lingering IS2010 issues?

Ok, like others that have posted in the forum, I somehow contracted the "internet security 2010" ransomware/Trojan/Virus. I had all the usual problems including denied access to my task manager. Before I found this forum I only managed to tie up IS2010 with Spybot long enough to delete it, but all the other symptoms remained. AFTER going though posts of people with similar problems on here I DLed combofix and malwarebytes, and followed directions as best i could from other posts. After a few scans between the 2 IT WORKED! I regained control and was finding no infection with quick scan. My question is: I'm now in the middle of a FULL SCAN with malwarebytes, and so far its found 19 infected files. Do you think this scan will finally eliminate the virus? Here are the last logs before I started the FULL SCAN. I will also post the results of the full scan when its complete.....but that may be awhile. any help in the mean time will be greatly appreciated.

LOGS:
Malwarebytes' Anti-Malware 1.43
Database version: 3503
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

1/6/2010 11:48:22 AM
mbam-log-2010-01-06 (11-48-22).txt

Scan type: Quick Scan
Objects scanned: 120753
Time elapsed: 7 minute(s), 16 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
C:\WINDOWS\SYSTEM32\smss32.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smss32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\SYSTEM32\smss32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\winlogon32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\helper32.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\41.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.


LOG:
ComboFix 10-01-04.01 - Darcie & Ashley 01/06/2010 12:59:43.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.610 [GMT -8:00]
Running from: c:\documents and settings\Darcie
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\18467.exe
c:\windows\system32\IS15.exe

.
((((((((((((((((((((((((( Files Created from 2009-12-06 to 2010-01-06 )))))))))))))))))))))))))))))))
.

2010-01-06 18:44 . 2010-01-06 18:44 -------- d-----w- c:\documents and settings\Darcie & Ashley\Application Data\Malwarebytes
2010-01-06 18:44 . 2009-12-30 22:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-06 18:44 . 2010-01-06 18:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-06 18:44 . 2010-01-06 18:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-06 18:44 . 2009-12-30 22:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 06:31 . 2010-01-06 06:31 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2010-01-05 22:58 . 2009-10-30 19:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-01-05 22:58 . 2009-11-09 19:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-01-05 22:58 . 2009-10-07 00:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-01-05 22:58 . 2009-09-03 17:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-01-05 22:57 . 2010-01-06 20:58 -------- d-----w- c:\program files\Spyware Doctor
2010-01-05 22:57 . 2010-01-05 22:59 -------- d-----w- c:\program files\Common Files\PC Tools
2010-01-05 22:57 . 2010-01-05 22:57 -------- d-----w- c:\documents and settings\Darcie & Ashley\Application Data\PC Tools
2010-01-05 22:57 . 2010-01-05 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-01-05 22:57 . 2010-01-06 20:58 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-05 22:52 . 2010-01-05 22:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-01-05 22:34 . 2009-11-03 04:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2010-01-05 22:31 . 2009-08-07 03:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-01-05 22:31 . 2009-08-07 03:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-01-05 21:02 . 2010-01-05 22:06 -------- d-----w- c:\documents and settings\Darcie & Ashley\Application Data\QuickScan
2010-01-02 20:28 . 2010-01-02 20:28 -------- d-----w- c:\program files\FreeTime

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-06 19:04 . 2005-01-02 04:39 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2010-01-05 22:52 . 2005-01-11 20:56 -------- d-----w- c:\program files\Google
2010-01-05 22:11 . 2008-07-04 18:17 -------- d-----w- c:\documents and settings\Darcie & Ashley\Application Data\FrostWire
2009-12-16 16:37 . 2009-03-18 22:08 -------- d-----w- c:\program files\FrostWire
2009-11-21 01:33 . 2009-11-21 01:33 -------- d-----w- c:\documents and settings\Darcie & Ashley\Application Data\OpenOffice.org
2009-11-19 19:48 . 2009-11-30 20:40 872960 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-11-19 19:48 . 2009-11-30 20:40 43008 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-11-19 19:48 . 2009-11-30 20:40 340480 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-11-19 19:48 . 2009-11-30 20:40 346624 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-11-18 16:26 . 2005-07-10 20:39 -------- d-----w- c:\program files\Java
2009-11-18 16:26 . 2009-11-18 16:26 152576 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-18 16:26 . 2009-11-18 16:26 79488 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-18 05:39 . 2009-11-18 05:39 -------- d-----w- c:\program files\San Andreas Mod Installer
2009-11-17 06:34 . 2003-03-12 03:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-11 12:17 . 2008-12-02 01:13 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="1" [X]
"igndlm.exe"="c:\program files\IGN\Download Manager\DLM.exe" [2009-02-25 1103216]
"EasyLinkAdvisor"="c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe" [2007-03-16 454784]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-06 2260480]
"Uniblue RegistryBooster 2009"="c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe" [2008-08-26 2019624]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-05 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 122880]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-15 28672]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 679936]
"DwlClient"="c:\program files\Common Files\Dell\EUSW\Support.exe" [2004-05-28 323584]
"ADUserMon"="c:\program files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-25 147456]
"Iomega Drive Icons"="c:\program files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]
"Deskup"="c:\program files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]
"DXM6Patch_981116"="c:\windows\p_981116.exe" [1998-12-01 497376]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2004-06-03 204800]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-11 368706]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"nwiz"="nwiz.exe" [2008-10-07 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2010-01-05 160752]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2003-3-11 45056]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideShutdownScripts"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 99 (0x63)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\90bd93d4724]
[BU]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\messenger\\msmsgs.exe"=
"c:\\WINDOWS\\SYSTEM32\\dpnsvr.exe"=
"c:\\WINDOWS\\SYSTEM32\\dxdiag.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\AC3Filter\\ac3config.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\SYSTEM32\\PnkBstrA.exe"=
"c:\\WINDOWS\\SYSTEM32\\PnkBstrB.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=

R0 PCTCore;PCTools KDS;c:\windows\SYSTEM32\DRIVERS\PCTCore.sys [1/5/2010 2:58 PM 207792]
R1 ATMhelpr;ATMhelpr;c:\windows\SYSTEM32\DRIVERS\ATMHELPR.SYS [10/19/2004 7:23 PM 4064]
S3 ebookman;FEP_USB Driver;c:\windows\SYSTEM32\DRIVERS\ebookman.sys [3/10/2004 6:27 PM 19677]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [1/5/2010 2:57 PM 359624]

--- Other Services/Drivers In Memory ---

*Deregistered* - PCTSDInjDriver32

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder

2010-01-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-05 22:52]

