21:42 1286152 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2006-03-16 04:00 . 2009-08-07 00:23 1929952 c:\windows\system32\wuaueng.dll
+ 2005-08-04 09:29 . 2009-06-09 03:24 2330624 c:\windows\system32\WMVCore.dll
- 2005-08-04 09:29 . 2006-12-07 04:14 2330624 c:\windows\system32\wmvcore.dll
- 2005-12-06 21:02 . 2007-04-30 15:20 5537792 c:\windows\system32\wmp.dll
+ 2005-12-06 21:02 . 2009-07-13 15:08 5537792 c:\windows\system32\wmp.dll
+ 2006-03-16 04:00 . 2009-08-14 12:19 1850112 c:\windows\system32\win32k.sys
+ 2006-03-16 04:00 . 2008-07-03 13:03 8460800 c:\windows\system32\shell32.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 1509888 c:\windows\system32\shdocvw.dll
- 2006-03-16 04:00 . 2006-06-22 05:06 1435648 c:\windows\system32\query.dll
+ 2006-03-16 04:00 . 2009-07-17 16:27 1435648 c:\windows\system32\query.dll
+ 2003-08-19 20:39 . 2003-08-19 20:39 1028096 c:\windows\system32\NCTAudioInformation2.dll
+ 2009-08-19 22:07 . 2009-08-19 22:07 1415000 c:\windows\system32\msxml6.dll
+ 2009-07-21 05:05 . 2009-07-21 05:05 1348432 c:\windows\system32\msxml4.dll
+ 2006-03-16 04:00 . 2009-07-31 04:57 1172480 c:\windows\system32\msxml3.dll
+ 2005-12-16 03:13 . 2005-12-16 03:13 1669632 c:\windows\system32\msvidctl(2).dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 3071488 c:\windows\system32\mshtml.dll
+ 2010-01-27 01:07 . 2010-01-27 01:07 3884312 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2006-03-16 04:00 . 2009-08-07 00:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2005-08-04 09:29 . 2009-06-09 03:24 2330624 c:\windows\system32\dllcache\WMVCore.dll
- 2005-08-04 09:29 . 2006-12-07 04:14 2330624 c:\windows\system32\dllcache\wmvcore.dll
+ 2005-12-06 21:02 . 2009-07-13 15:08 5537792 c:\windows\system32\dllcache\wmp.dll
- 2005-12-06 21:02 . 2007-04-30 15:20 5537792 c:\windows\system32\dllcache\wmp.dll
+ 2006-03-16 04:00 . 2009-08-14 12:19 1850112 c:\windows\system32\dllcache\win32k.sys
+ 2006-03-16 04:00 . 2008-07-03 13:03 8460800 c:\windows\system32\dllcache\shell32.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2006-03-16 04:00 . 2009-07-17 16:27 1435648 c:\windows\system32\dllcache\query.dll
- 2006-03-16 04:00 . 2006-06-22 05:06 1435648 c:\windows\system32\dllcache\query.dll
+ 2005-08-30 12:13 . 2009-11-27 17:04 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2006-12-19 16:51 . 2009-12-08 18:14 2185984 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2006-03-16 04:00 . 2009-12-08 17:35 2020864 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2006-12-19 16:12 . 2009-12-08 17:35 2063104 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2006-03-16 04:00 . 2009-12-08 18:11 2142720 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2006-03-16 04:00 . 2009-07-31 04:57 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2006-03-16 04:00 . 2009-07-10 13:42 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 3071488 c:\windows\system32\dllcache\mshtml.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 1054208 c:\windows\system32\dllcache\danim.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 1054208 c:\windows\system32\dllcache\danim.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 1024000 c:\windows\system32\dllcache\browseui.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 1024000 c:\windows\system32\dllcache\browseui.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 1054208 c:\windows\system32\danim.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 1054208 c:\windows\system32\danim.dll
- 2006-03-16 04:00 . 2007-12-07 00:44 1024000 c:\windows\system32\browseui.dll
+ 2006-03-16 04:00 . 2009-12-22 05:35 1024000 c:\windows\system32\browseui.dll
+ 2008-08-27 21:58 . 2008-08-27 21:58 1351168 c:\windows\system32\AdjMmsEng.dll
+ 2009-08-08 07:35 . 2009-08-08 07:35 5849920 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-08 07:35 . 2009-08-08 07:35 4345856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2007-04-14 04:35 . 2007-04-14 04:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-28 06:35 . 2008-05-28 06:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 04:35 . 2007-04-14 04:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-28 06:35 . 2008-05-28 06:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-28 05:48 . 2008-05-28 05:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-14 03:57 . 2007-04-14 03:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-28 05:48 . 2008-05-28 05:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-14 03:57 . 2007-04-14 03:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-28 05:43 . 2008-05-28 05:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2007-04-14 03:50 . 2007-04-14 03:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2004-07-20 09:54 . 2009-06-29 16:58 1200128 c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Web.dll
- 2004-07-20 09:54 . 2007-01-02 23:40 1200128 c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Web.dll
+ 2004-07-20 09:54 . 2009-06-24 03:00 2281472 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
- 2004-07-20 09:54 . 2007-01-02 23:28 2281472 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
+ 2004-07-20 09:54 . 2009-06-24 03:00 2273280 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll
- 2004-07-20 09:54 . 2007-01-02 23:28 2273280 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll
+ 2004-07-20 09:54 . 2009-06-29 16:58 1998848 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll
- 2004-07-20 09:54 . 2007-01-02 23:21 1998848 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\fa0914.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\fa090e.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\e5761c.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\e57616.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\c75bd2e.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\c75bd26.msp
+ 2009-08-10 04:32 . 2009-08-10 04:32 5288960 c:\windows\Installer\b520a4.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\a7cc7a8.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\a7cc79f.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\7b6f883.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\7b6f87d.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\74f51fe.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\74f51f5.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\60bd599.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\60bd592.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\5566cc2.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\5566cb9.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\52ba8e3.msp
