GeekPolice
Would you like to react to this message? Create an account in a few clicks or log in to continue.

GeekPoliceLog in

 


Serious Help Needed in regards to Think Point Virus Removal!

3 posters

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptySerious Help Needed in regards to Think Point Virus Removal!29th October 2010, 6:03 pm

more_horiz
My computer was infected with the thinkpoint virus. I went through all of the steps (ending the hotfix.exe process, enabling explorer.exe), and starting running malwarebytes to remove it. I got partially through the malwarebytes scan, when my computer showed a blue screen message. It stated that I needed to reboot, uninstall affected programs (?), and if it happened again to run my computer in safe mode.

The only problem is that now I cannot run my computer at all. At first, when I went to start it in safe mode, my screen was straight black, with no actions. After that, I ran an image burn of the Dr. Web program to clear my system. Ran the program twice, for both hard drives, and eventually they came back clean. But when I went back to start up in safe mode to do a full system clean, instead of a black screen, I'm getting script back.... and that's it.

What am I supposed to do now?

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!29th October 2010, 9:08 pm

more_horiz
Hi,

Welcome to GeekPolice.net!

We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.

Step 1: you need to get the appropriate burning software for this task.

Download ISOBurner
  • This will allow you to burn OTLPE ISO to a cd and make it bootable. Just install the program, from there on in it is fairly automatic.
  • See the instructions page for more info.
Step 2: download the OTLPE REATOGO Windows Recovery Environment.
  • Download OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 292Mb in size so it may take some time to download.
  • When downloaded double click and this will then open ISOBurner to burn the file to CD
  • Reboot your system using the boot CD you just created.

    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to Non-Microsoft
    • Press Run Scan to start the scan.
    • When finished, the file will be saved in drive C:\_OTL\MovedFiles
    • Copy this file to your USB drive if you do not have internet connection on this system
    • Please post the contents of the OTL.txt file in your reply.

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!29th October 2010, 10:12 pm

more_horiz
Alright, I have the ISO burner downloaded and installed, but the link for the OTLPE.iso file says it is broken.

Is there another place to download the file from?

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!29th October 2010, 11:19 pm

more_horiz
Hi,

Are you able to boot into Windows at all? If not try Last Known Good Configuration.

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!31st October 2010, 4:17 pm

more_horiz
I tried the Last Known Configuration, but it takes me back to the blank screen again. Is there any other place to download the OTLPE.iso file?

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!31st October 2010, 4:47 pm

more_horiz
Hi,

Please use http://oldtimer.geekstogo.com/OTLPE.zip

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!31st October 2010, 5:17 pm

more_horiz
Will that still work to boot the computer since it's the .exe file? Or would I need to .iso to boot?

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!31st October 2010, 11:18 pm

more_horiz
Hi,

You should be able to boot with that.

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!2nd November 2010, 9:39 pm

more_horiz
My computer won't let me boot up with the .exe file. Is ther any other way I can get that up and running?

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!3rd November 2010, 1:11 am

more_horiz
Hi,

Do you have your XP disk?

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!3rd November 2010, 10:49 pm

more_horiz
Alright, I re-burned the img of the OTLPE file, and ran it on my main hard drive. It wouldn't run on my secondary drive, either on it's own (it does not have a windows file on it), or running as a slave to the CD-ROM drive.

But here is the OTL.txt file from the main hard drive:

OTL logfile created on: 11/3/2010 6:57:31 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

254.00 Mb Total Physical Memory | 93.00 Mb Available Physical Memory | 37.00% Memory free
222.00 Mb Paging File | 107.00 Mb Available in Paging File | 48.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.44 Gb Total Space | 11.31 Gb Free Space | 32.85% Space Free | Partition Type: NTFS
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/27 14:08:44 | 000,307,200 | ---- | M] (CJSC Computing Forces) [Auto] -- C:\WINDOWS\SYSTEM32\sshnas21.dll -- (SSHNAS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/10/27 18:27:55 | 000,000,000 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\myiqtsc.sys -- (myiqtsc)
DRV - [2010/09/27 19:21:58 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys -- (sptd)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004/06/16 00:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/04/26 11:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2004/03/06 00:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 00:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 00:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/05/23 14:58:30 | 000,043,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/08 15:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SPARROW.SYS -- (Sparrow)
DRV - [2001/08/17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_U3.SYS -- (sym_u3)
DRV - [2001/08/17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_HI.SYS -- (sym_hi)
DRV - [2001/08/17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC8XX.SYS -- (symc8xx)
DRV - [2001/08/17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC810.SYS -- (symc810)
DRV - [2001/08/17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ULTRA.SYS -- (ultra)
DRV - [2001/08/17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\QL12160.SYS -- (ql12160)
DRV - [2001/08/17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1080.SYS -- (ql1080)
DRV - [2001/08/17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1280.SYS -- (ql1280)
DRV - [2001/08/17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\DAC2W2K.SYS -- (dac2w2k)
DRV - [2001/08/17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS -- (mraid35x)
DRV - [2001/08/17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC.SYS -- (asc)
DRV - [2001/08/17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC3550.SYS -- (asc3550)
DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS -- (AliIde)
DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Jules_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\Jules_ON_C\..\URLSearchHook: {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - Reg Error: Key error. File not found
IE - HKU\Jules_ON_C\..\URLSearchHook: ~4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\Jules_ON_C\..\URLSearchHook: ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\Mikey_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKU\Mikey_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: {22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}:1.9.1
FF - prefs.js..extensions.enabledItems: {FD57B90C-AEA6-44E8-A343-C6A2E427491D}:1.9.1
FF - prefs.js..keyword.URL: "http://search.fast-find.net/?sid=10101067100&s="
FF - prefs.js..network.proxy.type: 0

FF - user.js..browser.search.selectedEngine: "Google"
FF - user.js..browser.search.order.1: "Google"
FF - user.js..keyword.URL: "http://search.fast-find.net/?sid=10101067100&s="

FF - HKLM\software\mozilla\Firefox\Extensions\\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}: C:\Documents and Settings\Mikey\Local Settings\Application Data\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2} [2010/10/27 14:12:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}: C:\Documents and Settings\Jules\Local Settings\Application Data\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}\ [2010/10/27 14:50:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/20 22:48:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/22 18:02:58 | 000,000,000 | ---D | M]

[2010/08/07 22:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\Mozilla\Extensions
[2010/09/06 12:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\Mozilla\Firefox\Profiles\06yof9ee.default\extensions
[2010/08/07 22:32:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/24 07:52:18 | 000,002,074 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google_search.xml

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {81EA3F36-357A-435A-8741-52C27CCC9F21} - C:\WINDOWS\System32\ssqPGwwX.dll File not found
O2 - BHO: (C:\WINDOWS\system32\xeetnkw8sg.dll) - {B6BA40C1-A501-59BD-F413-03B03A2C8952} - C:\WINDOWS\System32\xeetnkw8sg.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKU\Jules_ON_C\..\Toolbar\WebBrowser: (AIM Search) - {40D41A8B-D79B-43D7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll File not found
O4 - HKLM..\Run: [HNUhcIXn0Z] C:\DOCUME~1\Mikey\LOCALS~1\Temp\system.exe File not found
O4 - HKLM..\Run: [HNUhcIXnb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\mdm.exe File not found
O4 - HKLM..\Run: [HNUhcIXnd] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp.exe File not found
O4 - HKLM..\Run: [HNUhcIXneP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp32.exe File not found
O4 - HKLM..\Run: [HNUhcIXnf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win.exe File not found
O4 - HKLM..\Run: [HNUhcIXnfQ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win16.exe File not found
O4 - HKLM..\Run: [HNUhcIXngP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win32.exe File not found
O4 - HKLM..\Run: [HNUhcIXnoc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\debug.exe File not found
O4 - HKLM..\Run: [HNUhcIXnqe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\login.exe File not found
O4 - HKLM..\Run: [HNUhcIXnqg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\hexdump.exe File not found
O4 - HKLM..\Run: [HNUhcIXnrc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winamp.exe File not found
O4 - HKLM..\Run: [HNUhcIXnsb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\drweb.exe File not found
O4 - HKLM..\Run: [HNUhcIXnsd] C:\DOCUME~1\Mikey\LOCALS~1\Temp\taskmgr.exe File not found
O4 - HKLM..\Run: [HNUhcIXnsf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\lsass.exe File not found
O4 - HKLM..\Run: [HNUhcIXntg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\wininst.exe File not found
O4 - HKLM..\Run: [HNUhcIXnth] C:\DOCUME~1\Mikey\LOCALS~1\Temp\svchost.exe File not found
O4 - HKLM..\Run: [HNUhcIXnUf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\z77hqz.exe File not found
O4 - HKLM..\Run: [HNUhcIXnusc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winlogon.exe File not found
O4 - HKLM..\Run: [HNUhcIXnvc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\user.exe File not found
O4 - HKLM..\Run: [HNUhcIXnvZ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\install.exe File not found
O4 - HKLM..\Run: [HNUhcIXnwe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\setup.exe File not found
O4 - HKLM..\Run: [HNUhcIXnwg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKLM..\Run: [HNUhcIXnwpc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\services.exe File not found
O4 - HKLM..\Run: [HNUhcIXnxb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\sysedit.exe File not found
O4 - HKLM..\Run: [HNUhcIXnxc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\smss.exe File not found
O4 - HKLM..\Run: [HNUhcIXnY] C:\DOCUME~1\Mikey\LOCALS~1\Temp\cmd.exe File not found
O4 - HKLM..\Run: [HNUhcIXnz9] C:\DOCUME~1\Mikey\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKLM..\Run: [HNUkaIXnd] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp.exe File not found
O4 - HKLM..\Run: [HNUkaIXneP] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp32.exe File not found
O4 - HKLM..\Run: [HNUkaIXnfQ] C:\DOCUME~1\Jules\LOCALS~1\Temp\win16.exe File not found
O4 - HKLM..\Run: [HNUkaIXnsd] C:\DOCUME~1\Jules\LOCALS~1\Temp\taskmgr.exe File not found
O4 - HKLM..\Run: [HNUkaIXntg] C:\DOCUME~1\Jules\LOCALS~1\Temp\wininst.exe File not found
O4 - HKLM..\Run: [HNUkaIXnvZ] C:\DOCUME~1\Jules\LOCALS~1\Temp\install.exe File not found
O4 - HKLM..\Run: [HNUkaIXnwg] C:\DOCUME~1\Jules\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKLM..\Run: [HNUkaIXnxb] C:\DOCUME~1\Jules\LOCALS~1\Temp\sysedit.exe File not found
O4 - HKLM..\Run: [HNUkaIXnz9] C:\DOCUME~1\Jules\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKLM..\Run: [HNUkaIXnZP] C:\DOCUME~1\Jules\LOCALS~1\Temp\gdi32.exe File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MKaoc] C:\WINDOWS\debug.exe File not found
O4 - HKLM..\Run: [MKasc] C:\WINDOWS\drweb.exe File not found
O4 - HKLM..\Run: [MKayc] C:\WINDOWS\csrss.exe File not found
O4 - HKLM..\Run: [MKaZ] C:\WINDOWS\cmd.exe File not found
O4 - HKLM..\Run: [MKbMc] C:\WINDOWS\gdi32.exe File not found
O4 - HKLM..\Run: [MKbta] C:\WINDOWS\install.exe File not found
O4 - HKLM..\Run: [MKbtc] C:\WINDOWS\hexdump.exe File not found
O4 - HKLM..\Run: [MKbuqc] C:\WINDOWS\iexplarer.exe File not found
O4 - HKLM..\Run: [MKcZ] C:\WINDOWS\mdm.exe File not found
O4 - HKLM..\Run: [MKee] C:\WINDOWS\user.exe File not found
O4 - HKLM..\Run: [MKeg] C:\WINDOWS\smss.exe File not found
O4 - HKLM..\Run: [MKeta] C:\WINDOWS\services.exe File not found
O4 - HKLM..\Run: [MKetc] C:\WINDOWS\sysedit.exe File not found
O4 - HKLM..\Run: [MKeuf] C:\WINDOWS\spoolsv.exe File not found
O4 - HKLM..\Run: [MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/
/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm
AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/
MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm
ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/
mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm
zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/
/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ
AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA
M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ
ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A
mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z
zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAADIADwA
AAj/AP8JHEiwoMGDCBMqXMiwocJUqfw4XJhqosWLGDP+k0iQmsaPHv1U/HgQIsSEHi+OFJiyoMeX
A0UOXHmwJct/EG2SbEhzp8+IPVGWNKnTJ06DRQma5CgwKMKU1FYmNWqQadKpVP+1TBmR49aTSoGK
dIpxa8yBL5121Rn1ZketaKNCheuWLlysFslmJQm0actU1KgxVSp371GDK/tq1am3IGCFV/cOFmq4
oEy0dMX6uby4LdKoYO3itSvQaszNHAEXHdnStFanXGEqvWt0cuW8g0FXrCjSdueSOHOORhg04sbf
dQ87RvsYc9iaUqm6FirbqM7eEH1vNO4ScPPFcU1S/89882/o1UhLqxbN3DRUswRFDgcOMqvJk9kX
jnUsN7Be78NNFhhXxJHlHUqCfedSQqFRRtx8lUXV24CtbTcaao5VVJhzYXlG22EHVlhXdDOFSCGF
3HHY3HVBQRhffSqNpaGCaQUWHFmtGQfVY/1R5GFwNsZn3GQ9+QfagMU1xlZT2j2lUJMNwYRVdjQ1
uJVVSEq05E29zeThgW+FBZhE2KEG1EkD+nGieFVl1qRHGqK1GY+kadQYSGcidud0cOqoH5tBsjTg
ZzuC1tma96npnVhnLqUYSjTNCeVHdzr41oZ3AXrWi0vmqKWN8OGEYVtSIumZpG0RteJxqlYqanBm
yv8IJmry1VTna9g9eRtieHE2qWU0DUrhTGN92Vaux/kFqnjMuhqcck/R+iqMjJbp1UJbcvhVnHit
dau2TBo4rGBzgtYlnEeSmtl9bC54HVy+ocuUfIFGZieV2DWY0Y8T1ZqRcKAGCt6EbKU5KEvfFSZX
Yw0GtVmoLvIl0hRTDNYVdkFOBegUKExRXXkCcTyFqDIlpVrAIfkZJL7MnbwSU4vepCDMwsXU4mMY
auhfersmmwrFU+jrmGuYDgT0t30CPZJEJ59oq8wjUVkwymmBibDAm3ZkdVVNc+WsRfZqxZHSKU8H
sqHV+SGyWbSq+Q/QRm6m7IJhMvmwzMN+lh2pSJb/KKXDu1nt9MCs0RZ2baVRzFhONfFbUMUjq9cU
TUcPjdlw1AAto+Nerriwwn+ruVqwRn4XZ4rQfb6edY9RjEJRaZ1L45U/d+yem5qjbmFcIV3LEtC2
v9ZTu2epZma7glUMYMkHIwWgqqqXDjnFCjJ0oVZwe/gevPpKqFjlT6tNMfdlgnVm3i+J70fHL+vG
oGfH6ihXxZspb6NwAB4ZOICNi0o/avSbj1mkJLaoBM8v3lkfZ8rmLSnB7UmZGx+oaFO+fPUocx1z
Xe+W1iLdRC87D1MfCF9iqur0KVm6YU3vAggnESLuZ0FbDfVwQjV2PW58ugJfjoQ0uIgERnxBk5HS
/1Rzn4V172or9FXQXDLB5vnmeWpzG2LU9rUnwTA6EclgvYa1PB9iMHKh0tIDaZisQz3PiBAZolyA
eEBYRY1QJIzI/5hSsSXxT1B5E00Up0TFuuFGbV+J4AzTIyy4pFFxLhORFlmzm+hNziWaQ9eAOCZC
KlGpPFjLDg63U7/qiYqEsxHUXfb4LbuVxTIiu5FWMihBcnEpYRQCniw7xkpWbi9OT2nUF7m1GKBx
jE6v4WSePEUxf3nkaBXyZPoKiT1ACuw6S4yYYyC3FV8ukUtkKuZcfmdN1/lyfb4sIXIyxCYg1jFI
Imxi1lSEnzoiDCfUy1cp13kaj13qmZHTyDG1yf/NirURJt/sSEpENhZJ0UqOm1TRjYhXP5HRsp3U
m2B5qjcjOqoNM0DkTeB8xx+k9JFDmMTaRSQ0yLdR74pvqV1JC4KC9W3kYWm6ETIhY5P+CNKcxQSi
1mxComehhXrK02QI3ymqFjVFoHN6GhzzMhINbsR12bymIUXmMVeWh6CH2siJsOqkj/30pDB0qOIK
NqbuaGmU7lQf/WYkUrm1SSmArIvCQOqQrUWxoRVLXD6bojlRli97lrkhChYKGebcdHJh1aZNV8dY
H0LyMpljWrA8ORNo5SavSKEfpZySQZNiVpDVzGCVyPUw8BnNIMj0z6NqYs7X4SebKHjdt8aUwt3/
2AWGxJIqDQvFs5dCy1uX+5kzwTaV6fXVaPE85AxRtTN4JvSogmViCiXqWX4qRWnzPIp4TuQfKnJF
cXQVFMM48zYpcqh+v2KPW0oLvMu2lCXgXOvzzhdWGaGmiWM0XJoAJci10YUaWgxVZf2UKf9oUz5g
xaW76oXRrsDTbWwT7q8IGB+3JRbCvcyrYES7ukcSBG4wVVQRRUthvUkxeeA1GhWFZp7eojdoL4Pp
Ypt3NfqQbE7s4o1bu8pai0VSNIrbDC1rihnGva1jp2Grah6Ila2YimSBMa49D8OijxUOezGMWsd2
BrszbjdT9r3rbT96EfLqdcrxiWd+H1IRai7t/5MAReTnRIq1YeHUYgrmDd3WJbzFyJGybF5UfuAq
X7Fh1lKnPYg2l7bGYpL4Q4abSSoPlbKBbrlx+eMcCbupYJkMac8pe5BmsWJfsSDMtnosZleUtxd3
9oivvqxiyCQoSmKFNbwg87M4YR3FkqSGQbAh1R7vl2NTQ+rK8G2bbmGE40fuk2zzJCFjeFrTHdet
w5DJCUJFZ6PLnJVr0AERevFVLpWoE2EYsg54ygjdjDZZpHoSKLDilRw/Svd+6pIcXJ2nutOtFY8V
PmhRRCfriXTrLRKBqpNpDGmTFY6Z24lLckYjG+3x7odk4qCsVichg06sbdJySGrO4y7JlKSYuf+m
FulI49h6n/LV5MyT8SZU6nSru0jSBFso3RLZbPWW4j71Cybvaz1c47JaRTyjBa+9k6S4J9+7ipfo
euZnrZHGqhiZUKJ+NmjDKsqmpZM4oieCI85Jp26xwTWPIea3GtdFbq0BuaMYdzCROoqAOhuUl5N+
uZIjZFLYPju2Cl6WQPmwgjguNoroxEthjUvehHS5smAucmzBmy+S51R2/8vdzuPbSJ733p4+lCAz
Nbd/1IF60UtsdZ6Y/ZR1bUhvDjp7ouHl8gWy2X52lHmvUqaQvjd4FQG9r75b5uMgt7mApQuuhduK
K7W/FIvVzp6/6PeZUQrsz53zejzFqqdKtZ6ONOHNsgcVFkZUxwjxI2RUE/bd/ct3f2kk1XBVwqb5
kCYO9SOErfR/JvxjV3jQxStHJ0DF53/pdzh+12cph3ZzAXSk5kloclv5h2ths029VXSRB3sIuBwd
iBi1VjR7dhuE94EmWBoIKBv6YmQBmBU5d4IwKDR7wVMZknkdWIIwSHXo0TNelS0v2HQ52BABAQA7
==] C:\WINDOWS\spoolsv.exe File not found
O4 - HKLM..\Run: [MKevc] C:\WINDOWS\setup.exe File not found
O4 - HKLM..\Run: [MKexe] C:\WINDOWS\system.exe File not found
O4 - HKLM..\Run: [MKfa] C:\WINDOWS\win.exe File not found
O4 - HKLM..\Run: [MKfPc] C:\WINDOWS\win32.exe File not found
O4 - HKLM..\Run: [MKfre] C:\WINDOWS\wininst.exe File not found
O4 - HKLM..\Run: [MKfsc] C:\WINDOWS\winlogon.exe File not found
O4 - HKLM..\Run: [MKWPtg] C:\WINDOWS\TEMP\wininst.exe File not found
O4 - HKLM..\Run: [MKZe] C:\WINDOWS\avp.exe File not found
O4 - HKLM..\Run: [MKZSc] C:\WINDOWS\avp32.exe File not found
O4 - HKLM..\Run: [OSCD_Creator] C:\DELL\PREODM.EXE ()
O4 - HKLM..\Run: [Recordpad] C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe (NCH Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ()
O4 - HKLM..\Run: [Tpinudepiguyoru] C:\WINDOWS\ogudenenor.DLL ()
O4 - HKLM..\Run: [uPc+MV0NbtaGuo] C:\WINDOWS\System32\zh0ycwd.DLL ()
O4 - HKU\Jules_ON_C..\Run: [E6TaskPanel] C:\Program Files\EarthLink TotalAccess\TaskPanl.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXn0Z] C:\DOCUME~1\Mikey\LOCALS~1\Temp\system.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\mdm.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXneP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnfQ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win16.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXngP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnqe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\login.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnqg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\hexdump.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnrc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winamp.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnsb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\drweb.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnsf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\lsass.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXntg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\wininst.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnUf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\z77hqz.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnusc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winlogon.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnvc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\user.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnvZ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\install.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnwe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\setup.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnwg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnxc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\smss.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnz9] C:\DOCUME~1\Mikey\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnd] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXneP] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnfQ] C:\DOCUME~1\Jules\LOCALS~1\Temp\win16.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnsd] C:\DOCUME~1\Jules\LOCALS~1\Temp\taskmgr.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXntg] C:\DOCUME~1\Jules\LOCALS~1\Temp\wininst.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnvZ] C:\DOCUME~1\Jules\LOCALS~1\Temp\install.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnwg] C:\DOCUME~1\Jules\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnxb] C:\DOCUME~1\Jules\LOCALS~1\Temp\sysedit.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnz9] C:\DOCUME~1\Jules\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnZP] C:\DOCUME~1\Jules\LOCALS~1\Temp\gdi32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKaoc] C:\WINDOWS\debug.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKasc] C:\WINDOWS\drweb.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKayc] C:\WINDOWS\csrss.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKbMc] C:\WINDOWS\gdi32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKbta] C:\WINDOWS\install.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKbtc] C:\WINDOWS\hexdump.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKcZ] C:\WINDOWS\mdm.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKee] C:\WINDOWS\user.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKeg] C:\WINDOWS\smss.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKetc] C:\WINDOWS\sysedit.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKeuf] C:\WINDOWS\spoolsv.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKevc] C:\WINDOWS\setup.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKexe] C:\WINDOWS\system.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKfPc] C:\WINDOWS\win32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKfre] C:\WINDOWS\wininst.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKfsc] C:\WINDOWS\winlogon.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKWPtg] C:\WINDOWS\TEMP\wininst.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKZe] C:\WINDOWS\avp.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKZSc] C:\WINDOWS\avp32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [SpySweeper] File not found
O4 - HKU\Jules_ON_C..\Run: [uPc+MV0NbtaGuo] C:\WINDOWS\System32\zh0ycwd.DLL ()
O4 - HKU\Jules_ON_C..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\Mikey_ON_C..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXn0Z] C:\DOCUME~1\Mikey\LOCALS~1\Temp\system.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\mdm.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnd] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXneP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnfQ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win16.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXngP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnqe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\login.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnqg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\hexdump.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnrc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winamp.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnsb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\drweb.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnsf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\lsass.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXntg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\wininst.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnth] C:\DOCUME~1\Mikey\LOCALS~1\Temp\svchost.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnUf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\z77hqz.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnusc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winlogon.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnvc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\user.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnvZ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\install.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnwe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\setup.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnwg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnwpc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\services.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnxc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\smss.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnz9] C:\DOCUME~1\Mikey\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnd] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXneP] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnfQ] C:\DOCUME~1\Jules\LOCALS~1\Temp\win16.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnsd] C:\DOCUME~1\Jules\LOCALS~1\Temp\taskmgr.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXntg] C:\DOCUME~1\Jules\LOCALS~1\Temp\wininst.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnvZ] C:\DOCUME~1\Jules\LOCALS~1\Temp\install.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnwg] C:\DOCUME~1\Jules\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnxb] C:\DOCUME~1\Jules\LOCALS~1\Temp\sysedit.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnz9] C:\DOCUME~1\Jules\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnZP] C:\DOCUME~1\Jules\LOCALS~1\Temp\gdi32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKaoc] C:\WINDOWS\debug.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKasc] C:\WINDOWS\drweb.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKayc] C:\WINDOWS\csrss.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKbMc] C:\WINDOWS\gdi32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKbta] C:\WINDOWS\install.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKbtc] C:\WINDOWS\hexdump.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKcZ] C:\WINDOWS\mdm.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKee] C:\WINDOWS\user.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKeg] C:\WINDOWS\smss.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKetc] C:\WINDOWS\sysedit.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKeuf] C:\WINDOWS\spoolsv.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKevc] C:\WINDOWS\setup.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKexe] C:\WINDOWS\system.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKfPc] C:\WINDOWS\win32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKfre] C:\WINDOWS\wininst.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKfsc] C:\WINDOWS\winlogon.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKWPtg] C:\WINDOWS\TEMP\wininst.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKZe] C:\WINDOWS\avp.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKZSc] C:\WINDOWS\avp32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [Snosesicogoto] C:\WINDOWS\werowp.DLL ()
O4 - HKU\Mikey_ON_C..\Run: [U36VRSFLG6] C:\DOCUME~1\Mikey\LOCALS~1\Temp\Uwl.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [uPc+MV0NbtaGuo] C:\WINDOWS\System32\zh0ycwd.DLL ()
O4 - HKLM..\RunOnce: [OSCD_Creator] C:\Dell\PreODM.EXE ()
O4 - Startup: C:\Documents and Settings\Mikey\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Mikey\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jules_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Jules_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jules_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Jules_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Mikey_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Mikey_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Mikey_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Mikey_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.247.15.53 24.247.24.53 68.115.71.53
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (%windir%\XP ARENA.exe) - C:\WINDOWS\XP ARENA.EXE (Microsoft Corporation)
O20 - HKU\Mikey_ON_C Winlogon: Shell - (C:\Documents and Settings\Mikey\Application Data\hotfix.exe) - C:\Documents and Settings\Mikey\Application Data\hotfix.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\ssqPGwwX: DllName - ssqPGwwX.dll - File not found
O22 - SharedTaskScheduler: {B6BA40C1-A501-59BD-F413-03B03A2C8952} - dfskea98e4iagjiufhg87df87u - C:\WINDOWS\System32\xeetnkw8sg.dll File not found
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {81EA3F36-357A-435A-8741-52C27CCC9F21} - C:\WINDOWS\System32\ssqPGwwX.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: FSUTonui - (C:\WINDOWS\system32\magnyi64.dll) - C:\WINDOWS\SYSTEM32\magnyi64.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/27 17:47:10 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/10/27 17:47:09 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/10/27 15:33:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/10/27 15:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\Malwarebytes
[2010/10/27 15:31:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/27 15:31:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/27 15:31:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Desktop\Malwarebytes' Anti-Malware
[2010/10/27 14:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jules\Local Settings\Application Data\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}
[2010/10/27 14:50:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jules\My Documents\Recordpad
[2010/10/27 14:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jules\Application Data\Recordpad
[2010/10/27 14:50:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jules\Application Data\NCH Swift Sound
[2010/10/27 14:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/10/27 14:16:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\Favorites
[2010/10/27 14:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}
[2010/10/27 14:08:43 | 000,307,200 | ---- | C] (CJSC Computing Forces) -- C:\WINDOWS\System32\sshnas21.dll
[2010/10/27 13:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\My Documents\Gygan Downloads
[2010/10/27 13:06:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\Gygan
[2010/10/27 13:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2010/10/27 13:06:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Xenocode
[2010/10/27 12:57:22 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/10/26 23:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010/10/24 19:42:13 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2010/10/24 02:05:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mikey\Recent
[2010/10/24 00:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Unity
[2010/10/23 17:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Temp
[2010/10/23 17:15:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Google
[2010/10/23 17:08:37 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Mikey\UserData
[2010/10/22 22:45:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\Opera
[2010/10/22 18:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\GoldWave
[2010/10/22 18:01:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/10/22 18:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/10/22 18:00:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Apple
[2010/10/22 18:00:11 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/10/22 17:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Apple Computer
[2010/10/22 17:59:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DigiDesign
[2010/10/22 17:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\Steinberg
[2010/10/22 17:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\IK Multimedia
[2010/10/22 17:58:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\InstallShield
[2010/10/20 23:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\My Documents\Recordpad
[2010/10/20 23:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\Recordpad
[2010/10/20 23:33:03 | 007,034,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\XP ARENA.EXE
[2010/10/20 19:35:36 | 000,000,000 | ---D | C] -- C:\Program Files\War2Combat
[2010/10/19 13:38:51 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010/10/19 13:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2010/10/19 13:37:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\NCH Swift Sound
[2010/10/19 02:49:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\IObit
[2010/10/19 02:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/10/19 02:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\FriendBlasterPro
[2010/10/19 02:11:30 | 000,241,664 | ---- | C] (Namtuk.com) -- C:\WINDOWS\System32\MyFramePanel.ocx
[2010/10/19 02:11:27 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ComCtl32.ocx
[2010/10/19 02:11:25 | 000,245,760 | ---- | C] (LansSoft Studio) -- C:\WINDOWS\System32\aUpdateNow.ocx
[2010/10/19 02:11:25 | 000,140,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2010/10/19 02:11:25 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msinet.ocx
[2010/10/19 02:11:24 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCTL.OCX
[2010/10/19 02:11:22 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6STKIT.DLL
[2010/10/19 02:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\FriendBlasterPro
[2010/10/17 14:42:07 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010/10/17 11:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sandlot Shared
[2010/10/14 05:18:33 | 000,000,000 | ---D | C] -- C:\Program Files\LucasArts
[2010/10/13 20:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\Infogrames
[2010/10/13 20:13:54 | 000,000,000 | ---D | C] -- C:\Program Files\Infogrames Interactive
[2010/10/13 20:08:25 | 000,000,000 | ---D | C] -- C:\Program Files\GameHouse Games Collection
[2010/10/13 00:48:09 | 000,000,000 | ---D | C] -- C:\Program Files\Postal2
[2010/10/13 00:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\Core Design
[2010/10/11 20:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\My Documents\EMULATORS
[2010/10/10 20:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\Bethesda Softworks
[2010/10/07 18:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\ElcomSoft
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/02 12:53:37 | 517,783,552 | ---- | M] () -- C:\REMOVE_THIS_FILE.livecd.swap
[2010/10/27 18:27:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\myiqtsc.sys
[2010/10/27 18:27:44 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/10/27 18:27:28 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010/10/27 18:27:25 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/10/27 18:26:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/10/27 18:26:21 | 266,407,936 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/27 18:24:46 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Jules\Desktop\Windows Media Player.lnk
[2010/10/27 18:24:33 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/10/27 17:24:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/10/27 17:20:26 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008UA.job
[2010/10/27 17:20:25 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008Core.job
[2010/10/27 16:24:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/10/27 15:24:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/10/27 15:23:50 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\shell.reg
[2010/10/27 14:24:11 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/10/27 14:21:39 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\start
[2010/10/27 14:21:21 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\completescan
[2010/10/27 14:13:12 | 000,000,013 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/10/27 14:12:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Ubobecahexofi.bin
[2010/10/27 14:12:40 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Wwehikicilucipi.dat
[2010/10/27 14:12:39 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\ThinkPoint.lnk
[2010/10/27 14:12:25 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\install
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/10/27 14:11:28 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/10/27 14:10:08 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/10/27 14:10:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/10/27 14:10:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/10/27 14:09:32 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\hotfix.exe
[2010/10/27 14:09:03 | 000,030,000 | ---- | M] () -- C:\WINDOWS\System32\zh0ycwd.dll
[2010/10/27 14:08:44 | 000,307,200 | ---- | M] (CJSC Computing Forces) -- C:\WINDOWS\System32\sshnas21.dll
[2010/10/27 14:08:43 | 000,053,248 | -H-- | M] () -- C:\WINDOWS\System32\magnyi64.dll
[2010/10/27 13:04:16 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/10/27 13:04:16 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\Windows Media Player.lnk
[2010/10/27 12:57:08 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/27 12:56:51 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/10/27 12:56:51 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/10/27 12:52:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/10/26 23:31:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/26 22:29:40 | 000,053,454 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\Game Setup.exe
[2010/10/25 22:39:36 | 000,235,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/25 17:55:05 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2010/10/23 17:19:37 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\Google Chrome.lnk
[2010/10/23 17:19:37 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/22 23:59:58 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\Mikey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/22 18:05:35 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\w3data.vss
[2010/10/22 18:05:35 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010/10/22 18:05:35 | 000,000,016 | ---- | M] () -- C:\WINDOWS\msocreg32.dat
[2010/10/22 18:02:24 | 000,001,802 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2010/10/22 16:41:07 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/10/22 15:01:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\switchShakeIcon.job
[2010/10/20 19:35:41 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\War2Combat.lnk
[2010/10/19 02:50:02 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010/10/19 02:50:02 | 000,000,146 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\IObit Freeware.url
[2010/10/19 02:23:34 | 000,402,406 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2010/10/19 02:23:34 | 000,063,016 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2010/10/15 06:12:39 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/10/13 20:19:48 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Mikey\My Documents\Games Collection.lnk
[2010/10/13 20:14:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\PowerReg.dat
[2010/10/11 20:50:02 | 000,000,407 | ---- | M] () -- C:\Documents and Settings\Mikey\My Documents\EMULATORS.lnk
[2010/10/09 20:22:27 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/27 19:13:48 | 517,783,552 | ---- | C] () -- C:\REMOVE_THIS_FILE.livecd.swap
[2010/10/27 15:23:49 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\shell.reg
[2010/10/27 14:21:39 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\start
[2010/10/27 14:17:02 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\completescan
[2010/10/27 14:12:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ubobecahexofi.bin
[2010/10/27 14:12:40 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Wwehikicilucipi.dat
[2010/10/27 14:12:33 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\ThinkPoint.lnk
[2010/10/27 14:12:25 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\install
[2010/10/27 14:11:31 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/10/27 14:11:30 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/10/27 14:11:30 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/10/27 14:11:26 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/10/27 14:11:23 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/10/27 14:11:08 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/10/27 14:11:04 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/10/27 14:10:49 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/10/27 14:10:48 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/10/27 14:10:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\myiqtsc.sys
[2010/10/27 14:10:42 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/10/27 14:10:37 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/10/27 14:10:35 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/10/27 14:10:35 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/10/27 14:10:34 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/10/27 14:10:32 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010/10/27 14:10:28 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/10/27 14:10:27 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/10/27 14:10:25 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/10/27 14:10:12 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/10/27 14:10:08 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/10/27 14:10:01 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/10/27 14:09:58 | 000,000,282 | -H-- | C] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010/10/27 14:09:55 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/10/27 14:09:53 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/10/27 14:09:47 | 000,000,282 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/10/27 14:09:41 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/10/27 14:09:31 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\hotfix.exe
[2010/10/27 14:09:03 | 000,030,000 | ---- | C] () -- C:\WINDOWS\System32\zh0ycwd.dll
[2010/10/27 14:08:43 | 000,053,248 | -H-- | C] () -- C:\WINDOWS\System32\magnyi64.dll
[2010/10/27 13:04:16 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/10/27 12:55:56 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/10/27 12:55:56 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/10/27 12:51:23 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\Windows Media Player.lnk
[2010/10/26 22:29:40 | 000,053,454 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\Game Setup.exe
[2010/10/23 17:19:37 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\Google Chrome.lnk
[2010/10/23 17:19:37 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/23 17:15:45 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008UA.job
[2010/10/23 17:15:43 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008Core.job
[2010/10/22 18:05:32 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\w3data.vss
[2010/10/22 18:05:32 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010/10/22 18:05:32 | 000,000,016 | ---- | C] () -- C:\WINDOWS\msocreg32.dat
[2010/10/22 18:02:24 | 000,001,802 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2010/10/22 18:00:25 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/22 17:55:53 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2010/10/20 19:35:41 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\War2Combat.lnk
[2010/10/19 15:01:58 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\switchShakeIcon.job
[2010/10/19 02:50:02 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010/10/19 02:50:02 | 000,000,146 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\IObit Freeware.url
[2010/10/15 06:12:39 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/10/15 06:12:39 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/10/13 20:19:48 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Mikey\My Documents\Games Collection.lnk
[2010/10/13 20:14:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/10/12 22:22:58 | 000,000,013 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/10/11 20:50:02 | 000,000,407 | ---- | C] () -- C:\Documents and Settings\Mikey\My Documents\EMULATORS.lnk
[2010/09/28 02:57:12 | 000,000,751 | ---- | C] () -- C:\WINDOWS\Rtcwplat.INI
[2010/09/28 00:16:16 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\Mikey\BnetLog.txt
[2010/09/21 22:05:02 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2010/09/21 13:38:24 | 000,014,336 | ---- | C] () -- C:\Documents and Settings\Mikey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/04/30 16:36:27 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Jules\Application Data\PFP120JPR.{PB
[2005/04/30 16:36:27 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Jules\Application Data\PFP120JCM.{PB
[2005/04/17 18:53:39 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Jules\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/04/13 17:30:19 | 000,000,034 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI
[2004/12/20 01:42:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/12/20 00:56:12 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 15:13:12 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 15:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 07:00:00 | 000,206,848 | ---- | C] () -- C:\WINDOWS\ogudenenor.dll
[2004/08/04 07:00:00 | 000,081,408 | ---- | C] () -- C:\WINDOWS\werowp.dll
[2004/08/04 07:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2002/03/13 16:46:46 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll

========== LOP Check ==========

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!3rd November 2010, 10:50 pm

more_horiz
CON'T:

[2005/04/13 19:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\Aim
[2005/04/12 18:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\Earthlink
[2005/04/13 17:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\EarthLink Toolbar
[2010/10/27 14:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\NCH Swift Sound
[2010/10/27 14:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\Recordpad
[2010/10/27 15:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\uTorrent
[2010/09/27 20:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\DAEMON Tools Lite
[2010/09/13 12:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\EarthLink Toolbar
[2010/10/27 14:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\Gygan
[2010/09/28 19:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\HD Tune Pro
[2010/10/19 02:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\IObit
[2010/10/22 17:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\NCH Swift Sound
[2010/10/22 22:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\Opera
[2010/10/20 23:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\Recordpad
[2010/10/27 14:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\uTorrent
[2010/10/27 14:10:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2010/10/27 14:24:11 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2010/10/27 15:24:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2010/10/27 16:24:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2010/10/27 17:24:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2010/10/27 18:24:33 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2010/10/27 14:11:28 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2010/10/27 14:10:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2010/10/27 14:10:08 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2010/10/22 15:01:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2010/10/25 17:55:05 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job
[2010/10/27 18:27:44 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/10/27 18:27:25 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/10/27 18:27:28 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

========== Purity Check ==========


< End of report >

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/27 14:08:44 | 000,307,200 | ---- | M] (CJSC Computing Forces) [Auto] -- C:\WINDOWS\SYSTEM32\sshnas21.dll -- (SSHNAS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2010/10/27 18:27:55 | 000,000,000 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\myiqtsc.sys -- (myiqtsc)
DRV - [2010/09/27 19:21:58 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys -- (sptd)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004/08/04 00:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004/06/16 00:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/04/26 11:49:56 | 000,381,056 | ---- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2004/03/06 00:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 00:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 00:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2003/05/23 14:58:30 | 000,043,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/08 15:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SPARROW.SYS -- (Sparrow)
DRV - [2001/08/17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_U3.SYS -- (sym_u3)
DRV - [2001/08/17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_HI.SYS -- (sym_hi)
DRV - [2001/08/17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC8XX.SYS -- (symc8xx)
DRV - [2001/08/17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC810.SYS -- (symc810)
DRV - [2001/08/17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ULTRA.SYS -- (ultra)
DRV - [2001/08/17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\QL12160.SYS -- (ql12160)
DRV - [2001/08/17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1080.SYS -- (ql1080)
DRV - [2001/08/17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1280.SYS -- (ql1280)
DRV - [2001/08/17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\DAC2W2K.SYS -- (dac2w2k)
DRV - [2001/08/17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS -- (mraid35x)
DRV - [2001/08/17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC.SYS -- (asc)
DRV - [2001/08/17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC3550.SYS -- (asc3550)
DRV - [2001/08/17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS -- (AliIde)
DRV - [2001/08/17 15:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Jules_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\Jules_ON_C\..\URLSearchHook: {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - Reg Error: Key error. File not found
IE - HKU\Jules_ON_C\..\URLSearchHook: ~4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\Jules_ON_C\..\URLSearchHook: ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\Mikey_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKU\Mikey_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: {22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}:1.9.1
FF - prefs.js..extensions.enabledItems: {FD57B90C-AEA6-44E8-A343-C6A2E427491D}:1.9.1
FF - prefs.js..keyword.URL: "http://search.fast-find.net/?sid=10101067100&s="
FF - prefs.js..network.proxy.type: 0

FF - user.js..browser.search.selectedEngine: "Google"
FF - user.js..browser.search.order.1: "Google"
FF - user.js..keyword.URL: "http://search.fast-find.net/?sid=10101067100&s="

FF - HKLM\software\mozilla\Firefox\Extensions\\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}: C:\Documents and Settings\Mikey\Local Settings\Application Data\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2} [2010/10/27 14:12:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}: C:\Documents and Settings\Jules\Local Settings\Application Data\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}\ [2010/10/27 14:50:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/20 22:48:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/22 18:02:58 | 000,000,000 | ---D | M]

[2010/08/07 22:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\Mozilla\Extensions
[2010/09/06 12:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\Mozilla\Firefox\Profiles\06yof9ee.default\extensions
[2010/08/07 22:32:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/24 07:52:18 | 000,002,074 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google_search.xml

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {81EA3F36-357A-435A-8741-52C27CCC9F21} - C:\WINDOWS\System32\ssqPGwwX.dll File not found
O2 - BHO: (C:\WINDOWS\system32\xeetnkw8sg.dll) - {B6BA40C1-A501-59BD-F413-03B03A2C8952} - C:\WINDOWS\System32\xeetnkw8sg.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKU\Jules_ON_C\..\Toolbar\WebBrowser: (AIM Search) - {40D41A8B-D79B-43D7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll File not found
O4 - HKLM..\Run: [HNUhcIXn0Z] C:\DOCUME~1\Mikey\LOCALS~1\Temp\system.exe File not found
O4 - HKLM..\Run: [HNUhcIXnb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\mdm.exe File not found
O4 - HKLM..\Run: [HNUhcIXnd] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp.exe File not found
O4 - HKLM..\Run: [HNUhcIXneP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp32.exe File not found
O4 - HKLM..\Run: [HNUhcIXnf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win.exe File not found
O4 - HKLM..\Run: [HNUhcIXnfQ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win16.exe File not found
O4 - HKLM..\Run: [HNUhcIXngP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win32.exe File not found
O4 - HKLM..\Run: [HNUhcIXnoc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\debug.exe File not found
O4 - HKLM..\Run: [HNUhcIXnqe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\login.exe File not found
O4 - HKLM..\Run: [HNUhcIXnqg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\hexdump.exe File not found
O4 - HKLM..\Run: [HNUhcIXnrc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winamp.exe File not found
O4 - HKLM..\Run: [HNUhcIXnsb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\drweb.exe File not found
O4 - HKLM..\Run: [HNUhcIXnsd] C:\DOCUME~1\Mikey\LOCALS~1\Temp\taskmgr.exe File not found
O4 - HKLM..\Run: [HNUhcIXnsf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\lsass.exe File not found
O4 - HKLM..\Run: [HNUhcIXntg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\wininst.exe File not found
O4 - HKLM..\Run: [HNUhcIXnth] C:\DOCUME~1\Mikey\LOCALS~1\Temp\svchost.exe File not found
O4 - HKLM..\Run: [HNUhcIXnUf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\z77hqz.exe File not found
O4 - HKLM..\Run: [HNUhcIXnusc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winlogon.exe File not found
O4 - HKLM..\Run: [HNUhcIXnvc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\user.exe File not found
O4 - HKLM..\Run: [HNUhcIXnvZ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\install.exe File not found
O4 - HKLM..\Run: [HNUhcIXnwe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\setup.exe File not found
O4 - HKLM..\Run: [HNUhcIXnwg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKLM..\Run: [HNUhcIXnwpc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\services.exe File not found
O4 - HKLM..\Run: [HNUhcIXnxb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\sysedit.exe File not found
O4 - HKLM..\Run: [HNUhcIXnxc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\smss.exe File not found
O4 - HKLM..\Run: [HNUhcIXnY] C:\DOCUME~1\Mikey\LOCALS~1\Temp\cmd.exe File not found
O4 - HKLM..\Run: [HNUhcIXnz9] C:\DOCUME~1\Mikey\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKLM..\Run: [HNUkaIXnd] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp.exe File not found
O4 - HKLM..\Run: [HNUkaIXneP] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp32.exe File not found
O4 - HKLM..\Run: [HNUkaIXnfQ] C:\DOCUME~1\Jules\LOCALS~1\Temp\win16.exe File not found
O4 - HKLM..\Run: [HNUkaIXnsd] C:\DOCUME~1\Jules\LOCALS~1\Temp\taskmgr.exe File not found
O4 - HKLM..\Run: [HNUkaIXntg] C:\DOCUME~1\Jules\LOCALS~1\Temp\wininst.exe File not found
O4 - HKLM..\Run: [HNUkaIXnvZ] C:\DOCUME~1\Jules\LOCALS~1\Temp\install.exe File not found
O4 - HKLM..\Run: [HNUkaIXnwg] C:\DOCUME~1\Jules\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKLM..\Run: [HNUkaIXnxb] C:\DOCUME~1\Jules\LOCALS~1\Temp\sysedit.exe File not found
O4 - HKLM..\Run: [HNUkaIXnz9] C:\DOCUME~1\Jules\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKLM..\Run: [HNUkaIXnZP] C:\DOCUME~1\Jules\LOCALS~1\Temp\gdi32.exe File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MKaoc] C:\WINDOWS\debug.exe File not found
O4 - HKLM..\Run: [MKasc] C:\WINDOWS\drweb.exe File not found
O4 - HKLM..\Run: [MKayc] C:\WINDOWS\csrss.exe File not found
O4 - HKLM..\Run: [MKaZ] C:\WINDOWS\cmd.exe File not found
O4 - HKLM..\Run: [MKbMc] C:\WINDOWS\gdi32.exe File not found
O4 - HKLM..\Run: [MKbta] C:\WINDOWS\install.exe File not found
O4 - HKLM..\Run: [MKbtc] C:\WINDOWS\hexdump.exe File not found
O4 - HKLM..\Run: [MKbuqc] C:\WINDOWS\iexplarer.exe File not found
O4 - HKLM..\Run: [MKcZ] C:\WINDOWS\mdm.exe File not found
O4 - HKLM..\Run: [MKee] C:\WINDOWS\user.exe File not found
O4 - HKLM..\Run: [MKeg] C:\WINDOWS\smss.exe File not found
O4 - HKLM..\Run: [MKeta] C:\WINDOWS\services.exe File not found
O4 - HKLM..\Run: [MKetc] C:\WINDOWS\sysedit.exe File not found
O4 - HKLM..\Run: [MKeuf] C:\WINDOWS\spoolsv.exe File not found
O4 - HKLM..\Run: [MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/
/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm
AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/
MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm
ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/
mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm
zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/
/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ
AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA
M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ
ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A
mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z
zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAADIADwA
AAj/AP8JHEiwoMGDCBMqXMiwocJUqfw4XJhqosWLGDP+k0iQmsaPHv1U/HgQIsSEHi+OFJiyoMeX
A0UOXHmwJct/EG2SbEhzp8+IPVGWNKnTJ06DRQma5CgwKMKU1FYmNWqQadKpVP+1TBmR49aTSoGK
dIpxa8yBL5121Rn1ZketaKNCheuWLlysFslmJQm0actU1KgxVSp371GDK/tq1am3IGCFV/cOFmq4
oEy0dMX6uby4LdKoYO3itSvQaszNHAEXHdnStFanXGEqvWt0cuW8g0FXrCjSdueSOHOORhg04sbf
dQ87RvsYc9iaUqm6FirbqM7eEH1vNO4ScPPFcU1S/89882/o1UhLqxbN3DRUswRFDgcOMqvJk9kX
jnUsN7Be78NNFhhXxJHlHUqCfedSQqFRRtx8lUXV24CtbTcaao5VVJhzYXlG22EHVlhXdDOFSCGF
3HHY3HVBQRhffSqNpaGCaQUWHFmtGQfVY/1R5GFwNsZn3GQ9+QfagMU1xlZT2j2lUJMNwYRVdjQ1
uJVVSEq05E29zeThgW+FBZhE2KEG1EkD+nGieFVl1qRHGqK1GY+kadQYSGcidud0cOqoH5tBsjTg
ZzuC1tma96npnVhnLqUYSjTNCeVHdzr41oZ3AXrWi0vmqKWN8OGEYVtSIumZpG0RteJxqlYqanBm
yv8IJmry1VTna9g9eRtieHE2qWU0DUrhTGN92Vaux/kFqnjMuhqcck/R+iqMjJbp1UJbcvhVnHit
dau2TBo4rGBzgtYlnEeSmtl9bC54HVy+ocuUfIFGZieV2DWY0Y8T1ZqRcKAGCt6EbKU5KEvfFSZX
Yw0GtVmoLvIl0hRTDNYVdkFOBegUKExRXXkCcTyFqDIlpVrAIfkZJL7MnbwSU4vepCDMwsXU4mMY
auhfersmmwrFU+jrmGuYDgT0t30CPZJEJ59oq8wjUVkwymmBibDAm3ZkdVVNc+WsRfZqxZHSKU8H
sqHV+SGyWbSq+Q/QRm6m7IJhMvmwzMN+lh2pSJb/KKXDu1nt9MCs0RZ2baVRzFhONfFbUMUjq9cU
TUcPjdlw1AAto+Nerriwwn+ruVqwRn4XZ4rQfb6edY9RjEJRaZ1L45U/d+yem5qjbmFcIV3LEtC2
v9ZTu2epZma7glUMYMkHIwWgqqqXDjnFCjJ0oVZwe/gevPpKqFjlT6tNMfdlgnVm3i+J70fHL+vG
oGfH6ihXxZspb6NwAB4ZOICNi0o/avSbj1mkJLaoBM8v3lkfZ8rmLSnB7UmZGx+oaFO+fPUocx1z
Xe+W1iLdRC87D1MfCF9iqur0KVm6YU3vAggnESLuZ0FbDfVwQjV2PW58ugJfjoQ0uIgERnxBk5HS
/1Rzn4V172or9FXQXDLB5vnmeWpzG2LU9rUnwTA6EclgvYa1PB9iMHKh0tIDaZisQz3PiBAZolyA
eEBYRY1QJIzI/5hSsSXxT1B5E00Up0TFuuFGbV+J4AzTIyy4pFFxLhORFlmzm+hNziWaQ9eAOCZC
KlGpPFjLDg63U7/qiYqEsxHUXfb4LbuVxTIiu5FWMihBcnEpYRQCniw7xkpWbi9OT2nUF7m1GKBx
jE6v4WSePEUxf3nkaBXyZPoKiT1ACuw6S4yYYyC3FV8ukUtkKuZcfmdN1/lyfb4sIXIyxCYg1jFI
Imxi1lSEnzoiDCfUy1cp13kaj13qmZHTyDG1yf/NirURJt/sSEpENhZJ0UqOm1TRjYhXP5HRsp3U
m2B5qjcjOqoNM0DkTeB8xx+k9JFDmMTaRSQ0yLdR74pvqV1JC4KC9W3kYWm6ETIhY5P+CNKcxQSi
1mxComehhXrK02QI3ymqFjVFoHN6GhzzMhINbsR12bymIUXmMVeWh6CH2siJsOqkj/30pDB0qOIK
NqbuaGmU7lQf/WYkUrm1SSmArIvCQOqQrUWxoRVLXD6bojlRli97lrkhChYKGebcdHJh1aZNV8dY
H0LyMpljWrA8ORNo5SavSKEfpZySQZNiVpDVzGCVyPUw8BnNIMj0z6NqYs7X4SebKHjdt8aUwt3/
2AWGxJIqDQvFs5dCy1uX+5kzwTaV6fXVaPE85AxRtTN4JvSogmViCiXqWX4qRWnzPIp4TuQfKnJF
cXQVFMM48zYpcqh+v2KPW0oLvMu2lCXgXOvzzhdWGaGmiWM0XJoAJci10YUaWgxVZf2UKf9oUz5g
xaW76oXRrsDTbWwT7q8IGB+3JRbCvcyrYES7ukcSBG4wVVQRRUthvUkxeeA1GhWFZp7eojdoL4Pp
Ypt3NfqQbE7s4o1bu8pai0VSNIrbDC1rihnGva1jp2Grah6Ila2YimSBMa49D8OijxUOezGMWsd2
BrszbjdT9r3rbT96EfLqdcrxiWd+H1IRai7t/5MAReTnRIq1YeHUYgrmDd3WJbzFyJGybF5UfuAq
X7Fh1lKnPYg2l7bGYpL4Q4abSSoPlbKBbrlx+eMcCbupYJkMac8pe5BmsWJfsSDMtnosZleUtxd3
9oivvqxiyCQoSmKFNbwg87M4YR3FkqSGQbAh1R7vl2NTQ+rK8G2bbmGE40fuk2zzJCFjeFrTHdet
w5DJCUJFZ6PLnJVr0AERevFVLpWoE2EYsg54ygjdjDZZpHoSKLDilRw/Svd+6pIcXJ2nutOtFY8V
PmhRRCfriXTrLRKBqpNpDGmTFY6Z24lLckYjG+3x7odk4qCsVichg06sbdJySGrO4y7JlKSYuf+m
FulI49h6n/LV5MyT8SZU6nSru0jSBFso3RLZbPWW4j71Cybvaz1c47JaRTyjBa+9k6S4J9+7ipfo
euZnrZHGqhiZUKJ+NmjDKsqmpZM4oieCI85Jp26xwTWPIea3GtdFbq0BuaMYdzCROoqAOhuUl5N+
uZIjZFLYPju2Cl6WQPmwgjguNoroxEthjUvehHS5smAucmzBmy+S51R2/8vdzuPbSJ733p4+lCAz
Nbd/1IF60UtsdZ6Y/ZR1bUhvDjp7ouHl8gWy2X52lHmvUqaQvjd4FQG9r75b5uMgt7mApQuuhduK
K7W/FIvVzp6/6PeZUQrsz53zejzFqqdKtZ6ONOHNsgcVFkZUxwjxI2RUE/bd/ct3f2kk1XBVwqb5
kCYO9SOErfR/JvxjV3jQxStHJ0DF53/pdzh+12cph3ZzAXSk5kloclv5h2ths029VXSRB3sIuBwd
iBi1VjR7dhuE94EmWBoIKBv6YmQBmBU5d4IwKDR7wVMZknkdWIIwSHXo0TNelS0v2HQ52BABAQA7
==] C:\WINDOWS\spoolsv.exe File not found
O4 - HKLM..\Run: [MKevc] C:\WINDOWS\setup.exe File not found
O4 - HKLM..\Run: [MKexe] C:\WINDOWS\system.exe File not found
O4 - HKLM..\Run: [MKfa] C:\WINDOWS\win.exe File not found
O4 - HKLM..\Run: [MKfPc] C:\WINDOWS\win32.exe File not found
O4 - HKLM..\Run: [MKfre] C:\WINDOWS\wininst.exe File not found
O4 - HKLM..\Run: [MKfsc] C:\WINDOWS\winlogon.exe File not found
O4 - HKLM..\Run: [MKWPtg] C:\WINDOWS\TEMP\wininst.exe File not found
O4 - HKLM..\Run: [MKZe] C:\WINDOWS\avp.exe File not found
O4 - HKLM..\Run: [MKZSc] C:\WINDOWS\avp32.exe File not found
O4 - HKLM..\Run: [OSCD_Creator] C:\DELL\PREODM.EXE ()
O4 - HKLM..\Run: [Recordpad] C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe (NCH Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ()
O4 - HKLM..\Run: [Tpinudepiguyoru] C:\WINDOWS\ogudenenor.DLL ()
O4 - HKLM..\Run: [uPc+MV0NbtaGuo] C:\WINDOWS\System32\zh0ycwd.DLL ()
O4 - HKU\Jules_ON_C..\Run: [E6TaskPanel] C:\Program Files\EarthLink TotalAccess\TaskPanl.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXn0Z] C:\DOCUME~1\Mikey\LOCALS~1\Temp\system.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\mdm.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXneP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnfQ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win16.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXngP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnqe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\login.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnqg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\hexdump.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnrc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winamp.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnsb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\drweb.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnsf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\lsass.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXntg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\wininst.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnUf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\z77hqz.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnusc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winlogon.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnvc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\user.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnvZ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\install.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnwe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\setup.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnwg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnxc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\smss.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnz9] C:\DOCUME~1\Mikey\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnd] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXneP] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnfQ] C:\DOCUME~1\Jules\LOCALS~1\Temp\win16.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnsd] C:\DOCUME~1\Jules\LOCALS~1\Temp\taskmgr.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXntg] C:\DOCUME~1\Jules\LOCALS~1\Temp\wininst.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnvZ] C:\DOCUME~1\Jules\LOCALS~1\Temp\install.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnwg] C:\DOCUME~1\Jules\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnxb] C:\DOCUME~1\Jules\LOCALS~1\Temp\sysedit.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnz9] C:\DOCUME~1\Jules\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnZP] C:\DOCUME~1\Jules\LOCALS~1\Temp\gdi32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKaoc] C:\WINDOWS\debug.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKasc] C:\WINDOWS\drweb.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKayc] C:\WINDOWS\csrss.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKbMc] C:\WINDOWS\gdi32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKbta] C:\WINDOWS\install.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKbtc] C:\WINDOWS\hexdump.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKcZ] C:\WINDOWS\mdm.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKee] C:\WINDOWS\user.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKeg] C:\WINDOWS\smss.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKetc] C:\WINDOWS\sysedit.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKeuf] C:\WINDOWS\spoolsv.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKevc] C:\WINDOWS\setup.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKexe] C:\WINDOWS\system.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKfPc] C:\WINDOWS\win32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKfre] C:\WINDOWS\wininst.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKfsc] C:\WINDOWS\winlogon.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKWPtg] C:\WINDOWS\TEMP\wininst.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKZe] C:\WINDOWS\avp.exe File not found
O4 - HKU\Jules_ON_C..\Run: [MKZSc] C:\WINDOWS\avp32.exe File not found
O4 - HKU\Jules_ON_C..\Run: [SpySweeper] File not found
O4 - HKU\Jules_ON_C..\Run: [uPc+MV0NbtaGuo] C:\WINDOWS\System32\zh0ycwd.DLL ()
O4 - HKU\Jules_ON_C..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\Mikey_ON_C..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXn0Z] C:\DOCUME~1\Mikey\LOCALS~1\Temp\system.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\mdm.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnd] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXneP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnfQ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win16.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXngP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnqe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\login.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnqg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\hexdump.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnrc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winamp.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnsb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\drweb.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnsf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\lsass.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXntg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\wininst.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnth] C:\DOCUME~1\Mikey\LOCALS~1\Temp\svchost.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnUf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\z77hqz.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnusc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winlogon.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnvc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\user.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnvZ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\install.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnwe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\setup.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnwg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnwpc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\services.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnxc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\smss.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnz9] C:\DOCUME~1\Mikey\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnd] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXneP] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnfQ] C:\DOCUME~1\Jules\LOCALS~1\Temp\win16.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnsd] C:\DOCUME~1\Jules\LOCALS~1\Temp\taskmgr.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXntg] C:\DOCUME~1\Jules\LOCALS~1\Temp\wininst.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnvZ] C:\DOCUME~1\Jules\LOCALS~1\Temp\install.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnwg] C:\DOCUME~1\Jules\LOCALS~1\Temp\spoolsv.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnxb] C:\DOCUME~1\Jules\LOCALS~1\Temp\sysedit.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnz9] C:\DOCUME~1\Jules\LOCALS~1\Temp\nvsvc32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnZP] C:\DOCUME~1\Jules\LOCALS~1\Temp\gdi32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKaoc] C:\WINDOWS\debug.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKasc] C:\WINDOWS\drweb.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKayc] C:\WINDOWS\csrss.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKbMc] C:\WINDOWS\gdi32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKbta] C:\WINDOWS\install.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKbtc] C:\WINDOWS\hexdump.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKcZ] C:\WINDOWS\mdm.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKee] C:\WINDOWS\user.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKeg] C:\WINDOWS\smss.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKetc] C:\WINDOWS\sysedit.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKeuf] C:\WINDOWS\spoolsv.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKevc] C:\WINDOWS\setup.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKexe] C:\WINDOWS\system.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKfPc] C:\WINDOWS\win32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKfre] C:\WINDOWS\wininst.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKfsc] C:\WINDOWS\winlogon.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKWPtg] C:\WINDOWS\TEMP\wininst.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKZe] C:\WINDOWS\avp.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [MKZSc] C:\WINDOWS\avp32.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [Snosesicogoto] C:\WINDOWS\werowp.DLL ()
O4 - HKU\Mikey_ON_C..\Run: [U36VRSFLG6] C:\DOCUME~1\Mikey\LOCALS~1\Temp\Uwl.exe File not found
O4 - HKU\Mikey_ON_C..\Run: [uPc+MV0NbtaGuo] C:\WINDOWS\System32\zh0ycwd.DLL ()
O4 - HKLM..\RunOnce: [OSCD_Creator] C:\Dell\PreODM.EXE ()
O4 - Startup: C:\Documents and Settings\Mikey\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Mikey\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jules_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Jules_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jules_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Jules_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Mikey_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Mikey_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Mikey_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Mikey_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.247.15.53 24.247.24.53 68.115.71.53
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (%windir%\XP ARENA.exe) - C:\WINDOWS\XP ARENA.EXE (Microsoft Corporation)
O20 - HKU\Mikey_ON_C Winlogon: Shell - (C:\Documents and Settings\Mikey\Application Data\hotfix.exe) - C:\Documents and Settings\Mikey\Application Data\hotfix.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\ssqPGwwX: DllName - ssqPGwwX.dll - File not found
O22 - SharedTaskScheduler: {B6BA40C1-A501-59BD-F413-03B03A2C8952} - dfskea98e4iagjiufhg87df87u - C:\WINDOWS\System32\xeetnkw8sg.dll File not found
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {81EA3F36-357A-435A-8741-52C27CCC9F21} - C:\WINDOWS\System32\ssqPGwwX.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: FSUTonui - (C:\WINDOWS\system32\magnyi64.dll) - C:\WINDOWS\SYSTEM32\magnyi64.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/27 17:47:10 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/10/27 17:47:09 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/10/27 15:33:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/10/27 15:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\Malwarebytes
[2010/10/27 15:31:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/27 15:31:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/27 15:31:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Desktop\Malwarebytes' Anti-Malware
[2010/10/27 14:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jules\Local Settings\Application Data\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}
[2010/10/27 14:50:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jules\My Documents\Recordpad
[2010/10/27 14:50:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jules\Application Data\Recordpad
[2010/10/27 14:50:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jules\Application Data\NCH Swift Sound
[2010/10/27 14:17:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/10/27 14:16:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\LocalService\Favorites
[2010/10/27 14:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}
[2010/10/27 14:08:43 | 000,307,200 | ---- | C] (CJSC Computing Forces) -- C:\WINDOWS\System32\sshnas21.dll
[2010/10/27 13:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\My Documents\Gygan Downloads
[2010/10/27 13:06:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\Gygan
[2010/10/27 13:06:00 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode
[2010/10/27 13:06:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Xenocode
[2010/10/27 12:57:22 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/10/26 23:31:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2010/10/24 19:42:13 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2010/10/24 02:05:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mikey\Recent
[2010/10/24 00:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Unity
[2010/10/23 17:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Temp
[2010/10/23 17:15:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Google
[2010/10/23 17:08:37 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Mikey\UserData
[2010/10/22 22:45:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\Opera
[2010/10/22 18:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\GoldWave
[2010/10/22 18:01:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/10/22 18:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/10/22 18:00:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Apple
[2010/10/22 18:00:11 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/10/22 17:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\Apple Computer
[2010/10/22 17:59:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DigiDesign
[2010/10/22 17:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\Steinberg
[2010/10/22 17:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\IK Multimedia
[2010/10/22 17:58:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\InstallShield
[2010/10/20 23:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\My Documents\Recordpad
[2010/10/20 23:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\Recordpad
[2010/10/20 23:33:03 | 007,034,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\XP ARENA.EXE
[2010/10/20 19:35:36 | 000,000,000 | ---D | C] -- C:\Program Files\War2Combat
[2010/10/19 13:38:51 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010/10/19 13:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2010/10/19 13:37:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\NCH Swift Sound
[2010/10/19 02:49:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Application Data\IObit
[2010/10/19 02:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/10/19 02:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\Local Settings\Application Data\FriendBlasterPro
[2010/10/19 02:11:30 | 000,241,664 | ---- | C] (Namtuk.com) -- C:\WINDOWS\System32\MyFramePanel.ocx
[2010/10/19 02:11:27 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ComCtl32.ocx
[2010/10/19 02:11:25 | 000,245,760 | ---- | C] (LansSoft Studio) -- C:\WINDOWS\System32\aUpdateNow.ocx
[2010/10/19 02:11:25 | 000,140,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2010/10/19 02:11:25 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msinet.ocx
[2010/10/19 02:11:24 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCTL.OCX
[2010/10/19 02:11:22 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6STKIT.DLL
[2010/10/19 02:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\FriendBlasterPro
[2010/10/17 14:42:07 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010/10/17 11:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sandlot Shared
[2010/10/14 05:18:33 | 000,000,000 | ---D | C] -- C:\Program Files\LucasArts
[2010/10/13 20:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\Infogrames
[2010/10/13 20:13:54 | 000,000,000 | ---D | C] -- C:\Program Files\Infogrames Interactive
[2010/10/13 20:08:25 | 000,000,000 | ---D | C] -- C:\Program Files\GameHouse Games Collection
[2010/10/13 00:48:09 | 000,000,000 | ---D | C] -- C:\Program Files\Postal2
[2010/10/13 00:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\Core Design
[2010/10/11 20:44:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mikey\My Documents\EMULATORS
[2010/10/10 20:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\Bethesda Softworks
[2010/10/07 18:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\ElcomSoft
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/02 12:53:37 | 517,783,552 | ---- | M] () -- C:\REMOVE_THIS_FILE.livecd.swap
[2010/10/27 18:27:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\myiqtsc.sys
[2010/10/27 18:27:44 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/10/27 18:27:28 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010/10/27 18:27:25 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/10/27 18:26:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/10/27 18:26:21 | 266,407,936 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/27 18:24:46 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Jules\Desktop\Windows Media Player.lnk
[2010/10/27 18:24:33 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/10/27 17:24:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/10/27 17:20:26 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008UA.job
[2010/10/27 17:20:25 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008Core.job
[2010/10/27 16:24:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/10/27 15:24:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/10/27 15:23:50 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\shell.reg
[2010/10/27 14:24:11 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/10/27 14:21:39 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\start
[2010/10/27 14:21:21 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\completescan
[2010/10/27 14:13:12 | 000,000,013 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/10/27 14:12:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Ubobecahexofi.bin
[2010/10/27 14:12:40 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Wwehikicilucipi.dat
[2010/10/27 14:12:39 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\ThinkPoint.lnk
[2010/10/27 14:12:25 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\install
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/10/27 14:11:28 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/10/27 14:10:08 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/10/27 14:10:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/10/27 14:10:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/10/27 14:09:32 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\hotfix.exe
[2010/10/27 14:09:03 | 000,030,000 | ---- | M] () -- C:\WINDOWS\System32\zh0ycwd.dll
[2010/10/27 14:08:44 | 000,307,200 | ---- | M] (CJSC Computing Forces) -- C:\WINDOWS\System32\sshnas21.dll
[2010/10/27 14:08:43 | 000,053,248 | -H-- | M] () -- C:\WINDOWS\System32\magnyi64.dll
[2010/10/27 13:04:16 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/10/27 13:04:16 | 000,000,782 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\Windows Media Player.lnk
[2010/10/27 12:57:08 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/27 12:56:51 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/10/27 12:56:51 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/10/27 12:52:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/10/26 23:31:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/26 22:29:40 | 000,053,454 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\Game Setup.exe
[2010/10/25 22:39:36 | 000,235,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/25 17:55:05 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2010/10/23 17:19:37 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\Google Chrome.lnk
[2010/10/23 17:19:37 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/22 23:59:58 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\Mikey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/22 18:05:35 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\w3data.vss
[2010/10/22 18:05:35 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010/10/22 18:05:35 | 000,000,016 | ---- | M] () -- C:\WINDOWS\msocreg32.dat
[2010/10/22 18:02:24 | 000,001,802 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2010/10/22 16:41:07 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/10/22 15:01:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\switchShakeIcon.job
[2010/10/20 19:35:41 | 000,001,668 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\War2Combat.lnk
[2010/10/19 02:50:02 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010/10/19 02:50:02 | 000,000,146 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\IObit Freeware.url
[2010/10/19 02:23:34 | 000,402,406 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2010/10/19 02:23:34 | 000,063,016 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2010/10/15 06:12:39 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/10/13 20:19:48 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Mikey\My Documents\Games Collection.lnk
[2010/10/13 20:14:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\PowerReg.dat
[2010/10/11 20:50:02 | 000,000,407 | ---- | M] () -- C:\Documents and Settings\Mikey\My Documents\EMULATORS.lnk
[2010/10/09 20:22:27 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/27 19:13:48 | 517,783,552 | ---- | C] () -- C:\REMOVE_THIS_FILE.livecd.swap
[2010/10/27 15:23:49 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\shell.reg
[2010/10/27 14:21:39 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\start
[2010/10/27 14:17:02 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\completescan
[2010/10/27 14:12:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ubobecahexofi.bin
[2010/10/27 14:12:40 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Wwehikicilucipi.dat
[2010/10/27 14:12:33 | 000,000,849 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\ThinkPoint.lnk
[2010/10/27 14:12:25 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\install
[2010/10/27 14:11:31 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/10/27 14:11:30 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/10/27 14:11:30 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/10/27 14:11:26 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/10/27 14:11:23 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/10/27 14:11:08 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/10/27 14:11:04 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/10/27 14:10:49 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/10/27 14:10:48 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/10/27 14:10:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\myiqtsc.sys
[2010/10/27 14:10:42 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/10/27 14:10:37 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/10/27 14:10:35 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/10/27 14:10:35 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/10/27 14:10:34 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/10/27 14:10:32 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010/10/27 14:10:28 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/10/27 14:10:27 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/10/27 14:10:25 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/10/27 14:10:12 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/10/27 14:10:08 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/10/27 14:10:01 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/10/27 14:09:58 | 000,000,282 | -H-- | C] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010/10/27 14:09:55 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/10/27 14:09:53 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/10/27 14:09:47 | 000,000,282 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/10/27 14:09:41 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/10/27 14:09:31 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\hotfix.exe
[2010/10/27 14:09:03 | 000,030,000 | ---- | C] () -- C:\WINDOWS\System32\zh0ycwd.dll
[2010/10/27 14:08:43 | 000,053,248 | -H-- | C] () -- C:\WINDOWS\System32\magnyi64.dll
[2010/10/27 13:04:16 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/10/27 12:55:56 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/10/27 12:55:56 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/10/27 12:51:23 | 000,000,782 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\Windows Media Player.lnk
[2010/10/26 22:29:40 | 000,053,454 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\Game Setup.exe
[2010/10/23 17:19:37 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\Google Chrome.lnk
[2010/10/23 17:19:37 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/23 17:15:45 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008UA.job
[2010/10/23 17:15:43 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008Core.job
[2010/10/22 18:05:32 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\w3data.vss
[2010/10/22 18:05:32 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2010/10/22 18:05:32 | 000,000,016 | ---- | C] () -- C:\WINDOWS\msocreg32.dat
[2010/10/22 18:02:24 | 000,001,802 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2010/10/22 18:00:25 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/22 17:55:53 | 000,000,282 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2010/10/20 19:35:41 | 000,001,668 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\War2Combat.lnk
[2010/10/19 15:01:58 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\switchShakeIcon.job
[2010/10/19 02:50:02 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Mikey\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010/10/19 02:50:02 | 000,000,146 | ---- | C] () -- C:\Documents and Settings\Mikey\Desktop\IObit Freeware.url
[2010/10/15 06:12:39 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/10/15 06:12:39 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/10/13 20:19:48 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Mikey\My Documents\Games Collection.lnk
[2010/10/13 20:14:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/10/12 22:22:58 | 000,000,013 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010/10/11 20:50:02 | 000,000,407 | ---- | C] () -- C:\Documents and Settings\Mikey\My Documents\EMULATORS.lnk
[2010/09/28 02:57:12 | 000,000,751 | ---- | C] () -- C:\WINDOWS\Rtcwplat.INI
[2010/09/28 00:16:16 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\Mikey\BnetLog.txt
[2010/09/21 22:05:02 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2010/09/21 13:38:24 | 000,014,336 | ---- | C] () -- C:\Documents and Settings\Mikey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/04/30 16:36:27 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Jules\Application Data\PFP120JPR.{PB
[2005/04/30 16:36:27 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Jules\Application Data\PFP120JCM.{PB
[2005/04/17 18:53:39 | 000,035,328 | ---- | C] () -- C:\Documents and Settings\Jules\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/04/13 17:30:19 | 000,000,034 | ---- | C] () -- C:\WINDOWS\AuthMgr.INI
[2004/12/20 01:42:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/12/20 00:56:12 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 15:13:12 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 15:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 07:00:00 | 000,206,848 | ---- | C] () -- C:\WINDOWS\ogudenenor.dll
[2004/08/04 07:00:00 | 000,081,408 | ---- | C] () -- C:\WINDOWS\werowp.dll
[2004/08/04 07:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2002/03/13 16:46:46 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\zlib.dll