2003-03-19 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\System32\OOBE\OOBEBALN.EXE [2002-08-29 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://dsl.sbc.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = localhost:8118
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search - ?p=ZKfox000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: fnismls.com
Trusted Zone: getmedianow.com
Trusted Zone: live.com
Trusted Zone: realtytools.com
Trusted Zone: showingtime.com
Trusted Zone: sitexdata.com
Trusted Zone: spellchecker.net
Trusted Zone: toolkitcma.com
Trusted Zone: toolkitcma2.com
Trusted Zone: transactionpoint.com
Trusted Zone: trpoint.com
Trusted Zone: virtualearth.net
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://att.my.yahoo.com/
FF - component: c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1808.5272\npCIDetect14.dll
FF - plugin: c:\program files\IGN\Download Manager\npfpdlm.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmnqmp07010901.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-06 13:06
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Iomega Activity Disk2]
"ImagePath"="\"\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3546253606-4130668658-1351163875-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b0,dd,08,cd,f5,4f,8d,6c,87,67,d1,e5,ad,b9,47,cd,3f,90,e2,30,43,fc,98,
48,f0,5a,36,53,43,64,8a,b0,3b,e4,8e,63,d6,d1,e9,44,99,01,22,36,40,f1,2c,af,\
"??"=hex:72,88,18,21,4b,aa,e9,42,69,10,b1,3e,be,79,82,ea

[HKEY_USERS\S-1-5-21-3546253606-4130668658-1351163875-1007\Software\SecuROM\License information*]
"datasecu"=hex:e9,18,a9,0b,c9,54,79,ad,0b,e7,ee,3a,de,0f,09,dc,b2,22,69,58,2d,
7b,9c,b4,8f,ad,44,e5,a6,be,c3,b9,fd,98,f3,43,af,ce,65,5b,46,3c,01,f2,bd,76,\
"rkeysecu"=hex:d1,cc,c6,c6,ea,47,45,be,ec,c2,8b,03,18,90,74,92

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1B9EA6A9-42BA-882B-EDB93AE0A7C1C33A}\{4BB0785E-4605-BD30-345CF0C5449176A0}\{34B0ED28-A6B1-BC5C-E341396C7B13E743}*]
"TU4WOU1J6ARI5KX1FANSH3C1OF1"=hex:01,00,01,00,00,00,00,00,3d,cd,b7,46,4e,75,8f,
24,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{20182402-24ED-DBEE-0C047CC941A92C12}\{18337038-91FA-1511-718667CAE01F35A0}\{7E9CBDE1-C583-B4C7-27A5326796C918BF}*]
"L5OTYL4OSK54QTZWOGJWMONWTG1"=hex:01,00,01,00,00,00,00,00,4f,1a,34,b6,a9,51,c3,
92,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2E507E2F-8DE2-B600-388E74CEB17F3DFF}\{1B0F221A-E59F-0B42-732631A91276FA51}\{D15813DF-5A02-67D8-CCD20FCB931DE0AB}*]
"LQP5ZPUUKXNMDKQUSVXO5P66YE1"=hex:01,00,01,00,00,00,00,00,14,69,e6,a8,43,8f,2a,
a0,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2F2ED127-9180-E0E9-DD82A3EA97D23C2D}\{BC7AD397-E62C-4E1A-5A858785C5B4F8B7}\{1CB4FE78-537A-1AF0-DBD366375A0DFAF2}*]
"QR1ILJL5ACMYH2P3FXOAHPVAQE1"=hex:01,00,01,00,00,00,00,00,e3,c2,76,29,f1,92,b8,
65,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{406CE662-49A5-A824-9AD16CDB8C980A83}\{51810E7B-CC7B-50CD-91DC82E76A5CA55B}\{3C9B1055-B264-EADB-6986DE03867D1DB4}*]
"G2ODBCSUISDKL2GJMZO1MJ5AUG1"=hex:01,00,01,00,00,00,00,00,9d,07,c2,9d,25,58,3c,
a7,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{4262173D-BE17-0AF1-BC367E078DE3B172}\{0348FBC8-06E2-B99C-443C2E87108EE036}\{533D0420-D13F-E032-E569EC2F904CC0B3}*]
"AXBBEZDR5GG1RHH1SV4GCUI36H1"=hex:01,00,01,00,00,00,00,00,ea,70,b2,10,82,71,5d,
44,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{44DDD7DB-C851-F5D8-43BBD1CB976AABCC}\{47326943-CE6C-E3D1-74FCCAE0772B4FAB}\{FA8F0E33-B888-6EFF-6240990870DDF055}*]
"TU4WOU1J6ARI5KX1FANSH3C1OF1"=hex:01,00,01,00,00,00,00,00,3d,cd,b7,46,4e,75,8f,
24,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74099617-91C0-6CB0-475BC8650FC6C929}\{C2CB2410-92BB-FC4E-376913EB15620FA4}\{B6CDFCFD-0A38-7380-A1288DE48E078F85}*]
"QR1ILJL5ACMYH2P3FXOAHPVAQE1"=hex:01,00,01,00,00,00,00,00,e3,c2,76,29,f1,92,b8,
65,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74599CE1-6A23-5483-EB701B08F9A92206}\{E02CED0D-4BCF-9035-DBE164FDC4BAFF1D}\{4E02710B-D78F-2FB3-D08A702F3A48D363}*]
"2EQJ2Z3RJDTDB2HBN4IWIN4ITC1"=hex:01,00,01,00,00,00,00,00,50,18,12,ae,1d,3d,93,
38,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7FAFFD5B-ECA5-8590-06385EB5239D555A}\{E5D513A6-5530-C183-13C6195B3F88B339}\{5B7495F9-FD9A-8C8C-FD87354974961E7A}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,de,be,bf,
1b,95,0f,24,d5,e7,bb,cc,3d,fb,8a,5c,f5,19,00,6f,bd,ec,e2,a9,3a,91,cd,da,d9,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8065E9BF-72C0-0FC1-5AFDE65F0780FDDF}\{9AEA461A-A66D-2047-6BE4E874E5E97513}\{AA471588-234B-ED0A-4D91A11ADDB01E65}*]
"G2ODBCSUISDKL2GJMZO1MJ5AUG1"=hex:01,00,01,00,00,00,00,00,9d,07,c2,9d,25,58,3c,
a7,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{91EC4B89-4AF2-1685-8B077627C8A43419}\{2EE609D8-52A7-5ABD-6D921F70AFC106D5}\{F0CB3253-4F19-C88D-A2C81B3BBC751916}*]
"LQP5ZPUUKXNMDKQUSVXO5P66YE1"=hex:01,00,01,00,00,00,00,00,14,69,e6,a8,43,8f,2a,
a0,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9D7D745F-2DA2-E26E-67E2A61C92B5C873}\{869A1319-CB5B-72EF-32E86935B8210920}\{0F637A1B-C125-DB37-203685E7DE12B741}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,de,be,bf,
1b,95,0f,24,d5,e7,bb,cc,3d,fb,8a,5c,f5,19,00,6f,bd,ec,e2,a9,3a,91,cd,da,d9,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A31F0760-3CAF-40FF-C311EB15E667F290}\{E2D01E6A-D52B-9055-85F4CB9FDFA44017}\{62A48FA1-2175-E3E4-19BA4655EA387446}*]
"DIUMUTVOZPCSSGX5CJY2KLBAVE1"=hex:01,00,01,00,00,00,00,00,64,6d,b1,e3,87,75,1d,
e5,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BCA821CD-4A5D-ABF7-7317F5EBFF711061}\{A8AD8BCF-CB94-6A01-1BDB64CAD4C7BA22}\{6360A729-06A7-39D5-91DA34CCB8512CF9}*]
"DIUMUTVOZPCSSGX5CJY2KLBAVE1"=hex:01,00,01,00,00,00,00,00,64,6d,b1,e3,87,75,1d,
e5,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EF8004E0-74D6-E5E1-DE92687B6F22CED2}\{D850A7E8-A29C-FCE9-D9B4F577AA6BB789}\{16701812-CEC8-7CB2-559D4C938E3C932C}*]
"2EQJ2Z3RJDTDB2HBN4IWIN4ITC1"=hex:01,00,01,00,00,00,00,00,50,18,12,ae,1d,3d,93,
38,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F71B406A-64B6-7890-A4E79C228CB5B5C7}\{B2D97AB2-1AAA-0E19-47D2DF75F80031A6}\{B1F98325-4C85-36BE-448BCE0A416EDA34}*]
"L5OTYL4OSK54QTZWOGJWMONWTG1"=hex:01,00,01,00,00,00,00,00,4f,1a,34,b6,a9,51,c3,
92,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9E7FB8A-7FC0-F5C6-C2C005BCC6E52A75}\{38D64012-6403-EA81-41E60280EAB79558}\{8D4E630B-001F-4733-DF87B943421629E7}*]
"AXBBEZDR5GG1RHH1SV4GCUI36H1"=hex:01,00,01,00,00,00,00,00,ea,70,b2,10,82,71,5d,
44,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
Completion time: 2010-01-06 13:08:53
ComboFix-quarantined-files.txt 2010-01-06 21:08
ComboFix2.txt 2010-01-06 19:35