+ 2009-12-11 15:29 . 2009-12-11 15:29 5521408 c:\windows\Installer\52ba8d9.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\52746b7.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\52746ae.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\3f9fd.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\3f9f7.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\30155d.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\301553.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\2fee0.msp
+ 2009-12-11 15:29 . 2009-12-11 15:29 5521408 c:\windows\Installer\2fed8.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\290cf4b.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\290cf45.msp
+ 2010-01-19 22:51 . 2010-01-19 22:51 5524480 c:\windows\Installer\228e679.msp
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\228e672.msp
+ 2009-11-13 00:35 . 2009-11-13 00:35 3938816 c:\windows\Installer\1b5fdc4.msi
+ 2005-10-26 19:59 . 2005-10-26 19:59 2883072 c:\windows\Installer\16df91b.msp
+ 2009-12-11 15:29 . 2009-12-11 15:29 5521408 c:\windows\Installer\141740d.msp
+ 2006-09-01 11:38 . 2009-12-08 18:14 2185984 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2006-09-01 11:38 . 2009-12-08 17:35 2020864 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2006-09-01 11:38 . 2009-12-08 17:35 2063104 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2006-09-01 11:38 . 2009-12-08 18:11 2142720 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-02-08 19:16 . 2010-02-08 19:16 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_6fa75c44\System.dll
+ 2010-02-08 19:15 . 2010-02-08 19:15 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_06f521fc\System.dll
+ 2010-02-08 19:16 . 2010-02-08 19:16 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_fe546f7b\System.Xml.dll
+ 2010-02-08 19:17 . 2010-02-08 19:17 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_c66175e8\System.Xml.dll
+ 2010-02-08 19:15 . 2010-02-08 19:15 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_433dc34c\System.Windows.Forms.dll
+ 2010-02-08 19:17 . 2010-02-08 19:17 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_30ad5a2f\System.Windows.Forms.dll
+ 2010-02-08 19:17 . 2010-02-08 19:17 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b01174f0\System.Drawing.dll
+ 2010-02-08 19:17 . 2010-02-08 19:17 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_ef47c8ba\System.Design.dll
+ 2010-02-08 19:16 . 2010-02-08 19:16 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_b59e589b\System.Design.dll
+ 2010-02-08 19:17 . 2010-02-08 19:17 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_80fbf53d\mscorlib.dll
+ 2010-02-08 19:16 . 2010-02-08 19:16 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_4bd10d45\mscorlib.dll
+ 2010-02-08 18:00 . 2010-02-08 18:00 1855488 c:\windows\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_f0ef4425\System.dll
+ 2010-02-08 18:01 . 2010-02-08 18:01 2027520 c:\windows\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_c940839f\System.Xml.dll
+ 2010-02-08 18:01 . 2010-02-08 18:01 2953216 c:\windows\assembly\NativeImages1_v1.0.3705\System.Windows.Forms\1.0.3300.0__b77a5c561934e089_d92aa8ab\System.Windows.Forms.dll
+ 2010-02-08 18:01 . 2010-02-08 18:01 1454080 c:\windows\assembly\NativeImages1_v1.0.3705\System.Design\1.0.3300.0__b03f5f7f11d50a3a_66d55181\System.Design.dll
+ 2010-02-08 18:00 . 2010-02-08 18:00 3301376 c:\windows\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_5fd9beb2\mscorlib.dll
+ 2010-02-08 20:02 . 2010-02-08 20:02 8310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System\ccfeb59f4a9b75909eb2d1121232a769\System.ni.dll
+ 2010-02-08 20:03 . 2010-02-08 20:03 5771264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\717cce3690d643df19d6a4117283048e\System.Xml.ni.dll
+ 2010-02-08 20:15 . 2010-02-08 20:15 1986560 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\aa319d767042e97c692041f76f123f2f\System.Web.Services.ni.dll
+ 2010-02-08 20:14 . 2010-02-08 20:14 2342912 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\b7092e8403b56e3913488855e45a35ff\System.Web.Mobile.ni.dll
+ 2010-02-08 20:03 . 2010-02-08 20:03 1667072 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e58e83951091f2616344c5d2a6787660\System.Drawing.ni.dll
+ 2010-02-08 20:13 . 2010-02-08 20:13 1224704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\e96695c65a4104ee4687f3e5f0581d34\System.DirectoryServices.ni.dll
+ 2010-02-08 20:13 . 2010-02-08 20:13 1798144 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\f0a1895c7d475f156ed4cdd9f0bd2797\System.Deployment.ni.dll
+ 2010-02-08 20:02 . 2010-02-08 20:02 7102464 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\b39a611d2b2fc659d5472dd76b24d3b2\System.Data.ni.dll
+ 2010-02-08 20:13 . 2010-02-08 20:13 1011712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e2de26078a8c3d29dbfcf408e23aa2b1\System.Configuration.ni.dll
+ 2010-02-08 20:13 . 2010-02-08 20:13 1740800 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\ed0cdc51d89bb41a9ab760ca3cf52bf9\Microsoft.VisualBasic.ni.dll
+ 2010-02-08 20:13 . 2010-02-08 20:13 1695744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\b846f5c1b90e4222e79a420d92062f79\Microsoft.Build.Tasks.ni.dll
+ 2010-02-08 19:56 . 2010-02-08 19:56 3076096 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 3076096 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 2068480 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 2068480 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 5013504 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 5013504 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2008-04-03 05:40 . 2008-04-03 05:40 5070848 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-02-08 19:58 . 2010-02-08 19:58 5070848 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 5431296 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 5431296 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-02-08 19:57 . 2010-02-08 19:57 3036160 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2008-04-03 05:39 . 2008-04-03 05:39 3036160 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-02-08 19:56 . 2010-02-08 19:56 4345856 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-07-17 15:59 . 2007-07-17 15:59 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-02-08 19:14 . 2010-02-08 19:14 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2007-07-17 15:59 . 2007-07-17 15:59 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-02-08 19:14 . 2010-02-08 19:14 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-07-17 15:57 . 2007-07-17 15:57 1200128 c:\windows\assembly\GAC\System.Web\1.0.3300.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-02-08 18:00 . 2010-02-08 18:00 1200128 c:\windows\assembly\GAC\System.Web\1.0.3300.0__b03f5f7f11d50a3a\System.Web.dll
- 2006-09-01 11:36 . 2006-09-01 11:36 1863680 c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