========== LOP Check ==========

[2005/04/13 19:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\Aim
[2005/04/12 18:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\Earthlink
[2005/04/13 17:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\EarthLink Toolbar
[2010/10/27 14:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\NCH Swift Sound
[2010/10/27 14:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\Recordpad
[2010/10/27 15:11:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jules\Application Data\uTorrent
[2010/09/27 20:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\DAEMON Tools Lite
[2010/09/13 12:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\EarthLink Toolbar
[2010/10/27 14:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\Gygan
[2010/09/28 19:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\HD Tune Pro
[2010/10/19 02:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\IObit
[2010/10/22 17:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\NCH Swift Sound
[2010/10/22 22:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\Opera
[2010/10/20 23:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\Recordpad
[2010/10/27 14:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mikey\Application Data\uTorrent
[2010/10/27 14:10:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2010/10/27 14:24:11 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2010/10/27 15:24:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2010/10/27 16:24:10 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2010/10/27 17:24:12 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2010/10/27 18:24:33 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2010/10/27 14:11:28 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2010/10/27 14:10:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2010/10/27 14:11:36 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2010/10/27 14:10:08 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2010/10/27 14:10:30 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2010/10/27 14:10:39 | 000,000,404 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2010/10/22 15:01:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2010/10/25 17:55:05 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job
[2010/10/27 18:27:44 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/10/27 18:27:25 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/10/27 18:27:28 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

========== Purity Check ==========



< End of report >

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!4th November 2010, 1:10 am

more_horiz
What do I do now? I tried running my hard drive in safe mode, but it still went to the blank screen.

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!4th November 2010, 3:52 am

more_horiz
Hi,

This machine is severely infected chances of cleaning it are slim if OTL freezes.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    SRV - [2010/10/27 14:08:44 | 000,307,200 | ---- | M] (CJSC Computing Forces) [Auto] -- C:\WINDOWS\SYSTEM32\sshnas21.dll -- (SSHNAS)
    DRV - [2010/10/27 18:27:55 | 000,000,000 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\myiqtsc.sys -- (myiqtsc)
    O2 - BHO: (no name) - {81EA3F36-357A-435A-8741-52C27CCC9F21} - C:\WINDOWS\System32\ssqPGwwX.dll File not found
    O2 - BHO: (C:\WINDOWS\system32\xeetnkw8sg.dll) - {B6BA40C1-A501-59BD-F413-03B03A2C8952} - C:\WINDOWS\System32\xeetnkw8sg.dll File not found
    O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
    O4 - HKLM..\Run: [HNUhcIXn0Z] C:\DOCUME~1\Mikey\LOCALS~1\Temp\system.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\mdm.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnd] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp.exe File not found
    O4 - HKLM..\Run: [HNUhcIXneP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp32.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnfQ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win16.exe File not found
    O4 - HKLM..\Run: [HNUhcIXngP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win32.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnoc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\debug.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnqe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\login.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnqg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\hexdump.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnrc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winamp.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnsb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\drweb.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnsd] C:\DOCUME~1\Mikey\LOCALS~1\Temp\taskmgr.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnsf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\lsass.exe File not found
    O4 - HKLM..\Run: [HNUhcIXntg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\wininst.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnth] C:\DOCUME~1\Mikey\LOCALS~1\Temp\svchost.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnUf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\z77hqz.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnusc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winlogon.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnvc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\user.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnvZ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\install.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnwe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\setup.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnwg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\spoolsv.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnwpc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\services.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnxb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\sysedit.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnxc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\smss.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnY] C:\DOCUME~1\Mikey\LOCALS~1\Temp\cmd.exe File not found
    O4 - HKLM..\Run: [HNUhcIXnz9] C:\DOCUME~1\Mikey\LOCALS~1\Temp\nvsvc32.exe File not found
    O4 - HKLM..\Run: [HNUkaIXnd] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp.exe File not found
    O4 - HKLM..\Run: [HNUkaIXneP] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp32.exe File not found
    O4 - HKLM..\Run: [HNUkaIXnfQ] C:\DOCUME~1\Jules\LOCALS~1\Temp\win16.exe File not found
    O4 - HKLM..\Run: [HNUkaIXnsd] C:\DOCUME~1\Jules\LOCALS~1\Temp\taskmgr.exe File not found
    O4 - HKLM..\Run: [HNUkaIXntg] C:\DOCUME~1\Jules\LOCALS~1\Temp\wininst.exe File not found
    O4 - HKLM..\Run: [HNUkaIXnvZ] C:\DOCUME~1\Jules\LOCALS~1\Temp\install.exe File not found
    O4 - HKLM..\Run: [HNUkaIXnwg] C:\DOCUME~1\Jules\LOCALS~1\Temp\spoolsv.exe File not found
    O4 - HKLM..\Run: [HNUkaIXnxb] C:\DOCUME~1\Jules\LOCALS~1\Temp\sysedit.exe File not found
    O4 - HKLM..\Run: [HNUkaIXnz9] C:\DOCUME~1\Jules\LOCALS~1\Temp\nvsvc32.exe File not found
    O4 - HKLM..\Run: [HNUkaIXnZP] C:\DOCUME~1\Jules\LOCALS~1\Temp\gdi32.exe File not found
    O4 - HKLM..\Run: [KernelFaultCheck] File not found
    O4 - HKLM..\Run: [MKaoc] C:\WINDOWS\debug.exe File not found
    O4 - HKLM..\Run: [MKasc] C:\WINDOWS\drweb.exe File not found
    O4 - HKLM..\Run: [MKayc] C:\WINDOWS\csrss.exe File not found
    O4 - HKLM..\Run: [MKaZ] C:\WINDOWS\cmd.exe File not found
    O4 - HKLM..\Run: [MKbMc] C:\WINDOWS\gdi32.exe File not found
    O4 - HKLM..\Run: [MKbta] C:\WINDOWS\install.exe File not found
    O4 - HKLM..\Run: [MKbtc] C:\WINDOWS\hexdump.exe File not found
    O4 - HKLM..\Run: [MKbuqc] C:\WINDOWS\iexplarer.exe File not found
    O4 - HKLM..\Run: [MKcZ] C:\WINDOWS\mdm.exe File not found
    O4 - HKLM..\Run: [MKee] C:\WINDOWS\user.exe File not found
    O4 - HKLM..\Run: [MKeg] C:\WINDOWS\smss.exe File not found
    O4 - HKLM..\Run: [MKeta] C:\WINDOWS\services.exe File not found
    O4 - HKLM..\Run: [MKetc] C:\WINDOWS\sysedit.exe File not found
    O4 - HKLM..\Run: [MKeuf] C:\WINDOWS\spoolsv.exe File not found
    O4 - HKLM..\Run: [MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/
    /////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm
    AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/
    MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm
    ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/
    mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm
    zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/
    /5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ
    AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA
    M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ
    ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A
    mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z
    zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAADIADwA
    AAj/AP8JHEiwoMGDCBMqXMiwocJUqfw4XJhqosWLGDP+k0iQmsaPHv1U/HgQIsSEHi+OFJiyoMeX
    A0UOXHmwJct/EG2SbEhzp8+IPVGWNKnTJ06DRQma5CgwKMKU1FYmNWqQadKpVP+1TBmR49aTSoGK
    dIpxa8yBL5121Rn1ZketaKNCheuWLlysFslmJQm0actU1KgxVSp371GDK/tq1am3IGCFV/cOFmq4
    oEy0dMX6uby4LdKoYO3itSvQaszNHAEXHdnStFanXGEqvWt0cuW8g0FXrCjSdueSOHOORhg04sbf
    dQ87RvsYc9iaUqm6FirbqM7eEH1vNO4ScPPFcU1S/89882/o1UhLqxbN3DRUswRFDgcOMqvJk9kX
    jnUsN7Be78NNFhhXxJHlHUqCfedSQqFRRtx8lUXV24CtbTcaao5VVJhzYXlG22EHVlhXdDOFSCGF
    3HHY3HVBQRhffSqNpaGCaQUWHFmtGQfVY/1R5GFwNsZn3GQ9+QfagMU1xlZT2j2lUJMNwYRVdjQ1
    uJVVSEq05E29zeThgW+FBZhE2KEG1EkD+nGieFVl1qRHGqK1GY+kadQYSGcidud0cOqoH5tBsjTg
    ZzuC1tma96npnVhnLqUYSjTNCeVHdzr41oZ3AXrWi0vmqKWN8OGEYVtSIumZpG0RteJxqlYqanBm
    yv8IJmry1VTna9g9eRtieHE2qWU0DUrhTGN92Vaux/kFqnjMuhqcck/R+iqMjJbp1UJbcvhVnHit
    dau2TBo4rGBzgtYlnEeSmtl9bC54HVy+ocuUfIFGZieV2DWY0Y8T1ZqRcKAGCt6EbKU5KEvfFSZX
    Yw0GtVmoLvIl0hRTDNYVdkFOBegUKExRXXkCcTyFqDIlpVrAIfkZJL7MnbwSU4vepCDMwsXU4mMY
    auhfersmmwrFU+jrmGuYDgT0t30CPZJEJ59oq8wjUVkwymmBibDAm3ZkdVVNc+WsRfZqxZHSKU8H
    sqHV+SGyWbSq+Q/QRm6m7IJhMvmwzMN+lh2pSJb/KKXDu1nt9MCs0RZ2baVRzFhONfFbUMUjq9cU
    TUcPjdlw1AAto+Nerriwwn+ruVqwRn4XZ4rQfb6edY9RjEJRaZ1L45U/d+yem5qjbmFcIV3LEtC2
    v9ZTu2epZma7glUMYMkHIwWgqqqXDjnFCjJ0oVZwe/gevPpKqFjlT6tNMfdlgnVm3i+J70fHL+vG
    oGfH6ihXxZspb6NwAB4ZOICNi0o/avSbj1mkJLaoBM8v3lkfZ8rmLSnB7UmZGx+oaFO+fPUocx1z
    Xe+W1iLdRC87D1MfCF9iqur0KVm6YU3vAggnESLuZ0FbDfVwQjV2PW58ugJfjoQ0uIgERnxBk5HS
    /1Rzn4V172or9FXQXDLB5vnmeWpzG2LU9rUnwTA6EclgvYa1PB9iMHKh0tIDaZisQz3PiBAZolyA
    eEBYRY1QJIzI/5hSsSXxT1B5E00Up0TFuuFGbV+J4AzTIyy4pFFxLhORFlmzm+hNziWaQ9eAOCZC
    KlGpPFjLDg63U7/qiYqEsxHUXfb4LbuVxTIiu5FWMihBcnEpYRQCniw7xkpWbi9OT2nUF7m1GKBx
    jE6v4WSePEUxf3nkaBXyZPoKiT1ACuw6S4yYYyC3FV8ukUtkKuZcfmdN1/lyfb4sIXIyxCYg1jFI
    Imxi1lSEnzoiDCfUy1cp13kaj13qmZHTyDG1yf/NirURJt/sSEpENhZJ0UqOm1TRjYhXP5HRsp3U
    m2B5qjcjOqoNM0DkTeB8xx+k9JFDmMTaRSQ0yLdR74pvqV1JC4KC9W3kYWm6ETIhY5P+CNKcxQSi
    1mxComehhXrK02QI3ymqFjVFoHN6GhzzMhINbsR12bymIUXmMVeWh6CH2siJsOqkj/30pDB0qOIK
    NqbuaGmU7lQf/WYkUrm1SSmArIvCQOqQrUWxoRVLXD6bojlRli97lrkhChYKGebcdHJh1aZNV8dY
    H0LyMpljWrA8ORNo5SavSKEfpZySQZNiVpDVzGCVyPUw8BnNIMj0z6NqYs7X4SebKHjdt8aUwt3/
    2AWGxJIqDQvFs5dCy1uX+5kzwTaV6fXVaPE85AxRtTN4JvSogmViCiXqWX4qRWnzPIp4TuQfKnJF
    cXQVFMM48zYpcqh+v2KPW0oLvMu2lCXgXOvzzhdWGaGmiWM0XJoAJci10YUaWgxVZf2UKf9oUz5g
    xaW76oXRrsDTbWwT7q8IGB+3JRbCvcyrYES7ukcSBG4wVVQRRUthvUkxeeA1GhWFZp7eojdoL4Pp
    Ypt3NfqQbE7s4o1bu8pai0VSNIrbDC1rihnGva1jp2Grah6Ila2YimSBMa49D8OijxUOezGMWsd2
    BrszbjdT9r3rbT96EfLqdcrxiWd+H1IRai7t/5MAReTnRIq1YeHUYgrmDd3WJbzFyJGybF5UfuAq
    X7Fh1lKnPYg2l7bGYpL4Q4abSSoPlbKBbrlx+eMcCbupYJkMac8pe5BmsWJfsSDMtnosZleUtxd3
    9oivvqxiyCQoSmKFNbwg87M4YR3FkqSGQbAh1R7vl2NTQ+rK8G2bbmGE40fuk2zzJCFjeFrTHdet
    w5DJCUJFZ6PLnJVr0AERevFVLpWoE2EYsg54ygjdjDZZpHoSKLDilRw/Svd+6pIcXJ2nutOtFY8V
    PmhRRCfriXTrLRKBqpNpDGmTFY6Z24lLckYjG+3x7odk4qCsVichg06sbdJySGrO4y7JlKSYuf+m
    FulI49h6n/LV5MyT8SZU6nSru0jSBFso3RLZbPWW4j71Cybvaz1c47JaRTyjBa+9k6S4J9+7ipfo
    euZnrZHGqhiZUKJ+NmjDKsqmpZM4oieCI85Jp26xwTWPIea3GtdFbq0BuaMYdzCROoqAOhuUl5N+
    uZIjZFLYPju2Cl6WQPmwgjguNoroxEthjUvehHS5smAucmzBmy+S51R2/8vdzuPbSJ733p4+lCAz
    Nbd/1IF60UtsdZ6Y/ZR1bUhvDjp7ouHl8gWy2X52lHmvUqaQvjd4FQG9r75b5uMgt7mApQuuhduK
    K7W/FIvVzp6/6PeZUQrsz53zejzFqqdKtZ6ONOHNsgcVFkZUxwjxI2RUE/bd/ct3f2kk1XBVwqb5
    kCYO9SOErfR/JvxjV3jQxStHJ0DF53/pdzh+12cph3ZzAXSk5kloclv5h2ths029VXSRB3sIuBwd
    iBi1VjR7dhuE94EmWBoIKBv6YmQBmBU5d4IwKDR7wVMZknkdWIIwSHXo0TNelS0v2HQ52BABAQA7
    ==] C:\WINDOWS\spoolsv.exe File not found
    O4 - HKLM..\Run: [MKevc] C:\WINDOWS\setup.exe File not found
    O4 - HKLM..\Run: [MKexe] C:\WINDOWS\system.exe File not found
    O4 - HKLM..\Run: [MKfa] C:\WINDOWS\win.exe File not found
    O4 - HKLM..\Run: [MKfPc] C:\WINDOWS\win32.exe File not found
    O4 - HKLM..\Run: [MKfre] C:\WINDOWS\wininst.exe File not found
    O4 - HKLM..\Run: [MKfsc] C:\WINDOWS\winlogon.exe File not found
    O4 - HKLM..\Run: [MKWPtg] C:\WINDOWS\TEMP\wininst.exe File not found
    O4 - HKLM..\Run: [MKZe] C:\WINDOWS\avp.exe File not found
    O4 - HKLM..\Run: [MKZSc] C:\WINDOWS\avp32.exe File not found
    O4 - HKLM..\Run: [Tpinudepiguyoru] C:\WINDOWS\ogudenenor.DLL ()
    O4 - HKLM..\Run: [uPc+MV0NbtaGuo] C:\WINDOWS\System32\zh0ycwd.DLL ()
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXn0Z] C:\DOCUME~1\Mikey\LOCALS~1\Temp\system.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\mdm.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXneP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp32.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnfQ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win16.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXngP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win32.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnqe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\login.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnqg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\hexdump.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnrc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winamp.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnsb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\drweb.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnsf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\lsass.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXntg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\wininst.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnUf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\z77hqz.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnusc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winlogon.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnvc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\user.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnvZ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\install.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnwe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\setup.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnwg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\spoolsv.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnxc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\smss.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUhcIXnz9] C:\DOCUME~1\Mikey\LOCALS~1\Temp\nvsvc32.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnd] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUkaIXneP] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp32.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnfQ] C:\DOCUME~1\Jules\LOCALS~1\Temp\win16.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnsd] C:\DOCUME~1\Jules\LOCALS~1\Temp\taskmgr.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUkaIXntg] C:\DOCUME~1\Jules\LOCALS~1\Temp\wininst.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnvZ] C:\DOCUME~1\Jules\LOCALS~1\Temp\install.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnwg] C:\DOCUME~1\Jules\LOCALS~1\Temp\spoolsv.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnxb] C:\DOCUME~1\Jules\LOCALS~1\Temp\sysedit.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnz9] C:\DOCUME~1\Jules\LOCALS~1\Temp\nvsvc32.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [HNUkaIXnZP] C:\DOCUME~1\Jules\LOCALS~1\Temp\gdi32.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKaoc] C:\WINDOWS\debug.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKasc] C:\WINDOWS\drweb.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKayc] C:\WINDOWS\csrss.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKbMc] C:\WINDOWS\gdi32.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKbta] C:\WINDOWS\install.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKbtc] C:\WINDOWS\hexdump.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKcZ] C:\WINDOWS\mdm.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKee] C:\WINDOWS\user.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKeg] C:\WINDOWS\smss.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKetc] C:\WINDOWS\sysedit.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKeuf] C:\WINDOWS\spoolsv.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKevc] C:\WINDOWS\setup.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKexe] C:\WINDOWS\system.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKfPc] C:\WINDOWS\win32.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKfre] C:\WINDOWS\wininst.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKfsc] C:\WINDOWS\winlogon.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKWPtg] C:\WINDOWS\TEMP\wininst.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKZe] C:\WINDOWS\avp.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [MKZSc] C:\WINDOWS\avp32.exe File not found
    O4 - HKU\Jules_ON_C..\Run: [uPc+MV0NbtaGuo] C:\WINDOWS\System32\zh0ycwd.DLL ()
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXn0Z] C:\DOCUME~1\Mikey\LOCALS~1\Temp\system.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\mdm.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnd] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXneP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\avp32.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnfQ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win16.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXngP] C:\DOCUME~1\Mikey\LOCALS~1\Temp\win32.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnqe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\login.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnqg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\hexdump.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnrc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winamp.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnsb] C:\DOCUME~1\Mikey\LOCALS~1\Temp\drweb.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnsf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\lsass.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXntg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\wininst.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnth] C:\DOCUME~1\Mikey\LOCALS~1\Temp\svchost.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnUf] C:\DOCUME~1\Mikey\LOCALS~1\Temp\z77hqz.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnusc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\winlogon.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnvc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\user.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnvZ] C:\DOCUME~1\Mikey\LOCALS~1\Temp\install.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnwe] C:\DOCUME~1\Mikey\LOCALS~1\Temp\setup.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnwg] C:\DOCUME~1\Mikey\LOCALS~1\Temp\spoolsv.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnwpc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\services.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnxc] C:\DOCUME~1\Mikey\LOCALS~1\Temp\smss.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUhcIXnz9] C:\DOCUME~1\Mikey\LOCALS~1\Temp\nvsvc32.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnd] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXneP] C:\DOCUME~1\Jules\LOCALS~1\Temp\avp32.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnfQ] C:\DOCUME~1\Jules\LOCALS~1\Temp\win16.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnsd] C:\DOCUME~1\Jules\LOCALS~1\Temp\taskmgr.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXntg] C:\DOCUME~1\Jules\LOCALS~1\Temp\wininst.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnvZ] C:\DOCUME~1\Jules\LOCALS~1\Temp\install.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnwg] C:\DOCUME~1\Jules\LOCALS~1\Temp\spoolsv.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnxb] C:\DOCUME~1\Jules\LOCALS~1\Temp\sysedit.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnz9] C:\DOCUME~1\Jules\LOCALS~1\Temp\nvsvc32.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [HNUkaIXnZP] C:\DOCUME~1\Jules\LOCALS~1\Temp\gdi32.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKaoc] C:\WINDOWS\debug.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKasc] C:\WINDOWS\drweb.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKayc] C:\WINDOWS\csrss.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKbMc] C:\WINDOWS\gdi32.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKbta] C:\WINDOWS\install.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKbtc] C:\WINDOWS\hexdump.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKcZ] C:\WINDOWS\mdm.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKee] C:\WINDOWS\user.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKeg] C:\WINDOWS\smss.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKetc] C:\WINDOWS\sysedit.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKeuf] C:\WINDOWS\spoolsv.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKevc] C:\WINDOWS\setup.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKexe] C:\WINDOWS\system.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKfPc] C:\WINDOWS\win32.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKfre] C:\WINDOWS\wininst.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKfsc] C:\WINDOWS\winlogon.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKWPtg] C:\WINDOWS\TEMP\wininst.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKZe] C:\WINDOWS\avp.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [MKZSc] C:\WINDOWS\avp32.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [Snosesicogoto] C:\WINDOWS\werowp.DLL ()
    O4 - HKU\Mikey_ON_C..\Run: [U36VRSFLG6] C:\DOCUME~1\Mikey\LOCALS~1\Temp\Uwl.exe File not found
    O4 - HKU\Mikey_ON_C..\Run: [uPc+MV0NbtaGuo] C:\WINDOWS\System32\zh0ycwd.DLL ()
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\Jules_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\Jules_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
    O7 - HKU\Jules_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
    O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\Mikey_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\Mikey_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
    O7 - HKU\Mikey_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
    O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.247.15.53 24.247.24.53 68.115.71.53
    O20 - HKU\Mikey_ON_C Winlogon: Shell - (C:\Documents and Settings\Mikey\Application Data\hotfix.exe) - C:\Documents and Settings\Mikey\Application Data\hotfix.exe ()
    O20 - Winlogon\Notify\ssqPGwwX: DllName - ssqPGwwX.dll - File not found
    O22 - SharedTaskScheduler: {B6BA40C1-A501-59BD-F413-03B03A2C8952} - dfskea98e4iagjiufhg87df87u - C:\WINDOWS\System32\xeetnkw8sg.dll File not found
    O36 - AppCertDlls: FSUTonui - (C:\WINDOWS\system32\magnyi64.dll) - C:\WINDOWS\SYSTEM32\magnyi64.dll ()
    [2010/10/27 18:27:44 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
    [2010/10/27 18:27:28 | 000,000,282 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
    [2010/10/27 18:27:25 | 000,000,246 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
    [2010/10/27 15:23:50 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\shell.reg
    [2010/10/27 14:21:39 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\start
    [2010/10/27 14:21:21 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\completescan
    [2010/10/27 14:13:12 | 000,000,013 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
    [2010/10/27 14:12:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Ubobecahexofi.bin
    [2010/10/27 14:12:40 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Wwehikicilucipi.dat
    [2010/10/27 14:12:39 | 000,000,849 | ---- | M] () -- C:\Documents and Settings\Mikey\Desktop\ThinkPoint.lnk
    [2010/10/27 14:12:25 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\install
    [2010/10/27 14:09:32 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Mikey\Application Data\hotfix.exe
    [2010/10/27 14:09:03 | 000,030,000 | ---- | M] () -- C:\WINDOWS\System32\zh0ycwd.dll
    [2010/10/27 14:08:44 | 000,307,200 | ---- | M] (CJSC Computing Forces) -- C:\WINDOWS\System32\sshnas21.dll
    [2010/10/27 14:08:43 | 000,053,248 | -H-- | M] () -- C:\WINDOWS\System32\magnyi64.dll

    :Files
    C:\WINDOWS\tasks\At*.job

    :commands
    [emptytemp]
    [resethosts]
    [purity]



  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.=

======================

Please download ComboFix Serious Help Needed in regards to Think Point Virus Removal! Combofix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Serious Help Needed in regards to Think Point Virus Removal! Query_RC
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Serious Help Needed in regards to Think Point Virus Removal! RC_successful

  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!4th November 2010, 11:08 pm

more_horiz
OTL Report:

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSHNAS deleted successfully.
C:\WINDOWS\SYSTEM32\sshnas21.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\myiqtsc deleted successfully.
C:\WINDOWS\SYSTEM32\DRIVERS\myiqtsc.sys moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{81EA3F36-357A-435A-8741-52C27CCC9F21}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81EA3F36-357A-435A-8741-52C27CCC9F21}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6BA40C1-A501-59BD-F413-03B03A2C8952}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6BA40C1-A501-59BD-F413-03B03A2C8952}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{BA52B914-B692-46c4-B683-905236F6F655} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA52B914-B692-46c4-B683-905236F6F655}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXn0Z deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXneP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnf deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnfQ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXngP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnoc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnqe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnqg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnrc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnsb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnsd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnsf deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXntg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnth deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnUf deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnusc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnvc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnvZ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnwe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnwg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnwpc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnxb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnxc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnY deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnz9 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXneP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnfQ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnsd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXntg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnvZ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnwg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnxb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnz9 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnZP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKaoc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKasc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKayc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKaZ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKbMc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKbta deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKbtc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKbuqc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKcZ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKee deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeta deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKetc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuf deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
File MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKevc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKexe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfa deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfPc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfre deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfsc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKWPtg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Tpinudepiguyoru deleted successfully.
C:\WINDOWS\ogudenenor.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\uPc+MV0NbtaGuo deleted successfully.
C:\WINDOWS\SYSTEM32\zh0ycwd.dll moved successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXn0Z deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnb deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXneP deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnfQ deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXngP deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnqe deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnqg deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnrc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnsb deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnsf deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXntg deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnUf deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnusc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnvc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnvZ deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnwe deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnwg deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnxc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnz9 deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnd deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXneP deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnfQ deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnsd deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXntg deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnvZ deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnwg deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnxb deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnz9 deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnZP deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKaoc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKasc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKayc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKbMc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKbta deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKbtc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKcZ deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKee deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeg deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeta deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuf deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKevc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKexe deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfPc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfre deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfsc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKWPtg deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZe deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSc deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\uPc+MV0NbtaGuo deleted successfully.
File C:\WINDOWS\System32\zh0ycwd.DLL not found.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXn0Z deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnb deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnd deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXneP deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnf deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnfQ deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXngP deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnqe deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnqg deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnrc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnsb deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnsf deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXntg deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnth deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnUf deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnusc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnvc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnvZ deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnwe deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnwg deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnwpc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnxc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUhcIXnz9 deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnd deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXneP deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnfQ deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnsd deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXntg deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnvZ deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnwg deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnxb deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnz9 deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUkaIXnZP deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKaoc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKasc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKayc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKbMc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKbta deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKbtc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKcZ deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKee deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeg deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeta deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuf deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKevc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKexe deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfPc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfre deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfsc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKWPtg deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZe deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSc deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\Snosesicogoto deleted successfully.
C:\WINDOWS\werowp.dll moved successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\U36VRSFLG6 deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\uPc+MV0NbtaGuo deleted successfully.
File C:\WINDOWS\System32\zh0ycwd.DLL not found.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\Jules_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_USERS\Jules_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry key HKEY_USERS\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\Mikey_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry value HKEY_USERS\Mikey_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_USERS\Mikey_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry key HKEY_USERS\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
Registry value HKEY_USERS\Mikey_ON_C\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Documents and Settings\Mikey\Application Data\hotfix.exe deleted successfully.
C:\Documents and Settings\Mikey\Application Data\hotfix.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqPGwwX\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{B6BA40C1-A501-59BD-F413-03B03A2C8952} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6BA40C1-A501-59BD-F413-03B03A2C8952}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls\\FSUTonui:C:\WINDOWS\system32\magnyi64.dll deleted successfully.
C:\WINDOWS\SYSTEM32\magnyi64.dll moved successfully.
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job moved successfully.
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job moved successfully.
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job moved successfully.
C:\Documents and Settings\Mikey\Desktop\shell.reg moved successfully.
C:\Documents and Settings\Mikey\Application Data\start moved successfully.
C:\Documents and Settings\Mikey\Application Data\completescan moved successfully.
C:\WINDOWS\popcinfo.dat moved successfully.
C:\WINDOWS\Ubobecahexofi.bin moved successfully.
C:\WINDOWS\Wwehikicilucipi.dat moved successfully.
C:\Documents and Settings\Mikey\Desktop\ThinkPoint.lnk moved successfully.
C:\Documents and Settings\Mikey\Application Data\install moved successfully.
File C:\Documents and Settings\Mikey\Application Data\hotfix.exe not found.
File C:\WINDOWS\System32\zh0ycwd.dll not found.
File C:\WINDOWS\System32\sshnas21.dll not found.
File C:\WINDOWS\System32\magnyi64.dll not found.
========== FILES ==========
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At10.job moved successfully.
C:\WINDOWS\tasks\At11.job moved successfully.
C:\WINDOWS\tasks\At12.job moved successfully.
C:\WINDOWS\tasks\At13.job moved successfully.
C:\WINDOWS\tasks\At14.job moved successfully.
C:\WINDOWS\tasks\At15.job moved successfully.
C:\WINDOWS\tasks\At16.job moved successfully.
C:\WINDOWS\tasks\At17.job moved successfully.
C:\WINDOWS\tasks\At18.job moved successfully.
C:\WINDOWS\tasks\At19.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At20.job moved successfully.
C:\WINDOWS\tasks\At21.job moved successfully.
C:\WINDOWS\tasks\At22.job moved successfully.
C:\WINDOWS\tasks\At23.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\WINDOWS\tasks\At5.job moved successfully.
C:\WINDOWS\tasks\At6.job moved successfully.
C:\WINDOWS\tasks\At7.job moved successfully.
C:\WINDOWS\tasks\At8.job moved successfully.
C:\WINDOWS\tasks\At9.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: Jules
->Temp folder emptied: 614986831 bytes
->Temporary Internet Files folder emptied: 2431511 bytes
->FireFox cache emptied: 93617972 bytes
->Flash cache emptied: 47235 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 180162 bytes

User: Mikey
->Temp folder emptied: 182500386 bytes
->Temporary Internet Files folder emptied: 49713342 bytes
->FireFox cache emptied: 43919867 bytes
->Google Chrome cache emptied: 56915911 bytes
->Flash cache emptied: 8359 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 554332 bytes

%systemdrive% .tmp files removed: 6597 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 1940497 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2612102 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34318 bytes

Total Files Cleaned = 1,001.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTLPE by OldTimer - Version 3.1.43.0 log created on 11042010_214353

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!4th November 2010, 11:09 pm

more_horiz
ComboFix Report:

ComboFix 10-11-03.04 - Jules 11/04/2010 22:14:44.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.254.98 [GMT -4:00]
Running from: c:\documents and settings\Mikey\My Documents\Downloads\ComboFix.exe
( Other Deletions )
c:\documents and settings\All Users\Application Data\Update\seupd.exe
c:\documents and settings\Jules\Local Settings\Application Data\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}
c:\documents and settings\Jules\Local Settings\Application Data\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}\chrome.manifest
c:\documents and settings\Jules\Local Settings\Application Data\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}\chrome\content\_cfg.js
c:\documents and settings\Jules\Local Settings\Application Data\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}\chrome\content\overlay.xul
c:\documents and settings\Jules\Local Settings\Application Data\{FD57B90C-AEA6-44E8-A343-C6A2E427491D}\install.rdf
c:\documents and settings\Mikey\Application Data\Game Setup.exe
c:\documents and settings\Mikey\Local Settings\Application Data\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}
c:\documents and settings\Mikey\Local Settings\Application Data\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}\chrome.manifest
c:\documents and settings\Mikey\Local Settings\Application Data\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}\chrome\content\_cfg.js
c:\documents and settings\Mikey\Local Settings\Application Data\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}\chrome\content\overlay.xul
c:\documents and settings\Mikey\Local Settings\Application Data\{22BCE474-26A4-41D6-BC8F-CD0F4ECAC1E2}\install.rdf
c:\program files\Mozilla Firefox\searchplugins\google_search.xml
c:\windows\system32\msvcsv60.dll

.
((((((((((((((((((((((((( Files Created from 2010-10-05 to 2010-11-05 )))))))))))))))))))))))))))))))
.

2010-11-05 01:56 . 2010-11-05 01:56 -------- d-----w- c:\windows\LastGood
2010-11-05 01:44 . 2010-10-23 17:55 553984 ----a-r- C:\OTLPE.exe
2010-11-05 01:43 . 2010-11-05 01:43 -------- d-----w- C:\_OTL
2010-10-27 21:47 . 2009-08-06 23:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-10-27 21:47 . 2009-08-06 23:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-10-27 19:31 . 2010-10-27 19:31 -------- d-----w- c:\documents and settings\Mikey\Application Data\Malwarebytes
2010-10-27 19:31 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-27 19:31 . 2010-10-27 19:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-10-27 19:31 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-27 18:50 . 2010-10-27 18:50 -------- d-----w- c:\documents and settings\Jules\Application Data\Recordpad
2010-10-27 18:50 . 2010-10-27 18:50 -------- d-----w- c:\documents and settings\Jules\Application Data\NCH Swift Sound
2010-10-27 18:08 . 2010-11-05 02:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Update
2010-10-27 17:06 . 2010-10-27 18:30 -------- d-----w- c:\documents and settings\Mikey\Application Data\Gygan
2010-10-27 17:06 . 2010-10-27 17:06 -------- d-----w- c:\program files\Xenocode
2010-10-27 17:06 . 2010-10-27 17:06 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Xenocode
2010-10-27 03:31 . 2010-10-27 03:31 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2010-10-24 23:42 . 2010-10-24 23:42 -------- d-----w- c:\program files\Veetle
2010-10-24 04:38 . 2010-10-24 04:38 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Unity
2010-10-23 21:15 . 2010-10-23 21:16 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Temp
2010-10-23 21:15 . 2010-10-23 21:18 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Google
2010-10-23 21:08 . 2010-10-23 21:08 -------- d-s---w- c:\documents and settings\Mikey\UserData
2010-10-22 22:32 . 2010-10-22 22:32 -------- d-----w- c:\documents and settings\All Users\Application Data\GoldWave
2010-10-22 22:25 . 2010-10-22 22:25 -------- d-----w- c:\program files\GoldWave
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
2010-10-22 22:01 . 2010-10-22 22:01 -------- d-----w- c:\program files\Common Files\Apple
2010-10-22 22:01 . 2010-10-22 22:02 -------- d-----w- c:\program files\QuickTime
2010-10-22 22:01 . 2010-10-22 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-10-22 22:00 . 2010-10-22 22:00 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Apple
2010-10-22 22:00 . 2010-10-22 22:00 -------- d-----w- c:\program files\Apple Software Update
2010-10-22 22:00 . 2010-10-22 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Apple Computer
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\program files\Common Files\DigiDesign
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\program files\Steinberg
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\program files\IK Multimedia
2010-10-22 21:58 . 2010-10-22 21:58 -------- d-----w- c:\documents and settings\Mikey\Application Data\InstallShield
2010-10-21 03:58 . 2010-10-21 03:58 -------- d-----w- c:\documents and settings\Mikey\Application Data\Recordpad
2010-10-21 03:33 . 2010-02-16 17:04 7034880 ----a-w- c:\windows\XP ARENA.EXE
2010-10-20 23:35 . 2010-10-22 19:53 -------- d-----w- c:\program files\War2Combat
2010-10-19 17:38 . 2010-10-19 17:38 -------- d-----w- c:\program files\NCH Software
2010-10-19 17:38 . 2010-10-22 21:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2010-10-19 17:37 . 2010-10-19 17:38 -------- d-----w- c:\program files\NCH Swift Sound
2010-10-19 17:37 . 2010-10-22 21:42 -------- d-----w- c:\documents and settings\Mikey\Application Data\NCH Swift Sound
2010-10-19 06:49 . 2010-10-19 06:49 -------- d-----w- c:\documents and settings\Mikey\Application Data\IObit
2010-10-19 06:49 . 2010-10-19 06:49 -------- d-----w- c:\program files\IObit
2010-10-19 06:14 . 2010-10-19 06:15 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\FriendBlasterPro
2010-10-19 06:11 . 2005-10-11 17:25 241664 ----a-w- c:\windows\system32\MyFramePanel.ocx
2010-10-19 06:11 . 2004-03-09 00:30 609824 ----a-w- c:\windows\system32\ComCtl32.ocx
2010-10-19 06:11 . 2005-07-15 16:49 245760 ----a-w- c:\windows\system32\aUpdateNow.ocx
2010-10-19 06:11 . 2004-03-08 22:00 132880 ----a-w- c:\windows\system32\msinet.ocx
2010-10-19 06:11 . 2000-05-22 04:00 140488 ----a-w- c:\windows\system32\COMDLG32.OCX
2010-10-19 06:11 . 2004-03-08 22:00 1081616 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2010-10-19 06:11 . 2000-07-15 04:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2010-10-19 06:11 . 2010-10-19 06:18 -------- d-----w- c:\program files\FriendBlasterPro
2010-10-17 18:42 . 2010-10-17 18:42 -------- d-sh--w- c:\windows\ftpcache
2010-10-17 15:28 . 2010-10-28 11:28 -------- d-----w- c:\program files\Common Files\Sandlot Shared
2010-10-17 15:28 . 2010-10-17 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games
2010-10-15 10:12 . 2010-10-15 10:12 1409 ----a-w- c:\windows\QTFont.for
2010-10-14 09:18 . 2010-10-14 09:18 -------- d-----w- c:\program files\LucasArts
2010-10-14 00:23 . 2010-10-14 00:23 -------- d-----w- c:\program files\Infogrames
2010-10-14 00:13 . 2010-10-14 00:13 -------- d-----w- c:\program files\Infogrames Interactive
2010-10-14 00:08 . 2010-10-14 00:13 -------- d-----w- c:\program files\GameHouse Games Collection
2010-10-13 04:48 . 2010-10-13 04:54 -------- d-----w- c:\program files\Postal2
2010-10-13 04:38 . 2010-10-13 04:38 -------- d-----w- c:\program files\Core Design
2010-10-11 00:31 . 2010-10-11 00:31 -------- d-----w- c:\program files\Bethesda Softworks
2010-10-11 00:28 . 2001-09-05 10:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2010-10-11 00:28 . 2001-09-05 10:14 176128 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2010-10-11 00:28 . 2001-09-05 10:13 32768 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2010-10-11 00:28 . 2001-09-05 10:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2010-10-11 00:27 . 2001-09-05 10:24 610436 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2010-10-07 22:40 . 2010-10-19 06:41 -------- d-----w- c:\program files\ElcomSoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-28 22:08 . 2010-09-28 22:08 74 ----a-w- C:\start.vbs
2010-09-27 23:21 . 2010-09-27 23:21 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-12 18:29 . 2010-08-12 18:29 2772992 ----a-w- c:\windows\system32\GPhotos.scr
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\BEEP.SYS

[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys

[-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\NULL.SYS

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\DRIVERS\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2005-03-14 . 6129E70F3D2F1E60860C930EBEAF92C2 . 359936 . . [5.1.2600.2631] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-03-14 . 0E66B538096A6529D1AC66E78EB0D5C8 . 359808 . . [5.1.2600.2631] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\browser.dll
[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\lsass.exe
[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\netman.dll
[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SYSTEM32\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SYSTEM32\bits\qmgr.dll
[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\DLLCACHE\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 01095FEBF33BEEA00C2A0730B9B3EC28 . 399360 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2009-02-09 . 24B5D53B9ACCC1E2EDCF0A878D6659D4 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-04 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll

[-] 2009-02-06 . 37561F8D4160D62DA86D24AE41FAE8DE . 110592 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\DLLCACHE\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-06 . 4712531AB7A01B7EE059853CA17D39BD . 110592 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe

[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\SoftwareDistribution\Download\9460002f6d8231358fc1eb590f9b1dce\sp3qfe\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\SoftwareDistribution\Download\9460002f6d8231358fc1eb590f9b1dce\sp3gdr\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\spoolsv.exe
[-] 2004-08-04 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\winlogon.exe
[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\21cbd3f70584651805685eba1753505f\SP3QFE\comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\21cbd3f70584651805685eba1753505f\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\21cbd3f70584651805685eba1753505f\SP3QFE\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\SYSTEM32\comctl32.dll
[-] 2004-08-04 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.DLL
[-] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.DLL

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\cryptsvc.dll
[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\SYSTEM32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\SYSTEM32\DLLCACHE\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2004-08-04 11:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\imm32.dll
[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . B6ACAED7588295129791E0E6A2B0FADE . 986112 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\SYSTEM32\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\SYSTEM32\DLLCACHE\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 80202858D245FF07DAA1739C57A3E19B . 989184 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\linkinfo.dll
[-] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\lpk.dll
[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2010-09-09 . 575FBCB3E2C6E848F0386F38AAF0E4ED . 3074560 . . [6.00.2900.6036] . . c:\windows\SoftwareDistribution\Download\3fcddeb58b831e5d95534882e96f16af\sp3qfe\mshtml.dll
[-] 2010-09-09 . 565EA6D4DF8638CE9143A20DE5B229F6 . 3073536 . . [6.00.2900.6036] . . c:\windows\SoftwareDistribution\Download\3fcddeb58b831e5d95534882e96f16af\sp3gdr\mshtml.dll
[-] 2010-06-24 . E833C8A9918DA80DBE80ABD2917B9292 . 3073536 . . [6.00.2900.6003] . . c:\windows\$hf_mig$\KB2183461\SP3QFE\mshtml.dll
[-] 2010-06-24 . 2CA3A0836EF47AEE5D471B43B7639B6C . 3073024 . . [6.00.2900.6003] . . c:\windows\SYSTEM32\mshtml.dll
[-] 2010-06-24 . 2CA3A0836EF47AEE5D471B43B7639B6C . 3073024 . . [6.00.2900.6003] . . c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
[-] 2010-04-16 . 6B930309A4A246D133A49EADE11E5773 . 3073024 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\mshtml.dll
[-] 2010-04-16 . 6B930309A4A246D133A49EADE11E5773 . 3073024 . . [6.00.2900.5969] . . c:\windows\$NtUninstallKB2183461$\mshtml.dll
[-] 2010-04-16 . 9574D5B0C784DA0FD8F6A9BB37936A52 . 3073536 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll
[-] 2010-04-16 . 44A6BB3DE8FF814209A1CDFEC4BB51BD . 3065344 . . [6.00.2900.3698] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2010-04-16 . 149F37C9702F24A50741E56FBC7AE56B . 3073024 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB982381$\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2005-03-10 . 84A1B9B0C362051E68BB131F14C6DAAD . 3010560 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB982381_0$\mshtml.dll
[-] 2005-03-10 . 255C2CE965543ABDC3E0A25A5DA1874A . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll
[-] 2004-09-29 . D94E6405E420373161467ACD3DA65640 . 3004928 . . [6.00.2900.2523] . . c:\windows\$NtUninstallKB890923$\mshtml.dll
[-] 2004-09-29 . 087FF7C54E7EBE4A59BD4DFC1D0EE9B8 . 3004928 . . [6.00.2900.2524] . . c:\windows\$hf_mig$\KB834707\SP2QFE\mshtml.dll
[-] 2004-08-04 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB834707$\mshtml.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SYSTEM32\msvcrt.dll
[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\MSVCRT.DLL
[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\MSVCRT.DLL

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\DLLCACHE\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-04 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\netlogon.dll
[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\Driver Cache\I386\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
[-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . 97E2BF68857818A4D142B872404DC41B . 2186880 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . FACEBB0CA3154F77009CDFEE78A00BBB . 2180480 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-02-06 . 6A936E9D7BADAF3CAAEED1E1966EC1B0 . 2186112 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
[-] 2004-08-04 . CE218BC7088681FAA06633E218596CA7 . 2180992 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SYSTEM32\powrprof.dll
[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\scecli.dll
[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\sfc.dll
[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\svchost.exe
[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\tapisrv.dll
[-] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\userinit.exe
[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2010-09-09 . D7275E6DA8D1A8BEB36468548899522C . 668672 . . [6.00.2900.6036] . . c:\windows\SoftwareDistribution\Download\3fcddeb58b831e5d95534882e96f16af\sp3qfe\wininet.dll
[-] 2010-09-09 . 118767E386CBAE1AD67D934BC9402E08 . 667136 . . [6.00.2900.6036] . . c:\windows\SoftwareDistribution\Download\3fcddeb58b831e5d95534882e96f16af\sp3gdr\wininet.dll
[-] 2010-06-24 . 7F489AED93B4AA2B170025DF0670E17F . 668672 . . [6.00.2900.6003] . . c:\windows\$hf_mig$\KB2183461\SP3QFE\wininet.dll
[-] 2010-06-24 . CD8CAE4012D9A5E6B6C6A46D80460527 . 667136 . . [6.00.2900.6003] . . c:\windows\SYSTEM32\wininet.dll
[-] 2010-06-24 . CD8CAE4012D9A5E6B6C6A46D80460527 . 667136 . . [6.00.2900.6003] . . c:\windows\SYSTEM32\DLLCACHE\wininet.dll
[-] 2010-04-16 . B43B18FB0EB577856883E5A0708AB9EF . 667136 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\wininet.dll
[-] 2010-04-16 . B43B18FB0EB577856883E5A0708AB9EF . 667136 . . [6.00.2900.5969] . . c:\windows\$NtUninstallKB2183461$\wininet.dll
[-] 2010-04-16 . C3052A99A24F462B418632A05328BB38 . 668672 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll
[-] 2010-04-16 . 602BB82E56758BC6E50B17741CD5F081 . 662016 . . [6.00.2900.3698] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2010-04-16 . 9CE5DEF97E55E52C23201098DB755280 . 668672 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB982381$\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2005-03-10 . 6F018D6319BE4F96426EA829B79E05D5 . 656896 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB982381_0$\wininet.dll
[-] 2005-03-10 . C8663B488996E89A84C3D17C1D12B79E . 657920 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll
[-] 2004-09-29 . CBA65B573C66FE23F647FF96E3A10994 . 656896 . . [6.00.2900.2518] . . c:\windows\$NtUninstallKB890923$\wininet.dll
[-] 2004-09-29 . 2C07195588D69A067C2AFDAA31759295 . 656896 . . [6.00.2900.2518] . . c:\windows\$hf_mig$\KB834707\SP2QFE\wininet.dll
[-] 2004-08-04 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB834707$\wininet.dll

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ws2_32.dll
[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ws2help.dll
[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\SoftwareDistribution\Download\e104dcd29adf1c6c473a5efad2d509be\sp3gdr\ole32.dll
[-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\SoftwareDistribution\Download\e104dcd29adf1c6c473a5efad2d509be\sp3qfe\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ole32.dll
[-] 2005-01-14 . ABDEF60CED7C04AB35A415EFB6B96D81 . 1285120 . . [5.1.2600.2595] . . c:\windows\$NtServicePackUninstall$\ole32.dll
[-] 2005-01-14 . 2E752611C9A9AE1B6BFD0DA03CF7F17E . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll
[-] 2004-08-04 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\eventlog.dll
[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\sfcfiles.dll
[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ctfmon.exe
[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SYSTEM32\shsvcs.dll
[-] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\regsvc.dll
[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\schedsvc.dll
[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ssdpsrv.dll
[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\termsrv.dll
[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2004-08-04 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\ACPIEC.SYS

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SYSTEM32\DLLCACHE\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SYSTEM32\DRIVERS\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2004-08-04 04:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\SoftwareDistribution\Download\b91377d1d56820d9d699c0c2dc7c8e80\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\SoftwareDistribution\Download\b91377d1d56820d9d699c0c2dc7c8e80\SP3GDR\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\SYSTEM32\mfc40u.dll
[-] 2004-08-04 11:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\msgsvc.dll
[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll

[-] 2009-01-31 00:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\SYSTEM32\mspmsnsv.dll
[-] 2009-01-31 00:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\SYSTEM32\DLLCACHE\mspmsnsv.dll
[-] 2004-09-15 18:27 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-09-15 18:27 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-04 11:00 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\Driver Cache\I386\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
[-] 2010-02-17 . 1811AFC2FADB60B88947E3D08E250860 . 2063744 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-02-06 . 3006410E24772CC6953F0B5C01BEB35F . 2057728 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2009-02-06 . 9D832AF3FD1917DB0E1E8B2F000A2E3A . 2062976 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
[-] 2004-08-04 . 947FB1D86D14AFCFFDB54BF837EC25D0 . 2056832 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe

[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SYSTEM32\ntmssvc.dll
[-] 2004-08-04 11:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\upnphost.dll
[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SYSTEM32\dsound.dll
[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SYSTEM32\d3d9.dll
[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SYSTEM32\ddraw.dll
[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll

[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\olepro32.dll
[-] 2004-08-04 11:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\perfctrs.dll
[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\version.dll
[-] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll

[-] 2008-04-14 . 55794B97A7FAABD2910873C85274F409 . 93184 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2004-08-04 . E7484514C0464642BE7B4DC2689354C8 . 93184 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\iexplore.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-09-03 328568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2003-10-02 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2003-10-02 118784]
"OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576]
"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"Recordpad"="c:\program files\NCH Swift Sound\Recordpad\recordpad.exe" [2010-10-19 913412]

c:\documents and settings\Mikey\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-9-28 3450608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="%windir%\XP ARENA.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=

R0 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [9/27/2010 7:21 PM 691696]
.
Contents of the 'Scheduled Tasks' folder

2010-10-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008Core.job
- c:\documents and settings\Mikey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-23 21:15]

2010-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008UA.job
- c:\documents and settings\Mikey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-23 21:15]

2010-10-22 c:\windows\Tasks\switchShakeIcon.job
- c:\program files\NCH Swift Sound\Switch\switch.exe [2010-10-19 17:37]

2010-10-25 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2010-10-19 17:38]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.facebook.com/
mStart Page = hxxp://www.dell4me.com/mywaybiz
uInternet Connection Wizard,ShellNext = iexplore
IE: &AIM Search - c:\program files\AIM Toolbar\AIMBar.dll/aimsearch.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\documents and settings\Jules\Application Data\Mozilla\Firefox\Profiles\06yof9ee.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://search.fast-find.net/?sid=10101067100&s=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\Jules\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Java\j2re1.4.2_03\bin\NPJPI142_03.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - Google
FF - user.js: browser.search.order.1 - Google
FF - user.js: keyword.URL - hxxp://search.fast-find.net/?sid=10101067100&s=c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-~4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
URLSearchHooks-~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
HKCU-Run-SpySweeper - (no file)
HKCU-Run-E6TaskPanel - c:\program files\EarthLink TotalAccess\TaskPanl.exe
HKLM-Run-== - c:\windows\spoolsv.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-04 22:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/ /////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/ MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/ mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/ /5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAADIADwA AAj/AP8JHEiwoMGDCBMqXMiwocJUqfw4XJhqosWLGDP+k0iQmsaPHv1U/HgQIsSEHi+OFJiyoMeX A0UOXHmwJct/EG2SbEhzp8+IPVGWNKnTJ06DRQma5CgwKMKU1FYmNWqQadKpVP+1TBmR49aTSoGK dIpxa8yBL5121Rn1ZketaKNCheuWLlysFslmJQm0actU1KgxVSp371GDK/tq1am3IGCFV/cOFmq4 oEy0dMX6uby4LdKoYO3itSvQaszNHAEXHdnStFanXGEqvWt0cuW8g0FXrCjSdueSOHOORhg04sbf dQ87RvsYc9iaUqm6FirbqM7eEH1vNO4ScPPFcU1S/89882/o1UhLqxbN3DRUswRFDgcOMqvJk9kX jnUsN7Be78NNFhhXxJHlHUqCfedSQqFRRtx8lUXV24CtbTcaao5VVJhzYXlG22EHVlhXdDOFSCGF 3HHY3HVBQRhffSqNpaGCaQUWHFmtGQfVY/1R5GFwNsZn3GQ9+QfagMU1xlZT2j2lUJMNwYRVdjQ1 uJVVSEq05E29zeThgW+FBZhE2KEG1EkD+nGieFVl1qRHGqK1GY+kadQYSGcidud0cOqoH5tBsjTg ZzuC1tma96npnVhnLqUYSjTNCeVHdzr41oZ3AXrWi0vmqKWN8OGEYVtSIumZpG0RteJxqlYqanBm yv8IJmry1VTna9g9eRtieHE2qWU0DUrhTGN92Vaux/kFqnjMuhqcck/R+iqMjJbp1UJbcvhVnHit dau2TBo4rGBzgtYlnEeSmtl9bC54HVy+ocuUfIFGZieV2DWY0Y8T1ZqRcKAGCt6EbKU5KEvfFSZX Yw0GtVmoLvIl0hRTDNYVdkFOBegUKExRXXkCcTyFqDIlpVrAIfkZJL7MnbwSU4vepCDMwsXU4mMY auhfersmmwrFU+jrmGuYDgT0t30CPZJEJ59oq8wjUVkwymmBibDAm3ZkdVVNc+WsRfZqxZHSKU8H sqHV+SGyWbSq+Q/QRm6m7IJhMvmwzMN+lh2pSJb/KKXDu1nt9MCs0RZ2baVRzFhONfFbUMUjq9cU TUcPjdlw1AAto+Nerriwwn+ruVqwRn4XZ4rQfb6edY9RjEJRaZ1L45U/d+yem5qjbmFcIV3LEtC2 v9ZTu2epZma7glUMYMkHIwWgqqqXDjnFCjJ0oVZwe/gevPpKqFjlT6tNMfdlgnVm3i+J70fHL+vG oGfH6ihXxZspb6NwAB4ZOICNi0o/avSbj1mkJLaoBM8v3lkfZ8rmLSnB7UmZGx+oaFO+fPUocx1z Xe+W1iLdRC87D1MfCF9iqur0KVm6YU3vAggnESLuZ0FbDfVwQjV2PW58ugJfjoQ0uIgERnxBk5HS /1Rzn4V172or9FXQXDLB5vnmeWpzG2LU9rUnwTA6EclgvYa1PB9iMHKh0tIDaZisQz3PiBAZolyA eEBYRY1QJIzI/5hSsSXxT1B5E00Up0TFuuFGbV+J4AzTIyy4pFFxLhORFlmzm+hNziWaQ9eAOCZC KlGpPFjLDg63U7/qiYqEsxHUXfb4LbuVxTIiu5FWMihBcnEpYRQCniw7xkpWbi9OT2nUF7m1GKBx jE6v4WSePEUxf3nkaBXyZPoKiT1ACuw6S4yYYyC3FV8ukUtkKuZcfmdN1/lyfb4sIXIyxCYg1jFI Imxi1lSEnzoiDCfUy1cp13kaj13qmZHTyDG1yf/NirURJt/sSEpENhZJ0UqOm1TRjYhXP5HRsp3U m2B5qjcjOqoNM0DkTeB8xx+k9JFDmMTaRSQ0yLdR74pvqV1JC4KC9W3kYWm6ETIhY5P+CNKcxQSi 1mxComehhXrK02QI3ymqFjVFoHN6GhzzMhINbsR12bymIUXmMVeWh6CH2siJsOqkj/30pDB0qOIK NqbuaGmU7lQf/WYkUrm1SSmArIvCQOqQrUWxoRVLXD6bojlRli97lrkhChYKGebcdHJh1aZNV8dY H0LyMpljWrA8ORNo5SavSKEfpZySQZNiVpDVzGCVyPUw8BnNIMj0z6NqYs7X4SebKHjdt8aUwt3/ 2AWGxJIqDQvFs5dCy1uX+5kzwTaV6fXVaPE85AxRtTN4JvSogmViCiXqWX4qRWnzPIp4TuQfKnJF cXQVFMM48zYpcqh+v2KPW0oLvMu2lCXgXOvzzhdWGaGmiWM0XJoAJci10YUaWgxVZf2UKf9oUz5g xaW76oXRrsDTbWwT7q8IGB+3JRbCvcyrYES7ukcSBG4wVVQRRUthvUkxeeA1GhWFZp7eojdoL4Pp Ypt3NfqQbE7s4o1bu8pai0VSNIrbDC1rihnGva1jp2Grah6Ila2YimSBMa49D8OijxUOezGMWsd2 BrszbjdT9r3rbT96EfLqdcrxiWd+H1IRai7t/5MAReTnRIq1YeHUYgrmDd3WJbzFyJGybF5UfuAq X7Fh1lKnPYg2l7bGYpL4Q4abSSoPlbKBbrlx+eMcCbupYJkMac8pe5BmsWJfsSDMtnosZleUtxd3 9oivvqxiyCQoSmKFNbwg87M4YR3FkqSGQbAh1R7vl2NTQ+rK8G2bbmGE40fuk2zzJCFjeFrTHdet w5DJCUJFZ6PLnJVr0AERevFVLpWoE2EYsg54ygjdjDZZpHoSKLDilRw/Svd+6pIcXJ2nutOtFY8V PmhRRCfriXTrLRKBqpNpDGmTFY6Z24lLckYjG+3x7odk4qCsVichg06sbdJySGrO4y7JlKSYuf+m FulI49h6n/LV5MyT8SZU6nSru0jSBFso3RLZbPWW4j71Cybvaz1c47JaRTyjBa+9k6S4J9+7ipfo euZnrZHGqhiZUKJ+NmjDKsqmpZM4oieCI85Jp26xwTWPIea3GtdFbq0BuaMYdzCROoqAOhuUl5N+ uZIjZFLYPju2Cl6WQPmwgjguNoroxEthjUvehHS5smAucmzBmy+S51R2/8vdzuPbSJ733p4+lCAz Nbd/1IF60UtsdZ6Y/ZR1bUhvDjp7ouHl8gWy2X52lHmvUqaQvjd4FQG9r75b5uMgt7mApQuuhduK K7W/FIvVzp6/6PeZUQrsz53zejzFqqdKtZ6ONOHNsgcVFkZUxwjxI2RUE/bd/ct3f2kk1XBVwqb5 kCYO9SOErfR/JvxjV3jQxStHJ0DF53/pdzh+12cph3ZzAXSk5kloclv5h2ths029VXSRB3sIuBwd iBi1VjR7dhuE94EmWBoIKBv6YmQBmBU5d4IwKDR7wVMZknkdWIIwSHXo0TNelS0v2HQ52BABAQA7 == = c:\windows\spoolsv.exe

scanning hidden files ...

scan completed successfully
hidden files: 0

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!4th November 2010, 11:10 pm

more_horiz
CONTINUED:


**************************************************************************

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/
/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm
AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/
MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm
ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/
mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm
zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/
/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ
AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA
M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ
ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A
mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z
zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAADIADwA
AAj/AP8JHEiwoMGDCBMqXMiwocJUqfw4XJhqosWLGDP+k0iQmsaPHv1U/HgQIsSEHi+OFJiyoMeX
A0UOXHmwJct/EG2SbEhzp8+IPVGWNKnTJ06DRQma5CgwKMKU1FYmNWqQadKpVP+1TBmR49aTSoGK
dIpxa8yBL5121Rn1ZketaKNCheuWLlysFslmJQm0actU1KgxVSp371GDK/tq1am3IGCFV/cOFmq4
oEy0dMX6uby4LdKoYO3itSvQaszNHAEXHdnStFanXGEqvWt0cuW8g0FXrCjSdueSOHOORhg04sbf
dQ87RvsYc9iaUqm6FirbqM7eEH1vNO4ScPPFcU1S/89882/o1UhLqxbN3DRUswRFDgcOMqvJk9kX
jnUsN7Be78NNFhhXxJHlHUqCfedSQqFRRtx8lUXV24CtbTcaao5VVJhzYXlG22EHVlhXdDOFSCGF
3HHY3HVBQRhffSqNpaGCaQUWHFmtGQfVY/1R5GFwNsZn3GQ9+QfagMU1xlZT2j2lUJMNwYRVdjQ1
uJVVSEq05E29zeThgW+FBZhE2KEG1EkD+nGieFVl1qRHGqK1GY+kadQYSGcidud0cOqoH5tBsjTg
ZzuC1tma96npnVhnLqUYSjTNCeVHdzr41oZ3AXrWi0vmqKWN8OGEYVtSIumZpG0RteJxqlYqanBm
yv8IJmry1VTna9g9eRtieHE2qWU0DUrhTGN92Vaux/kFqnjMuhqcck/R+iqMjJbp1UJbcvhVnHit
dau2TBo4rGBzgtYlnEeSmtl9bC54HVy+ocuUfIFGZieV2DWY0Y8T1ZqRcKAGCt6EbKU5KEvfFSZX
Yw0GtVmoLvIl0hRTDNYVdkFOBegUKExRXXkCcTyFqDIlpVrAIfkZJL7MnbwSU4vepCDMwsXU4mMY
auhfersmmwrFU+jrmGuYDgT0t30CPZJEJ59oq8wjUVkwymmBibDAm3ZkdVVNc+WsRfZqxZHSKU8H
sqHV+SGyWbSq+Q/QRm6m7IJhMvmwzMN+lh2pSJb/KKXDu1nt9MCs0RZ2baVRzFhONfFbUMUjq9cU
TUcPjdlw1AAto+Nerriwwn+ruVqwRn4XZ4rQfb6edY9RjEJRaZ1L45U/d+yem5qjbmFcIV3LEtC2
v9ZTu2epZma7glUMYMkHIwWgqqqXDjnFCjJ0oVZwe/gevPpKqFjlT6tNMfdlgnVm3i+J70fHL+vG
oGfH6ihXxZspb6NwAB4ZOICNi0o/avSbj1mkJLaoBM8v3lkfZ8rmLSnB7UmZGx+oaFO+fPUocx1z
Xe+W1iLdRC87D1MfCF9iqur0KVm6YU3vAggnESLuZ0FbDfVwQjV2PW58ugJfjoQ0uIgERnxBk5HS
/1Rzn4V172or9FXQXDLB5vnmeWpzG2LU9rUnwTA6EclgvYa1PB9iMHKh0tIDaZisQz3PiBAZolyA
eEBYRY1QJIzI/5hSsSXxT1B5E00Up0TFuuFGbV+J4AzTIyy4pFFxLhORFlmzm+hNziWaQ9eAOCZC
KlGpPFjLDg63U7/qiYqEsxHUXfb4LbuVxTIiu5FWMihBcnEpYRQCniw7xkpWbi9OT2nUF7m1GKBx
jE6v4WSePEUxf3nkaBXyZPoKiT1ACuw6S4yYYyC3FV8ukUtkKuZcfmdN1/lyfb4sIXIyxCYg1jFI
Imxi1lSEnzoiDCfUy1cp13kaj13qmZHTyDG1yf/NirURJt/sSEpENhZJ0UqOm1TRjYhXP5HRsp3U
m2B5qjcjOqoNM0DkTeB8xx+k9JFDmMTaRSQ0yLdR74pvqV1JC4KC9W3kYWm6ETIhY5P+CNKcxQSi
1mxComehhXrK02QI3ymqFjVFoHN6GhzzMhINbsR12bymIUXmMVeWh6CH2siJsOqkj/30pDB0qOIK
NqbuaGmU7lQf/WYkUrm1SSmArIvCQOqQrUWxoRVLXD6bojlRli97lrkhChYKGebcdHJh1aZNV8dY
H0LyMpljWrA8ORNo5SavSKEfpZySQZNiVpDVzGCVyPUw8BnNIMj0z6NqYs7X4SebKHjdt8aUwt3/
2AWGxJIqDQvFs5dCy1uX+5kzwTaV6fXVaPE85AxRtTN4JvSogmViCiXqWX4qRWnzPIp4TuQfKnJF
cXQVFMM48zYpcqh+v2KPW0oLvMu2lCXgXOvzzhdWGaGmiWM0XJoAJci10YUaWgxVZf2UKf9oUz5g
xaW76oXRrsDTbWwT7q8IGB+3JRbCvcyrYES7ukcSBG4wVVQRRUthvUkxeeA1GhWFZp7eojdoL4Pp
Ypt3NfqQbE7s4o1bu8pai0VSNIrbDC1rihnGva1jp2Grah6Ila2YimSBMa49D8OijxUOezGMWsd2
BrszbjdT9r3rbT96EfLqdcrxiWd+H1IRai7t/5MAReTnRIq1YeHUYgrmDd3WJbzFyJGybF5UfuAq
X7Fh1lKnPYg2l7bGYpL4Q4abSSoPlbKBbrlx+eMcCbupYJkMac8pe5BmsWJfsSDMtnosZleUtxd3
9oivvqxiyCQoSmKFNbwg87M4YR3FkqSGQbAh1R7vl2NTQ+rK8G2bbmGE40fuk2zzJCFjeFrTHdet
w5DJCUJFZ6PLnJVr0AERevFVLpWoE2EYsg54ygjdjDZZpHoSKLDilRw/Svd+6pIcXJ2nutOtFY8V
PmhRRCfriXTrLRKBqpNpDGmTFY6Z24lLckYjG+3x7odk4qCsVichg06sbdJySGrO4y7JlKSYuf+m
FulI49h6n/LV5MyT8SZU6nSru0jSBFso3RLZbPWW4j71Cybvaz1c47JaRTyjBa+9k6S4J9+7ipfo
euZnrZHGqhiZUKJ+NmjDKsqmpZM4oieCI85Jp26xwTWPIea3GtdFbq0BuaMYdzCROoqAOhuUl5N+
uZIjZFLYPju2Cl6WQPmwgjguNoroxEthjUvehHS5smAucmzBmy+S51R2/8vdzuPbSJ733p4+lCAz
Nbd/1IF60UtsdZ6Y/ZR1bUhvDjp7ouHl8gWy2X52lHmvUqaQvjd4FQG9r75b5uMgt7mApQuuhduK
K7W/FIvVzp6/6PeZUQrsz53zejzFqqdKtZ6ONOHNsgcVFkZUxwjxI2RUE/bd/ct3f2kk1XBVwqb5
kCYO9SOErfR/JvxjV3jQxStHJ0DF53/pdzh+12cph3ZzAXSk5kloclv5h2ths029VXSRB3sIuBwd
iBi1VjR7dhuE94EmWBoIKBv6YmQBmBU5d4IwKDR7wVMZknkdWIIwSHXo0TNelS0v2HQ52BABAQA7
=="="c:\\WINDOWS\\spoolsv.exe"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(648)
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\hccutils.DLL
.
Completion time: 2010-11-04 22:28:28
ComboFix-quarantined-files.txt 2010-11-05 02:28

Pre-Run: 12,930,301,952 bytes free
Post-Run: 12,923,678,720 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 568B07A1999B54C3A359E28ECB67E61C

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!4th November 2010, 11:20 pm

more_horiz
Alright, I have everything up and running on my computer. Now what is a good virus removal program? Preferably a free one for the time being

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!5th November 2010, 3:53 am

more_horiz
Hi,

You're computer is still infected.

Serious Help Needed in regards to Think Point Virus Removal! Bf_new Please download Malwarebytes Anti-Malware from Here.


Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!5th November 2010, 5:09 pm

more_horiz
Alright, ran Malwarebytes - here's the log:

--------------

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5052

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

11/5/2010 1:08:07 PM
mbam-log-2010-11-05 (13-08-07).txt

Scan type: Quick scan
Objects scanned: 142756
Time elapsed: 10 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!5th November 2010, 10:59 pm

more_horiz
Hi,

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 12:52 am

more_horiz
ESET Log:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=3700ba6180aa324d9b5b69fd598daad1
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-11-06 12:49:14
# local_time=2010-11-05 08:49:14 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=76006
# found=9
# cleaned=9
# scan_time=2629
C:\Documents and Settings\Mikey\My Documents\Downloads\Quake and Doom Pack\zdoom-2.5.0\ZDL.exe probably a variant of Win32/Agent.LSLSWGD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Documents and Settings\Mikey\Application Data\Game Setup.exe.vir multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\11042010_214353\C_Documents and Settings\Mikey\Application Data\hotfix.exe a variant of Win32/Adware.FakeAntiSpy.M application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\11042010_214353\C_WINDOWS\ogudenenor.dll a variant of Win32/Cimag.DX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\11042010_214353\C_WINDOWS\werowp.dll a variant of Win32/Cimag.DW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\11042010_214353\C_WINDOWS\SYSTEM32\magnyi64.dll a variant of Win32/Kryptik.HTA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\11042010_214353\C_WINDOWS\SYSTEM32\sshnas21.dll Win32/TrojanDownloader.FakeAlert.ARF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\_OTL\MovedFiles\11042010_214353\C_WINDOWS\SYSTEM32\zh0ycwd.dll a variant of Win32/TrojanDownloader.Small.PAF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\MISC-ISOS\StarCraft Keygen\STAR-KEY.EXE Win32/Adware.Virtumonde application (deleted - quarantined) 00000000000000000000000000000000 C

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 3:04 pm

more_horiz
Hi,

Please run ComboFix again.

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 4:03 pm

more_horiz
ComboFix 10-11-06.01 - Jules 11/06/2010 11:42:00.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.254.101 [GMT -4:00]
Running from: c:\documents and settings\Jules\My Documents\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((( Files Created from 2010-10-06 to 2010-11-06 )))))))))))))))))))))))))))))))
.

2010-11-06 01:12 . 2010-11-06 01:12 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-11-06 00:02 . 2010-11-06 01:12 -------- d-----w- c:\program files\ESET
2010-11-05 23:48 . 2010-11-05 23:48 -------- d-sh--w- c:\documents and settings\Jules\PrivacIE
2010-11-05 23:39 . 2010-11-05 23:39 -------- d-sh--w- c:\documents and settings\Jules\IETldCache
2010-11-05 23:24 . 2010-11-05 23:29 -------- dc-h--w- c:\windows\ie8
2010-11-05 23:17 . 2010-08-26 11:08 13312 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-11-05 23:17 . 2010-09-10 05:58 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-11-05 23:17 . 2010-09-10 05:58 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-11-05 23:17 . 2010-09-10 05:58 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-11-05 23:17 . 2010-09-10 05:58 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-11-05 23:17 . 2010-09-10 05:58 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-11-05 23:17 . 2010-09-10 05:58 1986560 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-11-05 23:17 . 2010-09-10 05:58 11080192 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-11-05 16:49 . 2010-11-05 16:49 -------- d-----w- c:\documents and settings\Jules\Application Data\Malwarebytes
2010-11-05 07:08 . 2010-11-05 07:08 -------- d-----w- c:\windows\system32\XPSViewer
2010-11-05 07:08 . 2010-11-05 07:08 -------- d-----w- c:\program files\MSBuild
2010-11-05 07:07 . 2010-11-05 07:07 -------- d-----w- c:\program files\Reference Assemblies
2010-11-05 07:07 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-11-05 07:07 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-11-05 07:07 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-11-05 07:07 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-11-05 07:07 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-11-05 07:07 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-11-05 07:07 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2010-11-05 07:07 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-11-05 07:07 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-11-05 02:01 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-11-05 01:58 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-11-05 01:58 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-11-05 01:44 . 2010-10-23 17:55 553984 ----a-r- C:\OTLPE.exe
2010-11-05 01:43 . 2010-11-05 01:43 -------- d-----w- C:\_OTL
2010-10-27 21:47 . 2009-08-06 23:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-10-27 21:47 . 2009-08-06 23:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-10-27 19:31 . 2010-10-27 19:31 -------- d-----w- c:\documents and settings\Mikey\Application Data\Malwarebytes
2010-10-27 19:31 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-27 19:31 . 2010-10-27 19:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-10-27 19:31 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-27 18:50 . 2010-10-27 18:50 -------- d-----w- c:\documents and settings\Jules\Application Data\Recordpad
2010-10-27 18:50 . 2010-10-27 18:50 -------- d-----w- c:\documents and settings\Jules\Application Data\NCH Swift Sound
2010-10-27 18:08 . 2010-11-05 02:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Update
2010-10-27 17:06 . 2010-10-27 18:30 -------- d-----w- c:\documents and settings\Mikey\Application Data\Gygan
2010-10-27 17:06 . 2010-10-27 17:06 -------- d-----w- c:\program files\Xenocode
2010-10-27 17:06 . 2010-10-27 17:06 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Xenocode
2010-10-27 03:31 . 2010-10-27 03:31 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2010-10-24 23:42 . 2010-10-24 23:42 -------- d-----w- c:\program files\Veetle
2010-10-24 04:38 . 2010-10-24 04:38 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Unity
2010-10-23 21:15 . 2010-10-23 21:16 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Temp
2010-10-23 21:15 . 2010-10-23 21:18 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Google
2010-10-23 21:08 . 2010-10-23 21:08 -------- d-s---w- c:\documents and settings\Mikey\UserData
2010-10-22 22:32 . 2010-10-22 22:32 -------- d-----w- c:\documents and settings\All Users\Application Data\GoldWave
2010-10-22 22:25 . 2010-10-22 22:25 -------- d-----w- c:\program files\GoldWave
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
2010-10-22 22:01 . 2010-10-22 22:01 -------- d-----w- c:\program files\Common Files\Apple
2010-10-22 22:01 . 2010-10-22 22:02 -------- d-----w- c:\program files\QuickTime
2010-10-22 22:01 . 2010-10-22 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-10-22 22:00 . 2010-10-22 22:00 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Apple
2010-10-22 22:00 . 2010-10-22 22:00 -------- d-----w- c:\program files\Apple Software Update
2010-10-22 22:00 . 2010-10-22 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Apple Computer
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\program files\Common Files\DigiDesign
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\program files\Steinberg
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\program files\IK Multimedia
2010-10-22 21:58 . 2010-10-22 21:58 -------- d-----w- c:\documents and settings\Mikey\Application Data\InstallShield
2010-10-21 03:58 . 2010-10-21 03:58 -------- d-----w- c:\documents and settings\Mikey\Application Data\Recordpad
2010-10-21 03:33 . 2010-02-16 17:04 7034880 ----a-w- c:\windows\XP ARENA.EXE
2010-10-20 23:35 . 2010-10-22 19:53 -------- d-----w- c:\program files\War2Combat
2010-10-19 17:38 . 2010-10-19 17:38 -------- d-----w- c:\program files\NCH Software
2010-10-19 17:38 . 2010-10-22 21:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2010-10-19 17:37 . 2010-10-19 17:38 -------- d-----w- c:\program files\NCH Swift Sound
2010-10-19 17:37 . 2010-10-22 21:42 -------- d-----w- c:\documents and settings\Mikey\Application Data\NCH Swift Sound
2010-10-19 06:49 . 2010-10-19 06:49 -------- d-----w- c:\documents and settings\Mikey\Application Data\IObit
2010-10-19 06:49 . 2010-10-19 06:49 -------- d-----w- c:\program files\IObit
2010-10-19 06:14 . 2010-10-19 06:15 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\FriendBlasterPro
2010-10-19 06:11 . 2005-10-11 17:25 241664 ----a-w- c:\windows\system32\MyFramePanel.ocx
2010-10-19 06:11 . 2004-03-09 00:30 609824 ----a-w- c:\windows\system32\ComCtl32.ocx
2010-10-19 06:11 . 2005-07-15 16:49 245760 ----a-w- c:\windows\system32\aUpdateNow.ocx
2010-10-19 06:11 . 2004-03-08 22:00 132880 ----a-w- c:\windows\system32\msinet.ocx
2010-10-19 06:11 . 2000-05-22 04:00 140488 ----a-w- c:\windows\system32\COMDLG32.OCX
2010-10-19 06:11 . 2004-03-08 22:00 1081616 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2010-10-19 06:11 . 2000-07-15 04:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2010-10-19 06:11 . 2010-10-19 06:18 -------- d-----w- c:\program files\FriendBlasterPro
2010-10-17 18:42 . 2010-10-17 18:42 -------- d-sh--w- c:\windows\ftpcache
2010-10-17 15:28 . 2010-10-28 11:28 -------- d-----w- c:\program files\Common Files\Sandlot Shared
2010-10-17 15:28 . 2010-10-17 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games
2010-10-15 10:12 . 2010-10-15 10:12 1409 ----a-w- c:\windows\QTFont.for
2010-10-14 09:18 . 2010-10-14 09:18 -------- d-----w- c:\program files\LucasArts
2010-10-14 00:23 . 2010-10-14 00:23 -------- d-----w- c:\program files\Infogrames
2010-10-14 00:13 . 2010-10-14 00:13 -------- d-----w- c:\program files\Infogrames Interactive
2010-10-14 00:08 . 2010-10-14 00:13 -------- d-----w- c:\program files\GameHouse Games Collection
2010-10-13 04:48 . 2010-10-13 04:54 -------- d-----w- c:\program files\Postal2
2010-10-13 04:38 . 2010-10-13 04:38 -------- d-----w- c:\program files\Core Design
2010-10-11 00:31 . 2010-10-11 00:31 -------- d-----w- c:\program files\Bethesda Softworks
2010-10-11 00:28 . 2001-09-05 10:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2010-10-11 00:28 . 2001-09-05 10:14 176128 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2010-10-11 00:28 . 2001-09-05 10:13 32768 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2010-10-11 00:28 . 2001-09-05 10:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2010-10-11 00:27 . 2001-09-05 10:24 610436 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2010-10-07 22:40 . 2010-10-19 06:41 -------- d-----w- c:\program files\ElcomSoft

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 4:04 pm

more_horiz
CON'T:

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-28 22:08 . 2010-09-28 22:08 74 ----a-w- C:\start.vbs
2010-09-27 23:21 . 2010-09-27 23:21 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-18 16:23 . 2004-08-04 11:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-04 11:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-04 11:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-04 11:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58 . 2004-08-04 11:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58 . 2004-08-04 11:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58 . 2004-08-04 11:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51 . 2004-08-04 11:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2004-08-04 11:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-04 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-04 11:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2004-08-04 11:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2010-08-08 07:19 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12 . 2004-08-04 11:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2004-08-04 11:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2004-08-04 11:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-08-12 18:29 . 2010-08-12 18:29 2772992 ----a-w- c:\windows\system32\GPhotos.scr
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\BEEP.SYS

[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys

[-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\NULL.SYS

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\DRIVERS\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2005-03-14 . 6129E70F3D2F1E60860C930EBEAF92C2 . 359936 . . [5.1.2600.2631] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-03-14 . 0E66B538096A6529D1AC66E78EB0D5C8 . 359808 . . [5.1.2600.2631] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 4:04 pm

more_horiz

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\browser.dll
[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\lsass.exe
[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\netman.dll
[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SYSTEM32\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SYSTEM32\bits\qmgr.dll
[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\DLLCACHE\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 01095FEBF33BEEA00C2A0730B9B3EC28 . 399360 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2009-02-09 . 24B5D53B9ACCC1E2EDCF0A878D6659D4 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-04 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll

[-] 2009-02-06 . 37561F8D4160D62DA86D24AE41FAE8DE . 110592 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\DLLCACHE\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-06 . 4712531AB7A01B7EE059853CA17D39BD . 110592 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\winlogon.exe
[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\cryptsvc.dll
[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\SYSTEM32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\SYSTEM32\DLLCACHE\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2004-08-04 11:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\imm32.dll
[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . B6ACAED7588295129791E0E6A2B0FADE . 986112 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\SYSTEM32\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\SYSTEM32\DLLCACHE\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 80202858D245FF07DAA1739C57A3E19B . 989184 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\linkinfo.dll
[-] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\lpk.dll
[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SYSTEM32\msvcrt.dll
[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\MSVCRT.DLL
[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\MSVCRT.DLL

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\DLLCACHE\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-04 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\netlogon.dll
[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\Driver Cache\I386\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
[-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . 97E2BF68857818A4D142B872404DC41B . 2186880 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . FACEBB0CA3154F77009CDFEE78A00BBB . 2180480 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-02-06 . 6A936E9D7BADAF3CAAEED1E1966EC1B0 . 2186112 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
[-] 2004-08-04 . CE218BC7088681FAA06633E218596CA7 . 2180992 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SYSTEM32\powrprof.dll
[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\scecli.dll
[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\sfc.dll
[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\svchost.exe
[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\tapisrv.dll
[-] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\userinit.exe
[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ws2_32.dll
[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ws2help.dll
[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\eventlog.dll
[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\sfcfiles.dll
[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ctfmon.exe
[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SYSTEM32\shsvcs.dll
[-] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\regsvc.dll
[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\schedsvc.dll
[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ssdpsrv.dll
[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\termsrv.dll
[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2004-08-04 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\ACPIEC.SYS

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SYSTEM32\DLLCACHE\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SYSTEM32\DRIVERS\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2004-08-04 04:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\msgsvc.dll
[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll

[-] 2009-01-31 00:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\SYSTEM32\mspmsnsv.dll
[-] 2009-01-31 00:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\SYSTEM32\DLLCACHE\mspmsnsv.dll
[-] 2004-09-15 18:27 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-09-15 18:27 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-04 11:00 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\Driver Cache\I386\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
[-] 2010-02-17 . 1811AFC2FADB60B88947E3D08E250860 . 2063744 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-02-06 . 3006410E24772CC6953F0B5C01BEB35F . 2057728 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2009-02-06 . 9D832AF3FD1917DB0E1E8B2F000A2E3A . 2062976 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
[-] 2004-08-04 . 947FB1D86D14AFCFFDB54BF837EC25D0 . 2056832 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 4:06 pm

more_horiz

[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SYSTEM32\ntmssvc.dll
[-] 2004-08-04 11:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\upnphost.dll
[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SYSTEM32\dsound.dll
[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SYSTEM32\d3d9.dll
[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SYSTEM32\ddraw.dll
[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll

[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\olepro32.dll
[-] 2004-08-04 11:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\perfctrs.dll
[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\version.dll
[-] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-11-05_02.23.08 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-08-08 07:26 . 2010-04-21 13:28 46080 c:\windows\SYSTEM32\tzchange.exe
+ 2010-08-08 07:26 . 2010-06-21 14:46 46080 c:\windows\SYSTEM32\tzchange.exe
+ 2008-07-30 01:10 . 2008-07-30 01:10 26112 c:\windows\SYSTEM32\TsWpfWrp.exe
+ 2010-08-08 07:00 . 2009-01-07 22:21 26144 c:\windows\SYSTEM32\spupdsvc.exe
+ 2010-10-27 16:57 . 2009-01-07 22:20 16928 c:\windows\SYSTEM32\spmsg.dll
+ 2010-03-31 04:16 . 2010-03-31 04:16 99176 c:\windows\SYSTEM32\PresentationHostProxy.dll
+ 2004-08-04 11:00 . 2009-03-08 08:31 46592 c:\windows\SYSTEM32\pngfilt.dll
+ 2004-12-20 05:15 . 2010-11-06 02:04 71732 c:\windows\SYSTEM32\PERFC009.DAT
+ 2009-01-07 22:20 . 2009-01-07 22:20 23552 c:\windows\SYSTEM32\normaliz.dll
+ 2009-01-07 22:20 . 2009-01-07 22:20 24576 c:\windows\SYSTEM32\nlsdl.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 49488 c:\windows\SYSTEM32\netfxperf.dll
+ 2004-08-04 11:00 . 2009-03-08 08:31 48128 c:\windows\SYSTEM32\mshtmler.dll
+ 2004-08-04 11:00 . 2010-09-10 05:58 66560 c:\windows\SYSTEM32\mshtmled.dll
+ 2004-08-04 11:00 . 2009-03-08 08:31 45568 c:\windows\SYSTEM32\mshta.exe
+ 2009-03-08 08:31 . 2009-03-08 08:31 13312 c:\windows\SYSTEM32\msfeedssync.exe
+ 2009-03-08 08:31 . 2010-09-10 05:58 55296 c:\windows\SYSTEM32\msfeedsbs.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 83968 c:\windows\SYSTEM32\mscories.dll
+ 2004-08-04 11:00 . 2010-09-10 05:58 25600 c:\windows\SYSTEM32\jsproxy.dll
+ 2004-08-04 11:00 . 2009-03-08 08:32 94720 c:\windows\SYSTEM32\inseng.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 97800 c:\windows\SYSTEM32\infocardapi.dll
+ 2004-08-04 11:00 . 2009-03-08 08:31 34816 c:\windows\SYSTEM32\imgutil.dll
+ 2009-03-08 08:32 . 2009-03-08 08:32 36864 c:\windows\SYSTEM32\ieudinit.exe
+ 2004-08-04 11:00 . 2009-03-08 08:32 71680 c:\windows\SYSTEM32\iesetup.dll
+ 2004-08-04 11:00 . 2009-03-08 08:32 55808 c:\windows\SYSTEM32\iernonce.dll
+ 2009-01-07 22:20 . 2009-01-07 22:20 26112 c:\windows\SYSTEM32\idndl.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 11264 c:\windows\SYSTEM32\icardres.dll
+ 2009-03-08 08:31 . 2009-03-08 08:31 59904 c:\windows\SYSTEM32\icardie.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 73720 c:\windows\SYSTEM32\dxva2.dll
+ 2010-08-03 17:28 . 2010-08-03 17:28 95896 c:\windows\SYSTEM32\DRIVERS\epfwtdir.sys
+ 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\SYSTEM32\DLLCACHE\srvsvc.dll
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\SYSTEM32\DLLCACHE\spoolsv.exe
+ 2009-03-08 08:31 . 2009-03-08 08:31 46592 c:\windows\SYSTEM32\DLLCACHE\pngfilt.dll
+ 2009-03-08 08:31 . 2009-03-08 08:31 48128 c:\windows\SYSTEM32\DLLCACHE\mshtmler.dll
+ 2010-09-09 14:16 . 2010-09-10 05:58 66560 c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
+ 2009-03-08 08:31 . 2009-03-08 08:31 45568 c:\windows\SYSTEM32\DLLCACHE\mshta.exe
+ 2009-03-08 08:34 . 2010-09-10 05:58 43520 c:\windows\SYSTEM32\DLLCACHE\licmgr10.dll
+ 2009-03-08 08:33 . 2010-09-10 05:58 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2009-03-08 08:32 . 2009-03-08 08:32 94720 c:\windows\SYSTEM32\DLLCACHE\inseng.dll
+ 2009-03-08 08:31 . 2009-03-08 08:31 34816 c:\windows\SYSTEM32\DLLCACHE\imgutil.dll
+ 2009-03-08 08:32 . 2009-03-08 08:32 71680 c:\windows\SYSTEM32\DLLCACHE\iesetup.dll
+ 2009-03-08 08:32 . 2009-03-08 08:32 55808 c:\windows\SYSTEM32\DLLCACHE\iernonce.dll
+ 2009-03-08 08:24 . 2009-03-08 08:24 68608 c:\windows\SYSTEM32\DLLCACHE\hmmapi.dll
+ 2009-03-08 08:33 . 2009-03-08 08:33 18944 c:\windows\SYSTEM32\DLLCACHE\corpol.dll
+ 2009-03-08 08:32 . 2009-03-08 08:32 72704 c:\windows\SYSTEM32\DLLCACHE\admparse.dll
+ 2004-08-04 11:00 . 2009-03-08 08:33 18944 c:\windows\SYSTEM32\corpol.dll
+ 2004-08-04 11:00 . 2009-03-08 08:32 72704 c:\windows\SYSTEM32\admparse.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-30 01:10 . 2008-07-30 01:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 23:32 . 2008-07-29 23:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2010-04-08 03:48 . 2010-04-08 03:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2010-09-22 13:43 . 2010-09-22 13:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-04-01 15:42 . 2010-04-01 15:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2010-03-31 18:51 . 2010-03-31 18:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2010-03-31 18:51 . 2010-03-31 18:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2010-03-31 18:51 . 2010-03-31 18:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-09-23 07:17 . 2010-09-23 07:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2010-03-31 19:32 . 2010-03-31 19:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-09-23 07:17 . 2010-09-23 07:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2010-03-31 19:32 . 2010-03-31 19:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2008-07-30 01:07 . 2008-07-30 01:07 23040 c:\windows\Installer\1c17e40.msp
+ 2010-11-05 07:05 . 2010-11-05 07:05 88576 c:\windows\Installer\1bbf03c.msi
+ 2010-11-06 01:13 . 2010-11-06 01:13 10134 c:\windows\Installer\{D02EDDE7-B5C5-40A2-AF57-73A3278F4EEB}\callmsi.exe
- 2010-09-16 00:08 . 2010-09-16 00:08 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-09-16 00:08 . 2010-11-05 02:37 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 4:06 pm