Pre-Run: 81,417,003,008 bytes free
Post-Run: 81,399,599,104 bytes free

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 315DB84944BBE2EBF3B34F89202F0AA9

BTW, I have kept the infected comp DCed from internet access and have only reconnected it get up dates for the new scanners as a precaution. I have been doing most of the work from my labtop and transferring files via memory stick.

ok, the full scan is complete. Here is the log:

Malwarebytes' Anti-Malware 1.43
Database version: 3503
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

1/6/2010 3:13:40 PM
mbam-log-2010-01-06 (15-13-40).txt

Scan type: Full Scan (C:\|G:\|)
Objects scanned: 214790
Time elapsed: 48 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 18

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\REFN\PDF-X\ClosePDFSAVER.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\REFN\PDF-X\ClosePDFSAVER.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2145\A0163103.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2145\A0163105.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2149\A0163221.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2149\A0163232.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2149\A0163264.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0165280.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0166280.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0166290.dll (Trojan.NHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0166292.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0166308.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0164280.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0166321.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0166329.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0166343.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0166356.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0166492.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2151\A0166581.sys (Malware.Trace) -> Quarantined and deleted successfully.

Hello.

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   
   Registry::
   [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\90bd93d4724]
   
   RegNull::
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1B9EA6A9-42BA-882B-EDB93AE0A7C1C33A}\{4BB0785E-4605-BD30-345CF0C5449176A0}\{34B0ED28-A6B1-BC5C-E341396C7B13E743}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{20182402-24ED-DBEE-0C047CC941A92C12}\{18337038-91FA-1511-718667CAE01F35A0}\{7E9CBDE1-C583-B4C7-27A5326796C918BF}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2E507E2F-8DE2-B600-388E74CEB17F3DFF}\{1B0F221A-E59F-0B42-732631A91276FA51}\{D15813DF-5A02-67D8-CCD20FCB931DE0AB}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2F2ED127-9180-E0E9-DD82A3EA97D23C2D}\{BC7AD397-E62C-4E1A-5A858785C5B4F8B7}\{1CB4FE78-537A-1AF0-DBD366375A0DFAF2}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{406CE662-49A5-A824-9AD16CDB8C980A83}\{51810E7B-CC7B-50CD-91DC82E76A5CA55B}\{3C9B1055-B264-EADB-6986DE03867D1DB4}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{4262173D-BE17-0AF1-BC367E078DE3B172}\{0348FBC8-06E2-B99C-443C2E87108EE036}\{533D0420-D13F-E032-E569EC2F904CC0B3}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{44DDD7DB-C851-F5D8-43BBD1CB976AABCC}\{47326943-CE6C-E3D1-74FCCAE0772B4FAB}\{FA8F0E33-B888-6EFF-6240990870DDF055}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74099617-91C0-6CB0-475BC8650FC6C929}\{C2CB2410-92BB-FC4E-376913EB15620FA4}\{B6CDFCFD-0A38-7380-A1288DE48E078F85}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74599CE1-6A23-5483-EB701B08F9A92206}\{E02CED0D-4BCF-9035-DBE164FDC4BAFF1D}\{4E02710B-D78F-2FB3-D08A702F3A48D363}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7FAFFD5B-ECA5-8590-06385EB5239D555A}\{E5D513A6-5530-C183-13C6195B3F88B339}\{5B7495F9-FD9A-8C8C-FD87354974961E7A}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8065E9BF-72C0-0FC1-5AFDE65F0780FDDF}\{9AEA461A-A66D-2047-6BE4E874E5E97513}\{AA471588-234B-ED0A-4D91A11ADDB01E65}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{91EC4B89-4AF2-1685-8B077627C8A43419}\{2EE609D8-52A7-5ABD-6D921F70AFC106D5}\{F0CB3253-4F19-C88D-A2C81B3BBC751916}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9D7D745F-2DA2-E26E-67E2A61C92B5C873}\{869A1319-CB5B-72EF-32E86935B8210920}\{0F637A1B-C125-DB37-203685E7DE12B741}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A31F0760-3CAF-40FF-C311EB15E667F290}\{E2D01E6A-D52B-9055-85F4CB9FDFA44017}\{62A48FA1-2175-E3E4-19BA4655EA387446}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BCA821CD-4A5D-ABF7-7317F5EBFF711061}\{A8AD8BCF-CB94-6A01-1BDB64CAD4C7BA22}\{6360A729-06A7-39D5-91DA34CCB8512CF9}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EF8004E0-74D6-E5E1-DE92687B6F22CED2}\{D850A7E8-A29C-FCE9-D9B4F577AA6BB789}\{16701812-CEC8-7CB2-559D4C938E3C932C}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F71B406A-64B6-7890-A4E79C228CB5B5C7}\{B2D97AB2-1AAA-0E19-47D2DF75F80031A6}\{B1F98325-4C85-36BE-448BCE0A416EDA34}*]
   [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9E7FB8A-7FC0-F5C6-C2C005BCC6E52A75}\{38D64012-6403-EA81-41E60280EAB79558}\{8D4E630B-001F-4733-DF87B943421629E7}*]
   

   
   
4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.
   

ComboFix 10-01-04.01 - Darcie & Ashley 01/06/2010 17:33:36.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.606 [GMT -8:00]
Running from: c:\documents and settings\Darcie
Command switches used :: c:\documents and settings\Darcie & Ashley\Desktop\CFScript.txt
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
.

((((((((((((((((((((((((( Files Created from 2009-12-07 to 2010-01-07 )))))))))))))))))))))))))))))))
.