+ 2010-02-08 23:59 . 2010-02-08 23:59 1863680 c:\windows\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
+ 2007-09-30 00:49 . 2010-02-01 19:26 30364104 c:\windows\system32\MRT.exe
+ 2009-08-11 02:08 . 2009-08-11 02:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-10 19:09 . 2009-08-10 19:09 17254912 c:\windows\Installer\912dc1.msp
+ 2010-02-17 21:51 . 2010-02-17 21:51 22910464 c:\windows\Installer\5121820.msi
+ 2009-12-12 06:27 . 2009-12-12 06:27 17636864 c:\windows\Downloaded Installations\{5C15C9BA-8EEF-4C59-86E3-E0A3BCDA3FF4}\Duplicate File Remover Platinum.msi
+ 2010-02-08 20:03 . 2010-02-08 20:03 13193216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9d25b8eabd8203e4d0490363140c4526\System.Windows.Forms.ni.dll
+ 2010-02-08 20:14 . 2010-02-08 20:14 12517376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\16a34a274ee877b4cf03d1a1bb57eb82\System.Web.ni.dll
+ 2010-02-08 20:03 . 2010-02-08 20:03 10936320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\2aab58cae4d998cf867f483302e94c27\System.Design.ni.dll
+ 2010-02-08 20:01 . 2010-02-08 20:01 11436032 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\fee8c8ba9b84a7832274adcbfc9d5ca4\mscorlib.ni.dll
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\fa0908.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\e57610.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\c75bd1e.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\a7cc796.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\912dc2.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\7b6f877.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\74f51ec.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\60bd58b.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\5566cb0.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\52ba8cf.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\3f9f1.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\290cf3f.msp
+ 2007-07-27 14:03 . 2007-07-27 14:03 119977472 c:\windows\Installer\228e66b.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 1015808]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-30 40960]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-11-21 185896]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-09-27 7585792]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"DNS7reminder"="c:\program files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" [2006-11-27 255528]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
backup=c:\windows\pss\HP Photosmart Premier Fast Start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Privoxy.lnk]
backup=c:\windows\pss\Privoxy.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^U.S. Robotics 802.11g Wireless Network Utility.lnk]
backup=c:\windows\pss\U.S. Robotics 802.11g Wireless Network Utility.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^U.S. Robotics Wireless USB Adapter.lnk]
backup=c:\windows\pss\U.S. Robotics Wireless USB Adapter.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^SAM^Start Menu^Programs^StartUp^SimpleWare.lnk]
backup=c:\windows\pss\SimpleWare.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^SAM^Start Menu^Programs^StartUp^Vongo Tray.lnk]
backup=c:\windows\pss\Vongo Tray.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 22:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
2006-07-27 03:44 61952 ----a-w- c:\windows\system32\CHDAudPropShortcut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2006-05-04 05:58 458752 ----a-w- c:\program files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
2009-09-22 22:11 1243088 ----a-w- c:\program files\Spyware Doctor\pctsTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
2003-12-17 17:50 19968 ------w- c:\windows\LOGI_MWX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-01-07 21:07 1394000 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2008-10-28 21:42 181544 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE]
2009-09-13 23:52 1048392 ----a-w- c:\program files\Microsoft Security Essentials\msseces.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui]
2008-01-31 21:22 949376 ----a-w- c:\program files\ESET\nod32kui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-09-27 22:10 7585792 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-09-27 22:10 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-09-27 22:10 1617920 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-07-27 02:37 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
2009-09-11 17:31 2836440 ----a-w- c:\program files\Registry Mechanic\RegMech.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 21:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2007-11-21 06:37 185896 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
2007-12-05 21:06 1885464 ----a-w- c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
2007-11-22 21:49 12889088 ----a-w- c:\program files\Vidalia Bundle\Vidalia\vidalia.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Vongo Service"=2 (0x2)
"AVG Anti-Spyware Guard"=2 (0x2)
"Lavasoft Ad-Aware Service"=2 (0x2)
"sdCoreService"=3 (0x3)
"sdAuxService"=3 (0x3)
"gusvc"=2 (0x2)
"LightScribeService"=2 (0x2)
"NOD32krn"=2 (0x2)
"MsMpSvc"=2 (0x2)
"ERSvc"=2 (0x2)
"CiSvc"=3 (0x3)
"BITS"=3 (0x3)
"aspnet_state"=3 (0x3)
"ALG"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Windows Explorer"=explorer.exe
"Uniblue RegistryBooster 2"=c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NWEReboot"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SimpleWare2\\SimpleBridge.exe"=
"c:\\Documents and Settings\\SAM\\Desktop\\Desktop clutter folder\\PROGRAMS\\DCC\\dcc282\\DCC.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [11/11/2009 2:30 PM 207280]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [1/31/2008 4:24 PM 15424]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [10/28/2008 4:42 PM 156968]
R2 sympxchm;sympxchm;c:\windows\system32\drivers\sympxchm.sys [7/20/2008 7:19 AM 19741]
R3 vidcap;vidcap;c:\windows\system32\drivers\vidcap.sys [12/27/2006 9:47 AM 9006]
S1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS --> c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]
S3 HRFUSB;Symphony HRF USB Adapter Driver;c:\windows\system32\drivers\hrfusbxp.sys [7/20/2008 7:19 AM 125309]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [12/23/2008 10:35 AM 50704]
S3 RSC4_A02;U.S. Robotics Wireless USB Adapter Driver;c:\windows\system32\DRIVERS\RSC4USB.sys --> c:\windows\system32\DRIVERS\RSC4USB.sys [?]
S3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS --> c:\program files\SUPERAntiSpyware\SASENUM.SYS [?]
S4 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [11/11/2009 2:29 PM 358600]
.
Contents of the 'Scheduled Tasks' folder