more_horiz
+ 2010-11-05 23:30 . 2009-03-08 08:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-11-05 23:29 . 2009-03-08 08:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-11-05 23:29 . 2009-03-08 08:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll
+ 2010-11-05 23:31 . 2009-03-08 08:31 66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll
+ 2010-11-05 23:31 . 2009-03-08 08:34 43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll
+ 2010-11-05 23:24 . 2008-04-14 00:12 37888 c:\windows\ie8\url.dll
+ 2010-11-05 23:26 . 2009-03-08 18:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2010-11-05 23:24 . 2008-04-14 00:12 39424 c:\windows\ie8\pngfilt.dll
+ 2010-11-05 23:24 . 2008-04-14 00:12 96256 c:\windows\ie8\occache.dll
+ 2010-11-05 23:24 . 2008-04-13 16:26 56832 c:\windows\ie8\mshtmler.dll
+ 2010-11-05 23:24 . 2008-04-14 00:12 29184 c:\windows\ie8\mshta.exe
+ 2010-11-05 23:24 . 2008-04-14 00:11 22016 c:\windows\ie8\licmgr10.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 15872 c:\windows\ie8\jsproxy.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 96256 c:\windows\ie8\inseng.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 35840 c:\windows\ie8\imgutil.dll
+ 2010-11-05 23:24 . 2008-04-14 00:12 93184 c:\windows\ie8\iexplore.exe
+ 2010-11-05 23:24 . 2008-04-14 00:11 62976 c:\windows\ie8\iesetup.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 48640 c:\windows\ie8\iernonce.dll
+ 2010-11-05 23:24 . 2010-09-09 14:16 81920 c:\windows\ie8\ieencode.dll
+ 2010-11-05 23:24 . 2008-04-14 00:12 34304 c:\windows\ie8\ie4uinit.exe
+ 2010-11-05 23:24 . 2008-04-14 00:11 38912 c:\windows\ie8\hmmapi.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 35328 c:\windows\ie8\corpol.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 99840 c:\windows\ie8\advpack.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 61440 c:\windows\ie8\admparse.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\I386\filterpipelineprintproc.dll
+ 2010-11-05 02:31 . 2010-11-05 02:31 90112 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_31241184\System.Drawing.Design.dll
+ 2010-11-05 02:31 . 2010-11-05 02:31 61440 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_0abeb0ef\CustomMarshalers.dll
+ 2010-11-06 02:22 . 2010-11-06 02:22 60928 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-11-06 02:30 . 2010-11-06 02:30 37888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-11-06 02:30 . 2010-11-06 02:30 36864 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 94208 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 82944 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-11-06 02:13 . 2010-11-06 02:13 47104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-11-06 02:06 . 2010-11-06 02:06 39424 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-11-06 02:29 . 2010-11-06 02:29 55296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 74752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 65024 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 14336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-11-06 02:25 . 2010-11-06 02:25 25600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 94208 c:\windows\ASSEMBLY\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 98304 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 40960 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 12288 c:\windows\ASSEMBLY\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2010-11-05 07:10 . 2010-11-05 07:10 61440 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 77824 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 32768 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 77824 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2010-11-06 01:37 . 2010-11-06 01:37 32768 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-11-05 07:07 . 2010-11-05 07:07 73728 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 53248 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 57344 c:\windows\ASSEMBLY\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 45056 c:\windows\ASSEMBLY\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 46104 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2010-11-05 07:07 . 2010-11-05 07:07 32768 c:\windows\ASSEMBLY\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 32768 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 32768 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 12800 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 12800 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 41984 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 28672 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 28672 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 77824 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 94208 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 77824 c:\windows\ASSEMBLY\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 13312 c:\windows\ASSEMBLY\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 13312 c:\windows\ASSEMBLY\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 10752 c:\windows\ASSEMBLY\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 10752 c:\windows\ASSEMBLY\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 72192 c:\windows\ASSEMBLY\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 72192 c:\windows\ASSEMBLY\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 69120 c:\windows\ASSEMBLY\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-11-05 02:30 . 2010-11-05 02:30 81920 c:\windows\ASSEMBLY\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-08-09 07:18 . 2010-08-09 07:18 81920 c:\windows\ASSEMBLY\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-11-05 02:35 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll
+ 2010-11-05 02:35 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981322\spmsg.dll
+ 2010-11-05 02:37 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll
+ 2010-11-05 02:37 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2347290\spmsg.dll
+ 2010-08-17 13:19 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
+ 2010-11-05 02:29 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2141007\update\spcustom.dll
+ 2010-11-05 02:29 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2141007\spmsg.dll
+ 2010-11-05 02:37 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2121546\update\spcustom.dll
+ 2010-11-05 02:37 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2121546\spmsg.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2005-09-23 11:29 . 2005-09-23 11:29 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2010-11-05 23:31 . 2009-03-08 08:35 2048 c:\windows\ie8updates\KB2362765-IE8\iecompat.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 5632 c:\windows\ASSEMBLY\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 6656 c:\windows\ASSEMBLY\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-07 01:23 . 2007-11-07 01:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-30 01:26 . 2008-07-30 01:26 301568 c:\windows\SYSTEM32\XPSViewer\XPSViewer.exe
+ 2008-04-14 00:12 . 2009-01-07 22:21 121856 c:\windows\SYSTEM32\xmllite.dll
- 2008-04-14 00:12 . 2008-04-14 00:12 121856 c:\windows\SYSTEM32\xmllite.dll
+ 2004-08-04 11:00 . 2009-07-14 03:43 286208 c:\windows\SYSTEM32\wmpdxm.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 293376 c:\windows\SYSTEM32\winsrv.dll
+ 2004-08-04 11:00 . 2010-06-18 17:45 293376 c:\windows\SYSTEM32\winsrv.dll
+ 2009-03-08 08:34 . 2009-03-08 08:34 208384 c:\windows\SYSTEM32\WinFXDocObj.exe
+ 2004-08-04 11:00 . 2009-03-08 08:34 236544 c:\windows\SYSTEM32\webcheck.dll
+ 2004-08-04 11:00 . 2010-03-10 06:15 420352 c:\windows\SYSTEM32\vbscript.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 406016 c:\windows\SYSTEM32\usp10.dll
+ 2004-08-04 11:00 . 2010-04-16 15:36 406016 c:\windows\SYSTEM32\usp10.dll
+ 2004-08-04 11:00 . 2009-03-08 08:34 105984 c:\windows\SYSTEM32\url.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 161296 c:\windows\SYSTEM32\UIAutomationCore.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\mxdwdrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\mxdwdrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\mxdwdrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 147456 c:\windows\SYSTEM32\SPOOL\PRTPROCS\x64\filterpipelineprintproc.dll
+ 2010-11-05 07:07 . 2008-03-13 04:52 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 744960 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrvui.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 198656 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdui.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdrv.dll
+ 2006-08-24 20:15 . 2006-08-24 20:15 150808 c:\windows\SYSTEM32\rgb9rast_2.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 781344 c:\windows\SYSTEM32\PresentationNative_v0300.dll
+ 2010-03-31 04:10 . 2010-03-31 04:10 295264 c:\windows\SYSTEM32\PresentationHost.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 105016 c:\windows\SYSTEM32\PresentationCFFRasterizerNative_v0300.dll
+ 2004-12-20 05:15 . 2010-11-06 02:04 442466 c:\windows\SYSTEM32\PERFH009.DAT
+ 2004-08-04 11:00 . 2010-09-10 05:58 206848 c:\windows\SYSTEM32\occache.dll
+ 2004-08-04 11:00 . 2010-09-10 05:58 611840 c:\windows\SYSTEM32\mstime.dll
+ 2004-08-04 11:00 . 2009-03-08 08:34 193536 c:\windows\SYSTEM32\msrating.dll
+ 2004-08-04 11:00 . 2009-03-08 08:22 156160 c:\windows\SYSTEM32\msls31.dll
+ 2009-03-08 08:32 . 2010-09-10 05:58 602112 c:\windows\SYSTEM32\msfeeds.dll
+ 2009-01-07 22:20 . 2009-01-07 22:20 265720 c:\windows\SYSTEM32\msdbg2.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 158720 c:\windows\SYSTEM32\mscorier.dll
+ 2009-11-06 02:17 . 2009-11-06 02:17 297808 c:\windows\SYSTEM32\mscoree.dll
+ 2006-10-19 01:47 . 2010-03-30 16:24 317440 c:\windows\SYSTEM32\mp4sdecd.dll
- 2006-10-19 01:47 . 2009-01-31 00:33 317440 c:\windows\SYSTEM32\MP4SDECD.dll
+ 2004-08-04 11:00 . 2009-12-09 05:53 726528 c:\windows\SYSTEM32\jscript.dll
+ 2004-08-04 11:00 . 2010-06-09 07:43 692736 c:\windows\SYSTEM32\inetcomm.dll
+ 2009-03-08 08:22 . 2009-03-08 08:22 164352 c:\windows\SYSTEM32\ieui.dll
+ 2004-08-04 11:00 . 2010-09-10 05:58 184320 c:\windows\SYSTEM32\iepeers.dll
+ 2004-08-04 11:00 . 2010-09-10 05:58 387584 c:\windows\SYSTEM32\iedkcs32.dll
+ 2009-03-08 08:11 . 2009-03-08 08:11 445952 c:\windows\SYSTEM32\ieapfltr.dll
+ 2004-08-04 11:00 . 2009-03-08 08:32 163840 c:\windows\SYSTEM32\ieakui.dll
+ 2004-08-04 11:00 . 2009-03-08 08:33 229376 c:\windows\SYSTEM32\ieaksie.dll
+ 2004-08-04 11:00 . 2009-03-08 08:33 125952 c:\windows\SYSTEM32\ieakeng.dll
+ 2004-08-04 11:00 . 2010-08-26 12:22 173056 c:\windows\SYSTEM32\ie4uinit.exe
+ 2008-07-29 23:24 . 2008-07-29 23:24 622080 c:\windows\SYSTEM32\icardagt.exe
+ 2004-08-10 19:08 . 2010-11-05 07:32 239144 c:\windows\SYSTEM32\FNTCACHE.DAT
+ 2008-07-30 01:10 . 2008-07-30 01:10 493048 c:\windows\SYSTEM32\evr.dll
+ 2004-08-04 11:00 . 2009-03-08 08:31 216064 c:\windows\SYSTEM32\dxtrans.dll
+ 2004-08-04 11:00 . 2009-03-08 08:31 348160 c:\windows\SYSTEM32\dxtmsft.dll
+ 2010-07-29 17:31 . 2010-07-29 17:31 115008 c:\windows\SYSTEM32\DRIVERS\ehdrv.sys
+ 2010-08-04 15:50 . 2010-08-04 15:50 140752 c:\windows\SYSTEM32\DRIVERS\eamon.sys
+ 2010-08-08 07:19 . 2010-07-12 12:55 218112 c:\windows\SYSTEM32\DLLCACHE\wordpad.exe
+ 2004-08-04 11:00 . 2009-07-14 03:43 286208 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll
+ 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\SYSTEM32\DLLCACHE\winsrv.dll
+ 2010-04-16 16:09 . 2010-09-10 05:58 916480 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2009-03-08 08:34 . 2009-03-08 08:34 236544 c:\windows\SYSTEM32\DLLCACHE\webcheck.dll
+ 2009-03-08 08:33 . 2009-03-08 08:33 759296 c:\windows\SYSTEM32\DLLCACHE\VGX.dll
+ 2010-03-09 11:09 . 2010-03-10 06:15 420352 c:\windows\SYSTEM32\DLLCACHE\vbscript.dll
+ 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\SYSTEM32\DLLCACHE\usp10.dll
+ 2009-03-08 08:34 . 2009-03-08 08:34 105984 c:\windows\SYSTEM32\DLLCACHE\url.dll
- 2010-08-08 07:28 . 2009-10-15 16:28 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll
+ 2010-08-08 07:28 . 2010-08-27 08:02 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll
+ 2010-08-08 07:29 . 2010-08-26 13:39 357248 c:\windows\SYSTEM32\DLLCACHE\srv.sys
+ 2009-01-07 22:20 . 2009-01-07 22:20 134144 c:\windows\SYSTEM32\DLLCACHE\sqmapi.dll
+ 2009-04-15 14:51 . 2010-08-16 08:45 590848 c:\windows\SYSTEM32\DLLCACHE\rpcrt4.dll
+ 2009-03-08 08:34 . 2010-09-10 05:58 206848 c:\windows\SYSTEM32\DLLCACHE\occache.dll
+ 2009-03-08 08:32 . 2010-09-10 05:58 611840 c:\windows\SYSTEM32\DLLCACHE\mstime.dll
+ 2009-03-08 08:34 . 2009-03-08 08:34 193536 c:\windows\SYSTEM32\DLLCACHE\msrating.dll
+ 2009-03-08 08:22 . 2009-03-08 08:22 156160 c:\windows\SYSTEM32\DLLCACHE\msls31.dll
+ 2010-03-30 16:24 . 2010-03-30 16:24 317440 c:\windows\SYSTEM32\DLLCACHE\mp4sdecd.dll
+ 2010-09-18 16:23 . 2010-09-18 16:23 974848 c:\windows\SYSTEM32\DLLCACHE\mfc42u.dll
+ 2004-08-04 11:00 . 2010-09-18 06:53 954368 c:\windows\SYSTEM32\DLLCACHE\mfc40.dll
+ 2010-09-07 13:03 . 2009-12-09 05:53 726528 c:\windows\SYSTEM32\DLLCACHE\jscript.dll
+ 2010-01-29 15:01 . 2010-06-09 07:43 692736 c:\windows\SYSTEM32\DLLCACHE\inetcomm.dll
+ 2009-03-08 18:09 . 2009-03-08 18:09 638816 c:\windows\SYSTEM32\DLLCACHE\iexplore.exe
+ 2010-04-16 16:09 . 2010-09-10 05:58 184320 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll
+ 2009-03-08 18:09 . 2010-09-10 05:58 387584 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
+ 2004-08-04 11:00 . 2009-03-08 08:32 163840 c:\windows\SYSTEM32\DLLCACHE\ieakui.dll
+ 2009-03-08 08:33 . 2009-03-08 08:33 229376 c:\windows\SYSTEM32\DLLCACHE\ieaksie.dll
+ 2009-03-08 08:33 . 2009-03-08 08:33 125952 c:\windows\SYSTEM32\DLLCACHE\ieakeng.dll
+ 2009-03-08 08:32 . 2010-08-26 12:22 173056 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
+ 2009-03-08 08:31 . 2009-03-08 08:31 216064 c:\windows\SYSTEM32\DLLCACHE\dxtrans.dll
+ 2009-03-08 08:31 . 2009-03-08 08:31 348160 c:\windows\SYSTEM32\DLLCACHE\dxtmsft.dll
+ 2010-04-20 05:51 . 2010-09-01 11:51 285824 c:\windows\SYSTEM32\DLLCACHE\atmfd.dll
+ 2009-03-08 08:32 . 2009-03-08 08:32 128512 c:\windows\SYSTEM32\DLLCACHE\advpack.dll
+ 2004-08-04 11:00 . 2009-03-08 08:32 128512 c:\windows\SYSTEM32\advpack.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 22:47 . 2008-07-29 22:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 22:47 . 2008-07-29 22:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-30 03:15 . 2008-07-30 03:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-30 03:40 . 2008-07-30 03:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-30 00:35 . 2008-07-30 00:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2010-03-31 04:16 . 2010-03-31 04:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2010-04-08 03:48 . 2010-04-08 03:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2010-04-08 03:48 . 2010-04-08 03:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2010-09-22 13:43 . 2010-09-22 13:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2010-02-09 16:22 . 2010-02-09 16:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2005-09-23 11:29 . 2005-09-23 11:29 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 11:29 . 2005-09-23 11:29 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2010-03-31 18:51 . 2010-03-31 18:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 06:25 . 2010-09-23 06:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-03-31 18:49 . 2010-03-31 18:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-03-31 19:32 . 2010-03-31 19:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-09-23 07:17 . 2010-09-23 07:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 4:08 pm

more_horiz
+ 2010-11-05 23:31 . 2009-03-08 08:35 2048 c:\windows\ie8updates\KB2362765-IE8\iecompat.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 5632 c:\windows\ASSEMBLY\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 6656 c:\windows\ASSEMBLY\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-07 01:23 . 2007-11-07 01:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-30 01:26 . 2008-07-30 01:26 301568 c:\windows\SYSTEM32\XPSViewer\XPSViewer.exe
+ 2008-04-14 00:12 . 2009-01-07 22:21 121856 c:\windows\SYSTEM32\xmllite.dll
- 2008-04-14 00:12 . 2008-04-14 00:12 121856 c:\windows\SYSTEM32\xmllite.dll
+ 2004-08-04 11:00 . 2009-07-14 03:43 286208 c:\windows\SYSTEM32\wmpdxm.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 293376 c:\windows\SYSTEM32\winsrv.dll
+ 2004-08-04 11:00 . 2010-06-18 17:45 293376 c:\windows\SYSTEM32\winsrv.dll
+ 2009-03-08 08:34 . 2009-03-08 08:34 208384 c:\windows\SYSTEM32\WinFXDocObj.exe
+ 2004-08-04 11:00 . 2009-03-08 08:34 236544 c:\windows\SYSTEM32\webcheck.dll
+ 2004-08-04 11:00 . 2010-03-10 06:15 420352 c:\windows\SYSTEM32\vbscript.dll
- 2004-08-04 11:00 . 2008-04-14 00:12 406016 c:\windows\SYSTEM32\usp10.dll
+ 2004-08-04 11:00 . 2010-04-16 15:36 406016 c:\windows\SYSTEM32\usp10.dll
+ 2004-08-04 11:00 . 2009-03-08 08:34 105984 c:\windows\SYSTEM32\url.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 161296 c:\windows\SYSTEM32\UIAutomationCore.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\mxdwdrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\mxdwdrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\mxdwdrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 147456 c:\windows\SYSTEM32\SPOOL\PRTPROCS\x64\filterpipelineprintproc.dll
+ 2010-11-05 07:07 . 2008-03-13 04:52 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 744960 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrvui.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 198656 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdui.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdrv.dll
+ 2006-08-24 20:15 . 2006-08-24 20:15 150808 c:\windows\SYSTEM32\rgb9rast_2.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 781344 c:\windows\SYSTEM32\PresentationNative_v0300.dll
+ 2010-03-31 04:10 . 2010-03-31 04:10 295264 c:\windows\SYSTEM32\PresentationHost.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 105016 c:\windows\SYSTEM32\PresentationCFFRasterizerNative_v0300.dll
+ 2004-12-20 05:15 . 2010-11-06 02:04 442466 c:\windows\SYSTEM32\PERFH009.DAT
+ 2004-08-04 11:00 . 2010-09-10 05:58 206848 c:\windows\SYSTEM32\occache.dll
+ 2004-08-04 11:00 . 2010-09-10 05:58 611840 c:\windows\SYSTEM32\mstime.dll
+ 2004-08-04 11:00 . 2009-03-08 08:34 193536 c:\windows\SYSTEM32\msrating.dll
+ 2004-08-04 11:00 . 2009-03-08 08:22 156160 c:\windows\SYSTEM32\msls31.dll
+ 2009-03-08 08:32 . 2010-09-10 05:58 602112 c:\windows\SYSTEM32\msfeeds.dll
+ 2009-01-07 22:20 . 2009-01-07 22:20 265720 c:\windows\SYSTEM32\msdbg2.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 158720 c:\windows\SYSTEM32\mscorier.dll
+ 2009-11-06 02:17 . 2009-11-06 02:17 297808 c:\windows\SYSTEM32\mscoree.dll
+ 2006-10-19 01:47 . 2010-03-30 16:24 317440 c:\windows\SYSTEM32\mp4sdecd.dll
- 2006-10-19 01:47 . 2009-01-31 00:33 317440 c:\windows\SYSTEM32\MP4SDECD.dll
+ 2004-08-04 11:00 . 2009-12-09 05:53 726528 c:\windows\SYSTEM32\jscript.dll
+ 2004-08-04 11:00 . 2010-06-09 07:43 692736 c:\windows\SYSTEM32\inetcomm.dll
+ 2009-03-08 08:22 . 2009-03-08 08:22 164352 c:\windows\SYSTEM32\ieui.dll
+ 2004-08-04 11:00 . 2010-09-10 05:58 184320 c:\windows\SYSTEM32\iepeers.dll
+ 2004-08-04 11:00 . 2010-09-10 05:58 387584 c:\windows\SYSTEM32\iedkcs32.dll
+ 2009-03-08 08:11 . 2009-03-08 08:11 445952 c:\windows\SYSTEM32\ieapfltr.dll
+ 2004-08-04 11:00 . 2009-03-08 08:32 163840 c:\windows\SYSTEM32\ieakui.dll
+ 2004-08-04 11:00 . 2009-03-08 08:33 229376 c:\windows\SYSTEM32\ieaksie.dll
+ 2004-08-04 11:00 . 2009-03-08 08:33 125952 c:\windows\SYSTEM32\ieakeng.dll
+ 2004-08-04 11:00 . 2010-08-26 12:22 173056 c:\windows\SYSTEM32\ie4uinit.exe
+ 2008-07-29 23:24 . 2008-07-29 23:24 622080 c:\windows\SYSTEM32\icardagt.exe
+ 2004-08-10 19:08 . 2010-11-05 07:32 239144 c:\windows\SYSTEM32\FNTCACHE.DAT
+ 2008-07-30 01:10 . 2008-07-30 01:10 493048 c:\windows\SYSTEM32\evr.dll
+ 2004-08-04 11:00 . 2009-03-08 08:31 216064 c:\windows\SYSTEM32\dxtrans.dll
+ 2004-08-04 11:00 . 2009-03-08 08:31 348160 c:\windows\SYSTEM32\dxtmsft.dll
+ 2010-07-29 17:31 . 2010-07-29 17:31 115008 c:\windows\SYSTEM32\DRIVERS\ehdrv.sys
+ 2010-08-04 15:50 . 2010-08-04 15:50 140752 c:\windows\SYSTEM32\DRIVERS\eamon.sys
+ 2010-08-08 07:19 . 2010-07-12 12:55 218112 c:\windows\SYSTEM32\DLLCACHE\wordpad.exe
+ 2004-08-04 11:00 . 2009-07-14 03:43 286208 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll
+ 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\SYSTEM32\DLLCACHE\winsrv.dll
+ 2010-04-16 16:09 . 2010-09-10 05:58 916480 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2009-03-08 08:34 . 2009-03-08 08:34 236544 c:\windows\SYSTEM32\DLLCACHE\webcheck.dll
+ 2009-03-08 08:33 . 2009-03-08 08:33 759296 c:\windows\SYSTEM32\DLLCACHE\VGX.dll
+ 2010-03-09 11:09 . 2010-03-10 06:15 420352 c:\windows\SYSTEM32\DLLCACHE\vbscript.dll
+ 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\SYSTEM32\DLLCACHE\usp10.dll
+ 2009-03-08 08:34 . 2009-03-08 08:34 105984 c:\windows\SYSTEM32\DLLCACHE\url.dll
- 2010-08-08 07:28 . 2009-10-15 16:28 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll
+ 2010-08-08 07:28 . 2010-08-27 08:02 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll
+ 2010-08-08 07:29 . 2010-08-26 13:39 357248 c:\windows\SYSTEM32\DLLCACHE\srv.sys
+ 2009-01-07 22:20 . 2009-01-07 22:20 134144 c:\windows\SYSTEM32\DLLCACHE\sqmapi.dll
+ 2009-04-15 14:51 . 2010-08-16 08:45 590848 c:\windows\SYSTEM32\DLLCACHE\rpcrt4.dll
+ 2009-03-08 08:34 . 2010-09-10 05:58 206848 c:\windows\SYSTEM32\DLLCACHE\occache.dll
+ 2009-03-08 08:32 . 2010-09-10 05:58 611840 c:\windows\SYSTEM32\DLLCACHE\mstime.dll
+ 2009-03-08 08:34 . 2009-03-08 08:34 193536 c:\windows\SYSTEM32\DLLCACHE\msrating.dll
+ 2009-03-08 08:22 . 2009-03-08 08:22 156160 c:\windows\SYSTEM32\DLLCACHE\msls31.dll
+ 2010-03-30 16:24 . 2010-03-30 16:24 317440 c:\windows\SYSTEM32\DLLCACHE\mp4sdecd.dll
+ 2010-09-18 16:23 . 2010-09-18 16:23 974848 c:\windows\SYSTEM32\DLLCACHE\mfc42u.dll
+ 2004-08-04 11:00 . 2010-09-18 06:53 954368 c:\windows\SYSTEM32\DLLCACHE\mfc40.dll
+ 2010-09-07 13:03 . 2009-12-09 05:53 726528 c:\windows\SYSTEM32\DLLCACHE\jscript.dll
+ 2010-01-29 15:01 . 2010-06-09 07:43 692736 c:\windows\SYSTEM32\DLLCACHE\inetcomm.dll
+ 2009-03-08 18:09 . 2009-03-08 18:09 638816 c:\windows\SYSTEM32\DLLCACHE\iexplore.exe
+ 2010-04-16 16:09 . 2010-09-10 05:58 184320 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll
+ 2009-03-08 18:09 . 2010-09-10 05:58 387584 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
+ 2004-08-04 11:00 . 2009-03-08 08:32 163840 c:\windows\SYSTEM32\DLLCACHE\ieakui.dll
+ 2009-03-08 08:33 . 2009-03-08 08:33 229376 c:\windows\SYSTEM32\DLLCACHE\ieaksie.dll
+ 2009-03-08 08:33 . 2009-03-08 08:33 125952 c:\windows\SYSTEM32\DLLCACHE\ieakeng.dll
+ 2009-03-08 08:32 . 2010-08-26 12:22 173056 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
+ 2009-03-08 08:31 . 2009-03-08 08:31 216064 c:\windows\SYSTEM32\DLLCACHE\dxtrans.dll
+ 2009-03-08 08:31 . 2009-03-08 08:31 348160 c:\windows\SYSTEM32\DLLCACHE\dxtmsft.dll
+ 2010-04-20 05:51 . 2010-09-01 11:51 285824 c:\windows\SYSTEM32\DLLCACHE\atmfd.dll
+ 2009-03-08 08:32 . 2009-03-08 08:32 128512 c:\windows\SYSTEM32\DLLCACHE\advpack.dll
+ 2004-08-04 11:00 . 2009-03-08 08:32 128512 c:\windows\SYSTEM32\advpack.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 22:47 . 2008-07-29 22:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 22:47 . 2008-07-29 22:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-30 03:15 . 2008-07-30 03:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-30 03:40 . 2008-07-30 03:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-30 00:35 . 2008-07-30 00:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2010-03-31 04:16 . 2010-03-31 04:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2010-04-08 03:48 . 2010-04-08 03:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2010-04-08 03:48 . 2010-04-08 03:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2010-09-22 13:43 . 2010-09-22 13:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2010-02-09 16:22 . 2010-02-09 16:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2005-09-23 11:29 . 2005-09-23 11:29 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 11:29 . 2005-09-23 11:29 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2010-03-31 18:51 . 2010-03-31 18:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 06:25 . 2010-09-23 06:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-03-31 18:49 . 2010-03-31 18:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2010-03-31 19:32 . 2010-03-31 19:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-09-23 07:17 . 2010-09-23 07:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-09-24 01:02 . 2010-09-24 01:02 798208 c:\windows\Installer\62df89.msp
+ 2010-02-25 04:14 . 2010-02-25 04:14 543232 c:\windows\Installer\62df45.msp
+ 2009-03-20 15:48 . 2009-03-20 15:48 183808 c:\windows\Installer\62df21.msp
+ 2010-11-06 01:13 . 2010-11-06 01:13 968192 c:\windows\Installer\556d94.msi
+ 2008-12-13 13:58 . 2008-12-13 13:58 754688 c:\windows\Installer\1c34560.msp
+ 2010-11-05 07:10 . 2010-11-05 07:10 648192 c:\windows\Installer\1c3453a.msi
+ 2008-07-30 01:23 . 2008-07-30 01:23 250880 c:\windows\Installer\1c17e49.msp
+ 2008-07-30 01:28 . 2008-07-30 01:28 278016 c:\windows\Installer\1c17e47.msp
+ 2008-07-29 23:40 . 2008-07-29 23:40 291840 c:\windows\Installer\1c17e45.msp
+ 2010-11-05 07:08 . 2010-11-05 07:08 137728 c:\windows\Installer\1c17e3f.msi
+ 2008-07-29 21:35 . 2008-07-29 21:35 553472 c:\windows\Installer\1bbf041.msp
+ 2008-07-29 21:33 . 2008-07-29 21:33 506368 c:\windows\Installer\1bbf03f.msp
+ 2008-07-29 21:37 . 2008-07-29 21:37 911360 c:\windows\Installer\1bbf03e.msp
+ 2010-11-06 01:13 . 2010-11-06 01:13 101504 c:\windows\Installer\{D02EDDE7-B5C5-40A2-AF57-73A3278F4EEB}\egui.exe
+ 2010-11-05 23:29 . 2009-03-08 08:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-11-05 23:30 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-11-05 23:30 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-11-05 23:29 . 2009-03-08 08:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-11-05 23:29 . 2009-03-08 08:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-11-05 23:29 . 2009-03-08 08:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-11-05 23:30 . 2009-03-08 08:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-11-05 23:29 . 2009-03-08 08:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-11-05 23:30 . 2009-03-08 08:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-11-05 23:30 . 2009-03-08 18:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-11-05 23:30 . 2009-03-08 08:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-11-06 01:28 . 2009-03-08 08:33 420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2010-11-06 01:28 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2010-11-06 01:28 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2010-11-06 01:28 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-11-06 01:28 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-11-06 01:28 . 2009-06-22 06:44 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2010-11-06 01:27 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2010-11-06 01:27 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2010-11-06 01:27 . 2009-03-08 08:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2010-11-05 23:31 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB2362765-IE8\spuninst\updspapi.dll
+ 2010-11-05 23:31 . 2010-02-22 14:23 231288 c:\windows\ie8updates\KB2362765-IE8\spuninst\spuninst.exe
+ 2010-11-05 23:31 . 2010-05-06 10:41 916480 c:\windows\ie8updates\KB2360131-IE8\wininet.dll
+ 2010-11-05 23:31 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll
+ 2010-11-05 23:31 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe
+ 2010-11-05 23:31 . 2010-05-06 10:41 206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 599040 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 247808 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 743424 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll
+ 2010-11-05 23:31 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe
+ 2010-11-05 23:24 . 2010-09-09 14:16 667136 c:\windows\ie8\wininet.dll
+ 2010-11-05 23:24 . 2008-04-14 00:12 276480 c:\windows\ie8\webcheck.dll
+ 2010-11-05 23:24 . 2008-04-14 00:12 851968 c:\windows\ie8\vgx.dll
+ 2010-11-05 23:24 . 2010-03-09 11:09 430080 c:\windows\ie8\vbscript.dll
+ 2010-11-05 23:24 . 2010-09-09 14:16 627712 c:\windows\ie8\urlmon.dll
+ 2010-11-05 23:26 . 2009-01-07 22:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2010-11-05 23:26 . 2009-01-07 22:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2010-11-05 23:24 . 2008-04-14 00:12 532480 c:\windows\ie8\mstime.dll
+ 2010-11-05 23:24 . 2008-04-14 00:12 146432 c:\windows\ie8\msrating.dll
+ 2010-11-05 23:24 . 2004-08-04 11:00 146432 c:\windows\ie8\msls31.dll
+ 2010-11-05 23:24 . 2010-09-09 14:16 449024 c:\windows\ie8\mshtmled.dll
+ 2010-11-05 23:24 . 2009-08-13 15:16 512000 c:\windows\ie8\jscript.dll
+ 2010-11-05 23:24 . 2010-09-09 14:16 251904 c:\windows\ie8\iepeers.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 323584 c:\windows\ie8\iedkcs32.dll
+ 2010-11-05 23:24 . 2004-08-04 11:00 221184 c:\windows\ie8\ieakui.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 216576 c:\windows\ie8\ieaksie.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 143360 c:\windows\ie8\ieakeng.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 205312 c:\windows\ie8\dxtrans.dll
+ 2010-11-05 23:24 . 2008-04-14 00:11 357888 c:\windows\ie8\dxtmsft.dll