2010-01-07 01:14 . 2010-01-07 01:14 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-01-07 01:10 . 2008-04-14 00:11 21504 ----a-w- c:\windows\system32\drivers\hidserv.dll
2010-01-07 00:49 . 2009-03-06 14:22 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2010-01-07 00:49 . 2009-02-09 12:10 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2010-01-07 00:49 . 2009-02-09 12:10 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2010-01-07 00:49 . 2009-02-09 12:10 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-01-07 00:49 . 2009-02-09 12:10 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2010-01-07 00:49 . 2009-02-06 11:11 110592 ------w- c:\windows\system32\dllcache\services.exe
2010-01-07 00:49 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2010-01-07 00:49 . 2009-02-09 12:10 714752 ------w- c:\windows\system32\dllcache\ntdll.dll
2010-01-07 00:49 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2010-01-07 00:48 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2010-01-07 00:46 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-01-07 00:46 . 2008-04-21 12:08 215552 ------w- c:\windows\system32\dllcache\wordpad.exe
2010-01-06 18:44 . 2010-01-06 18:44 -------- d-----w- c:\documents and settings\Darcie & Ashley\Application Data\Malwarebytes
2010-01-06 18:44 . 2009-12-30 22:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-06 18:44 . 2010-01-06 18:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-06 18:44 . 2010-01-06 18:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-06 18:44 . 2009-12-30 22:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 06:31 . 2010-01-06 06:31 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2010-01-05 22:58 . 2009-10-30 19:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-01-05 22:58 . 2009-11-09 19:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-01-05 22:58 . 2009-10-07 00:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-01-05 22:58 . 2009-09-03 17:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-01-05 22:57 . 2010-01-07 01:17 -------- d-----w- c:\program files\Spyware Doctor
2010-01-05 22:57 . 2010-01-05 22:59 -------- d-----w- c:\program files\Common Files\PC Tools
2010-01-05 22:57 . 2010-01-05 22:57 -------- d-----w- c:\documents and settings\Darcie & Ashley\Application Data\PC Tools
2010-01-05 22:57 . 2010-01-05 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-01-05 22:57 . 2010-01-07 01:17 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-05 22:52 . 2010-01-05 22:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-01-05 22:34 . 2009-11-03 04:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2010-01-05 22:31 . 2009-08-07 03:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-01-05 22:31 . 2009-08-07 03:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-01-05 21:02 . 2010-01-05 22:06 -------- d-----w- c:\documents and settings\Darcie & Ashley\Application Data\QuickScan
2010-01-02 20:28 . 2010-01-02 20:28 -------- d-----w- c:\program files\FreeTime