2010-02-21 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-07-02 22:36]

2010-02-22 c:\windows\Tasks\NOD32.job
- c:\progra~1\ESET\nod32.exe [2008-01-31 21:22]

2010-02-22 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2008-10-14 14:42]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
TCP: {EB04B81C-41F0-41C3-9524-6092A2A51307} = 192.168.123.254,192.168.123.255
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\SAM\Application Data\Mozilla\Firefox\Profiles\yozei8i9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
MSConfigStartUp-Ad-Watch - c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
MSConfigStartUp-PC SpeedScan Pro - c:\program files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe
MSConfigStartUp-Performance Center - c:\program files\Ascentive\Performance Center\APCMain.exe
MSConfigStartUp-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2010-02-22 13:52
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????
scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(960)
c:\windows\system32\imon.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\msdtc.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\mqsvc.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\mqtgsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\eHome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2010-02-22 13:57:58 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-22 18:57
ComboFix2.txt 2009-12-16 10:59
ComboFix3.txt 2009-11-29 18:48
ComboFix4.txt 2009-11-29 17:39
ComboFix5.txt 2010-02-22 18:38

Pre-Run: 3,887,579,136 bytes free
Post-Run: 3,935,494,144 bytes free

- - End Of File - - 526E6204459A20BDA77961AE1FACE321
Posted 2/23/2010 3:19 AM
#83159
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Download [3] [/3]

[color=black face="Courier New" sab="311">[2]Click here:
Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 2/23/2010 5:03 AM
#83165
User avatar

Frank1 Advanced member

Date Joined Nov 2016
Total Posts: 45
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : SAM ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 antivirus system 2.70 2.70 (Activated)
C:\ (Local Disk) - NTFS - Total:62 Go (Free:3 Go)
D:\ (Local Disk) - FAT32 - Total:11 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT32 - Total:15301 Mo (Free:4 Go)
G:\ (Local Disk) - NTFS - Total:189 Go (Free:3 Go)
H:\ (Local Disk) - NTFS - Total:152 Go (Free:21 Go)
I:\ (Local Disk) - FAT32 - Total:465 Go (Free:7 Go)
K:\ (Local Disk) - NTFS - Total:298 Go (Free:17 Go)
L:\ (Local Disk) - NTFS - Total:298 Go (Free:22 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [4] ( Tue 02/23/2010| 0:48 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

c:\windows\system32\drivers\sympxchm.sys


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

Deleted! - c:\windows\system32\drivers\sympxchm.sys

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in APPLIC~1

[09/22/2009|12:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Adobe
[10/26/2007|03:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Grisoft
[09/01/2006|05:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Identities
[09/01/2006|07:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Intuit
[04/05/2008|10:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Lavasoft
[10/21/2007|07:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Macromedia
[09/22/2009|01:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Malwarebytes
[11/29/2009|01:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Microsoft
[10/21/2007|07:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Sun