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 4:08 pm

more_horiz
+ 2010-11-05 07:07 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\I386\unires.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\I386\unidrvui.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\I386\unidrv.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\I386\mxdwdui.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\I386\mxdwdrv.dll
+ 2010-11-05 02:32 . 2010-11-05 02:32 835584 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_64be2538\System.Drawing.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 321536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-11-06 02:22 . 2010-11-06 02:22 240128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-11-06 02:22 . 2010-11-06 02:22 187904 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-11-06 02:22 . 2010-11-06 02:22 447488 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-11-06 02:31 . 2010-11-06 02:31 400896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-11-06 02:29 . 2010-11-06 02:29 129536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll
+ 2010-11-06 02:30 . 2010-11-06 02:30 202240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-11-06 02:30 . 2010-11-06 02:30 859648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll
+ 2010-11-06 02:30 . 2010-11-06 02:30 328704 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll
+ 2010-11-06 02:30 . 2010-11-06 02:30 301056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll
+ 2010-11-06 02:30 . 2010-11-06 02:30 547328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll
+ 2010-11-06 02:29 . 2010-11-06 02:29 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll
+ 2010-11-06 02:29 . 2010-11-06 02:29 627200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-11-06 02:29 . 2010-11-06 02:29 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 679936 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 311296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-11-06 02:29 . 2010-11-06 02:29 621056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 998400 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 330752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-11-06 02:23 . 2010-11-06 02:23 381440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 280064 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 627712 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-11-06 02:21 . 2010-11-06 02:21 208384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 881152 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 455680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 354816 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 939008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 756736 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 135680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 971264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 633856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 366080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-11-06 02:25 . 2010-11-06 02:25 256000 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 320512 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2010-11-06 02:16 . 2010-11-06 02:16 368128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-11-06 02:18 . 2010-11-06 02:18 258048 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-11-06 02:17 . 2010-11-06 02:17 224768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-11-06 02:18 . 2010-11-06 02:18 539648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 133632 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-11-06 02:25 . 2010-11-06 02:25 386560 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 144384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 175104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 839680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 222720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 220672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 410112 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-11-06 02:25 . 2010-11-06 02:25 842240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 385024 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 167936 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 139264 c:\windows\ASSEMBLY\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 507904 c:\windows\ASSEMBLY\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 540672 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 839680 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 835584 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 835584 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 335872 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2010-11-05 07:16 . 2010-11-05 07:16 139264 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2010-11-05 07:16 . 2010-11-05 07:16 229376 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 688128 c:\windows\ASSEMBLY\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 569344 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-11-06 01:37 . 2010-11-06 01:37 970752 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 303104 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 233472 c:\windows\ASSEMBLY\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 372736 c:\windows\ASSEMBLY\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 143360 c:\windows\ASSEMBLY\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2010-11-05 07:07 . 2010-11-05 07:07 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2010-11-06 01:37 . 2010-11-06 01:37 438272 c:\windows\ASSEMBLY\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 126976 c:\windows\ASSEMBLY\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 626688 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 401408 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 188416 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 188416 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 286720 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 970752 c:\windows\ASSEMBLY\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 745472 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-11-05 07:16 . 2010-11-05 07:16 442368 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2010-11-05 07:16 . 2010-11-05 07:16 294912 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 684032 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 229376 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 667648 c:\windows\ASSEMBLY\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 425984 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 163840 c:\windows\ASSEMBLY\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 110592 c:\windows\ASSEMBLY\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 110592 c:\windows\ASSEMBLY\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-11-06 01:37 . 2010-11-06 01:37 110592 c:\windows\ASSEMBLY\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 528384 c:\windows\ASSEMBLY\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 864256 c:\windows\ASSEMBLY\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 163840 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 397312 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 139264 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 196608 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 598016 c:\windows\ASSEMBLY\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 659456 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 372736 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 372736 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 110592 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-10-19 06:17 . 2010-10-19 06:17 110592 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-11-05 07:07 . 2010-11-05 07:07 397312 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 749568 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 655360 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 802816 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 733184 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 348160 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 106496 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 507904 c:\windows\ASSEMBLY\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 261632 c:\windows\ASSEMBLY\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 368640 c:\windows\ASSEMBLY\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 113664 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-19 06:16 . 2010-10-19 06:16 258048 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 258048 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 486400 c:\windows\ASSEMBLY\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-11-05 07:07 . 2010-11-05 07:07 163840 c:\windows\ASSEMBLY\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-11-05 02:35 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981322\update\updspapi.dll
+ 2010-11-05 02:35 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981322\update\update.exe
+ 2010-11-05 02:35 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981322\spuninst.exe
+ 2010-04-16 15:29 . 2010-04-16 15:29 406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
+ 2010-11-05 02:37 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll
+ 2010-11-05 02:37 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2347290\update\update.exe
+ 2010-11-05 02:37 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2347290\spuninst.exe
+ 2010-11-05 02:29 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2141007\update\updspapi.dll
+ 2010-11-05 02:29 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2141007\update\update.exe
+ 2010-11-05 02:29 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2141007\spuninst.exe
+ 2010-06-09 07:41 . 2010-06-09 07:41 692736 c:\windows\$hf_mig$\KB2141007\SP3QFE\inetcomm.dll
+ 2010-11-05 02:37 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2121546\update\updspapi.dll
+ 2010-11-05 02:37 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2121546\update\update.exe
+ 2010-11-05 02:37 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2121546\spuninst.exe
+ 2010-06-18 17:43 . 2010-06-18 17:43 293376 c:\windows\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
+ 2010-11-05 02:01 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2004-08-04 11:00 . 2010-09-10 05:58 1210880 c:\windows\SYSTEM32\urlmon.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\xpssvcs.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\xpssvcs.dll
+ 2010-11-05 07:07 . 2008-07-06 21:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\xpssvcs.dll
+ 2010-11-05 07:07 . 2008-07-06 21:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\xpssvcs.dll
+ 2010-11-05 07:07 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\XpsSvcs.dll
+ 2004-08-04 11:00 . 2010-09-09 14:16 1510400 c:\windows\SYSTEM32\shdocvw.dll
+ 2004-08-04 11:00 . 2010-07-16 12:05 1288192 c:\windows\SYSTEM32\ole32.dll
+ 2004-08-04 11:00 . 2010-09-10 05:58 5957120 c:\windows\SYSTEM32\mshtml.dll
+ 2008-03-20 22:06 . 2008-03-20 22:06 1480232 c:\windows\SYSTEM32\LegitCheckControl.dll
+ 2009-03-08 08:32 . 2010-09-10 05:58 1986560 c:\windows\SYSTEM32\iertutil.dll
+ 2009-02-07 01:07 . 2009-02-07 01:07 3698584 c:\windows\SYSTEM32\ieapfltr.dat
+ 2010-05-02 05:22 . 2010-08-31 13:42 1852800 c:\windows\SYSTEM32\DLLCACHE\win32k.sys
+ 2010-04-16 16:09 . 2010-09-10 05:58 1210880 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
+ 2010-04-16 16:09 . 2010-09-09 14:16 1510400 c:\windows\SYSTEM32\DLLCACHE\shdocvw.dll
+ 2010-07-16 12:05 . 2010-07-16 12:05 1288192 c:\windows\SYSTEM32\DLLCACHE\ole32.dll
+ 2010-04-16 16:09 . 2010-09-10 05:58 5957120 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
- 2010-04-16 16:09 . 2010-06-24 12:10 1025024 c:\windows\SYSTEM32\DLLCACHE\browseui.dll
+ 2010-04-16 16:09 . 2010-09-09 14:16 1025024 c:\windows\SYSTEM32\DLLCACHE\browseui.dll
+ 2009-11-07 05:06 . 2009-11-07 05:06 1130824 c:\windows\SYSTEM32\dfshim.dll
- 2004-08-04 11:00 . 2010-06-24 12:10 1025024 c:\windows\SYSTEM32\browseui.dll
+ 2004-08-04 11:00 . 2010-09-09 14:16 1025024 c:\windows\SYSTEM32\browseui.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 22:47 . 2008-07-29 22:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-05 23:35 . 2008-12-05 23:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 08:59 . 2008-11-25 08:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2010-09-22 13:44 . 2010-09-22 13:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 09:32 . 2010-03-23 09:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2010-04-01 15:42 . 2010-04-01 15:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-04-01 15:42 . 2010-04-01 15:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2010-03-31 18:50 . 2010-03-31 18:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-09-23 06:25 . 2010-09-23 06:25 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2010-04-01 15:42 . 2010-04-01 15:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-09-23 11:39 . 2010-09-23 11:39 4265472 c:\windows\Installer\62df81.msp
+ 2009-11-09 04:25 . 2009-11-09 04:25 1935360 c:\windows\Installer\62df5e.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 2607104 c:\windows\Installer\62df2e.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 4210688 c:\windows\Installer\62df2d.msp
+ 2008-12-13 13:57 . 2008-12-13 13:57 8397824 c:\windows\Installer\1c34549.msp
+ 2008-07-29 23:26 . 2008-07-29 23:26 1043456 c:\windows\Installer\1c17e48.msp
+ 2008-07-30 00:37 . 2008-07-30 00:37 2679808 c:\windows\Installer\1c17e46.msp
+ 2008-07-30 01:15 . 2008-07-30 01:15 3697664 c:\windows\Installer\1c17e44.msp
+ 2008-07-29 23:34 . 2008-07-29 23:34 1448448 c:\windows\Installer\1c17e43.msp
+ 2008-07-30 00:22 . 2008-07-30 00:22 4137984 c:\windows\Installer\1c17e42.msp
+ 2008-07-29 23:18 . 2008-07-29 23:18 3376640 c:\windows\Installer\1c17e41.msp
+ 2008-07-29 21:45 . 2008-07-29 21:45 2543616 c:\windows\Installer\1bbf045.msp
+ 2008-07-29 21:29 . 2008-07-29 21:29 2926080 c:\windows\Installer\1bbf044.msp
+ 2008-07-29 21:41 . 2008-07-29 21:41 6487040 c:\windows\Installer\1bbf043.msp
+ 2008-07-29 21:39 . 2008-07-29 21:39 3403264 c:\windows\Installer\1bbf042.msp
+ 2008-07-29 21:43 . 2008-07-29 21:43 1013248 c:\windows\Installer\1bbf040.msp
+ 2008-07-29 21:31 . 2008-07-29 21:31 6083072 c:\windows\Installer\1bbf03d.msp
+ 2010-11-05 23:29 . 2009-03-08 08:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2010-11-05 23:29 . 2009-03-08 08:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2010-11-05 23:29 . 2009-03-08 08:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 1209344 c:\windows\ie8updates\KB2360131-IE8\urlmon.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 5950976 c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 1985536 c:\windows\ie8updates\KB2360131-IE8\iertutil.dll
+ 2010-11-05 23:24 . 2010-09-09 14:16 3073536 c:\windows\ie8\mshtml.dll
+ 2010-11-05 02:31 . 2010-11-05 02:31 1966080 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_06de6ea9\System.dll
+ 2010-11-05 02:31 . 2010-11-05 02:31 2088960 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_904320b8\System.Xml.dll
+ 2010-11-05 02:31 . 2010-11-05 02:31 3018752 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_9d431eda\System.Windows.Forms.dll
+ 2010-11-05 02:31 . 2010-11-05 02:31 1470464 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_048482cc\System.Design.dll
+ 2010-11-05 02:32 . 2010-11-05 02:32 3391488 c:\windows\ASSEMBLY\NativeImages1_v1.1.4322\MSCORLIB\1.0.5000.0__b77a5c561934e089_32738045\mscorlib.dll
+ 2010-11-06 02:07 . 2010-11-06 02:07 3325440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-11-06 02:22 . 2010-11-06 02:22 1049600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-11-06 02:05 . 2010-11-06 02:05 7676928 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Temp\ZAP142E.tmp\System.dll
+ 2010-11-06 02:06 . 2010-11-06 02:06 7949824 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-11-06 02:22 . 2010-11-06 02:22 5450752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-11-06 02:31 . 2010-11-06 02:31 1356288 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll
+ 2010-11-06 02:31 . 2010-11-06 02:31 1908224 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll
+ 2010-11-06 02:31 . 2010-11-06 02:31 4514304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll
+ 2010-11-06 02:30 . 2010-11-06 02:30 2992640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll
+ 2010-11-06 02:30 . 2010-11-06 02:30 1840640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll
+ 2010-11-06 02:30 . 2010-11-06 02:30 2209280 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Mobile\4200f716e9a41cb91d17516ba864e586\System.Web.Mobile.ni.dll
+ 2010-11-06 02:29 . 2010-11-06 02:29 2405376 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll
+ 2010-11-06 02:21 . 2010-11-06 02:21 1917952 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll
+ 2010-11-06 02:29 . 2010-11-06 02:29 1706496 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll
+ 2010-11-06 02:23 . 2010-11-06 02:23 2345472 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-11-06 02:21 . 2010-11-06 02:21 1035776 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-11-06 02:23 . 2010-11-06 02:23 1070080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll
+ 2010-11-06 02:20 . 2010-11-06 02:21 1587200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 1116672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 1801216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-11-06 02:20 . 2010-11-06 02:20 6616576 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 2510336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 1328128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll
+ 2010-11-06 02:20 . 2010-11-06 02:20 2516480 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-11-06 02:28 . 2010-11-06 02:28 9924096 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-11-06 02:19 . 2010-11-06 02:19 2295296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-11-06 02:19 . 2010-11-06 02:19 2128896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-11-06 02:19 . 2010-11-06 02:19 1657856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-11-06 02:06 . 2010-11-06 02:06 1451008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 1712128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 1093120 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-11-06 02:29 . 2010-11-06 02:29 2332160 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 1620992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-11-06 02:26 . 2010-11-06 02:26 1966080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 1888768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2010-11-06 01:52 . 2010-11-06 01:52 1249280 c:\windows\ASSEMBLY\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 3182592 c:\windows\ASSEMBLY\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 2048000 c:\windows\ASSEMBLY\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 1630208 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2010-11-05 07:08 . 2010-11-05 07:08 1138688 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 5025792 c:\windows\ASSEMBLY\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-11-06 02:05 . 2010-11-06 02:05 1277952 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-11-06 01:37 . 2010-11-06 01:37 5967872 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 5062656 c:\windows\ASSEMBLY\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-11-05 07:09 . 2010-11-05 07:09 2879488 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2010-11-06 01:52 . 2010-11-06 01:52 5279744 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 5242880 c:\windows\ASSEMBLY\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 2933248 c:\windows\ASSEMBLY\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-11-06 01:52 . 2010-11-06 01:52 4210688 c:\windows\ASSEMBLY\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-11-06 02:03 . 2010-11-06 02:03 4550656 c:\windows\ASSEMBLY\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-08-09 07:18 . 2010-08-09 07:18 1232896 c:\windows\ASSEMBLY\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-11-05 02:30 . 2010-11-05 02:30 1232896 c:\windows\ASSEMBLY\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-11-05 02:30 . 2010-11-05 02:30 1265664 c:\windows\ASSEMBLY\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-08-09 07:18 . 2010-08-09 07:18 1265664 c:\windows\ASSEMBLY\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2004-08-04 11:00 . 2010-08-26 03:36 10841088 c:\windows\SYSTEM32\wmp.dll
+ 2010-08-09 23:50 . 2010-10-07 14:46 35385288 c:\windows\SYSTEM32\MRT.exe
+ 2009-03-08 08:39 . 2010-09-10 05:58 11080192 c:\windows\SYSTEM32\ieframe.dll
+ 2004-08-04 11:00 . 2010-08-26 03:36 10841088 c:\windows\SYSTEM32\DLLCACHE\wmp.dll
+ 2010-09-24 18:08 . 2010-09-24 18:08 11430400 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp
+ 2010-05-19 17:08 . 2010-05-19 17:08 11408896 c:\windows\Installer\62df76.msp
+ 2010-03-31 05:23 . 2010-03-31 05:23 15638528 c:\windows\Installer\62df6b.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 14599680 c:\windows\Installer\62df3d.msp
+ 2010-11-05 02:35 . 2010-11-05 02:35 20303872 c:\windows\Installer\21d5bf.msp
+ 2010-09-24 11:08 . 2010-09-24 11:08 17518080 c:\windows\Installer\21d5b5.msp
+ 2008-12-13 14:21 . 2008-12-13 14:21 10473472 c:\windows\Installer\1c34554.msp
+ 2010-11-05 23:30 . 2009-03-08 08:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2010-11-05 23:31 . 2010-05-06 10:41 11076096 c:\windows\ie8updates\KB2360131-IE8\ieframe.dll
+ 2010-11-05 07:12 . 2010-11-05 07:12 11072000 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Temp\ZAP18E.tmp\mscorlib.dll
+ 2010-11-06 01:42 . 2010-11-06 01:42 12216320 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Temp\ZAP1082.tmp\PresentationCore.dll
+ 2010-11-06 02:21 . 2010-11-06 02:21 12430848 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-11-06 02:29 . 2010-11-06 02:29 11800576 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll
+ 2010-11-06 02:25 . 2010-11-06 02:25 17403904 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll
+ 2010-11-06 02:20 . 2010-11-06 02:20 10683392 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Design\fdc42078fd10e4dc8b05087900c63977\System.Design.ni.dll
+ 2010-11-06 02:16 . 2010-11-06 02:16 14328320 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2010-11-06 02:11 . 2010-11-06 02:11 12215808 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
+ 2010-11-06 02:01 . 2010-11-06 02:01 11490816 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
.
-- Snapshot reset to current date --

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 4:09 pm

more_horiz
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-09-03 328568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2003-10-02 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2003-10-02 118784]
"OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576]
"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"Recordpad"="c:\program files\NCH Swift Sound\Recordpad\recordpad.exe" [2010-10-19 913412]
"=="="c:\windows\spoolsv.exe" [BU]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]

c:\documents and settings\Mikey\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-9-28 3450608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="%windir%\XP ARENA.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=

R0 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [9/27/2010 7:21 PM 691696]
R1 ehdrv;ehdrv;c:\windows\SYSTEM32\DRIVERS\ehdrv.sys [7/29/2010 1:31 PM 115008]
R1 epfwtdir;epfwtdir;c:\windows\SYSTEM32\DRIVERS\epfwtdir.sys [8/3/2010 1:28 PM 95896]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [8/12/2010 2:16 PM 810144]
.
Contents of the 'Scheduled Tasks' folder

2010-10-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008Core.job
- c:\documents and settings\Mikey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-23 21:15]

2010-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008UA.job
- c:\documents and settings\Mikey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-23 21:15]

2010-10-22 c:\windows\Tasks\switchShakeIcon.job
- c:\program files\NCH Swift Sound\Switch\switch.exe [2010-10-19 17:37]

2010-10-25 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2010-10-19 17:38]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: &AIM Search - c:\program files\AIM Toolbar\AIMBar.dll/aimsearch.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\documents and settings\Jules\Application Data\Mozilla\Firefox\Profiles\06yof9ee.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://search.fast-find.net/?sid=10101067100&s=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\Jules\Application Data\Mozilla\Firefox\Profiles\06yof9ee.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Jules\Application Data\Mozilla\Firefox\Profiles\06yof9ee.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: c:\documents and settings\Jules\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Java\j2re1.4.2_03\bin\NPJPI142_03.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - Google
FF - user.js: browser.search.order.1 - Google
FF - user.js: keyword.URL - hxxp://search.fast-find.net/?sid=10101067100&s=c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-06 11:52
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/ /////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/ MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/ mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/ /5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAADIADwA AAj/AP8JHEiwoMGDCBMqXMiwocJUqfw4XJhqosWLGDP+k0iQmsaPHv1U/HgQIsSEHi+OFJiyoMeX A0UOXHmwJct/EG2SbEhzp8+IPVGWNKnTJ06DRQma5CgwKMKU1FYmNWqQadKpVP+1TBmR49aTSoGK dIpxa8yBL5121Rn1ZketaKNCheuWLlysFslmJQm0actU1KgxVSp371GDK/tq1am3IGCFV/cOFmq4 oEy0dMX6uby4LdKoYO3itSvQaszNHAEXHdnStFanXGEqvWt0cuW8g0FXrCjSdueSOHOORhg04sbf dQ87RvsYc9iaUqm6FirbqM7eEH1vNO4ScPPFcU1S/89882/o1UhLqxbN3DRUswRFDgcOMqvJk9kX jnUsN7Be78NNFhhXxJHlHUqCfedSQqFRRtx8lUXV24CtbTcaao5VVJhzYXlG22EHVlhXdDOFSCGF 3HHY3HVBQRhffSqNpaGCaQUWHFmtGQfVY/1R5GFwNsZn3GQ9+QfagMU1xlZT2j2lUJMNwYRVdjQ1 uJVVSEq05E29zeThgW+FBZhE2KEG1EkD+nGieFVl1qRHGqK1GY+kadQYSGcidud0cOqoH5tBsjTg ZzuC1tma96npnVhnLqUYSjTNCeVHdzr41oZ3AXrWi0vmqKWN8OGEYVtSIumZpG0RteJxqlYqanBm yv8IJmry1VTna9g9eRtieHE2qWU0DUrhTGN92Vaux/kFqnjMuhqcck/R+iqMjJbp1UJbcvhVnHit dau2TBo4rGBzgtYlnEeSmtl9bC54HVy+ocuUfIFGZieV2DWY0Y8T1ZqRcKAGCt6EbKU5KEvfFSZX Yw0GtVmoLvIl0hRTDNYVdkFOBegUKExRXXkCcTyFqDIlpVrAIfkZJL7MnbwSU4vepCDMwsXU4mMY auhfersmmwrFU+jrmGuYDgT0t30CPZJEJ59oq8wjUVkwymmBibDAm3ZkdVVNc+WsRfZqxZHSKU8H sqHV+SGyWbSq+Q/QRm6m7IJhMvmwzMN+lh2pSJb/KKXDu1nt9MCs0RZ2baVRzFhONfFbUMUjq9cU TUcPjdlw1AAto+Nerriwwn+ruVqwRn4XZ4rQfb6edY9RjEJRaZ1L45U/d+yem5qjbmFcIV3LEtC2 v9ZTu2epZma7glUMYMkHIwWgqqqXDjnFCjJ0oVZwe/gevPpKqFjlT6tNMfdlgnVm3i+J70fHL+vG oGfH6ihXxZspb6NwAB4ZOICNi0o/avSbj1mkJLaoBM8v3lkfZ8rmLSnB7UmZGx+oaFO+fPUocx1z Xe+W1iLdRC87D1MfCF9iqur0KVm6YU3vAggnESLuZ0FbDfVwQjV2PW58ugJfjoQ0uIgERnxBk5HS /1Rzn4V172or9FXQXDLB5vnmeWpzG2LU9rUnwTA6EclgvYa1PB9iMHKh0tIDaZisQz3PiBAZolyA eEBYRY1QJIzI/5hSsSXxT1B5E00Up0TFuuFGbV+J4AzTIyy4pFFxLhORFlmzm+hNziWaQ9eAOCZC KlGpPFjLDg63U7/qiYqEsxHUXfb4LbuVxTIiu5FWMihBcnEpYRQCniw7xkpWbi9OT2nUF7m1GKBx jE6v4WSePEUxf3nkaBXyZPoKiT1ACuw6S4yYYyC3FV8ukUtkKuZcfmdN1/lyfb4sIXIyxCYg1jFI Imxi1lSEnzoiDCfUy1cp13kaj13qmZHTyDG1yf/NirURJt/sSEpENhZJ0UqOm1TRjYhXP5HRsp3U m2B5qjcjOqoNM0DkTeB8xx+k9JFDmMTaRSQ0yLdR74pvqV1JC4KC9W3kYWm6ETIhY5P+CNKcxQSi 1mxComehhXrK02QI3ymqFjVFoHN6GhzzMhINbsR12bymIUXmMVeWh6CH2siJsOqkj/30pDB0qOIK NqbuaGmU7lQf/WYkUrm1SSmArIvCQOqQrUWxoRVLXD6bojlRli97lrkhChYKGebcdHJh1aZNV8dY H0LyMpljWrA8ORNo5SavSKEfpZySQZNiVpDVzGCVyPUw8BnNIMj0z6NqYs7X4SebKHjdt8aUwt3/ 2AWGxJIqDQvFs5dCy1uX+5kzwTaV6fXVaPE85AxRtTN4JvSogmViCiXqWX4qRWnzPIp4TuQfKnJF cXQVFMM48zYpcqh+v2KPW0oLvMu2lCXgXOvzzhdWGaGmiWM0XJoAJci10YUaWgxVZf2UKf9oUz5g xaW76oXRrsDTbWwT7q8IGB+3JRbCvcyrYES7ukcSBG4wVVQRRUthvUkxeeA1GhWFZp7eojdoL4Pp Ypt3NfqQbE7s4o1bu8pai0VSNIrbDC1rihnGva1jp2Grah6Ila2YimSBMa49D8OijxUOezGMWsd2 BrszbjdT9r3rbT96EfLqdcrxiWd+H1IRai7t/5MAReTnRIq1YeHUYgrmDd3WJbzFyJGybF5UfuAq X7Fh1lKnPYg2l7bGYpL4Q4abSSoPlbKBbrlx+eMcCbupYJkMac8pe5BmsWJfsSDMtnosZleUtxd3 9oivvqxiyCQoSmKFNbwg87M4YR3FkqSGQbAh1R7vl2NTQ+rK8G2bbmGE40fuk2zzJCFjeFrTHdet w5DJCUJFZ6PLnJVr0AERevFVLpWoE2EYsg54ygjdjDZZpHoSKLDilRw/Svd+6pIcXJ2nutOtFY8V PmhRRCfriXTrLRKBqpNpDGmTFY6Z24lLckYjG+3x7odk4qCsVichg06sbdJySGrO4y7JlKSYuf+m FulI49h6n/LV5MyT8SZU6nSru0jSBFso3RLZbPWW4j71Cybvaz1c47JaRTyjBa+9k6S4J9+7ipfo euZnrZHGqhiZUKJ+NmjDKsqmpZM4oieCI85Jp26xwTWPIea3GtdFbq0BuaMYdzCROoqAOhuUl5N+ uZIjZFLYPju2Cl6WQPmwgjguNoroxEthjUvehHS5smAucmzBmy+S51R2/8vdzuPbSJ733p4+lCAz Nbd/1IF60UtsdZ6Y/ZR1bUhvDjp7ouHl8gWy2X52lHmvUqaQvjd4FQG9r75b5uMgt7mApQuuhduK K7W/FIvVzp6/6PeZUQrsz53zejzFqqdKtZ6ONOHNsgcVFkZUxwjxI2RUE/bd/ct3f2kk1XBVwqb5 kCYO9SOErfR/JvxjV3jQxStHJ0DF53/pdzh+12cph3ZzAXSk5kloclv5h2ths029VXSRB3sIuBwd iBi1VjR7dhuE94EmWBoIKBv6YmQBmBU5d4IwKDR7wVMZknkdWIIwSHXo0TNelS0v2HQ52BABAQA7 == = c:\windows\spoolsv.exe
egui = "c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/
/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm
AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/
MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm
ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/
mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm
zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/
/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ
AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA
M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ
ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A
mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z
zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAADIADwA
AAj/AP8JHEiwoMGDCBMqXMiwocJUqfw4XJhqosWLGDP+k0iQmsaPHv1U/HgQIsSEHi+OFJiyoMeX
A0UOXHmwJct/EG2SbEhzp8+IPVGWNKnTJ06DRQma5CgwKMKU1FYmNWqQadKpVP+1TBmR49aTSoGK
dIpxa8yBL5121Rn1ZketaKNCheuWLlysFslmJQm0actU1KgxVSp371GDK/tq1am3IGCFV/cOFmq4
oEy0dMX6uby4LdKoYO3itSvQaszNHAEXHdnStFanXGEqvWt0cuW8g0FXrCjSdueSOHOORhg04sbf
dQ87RvsYc9iaUqm6FirbqM7eEH1vNO4ScPPFcU1S/89882/o1UhLqxbN3DRUswRFDgcOMqvJk9kX
jnUsN7Be78NNFhhXxJHlHUqCfedSQqFRRtx8lUXV24CtbTcaao5VVJhzYXlG22EHVlhXdDOFSCGF
3HHY3HVBQRhffSqNpaGCaQUWHFmtGQfVY/1R5GFwNsZn3GQ9+QfagMU1xlZT2j2lUJMNwYRVdjQ1
uJVVSEq05E29zeThgW+FBZhE2KEG1EkD+nGieFVl1qRHGqK1GY+kadQYSGcidud0cOqoH5tBsjTg
ZzuC1tma96npnVhnLqUYSjTNCeVHdzr41oZ3AXrWi0vmqKWN8OGEYVtSIumZpG0RteJxqlYqanBm
yv8IJmry1VTna9g9eRtieHE2qWU0DUrhTGN92Vaux/kFqnjMuhqcck/R+iqMjJbp1UJbcvhVnHit
dau2TBo4rGBzgtYlnEeSmtl9bC54HVy+ocuUfIFGZieV2DWY0Y8T1ZqRcKAGCt6EbKU5KEvfFSZX
Yw0GtVmoLvIl0hRTDNYVdkFOBegUKExRXXkCcTyFqDIlpVrAIfkZJL7MnbwSU4vepCDMwsXU4mMY
auhfersmmwrFU+jrmGuYDgT0t30CPZJEJ59oq8wjUVkwymmBibDAm3ZkdVVNc+WsRfZqxZHSKU8H
sqHV+SGyWbSq+Q/QRm6m7IJhMvmwzMN+lh2pSJb/KKXDu1nt9MCs0RZ2baVRzFhONfFbUMUjq9cU
TUcPjdlw1AAto+Nerriwwn+ruVqwRn4XZ4rQfb6edY9RjEJRaZ1L45U/d+yem5qjbmFcIV3LEtC2
v9ZTu2epZma7glUMYMkHIwWgqqqXDjnFCjJ0oVZwe/gevPpKqFjlT6tNMfdlgnVm3i+J70fHL+vG
oGfH6ihXxZspb6NwAB4ZOICNi0o/avSbj1mkJLaoBM8v3lkfZ8rmLSnB7UmZGx+oaFO+fPUocx1z
Xe+W1iLdRC87D1MfCF9iqur0KVm6YU3vAggnESLuZ0FbDfVwQjV2PW58ugJfjoQ0uIgERnxBk5HS
/1Rzn4V172or9FXQXDLB5vnmeWpzG2LU9rUnwTA6EclgvYa1PB9iMHKh0tIDaZisQz3PiBAZolyA
eEBYRY1QJIzI/5hSsSXxT1B5E00Up0TFuuFGbV+J4AzTIyy4pFFxLhORFlmzm+hNziWaQ9eAOCZC
KlGpPFjLDg63U7/qiYqEsxHUXfb4LbuVxTIiu5FWMihBcnEpYRQCniw7xkpWbi9OT2nUF7m1GKBx
jE6v4WSePEUxf3nkaBXyZPoKiT1ACuw6S4yYYyC3FV8ukUtkKuZcfmdN1/lyfb4sIXIyxCYg1jFI
Imxi1lSEnzoiDCfUy1cp13kaj13qmZHTyDG1yf/NirURJt/sSEpENhZJ0UqOm1TRjYhXP5HRsp3U
m2B5qjcjOqoNM0DkTeB8xx+k9JFDmMTaRSQ0yLdR74pvqV1JC4KC9W3kYWm6ETIhY5P+CNKcxQSi
1mxComehhXrK02QI3ymqFjVFoHN6GhzzMhINbsR12bymIUXmMVeWh6CH2siJsOqkj/30pDB0qOIK
NqbuaGmU7lQf/WYkUrm1SSmArIvCQOqQrUWxoRVLXD6bojlRli97lrkhChYKGebcdHJh1aZNV8dY
H0LyMpljWrA8ORNo5SavSKEfpZySQZNiVpDVzGCVyPUw8BnNIMj0z6NqYs7X4SebKHjdt8aUwt3/
2AWGxJIqDQvFs5dCy1uX+5kzwTaV6fXVaPE85AxRtTN4JvSogmViCiXqWX4qRWnzPIp4TuQfKnJF
cXQVFMM48zYpcqh+v2KPW0oLvMu2lCXgXOvzzhdWGaGmiWM0XJoAJci10YUaWgxVZf2UKf9oUz5g
xaW76oXRrsDTbWwT7q8IGB+3JRbCvcyrYES7ukcSBG4wVVQRRUthvUkxeeA1GhWFZp7eojdoL4Pp
Ypt3NfqQbE7s4o1bu8pai0VSNIrbDC1rihnGva1jp2Grah6Ila2YimSBMa49D8OijxUOezGMWsd2
BrszbjdT9r3rbT96EfLqdcrxiWd+H1IRai7t/5MAReTnRIq1YeHUYgrmDd3WJbzFyJGybF5UfuAq
X7Fh1lKnPYg2l7bGYpL4Q4abSSoPlbKBbrlx+eMcCbupYJkMac8pe5BmsWJfsSDMtnosZleUtxd3
9oivvqxiyCQoSmKFNbwg87M4YR3FkqSGQbAh1R7vl2NTQ+rK8G2bbmGE40fuk2zzJCFjeFrTHdet
w5DJCUJFZ6PLnJVr0AERevFVLpWoE2EYsg54ygjdjDZZpHoSKLDilRw/Svd+6pIcXJ2nutOtFY8V
PmhRRCfriXTrLRKBqpNpDGmTFY6Z24lLckYjG+3x7odk4qCsVichg06sbdJySGrO4y7JlKSYuf+m
FulI49h6n/LV5MyT8SZU6nSru0jSBFso3RLZbPWW4j71Cybvaz1c47JaRTyjBa+9k6S4J9+7ipfo
euZnrZHGqhiZUKJ+NmjDKsqmpZM4oieCI85Jp26xwTWPIea3GtdFbq0BuaMYdzCROoqAOhuUl5N+
uZIjZFLYPju2Cl6WQPmwgjguNoroxEthjUvehHS5smAucmzBmy+S51R2/8vdzuPbSJ733p4+lCAz
Nbd/1IF60UtsdZ6Y/ZR1bUhvDjp7ouHl8gWy2X52lHmvUqaQvjd4FQG9r75b5uMgt7mApQuuhduK
K7W/FIvVzp6/6PeZUQrsz53zejzFqqdKtZ6ONOHNsgcVFkZUxwjxI2RUE/bd/ct3f2kk1XBVwqb5
kCYO9SOErfR/JvxjV3jQxStHJ0DF53/pdzh+12cph3ZzAXSk5kloclv5h2ths029VXSRB3sIuBwd
iBi1VjR7dhuE94EmWBoIKBv6YmQBmBU5d4IwKDR7wVMZknkdWIIwSHXo0TNelS0v2HQ52BABAQA7
=="="c:\\WINDOWS\\spoolsv.exe"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3584)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-11-06 11:58:15
ComboFix-quarantined-files.txt 2010-11-06 15:58
ComboFix2.txt 2010-11-05 02:28

Pre-Run: 11,493,343,232 bytes free
Post-Run: 11,564,957,696 bytes free

- - End Of File - - 990AC07C1D284C95A74670226855F0CE

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!6th November 2010, 11:27 pm

more_horiz
Hi,

Re-running ComboFix to remove infections:

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:

    File::
    c:\windows\spoolsv.exe

    Registry::
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "=="=-
    "MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/
    /////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm
    AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/
    MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm
    ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/
    mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm
    zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/
    /5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ
    AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA
    M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ
    ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A
    mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z
    zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAADIADwA
    AAj/AP8JHEiwoMGDCBMqXMiwocJUqfw4XJhqosWLGDP+k0iQmsaPHv1U/HgQIsSEHi+OFJiyoMeX
    A0UOXHmwJct/EG2SbEhzp8+IPVGWNKnTJ06DRQma5CgwKMKU1FYmNWqQadKpVP+1TBmR49aTSoGK
    dIpxa8yBL5121Rn1ZketaKNCheuWLlysFslmJQm0actU1KgxVSp371GDK/tq1am3IGCFV/cOFmq4
    oEy0dMX6uby4LdKoYO3itSvQaszNHAEXHdnStFanXGEqvWt0cuW8g0FXrCjSdueSOHOORhg04sbf
    dQ87RvsYc9iaUqm6FirbqM7eEH1vNO4ScPPFcU1S/89882/o1UhLqxbN3DRUswRFDgcOMqvJk9kX
    jnUsN7Be78NNFhhXxJHlHUqCfedSQqFRRtx8lUXV24CtbTcaao5VVJhzYXlG22EHVlhXdDOFSCGF
    3HHY3HVBQRhffSqNpaGCaQUWHFmtGQfVY/1R5GFwNsZn3GQ9+QfagMU1xlZT2j2lUJMNwYRVdjQ1
    uJVVSEq05E29zeThgW+FBZhE2KEG1EkD+nGieFVl1qRHGqK1GY+kadQYSGcidud0cOqoH5tBsjTg
    ZzuC1tma96npnVhnLqUYSjTNCeVHdzr41oZ3AXrWi0vmqKWN8OGEYVtSIumZpG0RteJxqlYqanBm
    yv8IJmry1VTna9g9eRtieHE2qWU0DUrhTGN92Vaux/kFqnjMuhqcck/R+iqMjJbp1UJbcvhVnHit
    dau2TBo4rGBzgtYlnEeSmtl9bC54HVy+ocuUfIFGZieV2DWY0Y8T1ZqRcKAGCt6EbKU5KEvfFSZX
    Yw0GtVmoLvIl0hRTDNYVdkFOBegUKExRXXkCcTyFqDIlpVrAIfkZJL7MnbwSU4vepCDMwsXU4mMY
    auhfersmmwrFU+jrmGuYDgT0t30CPZJEJ59oq8wjUVkwymmBibDAm3ZkdVVNc+WsRfZqxZHSKU8H
    sqHV+SGyWbSq+Q/QRm6m7IJhMvmwzMN+lh2pSJb/KKXDu1nt9MCs0RZ2baVRzFhONfFbUMUjq9cU
    TUcPjdlw1AAto+Nerriwwn+ruVqwRn4XZ4rQfb6edY9RjEJRaZ1L45U/d+yem5qjbmFcIV3LEtC2
    v9ZTu2epZma7glUMYMkHIwWgqqqXDjnFCjJ0oVZwe/gevPpKqFjlT6tNMfdlgnVm3i+J70fHL+vG
    oGfH6ihXxZspb6NwAB4ZOICNi0o/avSbj1mkJLaoBM8v3lkfZ8rmLSnB7UmZGx+oaFO+fPUocx1z
    Xe+W1iLdRC87D1MfCF9iqur0KVm6YU3vAggnESLuZ0FbDfVwQjV2PW58ugJfjoQ0uIgERnxBk5HS
    /1Rzn4V172or9FXQXDLB5vnmeWpzG2LU9rUnwTA6EclgvYa1PB9iMHKh0tIDaZisQz3PiBAZolyA
    eEBYRY1QJIzI/5hSsSXxT1B5E00Up0TFuuFGbV+J4AzTIyy4pFFxLhORFlmzm+hNziWaQ9eAOCZC
    KlGpPFjLDg63U7/qiYqEsxHUXfb4LbuVxTIiu5FWMihBcnEpYRQCniw7xkpWbi9OT2nUF7m1GKBx
    jE6v4WSePEUxf3nkaBXyZPoKiT1ACuw6S4yYYyC3FV8ukUtkKuZcfmdN1/lyfb4sIXIyxCYg1jFI
    Imxi1lSEnzoiDCfUy1cp13kaj13qmZHTyDG1yf/NirURJt/sSEpENhZJ0UqOm1TRjYhXP5HRsp3U
    m2B5qjcjOqoNM0DkTeB8xx+k9JFDmMTaRSQ0yLdR74pvqV1JC4KC9W3kYWm6ETIhY5P+CNKcxQSi
    1mxComehhXrK02QI3ymqFjVFoHN6GhzzMhINbsR12bymIUXmMVeWh6CH2siJsOqkj/30pDB0qOIK
    NqbuaGmU7lQf/WYkUrm1SSmArIvCQOqQrUWxoRVLXD6bojlRli97lrkhChYKGebcdHJh1aZNV8dY
    H0LyMpljWrA8ORNo5SavSKEfpZySQZNiVpDVzGCVyPUw8BnNIMj0z6NqYs7X4SebKHjdt8aUwt3/
    2AWGxJIqDQvFs5dCy1uX+5kzwTaV6fXVaPE85AxRtTN4JvSogmViCiXqWX4qRWnzPIp4TuQfKnJF
    cXQVFMM48zYpcqh+v2KPW0oLvMu2lCXgXOvzzhdWGaGmiWM0XJoAJci10YUaWgxVZf2UKf9oUz5g
    xaW76oXRrsDTbWwT7q8IGB+3JRbCvcyrYES7ukcSBG4wVVQRRUthvUkxeeA1GhWFZp7eojdoL4Pp
    Ypt3NfqQbE7s4o1bu8pai0VSNIrbDC1rihnGva1jp2Grah6Ila2YimSBMa49D8OijxUOezGMWsd2
    BrszbjdT9r3rbT96EfLqdcrxiWd+H1IRai7t/5MAReTnRIq1YeHUYgrmDd3WJbzFyJGybF5UfuAq
    X7Fh1lKnPYg2l7bGYpL4Q4abSSoPlbKBbrlx+eMcCbupYJkMac8pe5BmsWJfsSDMtnosZleUtxd3
    9oivvqxiyCQoSmKFNbwg87M4YR3FkqSGQbAh1R7vl2NTQ+rK8G2bbmGE40fuk2zzJCFjeFrTHdet
    w5DJCUJFZ6PLnJVr0AERevFVLpWoE2EYsg54ygjdjDZZpHoSKLDilRw/Svd+6pIcXJ2nutOtFY8V
    PmhRRCfriXTrLRKBqpNpDGmTFY6Z24lLckYjG+3x7odk4qCsVichg06sbdJySGrO4y7JlKSYuf+m
    FulI49h6n/LV5MyT8SZU6nSru0jSBFso3RLZbPWW4j71Cybvaz1c47JaRTyjBa+9k6S4J9+7ipfo
    euZnrZHGqhiZUKJ+NmjDKsqmpZM4oieCI85Jp26xwTWPIea3GtdFbq0BuaMYdzCROoqAOhuUl5N+
    uZIjZFLYPju2Cl6WQPmwgjguNoroxEthjUvehHS5smAucmzBmy+S51R2/8vdzuPbSJ733p4+lCAz
    Nbd/1IF60UtsdZ6Y/ZR1bUhvDjp7ouHl8gWy2X52lHmvUqaQvjd4FQG9r75b5uMgt7mApQuuhduK
    K7W/FIvVzp6/6PeZUQrsz53zejzFqqdKtZ6ONOHNsgcVFkZUxwjxI2RUE/bd/ct3f2kk1XBVwqb5
    kCYO9SOErfR/JvxjV3jQxStHJ0DF53/pdzh+12cph3ZzAXSk5kloclv5h2ths029VXSRB3sIuBwd
    iBi1VjR7dhuE94EmWBoIKBv6YmQBmBU5d4IwKDR7wVMZknkdWIIwSHXo0TNelS0v2HQ52BABAQA7
    =="=-
  4. Save this as CFScript.txt, in the same location as ComboFix.exe

    Serious Help Needed in regards to Think Point Virus Removal! Cfscriptb4

  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!7th November 2010, 7:13 pm

more_horiz
ComboFix 10-11-07.05 - Jules 11/07/2010 13:55:31.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.254.114 [GMT -5:00]
Running from: c:\documents and settings\Jules\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\Jules\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

FILE ::
"c:\windows\spoolsv.exe"
.