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-07 01:11 . 2010-01-07 01:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-01-07 01:11 . 2010-01-07 01:11 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-01-06 19:04 . 2005-01-02 04:39 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2010-01-05 22:52 . 2005-01-11 20:56 -------- d-----w- c:\program files\Google
2010-01-05 22:11 . 2008-07-04 18:17 -------- d-----w- c:\documents and settings\Darcie & Ashley\Application Data\FrostWire
2009-12-16 16:37 . 2009-03-18 22:08 -------- d-----w- c:\program files\FrostWire
2009-11-21 01:33 . 2009-11-21 01:33 -------- d-----w- c:\documents and settings\Darcie & Ashley\Application Data\OpenOffice.org
2009-11-19 19:48 . 2009-11-30 20:40 872960 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-11-19 19:48 . 2009-11-30 20:40 43008 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-11-19 19:48 . 2009-11-30 20:40 340480 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-11-19 19:48 . 2009-11-30 20:40 346624 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-11-18 16:26 . 2005-07-10 20:39 -------- d-----w- c:\program files\Java
2009-11-18 16:26 . 2009-11-18 16:26 152576 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-18 16:26 . 2009-11-18 16:26 79488 ----a-w- c:\documents and settings\Darcie & Ashley\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-18 05:39 . 2009-11-18 05:39 -------- d-----w- c:\program files\San Andreas Mod Installer
2009-11-17 06:34 . 2003-03-12 03:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-29 05:38 . 2004-08-24 03:32 667136 ----a-w- c:\windows\system32\wininet.dll
2009-10-13 10:30 . 2002-08-29 11:00 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2002-08-29 11:00 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2002-08-29 11:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-11 12:17 . 2008-12-02 01:13 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-06_21.06.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 03:41 . 2009-07-12 03:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2010-01-07 01:29 . 2010-01-07 01:29 16384 c:\windows\Temp\Perflib_Perfdata_4e0.dat
+ 2002-08-29 11:00 . 2009-06-25 08:25 54272 c:\windows\SYSTEM32\wdigest.dll
+ 2008-10-22 09:47 . 2009-10-28 15:07 46080 c:\windows\SYSTEM32\tzchange.exe
+ 2002-08-29 11:00 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\telnet.exe
+ 2004-12-24 17:09 . 2008-07-09 07:38 26488 c:\windows\SYSTEM32\spupdsvc.exe
- 2004-12-24 17:09 . 2007-11-30 11:18 26488 c:\windows\SYSTEM32\spupdsvc.exe
+ 2002-08-29 11:00 . 2009-06-25 08:25 56832 c:\windows\SYSTEM32\secur32.dll
+ 2002-08-29 11:00 . 2009-02-06 10:39 35328 c:\windows\SYSTEM32\sc.exe
+ 2010-01-07 01:10 . 2008-04-14 00:11 21504 c:\windows\SYSTEM32\ReinstallBackups\0010\DriverFiles\i386\hidserv.dll
+ 2003-03-12 03:42 . 2010-01-07 01:34 71904 c:\windows\SYSTEM32\PERFC009.DAT
- 2003-03-12 03:42 . 2009-10-29 18:45 71904 c:\windows\SYSTEM32\PERFC009.DAT
+ 2004-05-01 22:19 . 2008-06-12 14:23 91648 c:\windows\SYSTEM32\mtxoci.dll
- 2004-05-01 22:19 . 2008-04-14 00:12 91648 c:\windows\SYSTEM32\mtxoci.dll
+ 2004-05-01 22:19 . 2008-06-12 14:23 66560 c:\windows\SYSTEM32\mtxclu.dll
- 2004-05-01 22:19 . 2008-04-14 00:12 66560 c:\windows\SYSTEM32\mtxclu.dll
- 2002-08-29 11:00 . 2008-04-14 00:11 58880 c:\windows\SYSTEM32\msdtclog.dll
+ 2002-08-29 11:00 . 2008-06-12 14:23 58880 c:\windows\SYSTEM32\msdtclog.dll
+ 2002-08-29 11:00 . 2009-09-04 21:03 58880 c:\windows\SYSTEM32\msasn1.dll
+ 2004-08-04 07:56 . 2009-09-25 05:37 81920 c:\windows\SYSTEM32\ieencode.dll
- 2004-08-04 07:56 . 2008-04-14 00:11 81920 c:\windows\SYSTEM32\ieencode.dll
+ 2002-08-29 11:00 . 2009-07-29 04:37 81920 c:\windows\SYSTEM32\fontsub.dll
+ 2006-11-02 15:22 . 2006-11-02 15:22 32224 c:\windows\SYSTEM32\DRIVERS\wdfldr.sys
+ 2009-05-09 09:14 . 2009-05-09 09:14 14736 c:\windows\SYSTEM32\DRIVERS\nuidfltr.sys
+ 2002-08-29 11:00 . 2009-06-24 11:18 92928 c:\windows\SYSTEM32\DRIVERS\ksecdd.sys
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\SYSTEM32\DLLCACHE\wdigest.dll
+ 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\DLLCACHE\telnet.exe
+ 2009-06-25 08:25 . 2009-06-25 08:25 56832 c:\windows\SYSTEM32\DLLCACHE\secur32.dll
+ 2002-08-29 11:00 . 2009-02-06 10:39 35328 c:\windows\SYSTEM32\DLLCACHE\sc.exe
+ 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\SYSTEM32\DLLCACHE\raschap.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 91648 c:\windows\SYSTEM32\DLLCACHE\mtxoci.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 66560 c:\windows\SYSTEM32\DLLCACHE\mtxclu.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 58880 c:\windows\SYSTEM32\DLLCACHE\msdtclog.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\SYSTEM32\DLLCACHE\msasn1.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\SYSTEM32\DLLCACHE\ksecdd.sys
+ 2009-09-25 05:37 . 2009-09-25 05:37 81920 c:\windows\SYSTEM32\DLLCACHE\ieencode.dll
+ 2009-07-29 04:37 . 2009-07-29 04:37 81920 c:\windows\SYSTEM32\DLLCACHE\fontsub.dll
+ 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\DLLCACHE\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\DLLCACHE\atl.dll
+ 2002-08-29 11:00 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\avifil32.dll
- 2002-08-29 11:00 . 2008-04-14 00:11 84992 c:\windows\SYSTEM32\avifil32.dll
- 2002-08-29 11:00 . 2008-04-14 00:11 58880 c:\windows\SYSTEM32\atl.dll
+ 2002-08-29 11:00 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\atl.dll
+ 2009-06-25 03:56 . 2009-06-25 03:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-14 04:58 . 2007-04-14 04:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-28 08:49 . 2008-05-28 08:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-28 08:49 . 2008-05-28 08:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-28 08:49 . 2008-05-28 08:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-14 05:30 . 2007-04-14 05:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-05-28 09:30 . 2008-05-28 09:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-03-20 01:10 . 2009-12-01 02:09 16384 c:\windows\Installer\{90170409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2003-03-20 01:10 . 2010-01-07 01:09 16384 c:\windows\Installer\{90170409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2003-03-20 01:10 . 2010-01-07 01:09 34304 c:\windows\Installer\{90170409-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2003-03-20 01:10 . 2009-12-01 02:09 34304 c:\windows\Installer\{90170409-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2003-03-20 01:10 . 2009-12-01 02:09 81920 c:\windows\Installer\{90170409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2003-03-20 01:10 . 2010-01-07 01:09 81920 c:\windows\Installer\{90170409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2010-01-07 01:08 . 2010-01-07 01:08 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_7aaaac6f\System.Drawing.Design.dll
+ 2010-01-07 01:08 . 2010-01-07 01:08 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_cdcb1726\CustomMarshalers.dll
+ 2010-01-07 01:33 . 2010-01-07 01:33 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2010-01-07 01:25 . 2010-01-07 01:25 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe
+ 2010-01-07 01:24 . 2010-01-07 01:24 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2003-03-20 01:10 . 2010-01-07 01:09 2560 c:\windows\Installer\{90170409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2003-03-20 01:10 . 2009-12-01 02:09 2560 c:\windows\Installer\{90170409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2010-01-07 01:23 . 2010-01-07 01:23 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-12 08:02 . 2009-07-12 08:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2004-11-06 01:34 . 2009-04-02 07:02 604160 c:\windows\SYSTEM32\wmspdmod.dll
+ 2004-11-19 12:06 . 2009-07-14 07:43 286208 c:\windows\SYSTEM32\wmpdxm.dll
+ 2002-08-29 11:00 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\wkssvc.dll
- 2002-08-29 11:00 . 2008-04-14 00:12 132096 c:\windows\SYSTEM32\wkssvc.dll
+ 2004-08-08 21:52 . 2008-12-16 12:30 354304 c:\windows\SYSTEM32\winhttp.dll
- 2004-08-08 21:52 . 2008-04-14 00:12 354304 c:\windows\SYSTEM32\winhttp.dll
+ 2002-08-29 11:00 . 2009-02-06 10:10 227840 c:\windows\SYSTEM32\WBEM\wmiprvse.exe
+ 2002-08-29 11:00 . 2009-02-09 12:10 453120 c:\windows\SYSTEM32\WBEM\wmiprvsd.dll
+ 2002-08-29 11:00 . 2009-02-09 12:10 473600 c:\windows\SYSTEM32\WBEM\fastprox.dll
+ 2004-10-25 18:39 . 2009-10-29 05:38 627712 c:\windows\SYSTEM32\urlmon.dll
+ 2002-08-29 11:00 . 2009-07-29 04:37 119808 c:\windows\SYSTEM32\t2embed.dll
+ 2002-08-29 11:00 . 2009-08-26 08:00 247326 c:\windows\SYSTEM32\strmdll.dll
- 2002-08-29 11:00 . 2008-10-03 10:02 247326 c:\windows\SYSTEM32\strmdll.dll
+ 2002-08-29 11:00 . 2009-02-06 11:11 110592 c:\windows\SYSTEM32\services.exe
+ 2002-08-29 11:00 . 2009-06-25 08:25 147456 c:\windows\SYSTEM32\schannel.dll
+ 2004-05-01 22:19 . 2009-02-09 12:10 401408 c:\windows\SYSTEM32\rpcss.dll
+ 2004-05-01 22:19 . 2009-04-15 14:51 585216 c:\windows\SYSTEM32\rpcrt4.dll
- 2003-03-12 03:42 . 2009-10-29 18:45 444028 c:\windows\SYSTEM32\PERFH009.DAT
+ 2003-03-12 03:42 . 2010-01-07 01:34 444028 c:\windows\SYSTEM32\PERFH009.DAT
- 2002-08-29 11:00 . 2008-04-14 00:12 284160 c:\windows\SYSTEM32\pdh.dll
+ 2002-08-29 11:00 . 2009-03-06 14:22 284160 c:\windows\SYSTEM32\pdh.dll
+ 2002-08-29 11:00 . 2009-02-09 12:10 714752 c:\windows\SYSTEM32\ntdll.dll
+ 2003-08-12 03:18 . 2009-08-05 09:01 204800 c:\windows\SYSTEM32\mswebdvd.dll
+ 2002-08-29 11:00 . 2009-09-11 14:18 136192 c:\windows\SYSTEM32\msv1_0.dll
- 2004-05-01 22:19 . 2008-04-14 00:11 161792 c:\windows\SYSTEM32\msdtcuiu.dll
+ 2004-05-01 22:19 . 2008-06-12 14:23 161792 c:\windows\SYSTEM32\msdtcuiu.dll
+ 2004-05-01 22:18 . 2008-06-12 14:23 956928 c:\windows\SYSTEM32\msdtctm.dll
- 2004-05-01 22:18 . 2008-04-14 00:11 956928 c:\windows\SYSTEM32\msdtctm.dll
+ 2004-05-01 22:18 . 2008-06-12 14:23 428032 c:\windows\SYSTEM32\msdtcprx.dll
+ 2002-08-29 11:00 . 2009-06-25 08:25 730112 c:\windows\SYSTEM32\lsasrv.dll
+ 2002-08-29 11:00 . 2009-05-07 15:32 345600 c:\windows\SYSTEM32\localspl.dll
+ 2002-08-29 11:00 . 2009-03-21 14:06 989696 c:\windows\SYSTEM32\kernel32.dll
- 2002-08-29 11:00 . 2008-04-14 00:11 989696 c:\windows\SYSTEM32\kernel32.dll
+ 2002-08-29 11:00 . 2009-06-25 08:25 301568 c:\windows\SYSTEM32\kerberos.dll
+ 2003-01-13 21:57 . 2009-08-13 15:16 512000 c:\windows\SYSTEM32\jscript.dll
- 2003-01-13 21:57 . 2008-05-09 10:53 512000 c:\windows\SYSTEM32\jscript.dll
+ 2002-09-03 15:05 . 2010-01-07 01:29 535952 c:\windows\SYSTEM32\FNTCACHE.DAT
- 2002-09-03 15:05 . 2009-06-19 19:46 535952 c:\windows\SYSTEM32\FNTCACHE.DAT
+ 2006-11-02 15:22 . 2006-11-02 15:22 492000 c:\windows\SYSTEM32\DRIVERS\wdf01000.sys
+ 2004-11-06 01:34 . 2009-04-02 07:02 604160 c:\windows\SYSTEM32\DLLCACHE\wmspdmod.dll
+ 2004-11-19 12:06 . 2009-07-14 07:43 286208 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll
+ 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\DLLCACHE\wkssvc.dll
+ 2009-01-09 05:13 . 2009-10-29 05:38 667136 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2008-12-16 12:30 . 2008-12-16 12:30 354304 c:\windows\SYSTEM32\DLLCACHE\winhttp.dll
+ 2009-01-09 05:13 . 2009-10-29 05:38 627712 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
+ 2009-07-29 04:37 . 2009-07-29 04:37 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll
- 2006-08-21 17:52 . 2008-10-03 10:02 247326 c:\windows\SYSTEM32\DLLCACHE\strmdll.dll
+ 2006-08-21 17:52 . 2009-08-26 08:00 247326 c:\windows\SYSTEM32\DLLCACHE\strmdll.dll
+ 2008-12-05 06:54 . 2009-06-25 08:25 147456 c:\windows\SYSTEM32\DLLCACHE\schannel.dll
+ 2009-04-15 14:51 . 2009-04-15 14:51 585216 c:\windows\SYSTEM32\DLLCACHE\rpcrt4.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38 149504 c:\windows\SYSTEM32\DLLCACHE\rastls.dll
+ 2009-10-13 10:30 . 2009-10-13 10:30 270336 c:\windows\SYSTEM32\DLLCACHE\oakley.dll
+ 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:\windows\SYSTEM32\DLLCACHE\mswebdvd.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\SYSTEM32\DLLCACHE\msv1_0.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 161792 c:\windows\SYSTEM32\DLLCACHE\msdtcuiu.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 956928 c:\windows\SYSTEM32\DLLCACHE\msdtctm.dll
+ 2008-06-12 14:23 . 2008-06-12 14:23 428032 c:\windows\SYSTEM32\DLLCACHE\msdtcprx.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 730112 c:\windows\SYSTEM32\DLLCACHE\lsasrv.dll
+ 2009-05-07 15:32 . 2009-05-07 15:32 345600 c:\windows\SYSTEM32\DLLCACHE\localspl.dll
+ 2009-03-21 14:06 . 2009-03-21 14:06 989696 c:\windows\SYSTEM32\DLLCACHE\kernel32.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\SYSTEM32\DLLCACHE\kerberos.dll
+ 2008-05-09 10:53 . 2009-08-13 15:16 512000 c:\windows\SYSTEM32\DLLCACHE\jscript.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 512000 c:\windows\SYSTEM32\DLLCACHE\jscript.dll
- 2002-08-29 11:00 . 2008-04-14 00:11 617472 c:\windows\SYSTEM32\advapi32.dll
+ 2002-08-29 11:00 . 2009-02-09 12:10 617472 c:\windows\SYSTEM32\advapi32.dll
+ 2009-08-08 07:51 . 2009-08-08 07:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-05-28 08:49 . 2008-05-28 08:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-14 04:58 . 2007-04-14 04:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-14 04:56 . 2007-04-14 04:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-28 08:48 . 2008-05-28 08:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 05:30 . 2007-04-14 05:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-28 09:30 . 2008-05-28 09:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-01-07 01:14 . 2010-01-07 01:14 470528 c:\windows\Installer\4e32c3.msi
+ 2009-03-20 19:48 . 2009-03-20 19:48 183808 c:\windows\Installer\4e32bc.msp
+ 2010-01-07 01:06 . 2010-01-07 01:06 195584 c:\windows\Installer\4e324a.msi
+ 2010-01-07 01:03 . 2010-01-07 01:03 248832 c:\windows\Installer\4e3244.msi
+ 2010-01-07 01:08 . 2010-01-07 01:08 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_f8d6daf2\System.Drawing.dll
+ 2010-01-07 01:09 . 2010-01-07 01:09 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_4eb10b01\System.Drawing.Design.dll
+ 2010-01-07 01:09 . 2010-01-07 01:09 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_09b21bae\CustomMarshalers.dll
+ 2010-01-07 01:33 . 2010-01-07 01:33 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2010-01-07 01:33 . 2010-01-07 01:33 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2010-01-07 01:33 . 2010-01-07 01:33 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2010-01-07 01:31 . 2010-01-07 01:31 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2010-01-07 01:25 . 2010-01-07 01:25 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2010-01-07 01:25 . 2010-01-07 01:25 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2010-01-07 01:25 . 2010-01-07 01:25 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2010-01-07 01:25 . 2010-01-07 01:25 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-01-07 01:22 . 2010-01-07 01:22 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-01-07 01:22 . 2010-01-07 01:22 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-01-07 00:49 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2004-11-06 01:34 . 2009-05-20 12:56 2458112 c:\windows\SYSTEM32\WMVCore.dll
- 2004-11-06 01:34 . 2008-06-18 13:03 2458112 c:\windows\SYSTEM32\WMVCore.dll
+ 2002-08-29 11:00 . 2009-08-14 13:21 1850624 c:\windows\SYSTEM32\win32k.sys
+ 2009-05-09 09:14 . 2009-05-09 09:14 1418120 c:\windows\SYSTEM32\wdfcoinstaller01005.dll
+ 2004-11-12 07:20 . 2009-10-29 05:38 1509888 c:\windows\SYSTEM32\shdocvw.dll
+ 2002-08-29 11:00 . 2009-07-17 16:22 1435648 c:\windows\SYSTEM32\query.dll
- 2002-08-29 11:00 . 2008-04-14 00:12 1435648 c:\windows\SYSTEM32\query.dll
+ 2003-08-12 02:45 . 2009-06-03 19:09 1291264 c:\windows\SYSTEM32\quartz.dll
- 1980-01-01 06:00 . 2008-08-14 10:11 2189184 c:\windows\SYSTEM32\ntoskrnl.exe
+ 1980-01-01 06:00 . 2009-08-05 04:44 2189184 c:\windows\SYSTEM32\ntoskrnl.exe
- 1980-01-01 06:00 . 2008-08-14 09:33 2066048 c:\windows\SYSTEM32\ntkrnlpa.exe
+ 1980-01-01 06:00 . 2009-08-04 14:20 2066048 c:\windows\SYSTEM32\ntkrnlpa.exe
+ 2009-01-17 05:00 . 2009-07-31 18:05 1372672 c:\windows\SYSTEM32\msxml6.dll
+ 2002-08-29 11:00 . 2009-07-31 04:35 1172480 c:\windows\SYSTEM32\msxml3.dll
+ 2002-08-29 11:00 . 2009-06-10 17:19 2066432 c:\windows\SYSTEM32\mstscax.dll
+ 2004-10-25 18:39 . 2009-10-29 19:08 3070976 c:\windows\SYSTEM32\mshtml.dll
- 2004-11-06 01:34 . 2008-06-18 13:03 2458112 c:\windows\SYSTEM32\DLLCACHE\WMVCore.dll
+ 2004-11-06 01:34 . 2009-05-20 12:56 2458112 c:\windows\SYSTEM32\DLLCACHE\WMVCore.dll
+ 2009-01-09 05:12 . 2009-08-14 13:21 1850624 c:\windows\SYSTEM32\DLLCACHE\win32k.sys
+ 2009-01-09 05:13 . 2009-10-29 05:38 1509888 c:\windows\SYSTEM32\DLLCACHE\shdocvw.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\SYSTEM32\DLLCACHE\query.dll
+ 2008-05-07 05:12 . 2009-06-03 19:09 1291264 c:\windows\SYSTEM32\DLLCACHE\quartz.dll
- 2009-01-09 05:12 . 2008-08-14 10:11 2189184 c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
+ 2009-01-09 05:12 . 2009-08-05 04:44 2189184 c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
+ 2009-01-09 05:12 . 2009-08-04 14:20 2023936 c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe
- 2009-01-09 05:12 . 2008-08-14 09:33 2023936 c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe
- 2009-01-09 05:12 . 2008-08-14 09:33 2066048 c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
+ 2009-01-09 05:12 . 2009-08-04 14:20 2066048 c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
+ 2009-01-09 05:13 . 2009-08-04 15:13 2145280 c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe
- 2009-01-09 05:13 . 2008-08-14 10:09 2145280 c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe
+ 2009-01-17 05:00 . 2009-07-31 18:05 1372672 c:\windows\SYSTEM32\DLLCACHE\msxml6.dll
+ 2006-09-13 05:01 . 2009-07-31 04:35 1172480 c:\windows\SYSTEM32\DLLCACHE\msxml3.dll
+ 2002-08-29 11:00 . 2009-06-10 17:19 2066432 c:\windows\SYSTEM32\DLLCACHE\mstscax.dll
+ 2009-01-09 05:13 . 2009-10-29 19:08 3070976 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
+ 2009-08-08 07:51 . 2009-08-08 07:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2008-11-25 12:59 . 2008-11-25 12:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2009-08-08 07:51 . 2009-08-08 07:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-05-28 09:35 . 2008-05-28 09:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 05:35 . 2007-04-14 05:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-28 09:35 . 2008-05-28 09:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-14 05:35 . 2007-04-14 05:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-28 08:48 . 2008-05-28 08:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-28 08:48 . 2008-05-28 08:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-14 04:50 . 2007-04-14 04:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-05-28 08:43 . 2008-05-28 08:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2009-01-09 05:12 . 2009-08-05 04:44 2189184 c:\windows\Driver Cache\I386\ntoskrnl.exe
- 2009-01-09 05:12 . 2008-08-14 10:11 2189184 c:\windows\Driver Cache\I386\ntoskrnl.exe
+ 2009-01-09 05:12 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\I386\ntkrpamp.exe
- 2009-01-09 05:12 . 2008-08-14 09:33 2023936 c:\windows\Driver Cache\I386\ntkrpamp.exe
- 2009-01-09 05:12 . 2008-08-14 09:33 2066048 c:\windows\Driver Cache\I386\ntkrnlpa.exe
+ 2009-01-09 05:12 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\I386\ntkrnlpa.exe
- 2009-01-09 05:13 . 2008-08-14 10:09 2145280 c:\windows\Driver Cache\I386\ntkrnlmp.exe
+ 2009-01-09 05:13 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\I386\ntkrnlmp.exe
+ 2010-01-07 01:08 . 2010-01-07 01:08 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_c98e5661\System.dll
+ 2010-01-07 01:08 . 2010-01-07 01:08 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_734d6c38\System.dll
+ 2010-01-07 01:09 . 2010-01-07 01:09 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_753c825d\System.Xml.dll
+ 2010-01-07 01:08 . 2010-01-07 01:08 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3916fdc7\System.Xml.dll
+ 2010-01-07 01:08 . 2010-01-07 01:08 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_e89552ef\System.Windows.Forms.dll
+ 2010-01-07 01:09 . 2010-01-07 01:09 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_0b997c70\System.Windows.Forms.dll
+ 2010-01-07 01:09 . 2010-01-07 01:09 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b6e33fe6\System.Drawing.dll
+ 2010-01-07 01:09 . 2010-01-07 01:09 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_8b6bf6d8\System.Design.dll
+ 2010-01-07 01:08 . 2010-01-07 01:08 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_5aef731d\System.Design.dll
+ 2010-01-07 01:09 . 2010-01-07 01:09 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ec47d5b6\mscorlib.dll
+ 2010-01-07 01:08 . 2010-01-07 01:08 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b050e00a\mscorlib.dll
+ 2010-01-07 01:24 . 2010-01-07 01:24 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll
+ 2010-01-07 01:33 . 2010-01-07 01:33 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll
+ 2010-01-07 01:24 . 2010-01-07 01:24 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2010-01-07 01:33 . 2010-01-07 01:33 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
+ 2010-01-07 01:32 . 2010-01-07 01:32 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll
+ 2010-01-07 01:32 . 2010-01-07 01:32 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll
+ 2010-01-07 01:31 . 2010-01-07 01:31 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
+ 2010-01-07 01:26 . 2010-01-07 01:26 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
+ 2010-01-07 01:26 . 2010-01-07 01:26 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll
+ 2010-01-07 01:26 . 2010-01-07 01:26 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll
+ 2010-01-07 01:26 . 2010-01-07 01:26 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll
+ 2010-01-07 01:25 . 2010-01-07 01:25 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll
+ 2010-01-07 01:24 . 2010-01-07 01:24 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-01-07 01:22 . 2010-01-07 01:22 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-03-23 03:23 . 2009-03-23 03:23 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-01-07 01:23 . 2010-01-07 01:23 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-03-23 03:24 . 2009-03-23 03:24 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-01-21 20:40 . 2009-01-21 20:40 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-01-07 01:07 . 2010-01-07 01:07 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-01-21 20:40 . 2009-01-21 20:40 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-01-07 01:07 . 2010-01-07 01:07 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2004-11-19 12:06 . 2009-07-14 07:43 10841088 c:\windows\SYSTEM32\wmp.dll
+ 2005-12-01 05:21 . 2009-12-01 20:06 25966024 c:\windows\SYSTEM32\MRT.exe
+ 2004-11-19 12:06 . 2009-07-14 07:43 10841088 c:\windows\SYSTEM32\DLLCACHE\wmp.dll
+ 2009-08-11 05:08 . 2009-08-11 05:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-15 04:32 . 2009-08-15 04:32 11110912 c:\windows\Installer\4e32cc.msp
+ 2004-01-30 11:19 . 2004-01-30 11:19 56269996 c:\windows\Installer\4e32b1.msp
+ 2009-08-10 22:09 . 2009-08-10 22:09 17254912 c:\windows\Installer\4e3261.msp
+ 2010-01-07 01:32 . 2010-01-07 01:32 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
+ 2010-01-07 01:31 . 2010-01-07 01:31 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll
+ 2010-01-07 01:25 . 2010-01-07 01:25 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll
+ 2010-01-07 01:25 . 2010-01-07 01:25 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll
+ 2010-01-07 01:24 . 2010-01-07 01:24 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="1" [X]
"igndlm.exe"="c:\program files\IGN\Download Manager\DLM.exe" [2009-02-25 1103216]
"EasyLinkAdvisor"="c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe" [2007-03-16 454784]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-06 2260480]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-05 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 122880]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-15 28672]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 679936]
"DwlClient"="c:\program files\Common Files\Dell\EUSW\Support.exe" [2004-05-28 323584]
"ADUserMon"="c:\program files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-25 147456]
"Iomega Drive Icons"="c:\program files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]
"Deskup"="c:\program files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]
"DXM6Patch_981116"="c:\windows\p_981116.exe" [1998-12-01 497376]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2004-06-03 204800]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-11 368706]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"nwiz"="nwiz.exe" [2008-10-07 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2010-01-05 160752]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2003-3-11 45056]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideShutdownScripts"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 99 (0x63)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\messenger\\msmsgs.exe"=
"c:\\WINDOWS\\SYSTEM32\\dpnsvr.exe"=
"c:\\WINDOWS\\SYSTEM32\\dxdiag.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\AC3Filter\\ac3config.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\SYSTEM32\\PnkBstrA.exe"=
"c:\\WINDOWS\\SYSTEM32\\PnkBstrB.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=

R0 PCTCore;PCTools KDS;c:\windows\SYSTEM32\DRIVERS\PCTCore.sys [1/5/2010 2:58 PM 207792]
R1 ATMhelpr;ATMhelpr;c:\windows\SYSTEM32\DRIVERS\ATMHELPR.SYS [10/19/2004 7:23 PM 4064]
S3 ebookman;FEP_USB Driver;c:\windows\SYSTEM32\DRIVERS\ebookman.sys [3/10/2004 6:27 PM 19677]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [1/5/2010 2:57 PM 359624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder

2010-01-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-05 22:52]

2003-03-19 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\System32\OOBE\OOBEBALN.EXE [2002-08-29 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://dsl.sbc.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = localhost:8118
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search - ?p=ZKfox000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: fnismls.com
Trusted Zone: getmedianow.com
Trusted Zone: live.com
Trusted Zone: realtytools.com
Trusted Zone: showingtime.com
Trusted Zone: sitexdata.com
Trusted Zone: spellchecker.net
Trusted Zone: toolkitcma.com
Trusted Zone: toolkitcma2.com
Trusted Zone: transactionpoint.com
Trusted Zone: trpoint.com
Trusted Zone: virtualearth.net
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://att.my.yahoo.com/
FF - component: c:\documents and settings\Darcie & Ashley\Application Data\Mozilla\Firefox\Profiles\vbuafmq4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1808.5272\npCIDetect14.dll
FF - plugin: c:\program files\IGN\Download Manager\npfpdlm.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmnqmp07010901.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - hȋdden: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-06 17:40
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Iomega Activity Disk2]
"ImagePath"="\"\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3546253606-4130668658-1351163875-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b0,dd,08,cd,f5,4f,8d,6c,87,67,d1,e5,ad,b9,47,cd,3f,90,e2,30,43,fc,98,
48,f0,5a,36,53,43,64,8a,b0,3b,e4,8e,63,d6,d1,e9,44,99,01,22,36,40,f1,2c,af,\
"??"=hex:72,88,18,21,4b,aa,e9,42,69,10,b1,3e,be,79,82,ea

[HKEY_USERS\S-1-5-21-3546253606-4130668658-1351163875-1007\Software\SecuROM\License information*]
"datasecu"=hex:e9,18,a9,0b,c9,54,79,ad,0b,e7,ee,3a,de,0f,09,dc,b2,22,69,58,2d,
7b,9c,b4,8f,ad,44,e5,a6,be,c3,b9,fd,98,f3,43,af,ce,65,5b,46,3c,01,f2,bd,76,\
"rkeysecu"=hex:d1,cc,c6,c6,ea,47,45,be,ec,c2,8b,03,18,90,74,92
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1952)
c:\windows\system32\nview.dll
c:\program files\Iomega\DriveIcons\IMGHOOK.DLL
c:\program files\Microsoft Office\Office10\msohev.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Creative\Creative NOMAD Jukebox Zen Xtra\NOMAD Explorer\CTJBNS.DLL
c:\program files\Creative\Creative NOMAD Jukebox Zen Xtra\NOMAD Explorer\CTIntrfc.dll
c:\program files\Creative\Creative NOMAD Jukebox Zen Xtra\NOMAD Explorer\JBNSHK.dll
c:\program files\Creative\Creative NOMAD Jukebox Zen Xtra\NOMAD Explorer\JBNSRES.DLL
.
Completion time: 2010-01-06 17:44:07
ComboFix-quarantined-files.txt 2010-01-07 01:44
ComboFix2.txt 2010-01-06 23:34
ComboFix3.txt 2010-01-06 21:08
ComboFix4.txt 2010-01-06 19:35

Pre-Run: 80,334,270,464 bytes free
Post-Run: 80,294,031,360 bytes free

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 60C45BD400F28C511376DABA1F175082

I disabled spyware doctor, but if its still getting in the way I'll remove it and run again.

No, you don't need to, it worked fine.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

How is the machine running now?

excellent. I see no signs or symptoms of the virus. Thanks very much

I get the "cannot find file ****" when I try running uninstall. I've tried typing the location of combofix completely out and added /uninstall as well.