[11/12/2009|07:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Adobe
[12/20/2008|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ AVS4YOU
[09/01/2006|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ CyberLink
[11/19/2008|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ DVD Shrink
[04/04/2008|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Geek Squad
[11/27/2009|09:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Google
[10/24/2007|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Grisoft
[09/01/2006|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ HP
[09/01/2006|05:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ InstallShield
[09/01/2006|07:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Intuit
[02/12/2008|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Kaspersky Lab
[09/26/2009|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Lavasoft
[10/19/2008|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Malwarebytes
[02/08/2010|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Microsoft
[04/17/2007|09:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ muvee Technologies
[09/25/2009|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ NOS
[02/17/2010|04:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Nuance
[09/01/2006|06:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ nView_Profiles
[11/11/2009|02:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ PC Tools
[03/28/2007|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Prism
[09/01/2006|05:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ SBSI
[02/17/2010|04:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ ScanSoft
[03/16/2009|02:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Seagate
[10/21/2007|11:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ sentinel
[09/01/2006|05:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Sonic
[02/20/2010|05:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Spybot - Search & Destroy
[10/25/2007|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ SUPERAntiSpyware.com
[10/21/2007|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Symantec
[04/05/2008|07:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ TechSmith
[01/28/2010|06:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ TEMP
[09/14/2008|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Torrent2Exe
[02/29/2008|03:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ vsosdk
[04/04/2008|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Webroot
[04/03/2008|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Windows Genuine Advantage
[02/14/2008|12:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Winferno

[09/01/2006|05:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ Identities
[09/01/2006|07:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ Intuit
[09/01/2006|06:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ Macromedia
[09/01/2006|06:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ Microsoft

[09/01/2006|06:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\ Microsoft
[04/04/2008|10:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\ Webroot

[02/10/2010|10:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\ Microsoft

[08/09/2008|12:53] C:\DOCUME~1\SAM\APPLIC~1\ AccurateRip
[02/26/2009|07:05] C:\DOCUME~1\SAM\APPLIC~1\ Adobe
[06/14/2007|10:01] C:\DOCUME~1\SAM\APPLIC~1\ AdobeUM
[05/05/2009|01:24] C:\DOCUME~1\SAM\APPLIC~1\ AMPSoft
[10/31/2009|01:36] C:\DOCUME~1\SAM\APPLIC~1\ Auslogics
[12/20/2008|09:57] C:\DOCUME~1\SAM\APPLIC~1\ avidemux
[12/20/2008|09:28] C:\DOCUME~1\SAM\APPLIC~1\ AVS4YOU
[02/26/2009|07:05] C:\DOCUME~1\SAM\APPLIC~1\ com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[03/26/2007|10:18] C:\DOCUME~1\SAM\APPLIC~1\ CyberLink
[12/12/2009|01:31] C:\DOCUME~1\SAM\APPLIC~1\ Duplicate File Remover Platinum
[02/14/2010|04:03] C:\DOCUME~1\SAM\APPLIC~1\ dvdcss
[11/09/2007|11:26] C:\DOCUME~1\SAM\APPLIC~1\ Google
[03/26/2007|08:58] C:\DOCUME~1\SAM\APPLIC~1\ GTek
[12/16/2009|11:07] C:\DOCUME~1\SAM\APPLIC~1\ gtk-2.0
[07/29/2007|10:43] C:\DOCUME~1\SAM\APPLIC~1\ Help
[03/26/2007|10:06] C:\DOCUME~1\SAM\APPLIC~1\ HP
[09/01/2006|05:15] C:\DOCUME~1\SAM\APPLIC~1\ Identities
[09/01/2006|07:12] C:\DOCUME~1\SAM\APPLIC~1\ Intuit
[04/17/2007|08:30] C:\DOCUME~1\SAM\APPLIC~1\ Leadertech
[03/18/2007|06:01] C:\DOCUME~1\SAM\APPLIC~1\ Macromedia
[10/19/2008|12:55] C:\DOCUME~1\SAM\APPLIC~1\ Malwarebytes
[10/14/2009|02:44] C:\DOCUME~1\SAM\APPLIC~1\ Microsoft
[11/27/2009|09:12] C:\DOCUME~1\SAM\APPLIC~1\ Mozilla
[04/18/2007|01:59] C:\DOCUME~1\SAM\APPLIC~1\ muvee Technologies
[10/08/2009|12:29] C:\DOCUME~1\SAM\APPLIC~1\ Netscape
[02/17/2010|04:51] C:\DOCUME~1\SAM\APPLIC~1\ Nuance
[11/11/2009|02:29] C:\DOCUME~1\SAM\APPLIC~1\ PC Tools
[03/22/2008|07:38] C:\DOCUME~1\SAM\APPLIC~1\ Real
[04/17/2007|08:33] C:\DOCUME~1\SAM\APPLIC~1\ Sonic
[03/26/2007|11:20] C:\DOCUME~1\SAM\APPLIC~1\ Sun
[11/28/2009|06:59] C:\DOCUME~1\SAM\APPLIC~1\ SUPERAntiSpyware.com
[11/27/2009|09:31] C:\DOCUME~1\SAM\APPLIC~1\ tor
[12/21/2008|11:15] C:\DOCUME~1\SAM\APPLIC~1\ U3
[02/11/2008|08:31] C:\DOCUME~1\SAM\APPLIC~1\ Uniblue
[11/27/2009|09:31] C:\DOCUME~1\SAM\APPLIC~1\ Vidalia
[12/05/2009|04:49] C:\DOCUME~1\SAM\APPLIC~1\ VideoReDo-TVSuite
[02/22/2010|02:04] C:\DOCUME~1\SAM\APPLIC~1\ vlc
[02/22/2010|10:32] C:\DOCUME~1\SAM\APPLIC~1\ Vso
[04/04/2008|10:56] C:\DOCUME~1\SAM\APPLIC~1\ Webroot
[12/26/2007|06:02] C:\DOCUME~1\SAM\APPLIC~1\ WinRAR
[11/09/2007|10:18] C:\DOCUME~1\SAM\APPLIC~1\ Yahoo!

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[02/22/2010 01:57 PM][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[02/22/2010 04:30 AM][--a------] C:\WINDOWS\tasks\NOD32.job
[02/22/2010 06:46 AM][--a------] C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job
[02/22/2010 01:51 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[03/15/2006 11:00 PM][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[12/11/2009|04:13] C:\Program Files\ Abee MP3 Duplicates Finder
[02/13/2008|08:50] C:\Program Files\ AceLogix
[11/12/2009|07:35] C:\Program Files\ Adobe
[05/05/2009|01:23] C:\Program Files\ AMP Font Viewer
[12/12/2009|01:18] C:\Program Files\ Auslogics
[04/01/2008|03:18] C:\Program Files\ Avatar Sizer
[12/14/2009|03:27] C:\Program Files\ Avidemux 2.4
[04/20/2007|01:47] C:\Program Files\ AviSynth 2.5
[12/20/2008|09:44] C:\Program Files\ AVS4YOU
[10/09/2009|12:54] C:\Program Files\ Belarc
[08/30/2009|03:33] C:\Program Files\ Boilsoft AVI Converter
[11/11/2009|07:34] C:\Program Files\ Cain
[02/11/2008|11:55] C:\Program Files\ CCleaner
[01/24/2010|07:08] C:\Program Files\ CCleaner2
[02/22/2010|01:46] C:\Program Files\ Common Files
[02/10/2008|12:29] C:\Program Files\ CONEXANT
[03/18/2008|02:48] C:\Program Files\ Dachshund Software
[04/30/2009|11:04] C:\Program Files\ Dak Systems
[03/30/2008|01:22] C:\Program Files\ DAMN NFO Viewer
[12/30/2009|03:02] C:\Program Files\ Digiarty
[02/11/2008|11:55] C:\Program Files\ DivX
[01/24/2010|09:33] C:\Program Files\ Duplicate File Remover
[09/01/2006|06:49] C:\Program Files\ Encarta Online
[04/20/2007|01:47] C:\Program Files\ eRightSoft
[12/15/2008|12:25] C:\Program Files\ ESET
[06/05/2009|04:41] C:\Program Files\ Free Audio Pack
[07/09/2008|01:57] C:\Program Files\ Free M4a to MP3 Converter
[10/08/2009|12:24] C:\Program Files\ GemMaster
[03/27/2008|11:41] C:\Program Files\ GetDiz
[11/28/2009|07:06] C:\Program Files\ Google
[10/24/2007|12:25] C:\Program Files\ Grisoft
[02/11/2008|11:55] C:\Program Files\ Hewlett-Packard
[09/01/2006|07:04] C:\Program Files\ HP
[02/11/2008|11:55] C:\Program Files\ HPQ
[09/27/2009|10:16] C:\Program Files\ Hulu Downloader
[08/09/2008|12:29] C:\Program Files\ illiminable
[10/09/2009|10:00] C:\Program Files\ InstallShield Installation Information
[02/08/2010|06:26] C:\Program Files\ Internet Explorer
[10/14/2009|02:44] C:\Program Files\ Internet Music Capture
[09/28/2009|01:35] C:\Program Files\ Java
[10/11/2009|10:17] C:\Program Files\ jessica-alba
[03/20/2008|08:36] C:\Program Files\ Lavalys
[10/10/2009|09:26] C:\Program Files\ Lavasoft
[03/26/2007|12:48] C:\Program Files\ Logitech
[01/14/2010|03:15] C:\Program Files\ Malwarebytes' Anti-Malware
[02/05/2008|08:48] C:\Program Files\ Mayoko
[02/08/2010|06:40] C:\Program Files\ Messenger
[09/01/2006|06:52] C:\Program Files\ Microsoft ActiveSync
[02/02/2008|10:08] C:\Program Files\ Microsoft CAPICOM 2.1.0.2
[09/01/2006|05:15] C:\Program Files\ microsoft frontpage
[09/01/2006|06:51] C:\Program Files\ Microsoft Office
[09/01/2006|07:11] C:\Program Files\ Microsoft Office Trial Wizard
[02/08/2010|11:38] C:\Program Files\ Microsoft Security Essentials
[02/11/2008|11:46] C:\Program Files\ Microsoft Works
[09/01/2006|06:51] C:\Program Files\ Microsoft.NET
[09/01/2006|05:15] C:\Program Files\ Movie Maker
[02/22/2010|09:42] C:\Program Files\ Mozilla Firefox
[09/01/2006|05:15] C:\Program Files\ MSN
[09/01/2006|05:15] C:\Program Files\ MSN Gaming Zone
[02/08/2010|01:02] C:\Program Files\ MSXML 4.0
[03/16/2009|02:44] C:\Program Files\ MSXML 6.0
[10/24/2007|01:25] C:\Program Files\ music_now
[09/01/2006|07:09] C:\Program Files\ muvee Technologies
[09/01/2006|05:15] C:\Program Files\ NetMeeting
[09/01/2006|07:07] C:\Program Files\ Netscape
[09/01/2006|07:09] C:\Program Files\ NetWaiting
[02/17/2010|04:46] C:\Program Files\ Nuance
[04/20/2009|01:58] C:\Program Files\ OJOsoft
[09/01/2006|07:08] C:\Program Files\ Online Services
[02/08/2010|03:14] C:\Program Files\ Outlook Express
[03/30/2008|02:14] C:\Program Files\ Photo To Color Sketch
[09/18/2009|07:29] C:\Program Files\ PowerISO
[11/28/2009|07:02] C:\Program Files\ Quicken
[09/01/2006|07:12] C:\Program Files\ Quickensetup
[11/21/2007|01:38] C:\Program Files\ Real
[09/25/2009|06:03] C:\Program Files\ Registry Mechanic
[02/14/2008|02:08] C:\Program Files\ RegVac Registry Cleaner
[09/18/2009|01:23] C:\Program Files\ Replay Media Catcher
[10/14/2009|02:22] C:\Program Files\ Replay Music 3
[12/16/2009|11:20] C:\Program Files\ RGB
[11/01/2007|05:53] C:\Program Files\ SatFinder
[03/16/2009|02:45] C:\Program Files\ Seagate
[05/09/2008|04:54] C:\Program Files\ SIM MAX
[07/20/2008|10:16] C:\Program Files\ SimpleWare
[11/12/2009|09:31] C:\Program Files\ SimpleWare2
[01/29/2010|03:34] C:\Program Files\ Solveig Multimedia
[09/01/2006|05:15] C:\Program Files\ Sonic
[08/12/2008|07:57] C:\Program Files\ SONICblue
[12/16/2009|11:16] C:\Program Files\ Spybot - Search & Destroy
[12/16/2009|10:56] C:\Program Files\ Spyware Doctor
[09/01/2006|06:53] C:\Program Files\ Synaptics
[04/05/2008|07:13] C:\Program Files\ TechSmith
[09/25/2009|06:25] C:\Program Files\ The KMPlayer
[02/13/2008|09:54] C:\Program Files\ Uniblue
[09/01/2006|05:15] C:\Program Files\ Uninstall Information
[05/28/2008|09:46] C:\Program Files\ Vidalia Bundle
[12/18/2009|01:01] C:\Program Files\ VideoLAN
[12/05/2009|04:51] C:\Program Files\ VideoReDoTVSuite
[02/22/2008|12:37] C:\Program Files\ VSO
[04/04/2008|10:56] C:\Program Files\ Webroot
[01/29/2010|04:17] C:\Program Files\ WinAVI Video Converter 9.0
[06/16/2008|08:23] C:\Program Files\ Windows Live Safety Center
[01/29/2010|02:30] C:\Program Files\ Windows Media Connect 2
[02/08/2010|03:57] C:\Program Files\ Windows Media Player
[09/01/2006|05:15] C:\Program Files\ Windows NT
[09/01/2006|05:15] C:\Program Files\ Windows Plus
[09/01/2006|05:15] C:\Program Files\ WindowsUpdate
[02/14/2008|12:31] C:\Program Files\ Winferno
[09/11/2009|03:51] C:\Program Files\ WinPcap
[03/27/2008|11:42] C:\Program Files\ WinRAR
[11/27/2007|05:43] C:\Program Files\ Womble Multimedia
[09/01/2006|05:15] C:\Program Files\ xerox
[01/28/2010|06:08] C:\Program Files\ Xilisoft
[03/15/2008|11:53] C:\Program Files\ XP Repair Pro 2007
[02/15/2008|09:40] C:\Program Files\ Yahoo!
[04/12/2008|12:14] C:\Program Files\ ZD Soft
[07/20/2008|10:25] C:\Program Files\ Zero G Registry

--------------------\\ Listing Folders in C:\Program Files\Common Files

[11/12/2009|07:35] C:\Program Files\Common Files\ Adobe
[02/26/2009|07:06] C:\Program Files\Common Files\ Adobe AIR
[12/20/2008|09:44] C:\Program Files\Common Files\ AVSMedia
[04/20/2009|01:58] C:\Program Files\Common Files\ Common Share
[09/01/2006|06:52] C:\Program Files\Common Files\ DESIGNER
[09/01/2006|05:15] C:\Program Files\Common Files\ HP
[09/01/2006|06:39] C:\Program Files\Common Files\ InstallShield
[09/01/2006|05:15] C:\Program Files\Common Files\ Java
[02/01/2008|03:47] C:\Program Files\Common Files\ LightScribe
[03/26/2007|12:48] C:\Program Files\Common Files\ Logitech
[12/20/2008|09:25] C:\Program Files\Common Files\ Microsoft Shared
[09/01/2006|05:15] C:\Program Files\Common Files\ MSSoap
[09/01/2006|07:10] C:\Program Files\Common Files\ muvee Technologies
[02/17/2010|04:47] C:\Program Files\Common Files\ Nuance
[09/01/2006|05:15] C:\Program Files\Common Files\ ODBC
[11/11/2009|02:30] C:\Program Files\Common Files\ PC Tools
[11/21/2007|01:38] C:\Program Files\Common Files\ Real
[01/31/2008|04:57] C:\Program Files\Common Files\ Scanner
[02/17/2010|04:48] C:\Program Files\Common Files\ ScanSoft Shared
[09/01/2006|05:15] C:\Program Files\Common Files\ Services
[01/29/2010|03:34] C:\Program Files\Common Files\ Solveig Multimedia
[09/01/2006|05:15] C:\Program Files\Common Files\ Sonic Shared
[09/01/2006|05:15] C:\Program Files\Common Files\ SpeechEngines
[09/01/2006|05:15] C:\Program Files\Common Files\ SureThing Shared
[03/27/2007|10:37] C:\Program Files\Common Files\ SWF Studio
[10/21/2007|11:44] C:\Program Files\Common Files\ Symantec Shared
[06/15/2007|10:30] C:\Program Files\Common Files\ System
[09/01/2006|05:15] C:\Program Files\Common Files\ TiVo Shared
[11/28/2009|06:59] C:\Program Files\Common Files\ Wise Installation Wizard
[11/21/2007|01:38] C:\Program Files\Common Files\ xing shared

--------------------\\ Process

( 40 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2010-02-23 00:53:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections



[F:2][D:2]-> C:\DOCUME~1\SAM\LOCALS~1\Temp
[F:312][D:0]-> C:\DOCUME~1\SAM\Cookies
[F:104][D:4]-> C:\DOCUME~1\SAM\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Tue 02/23/2010| 0:55 - Option : [4]

--------------------\\ Scan completed at 0:55:53
Posted 2/23/2010 12:14 PM
#83174
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
How are things running now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 2/23/2010 2:29 PM
#83176
User avatar

Frank1 Advanced member

Date Joined Nov 2016
Total Posts: 45
I THINK I'm ok but could you PLEASE take one more look at my hijack log especially the items I have marked with ?????
Once again thank you

Logfile of HijackThis v1.99.1
Scan saved at 10:18:37 AM, on 2/23/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe ????
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe ?????
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe ?????
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\SAM\Desktop\FIX\HiJack This\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) ??????
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file) ??????
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking9\Ereg.ini
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=https://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - https://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240187843000
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - ??????
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - ?????
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - ?????
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - ?????
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - ?????
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - https://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: Domain = norsegods.info
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: NameServer = 10.20.21.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB04B81C-41F0-41C3-9524-6092A2A51307}: NameServer = 192.168.123.254,192.168.123.255
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: Domain = norsegods.info
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: NameServer = 10.20.21.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: Domain = norsegods.info
O17 - HKLM\System\CS2\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: NameServer = 10.20.21.1
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
[red] [/red][red] [/red][red] [/red][red] [/red][red] [/red]
Posted 2/24/2010 3:16 AM
#83220
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
[code]
take one more look at my hijack log especially the items I have marked with ?????

[/code]
Sure, they are leftovers and we´ll remove them. Before we do, please tell if you know the below domain/s ?

O17 - HKLM\System\CCS\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: Domain = norsegods.info
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F17472E-F1BD-4DD2-93B4-689C270E632F}: NameServer = 10.20.21.1





[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 2/24/2010 4:27 AM
#83221
User avatar

Frank1 Advanced member

Date Joined Nov 2016
Total Posts: 45
Yes I visit them often
Posted 2/24/2010 4:57 AM
#83224
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Ok.

[3]Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any): [/3]
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) ??????
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file) ??????


O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" –osboot

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - ??????
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - ?????
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - ?????
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - ?????
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - ?????




Reboot

Go to to Start > Run
Type/copy in the box:

combofix /uninstall

Note: the space between the X and the /u
Press Enter.
This command will:
Delete the following:
ComboFix and its associated files and folders.

Reset the clock settings.
Hide file extensions, if required.
Hide System/Hidden files, if required.
Reset System Restore.

--------------------------------------------------------------------------------------------------------

I notice that you do not seem to be running antivirus software.This is somewhat suicidal in today's digital world.

Links to Antivirus and Firewall downloads

[color=#222222>https://www.cybertechhelp.com/forums/showpost.php?p=80739&postcount=1[/url]


An Anti-Virus product is a necessity. Be sure to only have one of these installed at any one time though - more than that and they will conflict with each other and actually reduce your system's security.

I also suggest you read Tony Klein´s article :


So how did I get infected in the first place.[/color][/b][/url]



If you have any comments or questions, feel free to post back

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 2/24/2010 12:24 PM
#83233
User avatar

Frank1 Advanced member

Date Joined Nov 2016
Total Posts: 45


"Somebody" wrote:
I notice that you do not seem to be running antivirus software.This is somewhat suicidal in today's digital world.

I don't know why it is not showing up in the scan logs, but I am running Windows Security Essentials, Malawarebytes and the Windows

Firewall ON.



I also run Spybot Search & Distroy i also use CC Cleaner and am finally using Firefox instead or IE



I believe I got infected this time because i was trying to stream, and I thought that the antivirus or firewall was preventing me, so I disabled them, and for a day or two was running without them on.





I was running NOD 32 for the last two years but was unhappy with it's performance I Still Have It Installed but Disabled in MSCONFIG



PLEASE advise me should I keep the Windows Security Essentials or the NOD 32 ?????

I know I have to get rid of one of them.



P.S on my other PC I am running Viper



Once Again I APPRECIATE ALL YOUR HELP

You Truly are a Wizzard



Thank You

Frank1
Posted 2/25/2010 5:13 AM
#83255
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
[code]

PLEASE advise me should I keep the Windows Security Essentials or the NOD 32 ?????

[/code]I don´t know how safe Windows Security Essentials is. But, according to Microsoft should it be ok.


Even you have deactivated NOD32, I´ll suggest you remove it, as it probably still have (many) services running and use resources.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 2/25/2010 6:43 AM
#83260
User avatar

Frank1 Advanced member

Date Joined Nov 2016
Total Posts: 45
I Thank You for ALL your help
Posted 2/26/2010 3:56 AM
#83299
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
It was my pleasure to help. I´ll lock here, if you need us again, please make a new topic, Thank you :smile:

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Thursday, August 18, 2022, 6:36 AM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,573 registered members. Please welcome our newest member, iAwake.
32 Guest(s), 0 Registered Member(s) are currently online.