((((((((((((((((((((((((( Files Created from 2010-10-07 to 2010-11-07 )))))))))))))))))))))))))))))))
.

2010-11-06 01:12 . 2010-11-06 01:12 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-11-06 00:02 . 2010-11-06 01:12 -------- d-----w- c:\program files\ESET
2010-11-05 23:48 . 2010-11-05 23:48 -------- d-sh--w- c:\documents and settings\Jules\PrivacIE
2010-11-05 23:39 . 2010-11-05 23:39 -------- d-sh--w- c:\documents and settings\Jules\IETldCache
2010-11-05 23:24 . 2010-11-05 23:29 -------- dc-h--w- c:\windows\ie8
2010-11-05 23:17 . 2010-08-26 11:08 13312 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-11-05 23:17 . 2010-09-10 05:58 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-11-05 23:17 . 2010-09-10 05:58 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-11-05 23:17 . 2010-09-10 05:58 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-11-05 23:17 . 2010-09-10 05:58 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-11-05 23:17 . 2010-09-10 05:58 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-11-05 23:17 . 2010-09-10 05:58 1986560 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-11-05 23:17 . 2010-09-10 05:58 11080192 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-11-05 16:49 . 2010-11-05 16:49 -------- d-----w- c:\documents and settings\Jules\Application Data\Malwarebytes
2010-11-05 07:08 . 2010-11-05 07:08 -------- d-----w- c:\windows\system32\XPSViewer
2010-11-05 07:08 . 2010-11-05 07:08 -------- d-----w- c:\program files\MSBuild
2010-11-05 07:07 . 2010-11-05 07:07 -------- d-----w- c:\program files\Reference Assemblies
2010-11-05 07:07 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-11-05 07:07 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-11-05 07:07 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-11-05 07:07 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-11-05 07:07 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-11-05 07:07 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-11-05 07:07 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2010-11-05 07:07 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-11-05 07:07 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-11-05 02:01 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-11-05 01:58 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-11-05 01:58 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-11-05 01:44 . 2010-10-23 17:55 553984 ----a-r- C:\OTLPE.exe
2010-11-05 01:43 . 2010-11-05 01:43 -------- d-----w- C:\_OTL
2010-10-27 21:47 . 2009-08-06 23:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-10-27 21:47 . 2009-08-06 23:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-10-27 19:31 . 2010-10-27 19:31 -------- d-----w- c:\documents and settings\Mikey\Application Data\Malwarebytes
2010-10-27 19:31 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-27 19:31 . 2010-10-27 19:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-10-27 19:31 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-27 18:50 . 2010-10-27 18:50 -------- d-----w- c:\documents and settings\Jules\Application Data\Recordpad
2010-10-27 18:50 . 2010-10-27 18:50 -------- d-----w- c:\documents and settings\Jules\Application Data\NCH Swift Sound
2010-10-27 18:08 . 2010-11-05 02:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Update
2010-10-27 17:06 . 2010-10-27 18:30 -------- d-----w- c:\documents and settings\Mikey\Application Data\Gygan
2010-10-27 17:06 . 2010-10-27 17:06 -------- d-----w- c:\program files\Xenocode
2010-10-27 17:06 . 2010-10-27 17:06 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Xenocode
2010-10-27 03:31 . 2010-10-27 03:31 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2010-10-24 23:42 . 2010-10-24 23:42 -------- d-----w- c:\program files\Veetle
2010-10-24 04:38 . 2010-10-24 04:38 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Unity
2010-10-23 21:15 . 2010-10-23 21:16 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Temp
2010-10-23 21:15 . 2010-10-23 21:18 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Google
2010-10-23 21:08 . 2010-10-23 21:08 -------- d-s---w- c:\documents and settings\Mikey\UserData
2010-10-22 22:32 . 2010-10-22 22:32 -------- d-----w- c:\documents and settings\All Users\Application Data\GoldWave
2010-10-22 22:25 . 2010-10-22 22:25 -------- d-----w- c:\program files\GoldWave
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
2010-10-22 22:02 . 2010-10-22 22:02 143360 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
2010-10-22 22:01 . 2010-10-22 22:01 -------- d-----w- c:\program files\Common Files\Apple
2010-10-22 22:01 . 2010-10-22 22:02 -------- d-----w- c:\program files\QuickTime
2010-10-22 22:01 . 2010-10-22 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-10-22 22:00 . 2010-10-22 22:00 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Apple
2010-10-22 22:00 . 2010-10-22 22:00 -------- d-----w- c:\program files\Apple Software Update
2010-10-22 22:00 . 2010-10-22 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\Apple Computer
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\program files\Common Files\DigiDesign
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\program files\Steinberg
2010-10-22 21:59 . 2010-10-22 21:59 -------- d-----w- c:\program files\IK Multimedia
2010-10-22 21:58 . 2010-10-22 21:58 -------- d-----w- c:\documents and settings\Mikey\Application Data\InstallShield
2010-10-21 03:58 . 2010-10-21 03:58 -------- d-----w- c:\documents and settings\Mikey\Application Data\Recordpad
2010-10-21 03:33 . 2010-02-16 17:04 7034880 ----a-w- c:\windows\XP ARENA.EXE
2010-10-20 23:35 . 2010-10-22 19:53 -------- d-----w- c:\program files\War2Combat
2010-10-19 17:38 . 2010-10-19 17:38 -------- d-----w- c:\program files\NCH Software
2010-10-19 17:38 . 2010-10-22 21:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2010-10-19 17:37 . 2010-10-19 17:38 -------- d-----w- c:\program files\NCH Swift Sound
2010-10-19 17:37 . 2010-10-22 21:42 -------- d-----w- c:\documents and settings\Mikey\Application Data\NCH Swift Sound
2010-10-19 06:49 . 2010-10-19 06:49 -------- d-----w- c:\documents and settings\Mikey\Application Data\IObit
2010-10-19 06:49 . 2010-10-19 06:49 -------- d-----w- c:\program files\IObit
2010-10-19 06:14 . 2010-10-19 06:15 -------- d-----w- c:\documents and settings\Mikey\Local Settings\Application Data\FriendBlasterPro
2010-10-19 06:11 . 2005-10-11 17:25 241664 ----a-w- c:\windows\system32\MyFramePanel.ocx
2010-10-19 06:11 . 2004-03-09 00:30 609824 ----a-w- c:\windows\system32\ComCtl32.ocx
2010-10-19 06:11 . 2005-07-15 16:49 245760 ----a-w- c:\windows\system32\aUpdateNow.ocx
2010-10-19 06:11 . 2004-03-08 22:00 132880 ----a-w- c:\windows\system32\msinet.ocx
2010-10-19 06:11 . 2000-05-22 04:00 140488 ----a-w- c:\windows\system32\COMDLG32.OCX
2010-10-19 06:11 . 2004-03-08 22:00 1081616 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2010-10-19 06:11 . 2000-07-15 04:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2010-10-19 06:11 . 2010-10-19 06:18 -------- d-----w- c:\program files\FriendBlasterPro
2010-10-17 18:42 . 2010-10-17 18:42 -------- d-sh--w- c:\windows\ftpcache
2010-10-17 15:28 . 2010-10-28 11:28 -------- d-----w- c:\program files\Common Files\Sandlot Shared
2010-10-17 15:28 . 2010-10-17 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games
2010-10-15 10:12 . 2010-10-15 10:12 1409 ----a-w- c:\windows\QTFont.for
2010-10-14 09:18 . 2010-10-14 09:18 -------- d-----w- c:\program files\LucasArts
2010-10-14 00:23 . 2010-10-14 00:23 -------- d-----w- c:\program files\Infogrames
2010-10-14 00:13 . 2010-10-14 00:13 -------- d-----w- c:\program files\Infogrames Interactive
2010-10-14 00:08 . 2010-10-14 00:13 -------- d-----w- c:\program files\GameHouse Games Collection
2010-10-13 04:48 . 2010-10-13 04:54 -------- d-----w- c:\program files\Postal2
2010-10-13 04:38 . 2010-10-13 04:38 -------- d-----w- c:\program files\Core Design
2010-10-11 00:31 . 2010-10-11 00:31 -------- d-----w- c:\program files\Bethesda Softworks
2010-10-11 00:28 . 2001-09-05 10:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2010-10-11 00:28 . 2001-09-05 10:14 176128 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2010-10-11 00:28 . 2001-09-05 10:13 32768 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2010-10-11 00:28 . 2001-09-05 10:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2010-10-11 00:27 . 2001-09-05 10:24 610436 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-28 22:08 . 2010-09-28 22:08 74 ----a-w- C:\start.vbs
2010-09-27 23:21 . 2010-09-27 23:21 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-18 16:23 . 2004-08-04 11:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-04 11:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-04 11:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-04 11:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58 . 2004-08-04 11:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58 . 2004-08-04 11:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58 . 2004-08-04 11:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51 . 2004-08-04 11:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2004-08-04 11:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-04 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-04 11:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2004-08-04 11:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2010-08-08 07:19 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12 . 2004-08-04 11:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2004-08-04 11:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2004-08-04 11:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-08-12 18:29 . 2010-08-12 18:29 2772992 ----a-w- c:\windows\system32\GPhotos.scr
.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SYSTEM32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\BEEP.SYS

[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys

[-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\NULL.SYS

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\DRIVERS\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2005-03-14 . 6129E70F3D2F1E60860C930EBEAF92C2 . 359936 . . [5.1.2600.2631] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-03-14 . 0E66B538096A6529D1AC66E78EB0D5C8 . 359808 . . [5.1.2600.2631] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\browser.dll
[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\lsass.exe
[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\netman.dll
[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SYSTEM32\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SYSTEM32\bits\qmgr.dll
[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\DLLCACHE\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 01095FEBF33BEEA00C2A0730B9B3EC28 . 399360 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2009-02-09 . 24B5D53B9ACCC1E2EDCF0A878D6659D4 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-01-14 . 419899803CA479B73B02390318C787C0 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll
[-] 2005-01-14 . 94456045BEB4545B5EBE1DCC85951AFA . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-04 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll

[-] 2009-02-06 . 37561F8D4160D62DA86D24AE41FAE8DE . 110592 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\SYSTEM32\DLLCACHE\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-06 . 4712531AB7A01B7EE059853CA17D39BD . 110592 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\winlogon.exe
[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\cryptsvc.dll
[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\SYSTEM32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\SYSTEM32\DLLCACHE\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2004-08-04 11:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\imm32.dll
[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . B6ACAED7588295129791E0E6A2B0FADE . 986112 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\SYSTEM32\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\SYSTEM32\DLLCACHE\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 80202858D245FF07DAA1739C57A3E19B . 989184 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!7th November 2010, 7:13 pm

more_horiz

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\linkinfo.dll
[-] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\lpk.dll
[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\SYSTEM32\msvcrt.dll
[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\MSVCRT.DLL
[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\MSVCRT.DLL

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\SYSTEM32\DLLCACHE\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-04 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\netlogon.dll
[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\Driver Cache\I386\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
[-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . 97E2BF68857818A4D142B872404DC41B . 2186880 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . FACEBB0CA3154F77009CDFEE78A00BBB . 2180480 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-02-06 . 6A936E9D7BADAF3CAAEED1E1966EC1B0 . 2186112 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 4D4CF2C14550A4B7718E94A6E581856E . 2179328 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
[-] 2004-08-04 . CE218BC7088681FAA06633E218596CA7 . 2180992 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\SYSTEM32\powrprof.dll
[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\scecli.dll
[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\sfc.dll
[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\svchost.exe
[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\tapisrv.dll
[-] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\userinit.exe
[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ws2_32.dll
[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ws2help.dll
[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\eventlog.dll
[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\sfcfiles.dll
[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ctfmon.exe
[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\SYSTEM32\shsvcs.dll
[-] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\regsvc.dll
[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\schedsvc.dll
[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\ssdpsrv.dll
[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\termsrv.dll
[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2004-08-04 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\SYSTEM32\DRIVERS\ACPIEC.SYS

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SYSTEM32\DLLCACHE\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SYSTEM32\DRIVERS\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2004-08-04 04:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\DRIVERS\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\msgsvc.dll
[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll

[-] 2009-01-31 00:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\SYSTEM32\mspmsnsv.dll
[-] 2009-01-31 00:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\SYSTEM32\DLLCACHE\mspmsnsv.dll
[-] 2004-09-15 18:27 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-09-15 18:27 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-04 11:00 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\Driver Cache\I386\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
[-] 2010-02-17 . 1811AFC2FADB60B88947E3D08E250860 . 2063744 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-02-06 . 3006410E24772CC6953F0B5C01BEB35F . 2057728 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2009-02-06 . 9D832AF3FD1917DB0E1E8B2F000A2E3A . 2062976 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 81013F36B21C7F72CF784CC6731E0002 . 2056832 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
[-] 2004-08-04 . 947FB1D86D14AFCFFDB54BF837EC25D0 . 2056832 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe

[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\SYSTEM32\ntmssvc.dll
[-] 2004-08-04 11:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\upnphost.dll
[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\SYSTEM32\dsound.dll
[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SYSTEM32\d3d9.dll
[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\SYSTEM32\ddraw.dll
[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll

[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\olepro32.dll
[-] 2004-08-04 11:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\perfctrs.dll
[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\SYSTEM32\version.dll
[-] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-09-03 328568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2003-10-02 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2003-10-02 118784]
"OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576]
"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"Recordpad"="c:\program files\NCH Swift Sound\Recordpad\recordpad.exe" [2010-10-19 913412]
"=="="c:\windows\spoolsv.exe" [BU]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]

c:\documents and settings\Mikey\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-9-28 3450608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="%windir%\XP ARENA.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=

R0 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [9/27/2010 6:21 PM 691696]
R1 ehdrv;ehdrv;c:\windows\SYSTEM32\DRIVERS\ehdrv.sys [7/29/2010 12:31 PM 115008]
R1 epfwtdir;epfwtdir;c:\windows\SYSTEM32\DRIVERS\epfwtdir.sys [8/3/2010 12:28 PM 95896]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [8/12/2010 1:16 PM 810144]
.
Contents of the 'Scheduled Tasks' folder

2010-10-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008Core.job
- c:\documents and settings\Mikey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-23 21:15]

2010-11-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2069859330-2289683646-104145182-1008UA.job
- c:\documents and settings\Mikey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-23 21:15]

2010-10-22 c:\windows\Tasks\switchShakeIcon.job
- c:\program files\NCH Swift Sound\Switch\switch.exe [2010-10-19 17:37]

2010-10-25 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2010-10-19 17:38]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.facebook.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: &AIM Search - c:\program files\AIM Toolbar\AIMBar.dll/aimsearch.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\documents and settings\Jules\Application Data\Mozilla\Firefox\Profiles\06yof9ee.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://search.fast-find.net/?sid=10101067100&s=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\Jules\Application Data\Mozilla\Firefox\Profiles\06yof9ee.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Jules\Application Data\Mozilla\Firefox\Profiles\06yof9ee.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: c:\documents and settings\Jules\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Java\j2re1.4.2_03\bin\NPJPI142_03.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - Google
FF - user.js: browser.search.order.1 - Google
FF - user.js: keyword.URL - hxxp://search.fast-find.net/?sid=10101067100&s=c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-07 14:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/ /////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/ MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/ mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/ /5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAADIADwA AAj/AP8JHEiwoMGDCBMqXMiwocJUqfw4XJhqosWLGDP+k0iQmsaPHv1U/HgQIsSEHi+OFJiyoMeX A0UOXHmwJct/EG2SbEhzp8+IPVGWNKnTJ06DRQma5CgwKMKU1FYmNWqQadKpVP+1TBmR49aTSoGK dIpxa8yBL5121Rn1ZketaKNCheuWLlysFslmJQm0actU1KgxVSp371GDK/tq1am3IGCFV/cOFmq4 oEy0dMX6uby4LdKoYO3itSvQaszNHAEXHdnStFanXGEqvWt0cuW8g0FXrCjSdueSOHOORhg04sbf dQ87RvsYc9iaUqm6FirbqM7eEH1vNO4ScPPFcU1S/89882/o1UhLqxbN3DRUswRFDgcOMqvJk9kX jnUsN7Be78NNFhhXxJHlHUqCfedSQqFRRtx8lUXV24CtbTcaao5VVJhzYXlG22EHVlhXdDOFSCGF 3HHY3HVBQRhffSqNpaGCaQUWHFmtGQfVY/1R5GFwNsZn3GQ9+QfagMU1xlZT2j2lUJMNwYRVdjQ1 uJVVSEq05E29zeThgW+FBZhE2KEG1EkD+nGieFVl1qRHGqK1GY+kadQYSGcidud0cOqoH5tBsjTg ZzuC1tma96npnVhnLqUYSjTNCeVHdzr41oZ3AXrWi0vmqKWN8OGEYVtSIumZpG0RteJxqlYqanBm yv8IJmry1VTna9g9eRtieHE2qWU0DUrhTGN92Vaux/kFqnjMuhqcck/R+iqMjJbp1UJbcvhVnHit dau2TBo4rGBzgtYlnEeSmtl9bC54HVy+ocuUfIFGZieV2DWY0Y8T1ZqRcKAGCt6EbKU5KEvfFSZX Yw0GtVmoLvIl0hRTDNYVdkFOBegUKExRXXkCcTyFqDIlpVrAIfkZJL7MnbwSU4vepCDMwsXU4mMY auhfersmmwrFU+jrmGuYDgT0t30CPZJEJ59oq8wjUVkwymmBibDAm3ZkdVVNc+WsRfZqxZHSKU8H sqHV+SGyWbSq+Q/QRm6m7IJhMvmwzMN+lh2pSJb/KKXDu1nt9MCs0RZ2baVRzFhONfFbUMUjq9cU TUcPjdlw1AAto+Nerriwwn+ruVqwRn4XZ4rQfb6edY9RjEJRaZ1L45U/d+yem5qjbmFcIV3LEtC2 v9ZTu2epZma7glUMYMkHIwWgqqqXDjnFCjJ0oVZwe/gevPpKqFjlT6tNMfdlgnVm3i+J70fHL+vG oGfH6ihXxZspb6NwAB4ZOICNi0o/avSbj1mkJLaoBM8v3lkfZ8rmLSnB7UmZGx+oaFO+fPUocx1z Xe+W1iLdRC87D1MfCF9iqur0KVm6YU3vAggnESLuZ0FbDfVwQjV2PW58ugJfjoQ0uIgERnxBk5HS /1Rzn4V172or9FXQXDLB5vnmeWpzG2LU9rUnwTA6EclgvYa1PB9iMHKh0tIDaZisQz3PiBAZolyA eEBYRY1QJIzI/5hSsSXxT1B5E00Up0TFuuFGbV+J4AzTIyy4pFFxLhORFlmzm+hNziWaQ9eAOCZC KlGpPFjLDg63U7/qiYqEsxHUXfb4LbuVxTIiu5FWMihBcnEpYRQCniw7xkpWbi9OT2nUF7m1GKBx jE6v4WSePEUxf3nkaBXyZPoKiT1ACuw6S4yYYyC3FV8ukUtkKuZcfmdN1/lyfb4sIXIyxCYg1jFI Imxi1lSEnzoiDCfUy1cp13kaj13qmZHTyDG1yf/NirURJt/sSEpENhZJ0UqOm1TRjYhXP5HRsp3U m2B5qjcjOqoNM0DkTeB8xx+k9JFDmMTaRSQ0yLdR74pvqV1JC4KC9W3kYWm6ETIhY5P+CNKcxQSi 1mxComehhXrK02QI3ymqFjVFoHN6GhzzMhINbsR12bymIUXmMVeWh6CH2siJsOqkj/30pDB0qOIK NqbuaGmU7lQf/WYkUrm1SSmArIvCQOqQrUWxoRVLXD6bojlRli97lrkhChYKGebcdHJh1aZNV8dY H0LyMpljWrA8ORNo5SavSKEfpZySQZNiVpDVzGCVyPUw8BnNIMj0z6NqYs7X4SebKHjdt8aUwt3/ 2AWGxJIqDQvFs5dCy1uX+5kzwTaV6fXVaPE85AxRtTN4JvSogmViCiXqWX4qRWnzPIp4TuQfKnJF cXQVFMM48zYpcqh+v2KPW0oLvMu2lCXgXOvzzhdWGaGmiWM0XJoAJci10YUaWgxVZf2UKf9oUz5g xaW76oXRrsDTbWwT7q8IGB+3JRbCvcyrYES7ukcSBG4wVVQRRUthvUkxeeA1GhWFZp7eojdoL4Pp Ypt3NfqQbE7s4o1bu8pai0VSNIrbDC1rihnGva1jp2Grah6Ila2YimSBMa49D8OijxUOezGMWsd2 BrszbjdT9r3rbT96EfLqdcrxiWd+H1IRai7t/5MAReTnRIq1YeHUYgrmDd3WJbzFyJGybF5UfuAq X7Fh1lKnPYg2l7bGYpL4Q4abSSoPlbKBbrlx+eMcCbupYJkMac8pe5BmsWJfsSDMtnosZleUtxd3 9oivvqxiyCQoSmKFNbwg87M4YR3FkqSGQbAh1R7vl2NTQ+rK8G2bbmGE40fuk2zzJCFjeFrTHdet w5DJCUJFZ6PLnJVr0AERevFVLpWoE2EYsg54ygjdjDZZpHoSKLDilRw/Svd+6pIcXJ2nutOtFY8V PmhRRCfriXTrLRKBqpNpDGmTFY6Z24lLckYjG+3x7odk4qCsVichg06sbdJySGrO4y7JlKSYuf+m FulI49h6n/LV5MyT8SZU6nSru0jSBFso3RLZbPWW4j71Cybvaz1c47JaRTyjBa+9k6S4J9+7ipfo euZnrZHGqhiZUKJ+NmjDKsqmpZM4oieCI85Jp26xwTWPIea3GtdFbq0BuaMYdzCROoqAOhuUl5N+ uZIjZFLYPju2Cl6WQPmwgjguNoroxEthjUvehHS5smAucmzBmy+S51R2/8vdzuPbSJ733p4+lCAz Nbd/1IF60UtsdZ6Y/ZR1bUhvDjp7ouHl8gWy2X52lHmvUqaQvjd4FQG9r75b5uMgt7mApQuuhduK K7W/FIvVzp6/6PeZUQrsz53zejzFqqdKtZ6ONOHNsgcVFkZUxwjxI2RUE/bd/ct3f2kk1XBVwqb5 kCYO9SOErfR/JvxjV3jQxStHJ0DF53/pdzh+12cph3ZzAXSk5kloclv5h2ths029VXSRB3sIuBwd iBi1VjR7dhuE94EmWBoIKBv6YmQBmBU5d4IwKDR7wVMZknkdWIIwSHXo0TNelS0v2HQ52BABAQA7 == = c:\windows\spoolsv.exe
egui = "c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

scanning hidden files ...

scan completed successfully
hidden files: 0

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!7th November 2010, 7:14 pm

more_horiz

**************************************************************************

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MKeufdtop.info&p=R0lGODlhyAA8APcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/
/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm
AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/
MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm
ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/
mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm
zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/
/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ
AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA
M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ
ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A
mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z
zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAADIADwA
AAj/AP8JHEiwoMGDCBMqXMiwocJUqfw4XJhqosWLGDP+k0iQmsaPHv1U/HgQIsSEHi+OFJiyoMeX
A0UOXHmwJct/EG2SbEhzp8+IPVGWNKnTJ06DRQma5CgwKMKU1FYmNWqQadKpVP+1TBmR49aTSoGK
dIpxa8yBL5121Rn1ZketaKNCheuWLlysFslmJQm0actU1KgxVSp371GDK/tq1am3IGCFV/cOFmq4
oEy0dMX6uby4LdKoYO3itSvQaszNHAEXHdnStFanXGEqvWt0cuW8g0FXrCjSdueSOHOORhg04sbf
dQ87RvsYc9iaUqm6FirbqM7eEH1vNO4ScPPFcU1S/89882/o1UhLqxbN3DRUswRFDgcOMqvJk9kX
jnUsN7Be78NNFhhXxJHlHUqCfedSQqFRRtx8lUXV24CtbTcaao5VVJhzYXlG22EHVlhXdDOFSCGF
3HHY3HVBQRhffSqNpaGCaQUWHFmtGQfVY/1R5GFwNsZn3GQ9+QfagMU1xlZT2j2lUJMNwYRVdjQ1
uJVVSEq05E29zeThgW+FBZhE2KEG1EkD+nGieFVl1qRHGqK1GY+kadQYSGcidud0cOqoH5tBsjTg
ZzuC1tma96npnVhnLqUYSjTNCeVHdzr41oZ3AXrWi0vmqKWN8OGEYVtSIumZpG0RteJxqlYqanBm
yv8IJmry1VTna9g9eRtieHE2qWU0DUrhTGN92Vaux/kFqnjMuhqcck/R+iqMjJbp1UJbcvhVnHit
dau2TBo4rGBzgtYlnEeSmtl9bC54HVy+ocuUfIFGZieV2DWY0Y8T1ZqRcKAGCt6EbKU5KEvfFSZX
Yw0GtVmoLvIl0hRTDNYVdkFOBegUKExRXXkCcTyFqDIlpVrAIfkZJL7MnbwSU4vepCDMwsXU4mMY
auhfersmmwrFU+jrmGuYDgT0t30CPZJEJ59oq8wjUVkwymmBibDAm3ZkdVVNc+WsRfZqxZHSKU8H
sqHV+SGyWbSq+Q/QRm6m7IJhMvmwzMN+lh2pSJb/KKXDu1nt9MCs0RZ2baVRzFhONfFbUMUjq9cU
TUcPjdlw1AAto+Nerriwwn+ruVqwRn4XZ4rQfb6edY9RjEJRaZ1L45U/d+yem5qjbmFcIV3LEtC2
v9ZTu2epZma7glUMYMkHIwWgqqqXDjnFCjJ0oVZwe/gevPpKqFjlT6tNMfdlgnVm3i+J70fHL+vG
oGfH6ihXxZspb6NwAB4ZOICNi0o/avSbj1mkJLaoBM8v3lkfZ8rmLSnB7UmZGx+oaFO+fPUocx1z
Xe+W1iLdRC87D1MfCF9iqur0KVm6YU3vAggnESLuZ0FbDfVwQjV2PW58ugJfjoQ0uIgERnxBk5HS
/1Rzn4V172or9FXQXDLB5vnmeWpzG2LU9rUnwTA6EclgvYa1PB9iMHKh0tIDaZisQz3PiBAZolyA
eEBYRY1QJIzI/5hSsSXxT1B5E00Up0TFuuFGbV+J4AzTIyy4pFFxLhORFlmzm+hNziWaQ9eAOCZC
KlGpPFjLDg63U7/qiYqEsxHUXfb4LbuVxTIiu5FWMihBcnEpYRQCniw7xkpWbi9OT2nUF7m1GKBx
jE6v4WSePEUxf3nkaBXyZPoKiT1ACuw6S4yYYyC3FV8ukUtkKuZcfmdN1/lyfb4sIXIyxCYg1jFI
Imxi1lSEnzoiDCfUy1cp13kaj13qmZHTyDG1yf/NirURJt/sSEpENhZJ0UqOm1TRjYhXP5HRsp3U
m2B5qjcjOqoNM0DkTeB8xx+k9JFDmMTaRSQ0yLdR74pvqV1JC4KC9W3kYWm6ETIhY5P+CNKcxQSi
1mxComehhXrK02QI3ymqFjVFoHN6GhzzMhINbsR12bymIUXmMVeWh6CH2siJsOqkj/30pDB0qOIK
NqbuaGmU7lQf/WYkUrm1SSmArIvCQOqQrUWxoRVLXD6bojlRli97lrkhChYKGebcdHJh1aZNV8dY
H0LyMpljWrA8ORNo5SavSKEfpZySQZNiVpDVzGCVyPUw8BnNIMj0z6NqYs7X4SebKHjdt8aUwt3/
2AWGxJIqDQvFs5dCy1uX+5kzwTaV6fXVaPE85AxRtTN4JvSogmViCiXqWX4qRWnzPIp4TuQfKnJF
cXQVFMM48zYpcqh+v2KPW0oLvMu2lCXgXOvzzhdWGaGmiWM0XJoAJci10YUaWgxVZf2UKf9oUz5g
xaW76oXRrsDTbWwT7q8IGB+3JRbCvcyrYES7ukcSBG4wVVQRRUthvUkxeeA1GhWFZp7eojdoL4Pp
Ypt3NfqQbE7s4o1bu8pai0VSNIrbDC1rihnGva1jp2Grah6Ila2YimSBMa49D8OijxUOezGMWsd2
BrszbjdT9r3rbT96EfLqdcrxiWd+H1IRai7t/5MAReTnRIq1YeHUYgrmDd3WJbzFyJGybF5UfuAq
X7Fh1lKnPYg2l7bGYpL4Q4abSSoPlbKBbrlx+eMcCbupYJkMac8pe5BmsWJfsSDMtnosZleUtxd3
9oivvqxiyCQoSmKFNbwg87M4YR3FkqSGQbAh1R7vl2NTQ+rK8G2bbmGE40fuk2zzJCFjeFrTHdet
w5DJCUJFZ6PLnJVr0AERevFVLpWoE2EYsg54ygjdjDZZpHoSKLDilRw/Svd+6pIcXJ2nutOtFY8V
PmhRRCfriXTrLRKBqpNpDGmTFY6Z24lLckYjG+3x7odk4qCsVichg06sbdJySGrO4y7JlKSYuf+m
FulI49h6n/LV5MyT8SZU6nSru0jSBFso3RLZbPWW4j71Cybvaz1c47JaRTyjBa+9k6S4J9+7ipfo
euZnrZHGqhiZUKJ+NmjDKsqmpZM4oieCI85Jp26xwTWPIea3GtdFbq0BuaMYdzCROoqAOhuUl5N+
uZIjZFLYPju2Cl6WQPmwgjguNoroxEthjUvehHS5smAucmzBmy+S51R2/8vdzuPbSJ733p4+lCAz
Nbd/1IF60UtsdZ6Y/ZR1bUhvDjp7ouHl8gWy2X52lHmvUqaQvjd4FQG9r75b5uMgt7mApQuuhduK
K7W/FIvVzp6/6PeZUQrsz53zejzFqqdKtZ6ONOHNsgcVFkZUxwjxI2RUE/bd/ct3f2kk1XBVwqb5
kCYO9SOErfR/JvxjV3jQxStHJ0DF53/pdzh+12cph3ZzAXSk5kloclv5h2ths029VXSRB3sIuBwd
iBi1VjR7dhuE94EmWBoIKBv6YmQBmBU5d4IwKDR7wVMZknkdWIIwSHXo0TNelS0v2HQ52BABAQA7
=="="c:\\WINDOWS\\spoolsv.exe"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2312)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-11-07 14:11:42
ComboFix-quarantined-files.txt 2010-11-07 19:11
ComboFix2.txt 2010-11-06 15:58
ComboFix3.txt 2010-11-05 02:28

Pre-Run: 11,541,245,952 bytes free
Post-Run: 11,534,389,248 bytes free

- - End Of File - - 13212D9C8F387CC04E14D36739CDA6A4

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!8th November 2010, 4:38 am

more_horiz
Let me step in here Sneakyone.

ComboFix CFScript

  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the box below into it:

    killall::

    SysRst::

    RestoreRun::

    SnapshotB::

    FileLook::
    c:windows\spoolsv.exe

    Replicator::
    C:windows\spoolsv.exe

    Reboot::
  • Save this as CFScript.txt, in the same location as ComboFix.exe

    Serious Help Needed in regards to Think Point Virus Removal! 2v3rg44

  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.

descriptionSerious Help Needed in regards to Think Point Virus Removal! EmptyRe: Serious Help Needed in regards to Think Point Virus Removal!

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum