My computer is sending spam to people in my e-mailing list.

Basically what is happening is a ran Malwarebyte's anti malware and combofix on my computer and it could not find any malicious software. what happens is every day, I receive 24 e-mails abuot delivery failed notice, because my computer is sending spam to everyone in my e-mailing lists in the form of e-mails. After that I get 1 last e-mail from myself!? My friends have told me the e-mails they receive from me is spam. After Malwarebytes anti malware and combifix have failed to fix the problem, I have no idea what to do. Thank you in advance.


OTL logfile created on: 1/8/2011 8:07:23 PM - Run 2
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Maxim\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 67.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 106.37 Gb Free Space | 35.68% Space Free | Partition Type: NTFS
Drive F: | 1.29 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MAXIM-9C1E76C15 | User Name: Maxim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/08 20:04:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maxim\Desktop\OTL.com
PRC - [2010/12/10 18:58:50 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/07/06 09:01:16 | 002,634,048 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2010/04/16 17:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/12/10 02:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2009/12/10 02:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2009/11/24 10:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009/08/09 17:35:32 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/01/14 16:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/13 18:51:24 | 002,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin
PRC - [2007/11/13 18:49:22 | 002,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
PRC - [2007/05/28 11:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/10/28 08:29:48 | 000,581,632 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\KEM.exe
PRC - [2004/10/21 12:28:40 | 000,029,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\KHALMNPR.exe
PRC - [2003/06/24 01:31:35 | 000,442,368 | ---- | M] () -- C:\Program Files\Belkin\Nostromo\nost_LM.exe


========== Modules (SafeList) ==========

MOD - [2011/01/08 20:04:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maxim\Desktop\OTL.com
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2004/10/28 08:27:18 | 000,086,016 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2003/05/16 01:01:51 | 000,053,248 | ---- | M] (eTEK Labs) -- C:\Program Files\Belkin\Nostromo\nost_FSH.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2011/01/04 20:54:45 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai)
SRV - [2010/09/17 11:13:10 | 000,185,640 | ---- | M] () [On_Demand | Stopped] -- C:\Documents and Settings\Maxim\Application Data\Mikogo\B-Service.exe -- (B-Service)
SRV - [2010/04/28 06:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/12/10 02:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2009/08/09 17:35:32 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/01/14 16:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/05/28 11:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2002/12/17 16:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 16:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\Maxim\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/04/28 06:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/11/03 17:00:25 | 007,655,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/08/21 15:24:10 | 000,057,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2009/08/17 08:38:37 | 000,722,416 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/06/05 12:23:27 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2009/02/24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/09/11 06:45:38 | 000,019,968 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/09/11 06:45:36 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/08/21 05:24:28 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/06/18 22:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/05/02 04:12:06 | 000,229,376 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006/03/17 05:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2004/10/21 12:31:14 | 000,038,691 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2004/10/21 12:31:06 | 000,054,851 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2004/10/21 12:30:56 | 000,071,535 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2004/10/21 12:30:38 | 000,024,671 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2004/08/12 21:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003/09/14 02:27:50 | 000,018,838 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2003/07/23 14:16:48 | 000,022,821 | ---- | M] (Belkin Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcgame.sys -- (bcgame)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaultthis.engineName: "Veoh Web Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Veoh Web Player Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.3
FF - prefs.js..extensions.enabledItems: {cd90bf73-20f6-44ef-993d-bb920303bd2e}:2.7.1.3
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/10 18:58:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/10 18:58:54 | 000,000,000 | ---D | M]

[2008/08/26 15:23:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Maxim\Application Data\Mozilla\Extensions
[2011/01/08 13:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\extensions
[2010/05/14 16:23:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/24 14:01:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/01/05 16:16:36 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/11/07 01:12:17 | 000,000,000 | ---D | M] (Veoh Web Player Toolbar) -- C:\Documents and Settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}
[2010/01/02 23:17:37 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\extensions\firefox@tvunetworks.com
[2010/05/09 20:48:45 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\searchplugins\AOL Search.xml
[2010/07/25 01:57:04 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\searchplugins\bing.xml
[2010/06/29 17:22:34 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\searchplugins\conduit.xml
[2011/01/08 13:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/06/22 15:38:17 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/12/13 20:50:58 | 000,000,000 | ---D | M] (AdVantage) -- C:\Program Files\Mozilla Firefox\extensions\{A89AED22-9133-424c-88E7-C8235C5FF302}
[2010/07/13 10:44:09 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009/04/29 14:51:34 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/02/02 12:50:33 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD\FIREFOX\EXT
[2007/08/15 19:05:00 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2007/06/23 01:21:33 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npgcplug.dll
[2008/11/11 01:54:07 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2010/05/09 20:48:45 | 000,001,490 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\AOL Search.xml

O1 HOSTS File: ([2010/05/05 14:36:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe File not found
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe File not found
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe File not found
O4 - HKLM..\Run: [OfficeKB] C:\PROGRA~1\OfficeKB\OfficeKB.EXE File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe File not found
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe File not found
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\Maxim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe File not found
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe File not found
O4 - HKCU..\Run: [Mikogo] C:\Documents and Settings\Maxim\Application Data\Mikogo\Mikogo-Host.exe (Mikogo)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Loadout Manager.lnk = C:\Program Files\Belkin\Nostromo\nost_LM.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\Maxim\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Maxim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Maxim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/20 23:56:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/04/30 05:03:45 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2008/06/25 01:50:03 | 000,152,848 | R--- | M] (KOEI Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/07/01 05:35:52 | 000,914,704 | R--- | M] (KOEI Co., Ltd.) - F:\AutoRunInstall.exe -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\system32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)

========== Files/Folders - Created Within 30 Days ==========

[2011/01/08 20:04:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Maxim\Desktop\OTL.com
[2011/01/08 03:03:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/01/08 02:51:59 | 000,000,000 | ---D | C] -- C:\Combo-Fix2296C
[2011/01/07 16:24:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\49471DB87F3C42DB89C2AC50FA0C5290.TMP
[2011/01/03 14:46:10 | 000,463,360 | ---- | C] (Dino Chiesa) -- C:\Documents and Settings\Maxim\Desktop\Ionic.Zip.dll
[2011/01/03 14:46:10 | 000,037,888 | ---- | C] (lolbase.net) -- C:\Documents and Settings\Maxim\Desktop\LoLBaseUploader.exe
[2010/12/24 20:04:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxim\Application Data\Armagetron
[2010/12/24 20:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Armagetron Advanced
[2010/12/24 20:04:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Armagetron
[2010/12/19 22:15:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 6
[2010/12/19 16:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxim\Local Settings\Application Data\TechSmith
[2010/12/19 16:19:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxim\My Documents\Camtasia Studio
[2010/12/19 16:19:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime
[2010/12/19 16:19:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Camtasia Studio 7
[2010/12/19 16:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2010/12/19 16:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2010/12/19 16:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/12/18 16:04:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxim\Ultramarines
[2010/12/15 20:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxim\Start Menu\Programs\PokerTracker 3
[2010/12/15 19:52:22 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/12/15 19:51:56 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/08 20:04:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maxim\Desktop\OTL.com
[2011/01/08 14:18:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/01/08 13:32:52 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/01/08 02:38:56 | 004,150,017 | R--- | M] () -- C:\Documents and Settings\Maxim\Desktop\Combo-Fix.exe
[2011/01/08 02:07:17 | 016,566,343 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\zeru's stuff.zip
[2011/01/07 17:12:34 | 000,160,256 | ---- | M] () -- C:\Documents and Settings\Maxim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/07 16:11:37 | 183,055,872 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\camtasia.msi
[2011/01/05 08:58:54 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/05 08:58:39 | 000,249,230 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/01/05 08:58:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/29 19:59:51 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\Lag pf ranges.doc
[2010/12/23 17:19:11 | 000,606,387 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\1. The Learning Framework.pdf
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/19 22:15:22 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk
[2010/12/19 16:19:26 | 000,000,893 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Camtasia Studio 7.lnk
[2010/12/18 16:52:25 | 023,239,510 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\agro player Strategy F.wmv
[2010/12/18 15:59:08 | 018,251,828 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\Tight Player Lesson F.wmv
[2010/12/17 17:41:33 | 015,737,260 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\Station Lesson F.wmv
[2010/12/16 10:32:18 | 000,107,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/16 03:04:16 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/15 20:23:06 | 000,000,744 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\PokerTracker 3.lnk
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/08 02:04:00 | 016,566,343 | ---- | C] () -- C:\Documents and Settings\Maxim\Desktop\zeru's stuff.zip
[2011/01/07 16:08:43 | 183,055,872 | ---- | C] () -- C:\Documents and Settings\Maxim\Desktop\camtasia.msi
[2010/12/29 19:59:51 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Maxim\Desktop\Lag pf ranges.doc
[2010/12/23 17:19:03 | 000,606,387 | ---- | C] () -- C:\Documents and Settings\Maxim\Desktop\1. The Learning Framework.pdf
[2010/12/19 22:15:21 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk
[2010/12/19 16:19:26 | 000,000,893 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Camtasia Studio 7.lnk
[2010/12/18 16:47:06 | 023,239,510 | ---- | C] () -- C:\Documents and Settings\Maxim\Desktop\agro player Strategy F.wmv
[2010/12/18 15:55:12 | 018,251,828 | ---- | C] () -- C:\Documents and Settings\Maxim\Desktop\Tight Player Lesson F.wmv
[2010/12/17 17:37:08 | 015,737,260 | ---- | C] () -- C:\Documents and Settings\Maxim\Desktop\Station Lesson F.wmv
[2010/12/15 20:23:06 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\Maxim\Desktop\PokerTracker 3.lnk
[2010/10/14 01:36:44 | 000,179,263 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010/09/16 02:17:58 | 001,628,304 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/06/22 18:45:00 | 000,005,077 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bltofzsb.qlf
[2010/04/20 23:05:49 | 000,000,056 | ---- | C] () -- C:\WINDOWS\kgt2k.INI
[2009/08/24 17:00:27 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/08/24 17:00:27 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/08/24 17:00:27 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/08/10 13:31:47 | 000,000,286 | ---- | C] () -- C:\Program Files\qjhnfze.txt
[2009/07/03 13:31:54 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2009/06/06 01:32:36 | 000,002,119 | ---- | C] () -- C:\Documents and Settings\Maxim\Application Data\waQ1P0bNat.gif
[2009/06/06 01:32:36 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Maxim\Application Data\waQ1P0bNzn.gif
[2009/06/06 01:32:36 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\Maxim\Application Data\waQ1P0bNby.gif
[2009/04/16 02:01:55 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/02/02 17:59:03 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007/09/11 13:58:00 | 000,002,908 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/07/15 18:04:34 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/07/06 02:03:38 | 000,160,256 | ---- | C] () -- C:\Documents and Settings\Maxim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/03 01:05:51 | 000,008,272 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/06/23 18:48:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SetSel.INI
[2007/06/21 19:48:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/06/21 00:01:47 | 000,000,396 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2007/06/21 00:01:46 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini
[2007/06/21 00:01:35 | 000,024,816 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/06/21 00:01:35 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/06/21 00:01:25 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/03/13 13:43:02 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2000/04/27 14:14:02 | 000,004,500 | ---- | C] () -- C:\WINDOWS\System32\FILTRCOI.DLL

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2007/06/20 23:56:02 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/04/16 23:04:40 | 000,306,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/08/10 13:31:47 | 000,000,286 | ---- | M] () -- C:\Program Files\qjhnfze.txt

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/09/03 23:17:10 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2007/06/20 23:59:33 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Maxim\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2007/06/20 23:59:33 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Maxim\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2009/08/09 19:44:14 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Maxim\Desktop\1234.exe
[2011/01/08 02:38:56 | 004,150,017 | R--- | M] () -- C:\Documents and Settings\Maxim\Desktop\Combo-Fix.exe
[2010/02/11 15:09:30 | 000,037,888 | ---- | M] (lolbase.net) -- C:\Documents and Settings\Maxim\Desktop\LoLBaseUploader.exe
[2010/02/27 12:25:00 | 001,498,968 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\LoLInstaller.exe
[2010/09/14 18:19:54 | 001,676,592 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\mikogo-starter.exe
[2008/03/02 21:19:06 | 125,892,318 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\OOo_2.3.1_Win32Intel_install_wJRE_en-US.exe
[2010/05/05 07:21:22 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maxim\Desktop\OTL.exe
[2009/08/10 21:26:58 | 000,408,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maxim\Desktop\OTM.exe
[2010/04/16 15:07:40 | 002,178,224 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\TestRealmInstallerDownloader.04_05_2010.exe
[2010/05/11 21:33:25 | 003,249,480 | ---- | M] (Unity Technologies ApS) -- C:\Documents and Settings\Maxim\Desktop\UnityWebPlayer.exe
[2010/04/10 14:11:12 | 011,048,840 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\veetle-0.9.17.exe
[2010/11/16 16:25:09 | 012,958,736 | ---- | M] () -- C:\Documents and Settings\Maxim\Desktop\VeohWebPlayerSetup_eng.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/12/10 18:58:50 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/12/10 18:58:50 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/12/10 18:58:51 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2010/12/10 18:58:52 | 000,245,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe
[2007/10/13 17:59:13 | 140,202,521 | ---- | M] () -- C:\Program Files\Mozilla Firefox\WoW-2.2.3.7359-to-0.3.0.7382-enUS-patch.exe
[2008/02/11 22:41:51 | 141,909,560 | ---- | M] () -- C:\Program Files\Mozilla Firefox\WoW-2.3.3.7799-to-0.4.0.7897-enUS-patch.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2007/06/20 23:59:33 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Maxim\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007/06/21 19:45:27 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/06/21 19:45:27 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/06/21 19:45:27 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2006/02/28 07:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2006/02/28 07:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2006/02/28 07:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2006/02/28 07:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2006/02/28 07:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2006/02/28 07:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2006/02/28 07:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2006/02/28 07:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2006/02/28 07:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2006/02/28 07:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2006/02/28 07:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2006/02/28 07:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2006/02/28 07:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2006/02/28 07:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2006/02/28 07:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/13 13:44:59 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/10/26 08:25:00 | 001,853,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2008/04/13 19:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/13 19:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/13 19:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/13 19:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/13 19:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/13 19:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/13 19:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008/04/13 19:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/13 19:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/13 19:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/13 19:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/13 19:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/13 19:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2008/04/13 19:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008/04/13 19:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

< %SYSTEMDRIVE%\*.* >
[2009/09/18 10:25:18 | 000,003,911 | ---- | M] () -- C:\ATMA_config.ini
[2007/06/20 23:56:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/08/10 13:46:39 | 000,000,293 | ---- | M] () -- C:\Boot.bak
[2010/09/21 06:54:19 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2007/12/17 23:30:41 | 000,001,249 | ---- | M] () -- C:\ClientLog.txt
[2004/08/03 22:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2011/01/08 02:59:20 | 000,180,333 | ---- | M] () -- C:\ComboFix.txt
[2007/06/20 23:56:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/06/20 23:56:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/20 20:38:33 | 000,001,101 | -H-- | M] () -- C:\IPH.PH
[2010/05/04 19:07:19 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2007/06/20 23:56:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006/02/28 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/03 23:12:27 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/01/05 08:58:26 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2007/10/02 11:23:55 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2008/06/21 19:49:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2007/10/02 11:23:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2008/06/21 19:49:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm

< %PROGRAMFILES%\*. >
[2010/05/05 14:54:09 | 000,000,000 | ---D | M] -- C:\Program Files\Absolute Poker
[2010/01/18 22:55:09 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/06/25 14:52:41 | 000,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies
[2009/08/23 22:51:56 | 000,000,000 | ---D | M] -- C:\Program Files\Alcohol Soft
[2010/07/26 13:16:02 | 000,000,000 | ---D | M] -- C:\Program Files\ALL IN Expert
[2007/06/21 00:05:06 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2009/08/09 18:02:59 | 000,000,000 | ---D | M] -- C:\Program Files\Apprentice
[2010/12/24 22:44:54 | 000,000,000 | ---D | M] -- C:\Program Files\Armagetron Advanced
[2009/08/09 18:18:13 | 000,000,000 | ---D | M] -- C:\Program Files\Atari
[2009/08/29 09:17:14 | 000,000,000 | ---D | M] -- C:\Program Files\ATMA V
[2011/01/08 02:45:54 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2010/02/20 21:17:48 | 000,000,000 | ---D | M] -- C:\Program Files\Belkin
[2007/11/11 18:44:09 | 000,000,000 | ---D | M] -- C:\Program Files\BitTorrent
[2011/01/08 02:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2007/06/20 23:54:14 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/05/05 15:03:03 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2009/08/17 09:00:09 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Pro
[2009/03/18 03:58:17 | 000,000,000 | ---D | M] -- C:\Program Files\Dawn of War 2
[2010/02/20 21:17:36 | 000,000,000 | ---D | M] -- C:\Program Files\Diablo II
[2007/06/21 00:03:33 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2009/07/09 09:12:02 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2010/05/05 15:04:22 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2010/05/05 14:56:26 | 000,000,000 | ---D | M] -- C:\Program Files\Eusing Free Registry Cleaner
[2010/11/22 14:58:44 | 000,000,000 | ---D | M] -- C:\Program Files\Full Tilt Poker
[2009/07/03 13:30:52 | 000,000,000 | ---D | M] -- C:\Program Files\Futuremark
[2010/01/03 18:34:26 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2007/07/03 01:04:26 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2007/09/04 23:52:49 | 000,000,000 | ---D | M] -- C:\Program Files\Google Video
[2010/05/05 15:04:22 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/12/16 03:03:54 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/06/19 21:00:21 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/06/14 07:30:33 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/01/27 05:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/11/15 21:44:10 | 000,000,000 | ---D | M] -- C:\Program Files\Koei
[2010/05/05 14:59:14 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2007/06/23 01:20:11 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2009/10/15 10:15:45 | 000,000,000 | ---D | M] -- C:\Program Files\Magic Workstation
[2009/08/17 09:01:47 | 000,000,000 | ---D | M] -- C:\Program Files\MagicDisc
[2009/08/09 17:16:39 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/09/03 23:18:57 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/11/10 11:25:09 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2007/06/20 23:56:36 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/03/18 00:53:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2009/08/14 16:06:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SDKs
[2011/01/06 03:01:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/08/14 16:09:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2010/07/25 01:40:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/07/25 01:40:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2009/08/14 16:08:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 9.0
[2009/08/14 16:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/09/08 00:11:41 | 000,000,000 | ---D | M] -- C:\Program Files\mIRC
[2010/08/13 02:00:25 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/12/10 18:59:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2007/06/21 00:50:07 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2007/06/20 23:53:16 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2007/06/20 23:53:44 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2007/08/16 02:00:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/06/21 01:00:05 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2010/02/20 21:18:49 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2007/06/21 00:20:48 | 000,000,000 | ---D | M] -- C:\Program Files\Nero
[2008/09/03 23:13:50 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2010/06/25 14:52:41 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2007/12/17 13:11:29 | 000,000,000 | ---D | M] -- C:\Program Files\Ocean Technology
[2010/05/05 14:31:32 | 000,000,000 | ---D | M] -- C:\Program Files\OfficeKB
[2007/06/20 23:53:51 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2008/03/02 21:21:39 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 2.3
[2010/12/16 03:01:12 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/04/16 15:07:53 | 000,000,000 | ---D | M] -- C:\Program Files\Pando Networks
[2010/11/23 08:59:42 | 000,000,000 | ---D | M] -- C:\Program Files\PartyGaming
[2011/01/08 19:46:26 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStars
[2010/10/05 10:11:14 | 000,000,000 | ---D | M] -- C:\Program Files\PokerStove
[2010/12/15 20:23:06 | 000,000,000 | ---D | M] -- C:\Program Files\PokerTracker 3
[2010/06/22 18:56:05 | 000,000,000 | ---D | M] -- C:\Program Files\PostgreSQL
[2010/05/05 14:31:34 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/11/21 01:30:15 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2007/06/21 00:48:03 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/07/13 10:44:09 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/05/05 15:04:00 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2007/08/12 22:39:28 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Setup
[2010/05/21 22:26:48 | 000,000,000 | ---D | M] -- C:\Program Files\SopCast
[2010/12/24 03:46:21 | 000,000,000 | ---D | M] -- C:\Program Files\Steam
[2009/03/18 03:32:35 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2010/12/19 22:15:18 | 000,000,000 | ---D | M] -- C:\Program Files\TeamViewer
[2010/12/19 16:19:12 | 000,000,000 | ---D | M] -- C:\Program Files\TechSmith
[2007/12/13 20:54:45 | 000,000,000 | ---D | M] -- C:\Program Files\THQ
[2009/08/09 19:44:22 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2007/08/12 22:41:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/12/24 16:42:20 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/01/03 19:57:07 | 000,000,000 | ---D | M] -- C:\Program Files\Vector Magic
[2010/04/10 14:11:26 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
[2007/11/14 16:47:00 | 000,000,000 | ---D | M] -- C:\Program Files\Ventrilo
[2010/11/07 01:11:40 | 000,000,000 | ---D | M] -- C:\Program Files\Veoh Networks
[2008/08/08 12:55:45 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2008/04/01 09:47:11 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2010/05/05 15:03:14 | 000,000,000 | ---D | M] -- C:\Program Files\VS Revo Group
[2009/08/13 20:17:51 | 000,000,000 | ---D | M] -- C:\Program Files\Warcraft III
[2010/05/05 14:55:53 | 000,000,000 | ---D | M] -- C:\Program Files\Wesnoth
[2010/07/25 01:41:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/06/05 12:14:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2007/06/21 00:47:26 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2008/09/03 23:13:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/09/03 23:13:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2007/06/30 23:28:39 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2010/09/11 23:13:01 | 000,000,000 | ---D | M] -- C:\Program Files\Wizards of the Coast
[2010/12/01 14:25:51 | 000,000,000 | ---D | M] -- C:\Program Files\World of Warcraft
[2007/06/20 23:56:36 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/09/21 02:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2009/11/12 19:50:12 | 000,000,000 | ---D | M] -- C:\Program Files\_uninstallation_info

< %appdata%\*.* >
[2007/06/21 19:48:34 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Maxim\Application Data\desktop.ini
[2009/06/06 01:32:36 | 000,002,119 | ---- | M] () -- C:\Documents and Settings\Maxim\Application Data\waQ1P0bNat.gif
[2009/06/06 01:32:36 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\Maxim\Application Data\waQ1P0bNby.gif
[2009/06/06 01:32:36 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\Maxim\Application Data\waQ1P0bNzn.gif


< MD5 for: AGP440.SYS >
[2006/02/28 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/03 23:10:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/09/03 23:10:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006/02/28 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/03 23:10:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/09/03 23:10:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/02/28 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006/02/28 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2006/02/28 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/09/03 23:10:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/09/03 23:10:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2006/02/28 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2006/02/28 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2006/02/28 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATA.SYS >
[2006/08/21 05:24:28 | 000,105,344 | R--- | M] (NVIDIA Corporation) MD5=4D6C6B46B3EDF6F2E219A86B61D104AE -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2006/02/28 07:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2006/02/28 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2008/09/03 23:10:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2008/09/03 23:10:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/03 22:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-01-06 08:02:08

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CEFE51A

< End of report >

Hi,


ComboFix should not be run without the guidance of a helper!

It is a powerful tool and is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private or regular use.

See ComboFix's Disclaimer

Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Please refer to this thread for more information on why you shouldn't use ComboFix without supervision of a trained expert: http://www.bleepingcomputer.com/forums/topic273628.html

Please post the log at C:\ComboFix.txt

ComboFix 11-01-07.01 - Maxim 01/08/2011 2:53.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3326.2668 [GMT -5:00]
Running from: c:\documents and settings\Maxim\Desktop\Combo-Fix.exe
.

((((((((((((((((((((((((( Files Created from 2010-12-08 to 2011-01-08 )))))))))))))))))))))))))))))))
.

2011-01-07 21:24 . 2011-01-07 21:24 -------- d-----w- c:\windows\49471DB87F3C42DB89C2AC50FA0C5290.TMP
2010-12-25 01:04 . 2010-12-25 01:04 -------- d-----w- c:\documents and settings\Maxim\Application Data\Armagetron
2010-12-25 01:04 . 2010-12-25 03:44 -------- d-----w- c:\program files\Armagetron Advanced
2010-12-25 01:04 . 2010-12-25 01:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Armagetron
2010-12-19 21:20 . 2010-12-19 21:20 -------- d-----w- c:\documents and settings\Maxim\Local Settings\Application Data\TechSmith
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\windows\system32\QuickTime
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\program files\TechSmith
2010-12-18 21:04 . 2010-12-18 21:27 -------- d-----w- c:\documents and settings\Maxim\Ultramarines
2010-12-16 00:52 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-16 00:51 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 23:09 . 2009-08-09 21:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 23:08 . 2009-08-09 21:50 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:12 . 2007-06-21 04:54 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:34 . 2006-02-28 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34 . 2006-02-28 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34 . 2006-02-28 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34 . 2006-02-28 12:00 17408 ------w- c:\windows\system32\corpol.dll
2010-11-03 12:25 . 2006-02-28 12:00 389120 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2006-02-28 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2006-02-28 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2006-02-28 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-14 06:36 . 2010-10-14 06:36 15451288 ----a-w- c:\windows\system32\xlive.dll
2010-10-14 06:36 . 2010-10-14 06:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.


((((((((((((((((((((((((((((( SnapShot@2010-05-06_15.36.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 07:19 . 2007-11-07 07:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
- 2007-11-07 06:19 . 2007-11-07 06:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
- 2008-07-29 10:07 . 2008-07-29 10:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 11:07 . 2008-07-29 11:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
- 2008-07-29 10:07 . 2008-07-29 10:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2011-01-05 13:58 . 2011-01-05 13:58 16384 c:\windows\temp\Perflib_Perfdata_6a0.dat
+ 2011-01-05 13:58 . 2011-01-05 13:58 16384 c:\windows\temp\Perflib_Perfdata_348.dat
+ 2010-06-25 19:52 . 2010-02-04 14:01 74072 c:\windows\system32\XAPOFX1_4.dll
+ 2010-06-25 19:52 . 2010-02-04 14:01 22360 c:\windows\system32\X3DAudio1_7.dll
+ 2007-01-29 08:58 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
- 2007-01-29 08:58 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
+ 2006-02-28 12:00 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll
- 2007-06-21 05:04 . 2007-11-30 11:18 26488 c:\windows\system32\spupdsvc.exe
+ 2007-06-21 05:04 . 2007-07-28 03:11 26488 c:\windows\system32\spupdsvc.exe
+ 2006-02-28 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2007-06-21 05:47 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
- 2007-06-21 05:47 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2010-04-17 02:12 . 2010-04-17 02:12 48464 c:\windows\system32\sirenacm.dll
+ 2010-03-31 04:16 . 2010-03-31 04:16 99176 c:\windows\system32\PresentationHostProxy.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 44544 c:\windows\system32\pngfilt.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 44544 c:\windows\system32\pngfilt.dll
+ 2006-02-28 12:00 . 2010-11-23 15:09 79538 c:\windows\system32\perfc009.dat
+ 2009-11-07 05:07 . 2009-11-07 05:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-06 02:17 . 2009-11-06 02:17 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2006-11-08 01:03 . 2010-11-06 00:34 52224 c:\windows\system32\msfeedsbs.dll
- 2006-11-08 01:03 . 2010-03-11 12:38 52224 c:\windows\system32\msfeedsbs.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 27648 c:\windows\system32\jsproxy.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 27648 c:\windows\system32\jsproxy.dll
- 2006-11-07 07:26 . 2010-03-10 13:18 13824 c:\windows\system32\ieudinit.exe
+ 2006-11-07 07:26 . 2010-11-03 12:24 13824 c:\windows\system32\ieudinit.exe
- 2006-02-28 12:00 . 2010-03-11 12:38 44544 c:\windows\system32\iernonce.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 44544 c:\windows\system32\iernonce.dll
+ 2006-02-28 12:00 . 2010-11-03 12:24 70656 c:\windows\system32\ie4uinit.exe
- 2006-02-28 12:00 . 2010-03-10 13:18 70656 c:\windows\system32\ie4uinit.exe
+ 2006-02-28 12:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
- 2006-02-28 12:00 . 2008-04-14 00:11 80384 c:\windows\system32\iccvid.dll
+ 2006-10-17 15:58 . 2010-11-06 00:34 63488 c:\windows\system32\icardie.dll
- 2006-10-17 15:58 . 2010-03-11 12:38 63488 c:\windows\system32\icardie.dll
+ 2010-07-25 06:41 . 2010-04-28 11:44 54760 c:\windows\system32\DRVSTORE\fssfltr_F64381C38F211E3160A660B196A6A585F80604F9\fssfltr_tdi.sys
+ 2010-07-25 06:41 . 2010-04-28 11:44 54760 c:\windows\system32\drivers\fssfltr_tdi.sys
+ 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2006-02-28 12:00 . 2010-11-06 00:34 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2007-04-25 08:41 . 2010-11-06 00:34 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-04-25 08:41 . 2010-03-11 12:38 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
- 2007-04-24 14:26 . 2010-03-10 13:18 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-04-24 14:26 . 2010-11-03 12:24 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2006-02-28 12:00 . 2010-11-06 00:34 44544 c:\windows\system32\dllcache\iernonce.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2009-02-20 18:09 . 2010-11-06 00:34 78336 c:\windows\system32\dllcache\ieencode.dll
- 2009-02-20 18:09 . 2010-03-11 12:38 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2006-02-28 12:00 . 2010-11-03 12:24 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2006-02-28 12:00 . 2010-03-10 13:18 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-20 10:04 . 2010-03-11 12:38 63488 c:\windows\system32\dllcache\icardie.dll
+ 2007-08-20 10:04 . 2010-11-06 00:34 63488 c:\windows\system32\dllcache\icardie.dll
- 2009-06-29 16:12 . 2010-03-11 12:38 17408 c:\windows\system32\dllcache\corpol.dll
+ 2009-06-29 16:12 . 2010-11-06 00:34 17408 c:\windows\system32\dllcache\corpol.dll
+ 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2006-02-28 12:00 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
- 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2010-09-22 13:43 . 2010-09-22 13:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-09-23 19:55 . 2010-09-23 19:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2008-05-28 04:49 . 2008-05-28 04:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2008-05-28 04:49 . 2008-05-28 04:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-05-28 04:49 . 2008-05-28 04:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-05-28 05:30 . 2008-05-28 05:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-09-23 07:17 . 2010-09-23 07:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-09-23 07:17 . 2010-09-23 07:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2003-02-20 23:19 . 2003-02-20 23:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2010-07-25 06:40 . 2010-07-25 06:40 98816 c:\windows\Installer\df9c8eb.msi
+ 2010-07-25 06:39 . 2010-07-25 06:39 22016 c:\windows\Installer\df9c8d1.msi
+ 2010-07-25 06:38 . 2010-07-25 06:38 27136 c:\windows\Installer\df9c88d.msi
+ 2010-07-25 06:38 . 2010-07-25 06:38 58880 c:\windows\Installer\df9c865.msi
+ 2010-07-25 06:38 . 2010-07-25 06:38 61272 c:\windows\Installer\{E6158D07-2637-4ECF-B576-37C489669174}\IconWlc.exe
+ 2010-07-25 06:39 . 2010-07-25 06:39 80395 c:\windows\Installer\{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}\MsblIco.Exe
+ 2010-06-04 07:00 . 2011-01-06 08:02 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-07-25 06:39 . 2010-07-25 06:39 58945 c:\windows\Installer\{6412CECE-8172-4BE5-935B-6CECACD2CA87}\wlmail.exe
+ 2010-09-12 04:13 . 2010-09-12 04:13 49152 c:\windows\Installer\{626C034B-50B8-47BD-AF93-EEFD0FA78FF4}\UNINST_Uninstall_C_8EA3BE1D94E6460FB55ABC953C5B188C.exe
+ 2010-06-09 07:00 . 2010-03-11 12:38 44544 c:\windows\ie7updates\KB982381-IE7\pngfilt.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 52224 c:\windows\ie7updates\KB982381-IE7\msfeedsbs.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 27648 c:\windows\ie7updates\KB982381-IE7\jsproxy.dll
+ 2010-06-09 07:00 . 2010-03-10 13:18 13824 c:\windows\ie7updates\KB982381-IE7\ieudinit.exe
+ 2010-06-09 07:00 . 2010-03-11 12:38 44544 c:\windows\ie7updates\KB982381-IE7\iernonce.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 78336 c:\windows\ie7updates\KB982381-IE7\ieencode.dll
+ 2010-06-09 07:00 . 2010-03-10 13:18 70656 c:\windows\ie7updates\KB982381-IE7\ie4uinit.exe
+ 2010-06-09 07:00 . 2010-03-11 12:38 63488 c:\windows\ie7updates\KB982381-IE7\icardie.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 17408 c:\windows\ie7updates\KB982381-IE7\corpol.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 44544 c:\windows\ie7updates\KB2416400-IE7\pngfilt.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 52224 c:\windows\ie7updates\KB2416400-IE7\msfeedsbs.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 27648 c:\windows\ie7updates\KB2416400-IE7\jsproxy.dll
+ 2010-12-16 08:03 . 2010-09-08 15:57 13824 c:\windows\ie7updates\KB2416400-IE7\ieudinit.exe
+ 2010-12-16 08:03 . 2010-09-09 13:38 44544 c:\windows\ie7updates\KB2416400-IE7\iernonce.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 78336 c:\windows\ie7updates\KB2416400-IE7\ieencode.dll
+ 2010-12-16 08:03 . 2010-09-08 15:57 70656 c:\windows\ie7updates\KB2416400-IE7\ie4uinit.exe
+ 2010-12-16 08:03 . 2010-09-09 13:38 63488 c:\windows\ie7updates\KB2416400-IE7\icardie.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 17408 c:\windows\ie7updates\KB2416400-IE7\corpol.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 44544 c:\windows\ie7updates\KB2360131-IE7\pngfilt.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 52224 c:\windows\ie7updates\KB2360131-IE7\msfeedsbs.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 27648 c:\windows\ie7updates\KB2360131-IE7\jsproxy.dll
+ 2010-10-14 07:03 . 2010-06-23 12:06 13824 c:\windows\ie7updates\KB2360131-IE7\ieudinit.exe
+ 2010-10-14 07:03 . 2010-06-24 12:15 44544 c:\windows\ie7updates\KB2360131-IE7\iernonce.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 78336 c:\windows\ie7updates\KB2360131-IE7\ieencode.dll
+ 2010-10-14 07:03 . 2010-06-23 12:06 70656 c:\windows\ie7updates\KB2360131-IE7\ie4uinit.exe
+ 2010-10-14 07:03 . 2010-06-24 12:15 63488 c:\windows\ie7updates\KB2360131-IE7\icardie.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 17408 c:\windows\ie7updates\KB2360131-IE7\corpol.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 44544 c:\windows\ie7updates\KB2183461-IE7\pngfilt.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 52224 c:\windows\ie7updates\KB2183461-IE7\msfeedsbs.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 27648 c:\windows\ie7updates\KB2183461-IE7\jsproxy.dll
+ 2010-08-13 07:04 . 2010-05-04 12:39 13824 c:\windows\ie7updates\KB2183461-IE7\ieudinit.exe
+ 2010-08-13 07:04 . 2010-05-04 17:20 44544 c:\windows\ie7updates\KB2183461-IE7\iernonce.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 78336 c:\windows\ie7updates\KB2183461-IE7\ieencode.dll
+ 2010-08-13 07:04 . 2010-05-04 12:39 70656 c:\windows\ie7updates\KB2183461-IE7\ie4uinit.exe
+ 2010-08-13 07:04 . 2010-05-04 17:20 63488 c:\windows\ie7updates\KB2183461-IE7\icardie.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 17408 c:\windows\ie7updates\KB2183461-IE7\corpol.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_3a884f4e\System.Drawing.Design.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_138b501d\CustomMarshalers.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\4b76ee7cffa5a925f16967eb6d44d79e\WindowsLiveWriter.ni.exe
+ 2010-08-13 07:07 . 2010-08-13 07:07 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0f3ef21a166df82d34e0147cfa308256\WindowsLive.Writer.Api.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-08-13 07:04 . 2010-08-13 07:04 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\dc186e6d25efeba245c418f97529f1e9\Microsoft.VisualStudio.Shell.Interop.9.0.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 22016 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\c529a93070c7c7cb1784e6e822d4a562\Microsoft.VisualStudio.Designer.Interfaces.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\272d51526813ea113970b8e890c92ee2\Microsoft.VisualC.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\f2b3561c1ff33889956aaa065e0f51bf\Microsoft.SqlServer.ServiceBrokerEnum.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 72704 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\b6fa5b72ef657e96a1ffc0e273e3eb9c\Microsoft.SqlServer.BatchParserClient.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\97292d5d621957c61cdf3dff84ad9f3b\Microsoft.SqlServer.SqlClrProvider.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 32768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\3c4ed10f18f81f1e462c4b75b0e5ffb9\Microsoft.SqlServer.PolicyEnum.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\2f8f6a426e825b7000a42028b5b2f001\Microsoft.SqlServer.SqlTDiagM.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 65536 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\1a0607a5f678644fb0371c0664329693\Microsoft.SqlServer.WmiEnum.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\04095334dff60b0d128ad75478c9246c\Microsoft.SqlServer.SString.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Internal.#\d97e4fc5f579f02d80f101f5984397b0\Microsoft.Internal.VisualStudio.Shell.Interop.9.0.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\MetaGen\0d6925cecc952f8fbd2b11e86ad740a1\MetaGen.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 31232 c:\windows\assembly\NativeImages_v2.0.50727_32\EnvDTE90a\7de9d9c386775061701e8df531c9f6d2\EnvDTE90a.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 46080 c:\windows\assembly\NativeImages_v2.0.50727_32\EnvDTE90\7017df968da0929001755552a4a02507\EnvDTE90.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-08-13 07:04 . 2010-08-13 07:04 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-14 21:05 . 2009-08-14 21:05 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-06-09 07:03 . 2010-06-09 07:03 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-10-06 06:53 . 2010-10-06 06:53 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-08-13 07:00 . 2008-04-14 00:11 80384 c:\windows\$NtUninstallKB982665$\iccvid.dll
+ 2010-05-26 07:00 . 2010-01-23 08:11 46080 c:\windows\$NtUninstallKB981793$\tzchange.exe
+ 2010-05-26 07:00 . 2010-04-22 22:21 16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll
+ 2010-06-09 07:03 . 2008-04-14 00:11 65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2010-09-16 07:02 . 2008-04-14 00:12 57856 c:\windows\$NtUninstallKB2347290$\spoolsv.exe
+ 2010-10-14 07:03 . 2008-04-14 00:12 96768 c:\windows\$NtUninstallKB2345886$\srvsvc.dll
+ 2010-09-29 07:00 . 2010-04-21 13:28 46080 c:\windows\$NtUninstallKB2158563$\tzchange.exe
+ 2010-09-29 07:00 . 2010-06-23 00:54 16896 c:\windows\$NtUninstallKB2158563$\spuninst\tzchange.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982802\update\spcustom.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982802\spmsg.dll
+ 2010-08-13 07:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll
+ 2010-08-13 07:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982665\spmsg.dll
+ 2010-06-17 14:02 . 2010-06-17 14:02 80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll
+ 2010-06-09 07:00 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB982381-IE7\update\spcustom.dll
+ 2010-06-09 07:00 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB982381-IE7\spmsg.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 44544 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\pngfilt.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 52224 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msfeedsbs.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 27648 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\jsproxy.dll
+ 2010-05-04 13:19 . 2010-05-04 13:19 13824 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieudinit.exe
+ 2010-05-04 17:20 . 2010-05-04 17:20 44544 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iernonce.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 78336 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieencode.dll
+ 2010-05-04 13:19 . 2010-05-04 13:19 70656 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ie4uinit.exe
+ 2010-05-04 17:20 . 2010-05-04 17:20 63488 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\icardie.dll
+ 2010-05-04 17:19 . 2010-05-04 17:19 17408 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\corpol.dll
+ 2010-08-13 07:03 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982214\update\spcustom.dll
+ 2010-08-13 07:03 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982214\spmsg.dll
+ 2010-10-14 07:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982132\update\spcustom.dll
+ 2010-10-14 07:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB982132\spmsg.dll
+ 2010-08-13 07:00 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll
+ 2010-08-13 07:00 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981997\spmsg.dll
+ 2010-10-14 07:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB981957\update\spcustom.dll
+ 2010-10-14 07:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB981957\spmsg.dll
+ 2010-08-13 07:03 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB981852\update\spcustom.dll
+ 2010-08-12 18:04 . 2010-06-18 06:28 16896 c:\windows\$hf_mig$\KB981852\update\mpsyschk.dll
+ 2010-08-13 07:03 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB981852\spmsg.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981322\spmsg.dll
+ 2010-08-13 07:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll
+ 2010-08-13 07:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980436\spmsg.dll
+ 2010-06-09 07:05 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980218\update\spcustom.dll
+ 2010-06-09 07:05 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980218\spmsg.dll
+ 2010-06-09 07:05 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB980195\update\spcustom.dll
+ 2010-06-09 07:05 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB980195\spmsg.dll
+ 2010-10-14 07:02 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979687\update\spcustom.dll
+ 2010-10-14 07:02 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB979687\spmsg.dll
+ 2010-06-09 07:05 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979559\update\spcustom.dll
+ 2010-06-09 07:05 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB979559\spmsg.dll
+ 2010-06-09 07:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll
+ 2010-06-09 07:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB979482\spmsg.dll
+ 2010-03-05 14:52 . 2010-03-05 14:52 65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll
+ 2010-05-12 07:00 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-05-12 07:00 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB978542\spmsg.dll
+ 2010-06-09 07:03 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll
+ 2010-06-09 07:03 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975562\spmsg.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2387149\update\spcustom.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2387149\spmsg.dll
+ 2010-10-14 07:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2360937\update\spcustom.dll
+ 2010-10-14 07:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2360937\spmsg.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2360131-IE7\update\spcustom.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2360131-IE7\spmsg.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 44544 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\pngfilt.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 52224 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\msfeedsbs.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 27648 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\jsproxy.dll
+ 2010-09-08 15:47 . 2010-09-08 15:47 13824 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieudinit.exe
+ 2010-09-09 13:36 . 2010-09-09 13:36 44544 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iernonce.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 78336 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieencode.dll
+ 2010-09-08 15:47 . 2010-09-08 15:47 70656 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ie4uinit.exe
+ 2010-09-09 13:36 . 2010-09-09 13:36 63488 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\icardie.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 17408 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\corpol.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2347290\spmsg.dll
+ 2010-08-17 13:19 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
+ 2010-10-14 07:03 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2345886\update\spcustom.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2345886\spmsg.dll
+ 2010-08-27 06:05 . 2010-08-27 06:05 99840 c:\windows\$hf_mig$\KB2345886\SP3QFE\srvsvc.dll
+ 2010-08-03 07:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll
+ 2010-08-03 07:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2286198\spmsg.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2279986\update\spcustom.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2279986\spmsg.dll
+ 2010-09-16 07:02 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2259922\update\spcustom.dll
+ 2010-09-16 07:02 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2259922\spmsg.dll
+ 2010-07-15 07:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-07-15 07:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2229593\spmsg.dll
+ 2010-08-13 07:04 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2183461-IE7\update\spcustom.dll
+ 2010-08-13 07:04 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2183461-IE7\spmsg.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 44544 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\pngfilt.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 52224 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\msfeedsbs.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 27648 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\jsproxy.dll
+ 2010-06-23 11:28 . 2010-06-23 11:28 13824 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\ieudinit.exe
+ 2010-06-24 12:16 . 2010-06-24 12:16 44544 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\iernonce.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 78336 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\ieencode.dll
+ 2010-06-23 11:28 . 2010-06-23 11:28 70656 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\ie4uinit.exe
+ 2010-06-24 12:16 . 2010-06-24 12:16 63488 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\icardie.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 17408 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\corpol.dll
+ 2010-08-13 07:02 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2160329\update\spcustom.dll
+ 2010-08-13 07:02 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2160329\spmsg.dll
+ 2010-09-16 07:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2141007\update\spcustom.dll
+ 2010-09-16 07:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2141007\spmsg.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2121546\update\spcustom.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2121546\spmsg.dll
+ 2010-08-13 07:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2115168\update\spcustom.dll
+ 2010-08-13 07:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2115168\spmsg.dll
+ 2010-08-13 07:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll
+ 2010-08-13 07:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2079403\spmsg.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-04-15 23:23 . 2010-08-26 12:52 5120 c:\windows\system32\xpsp4res.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-15 07:04 . 2009-10-15 07:04 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-09-16 07:02 . 2008-05-03 11:55 2560 c:\windows\$NtUninstallKB982802$\xpsp4res.dll
+ 2010-10-14 07:00 . 2010-07-22 05:57 5120 c:\windows\$NtUninstallKB2360937$\xpsp4res.dll
+ 2010-10-14 07:03 . 2010-08-13 12:53 5120 c:\windows\$NtUninstallKB2345886$\xpsp4res.dll
+ 2010-07-22 05:57 . 2010-07-22 05:57 5120 c:\windows\$hf_mig$\KB982802\SP3QFE\xpsp4res.dll
+ 2010-07-12 12:53 . 2010-07-12 12:53 5120 c:\windows\$hf_mig$\KB979687\SP3QFE\xpsp4res.dll
+ 2010-10-14 03:07 . 2010-08-13 12:53 5120 c:\windows\$hf_mig$\KB2360937\SP3QFE\xpsp4res.dll
+ 2010-08-26 12:52 . 2010-08-26 12:52 5120 c:\windows\$hf_mig$\KB2345886\SP3QFE\xpsp4res.dll
+ 2010-04-17 04:04 . 2010-04-17 04:04 306032 c:\windows\WLXPGSS.SCR

- 2009-10-15 07:04 . 2009-10-15 07:04 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 08:54 . 2008-07-29 08:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
- 2008-07-29 07:54 . 2008-07-29 07:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2007-12-04 06:56 . 2007-12-04 06:56 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\msvcr80.dll
+ 2007-12-04 06:56 . 2007-12-04 06:56 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\msvcp80.dll
+ 2007-12-03 22:58 . 2007-12-03 22:58 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\msvcm80.dll
+ 2010-06-25 19:52 . 2010-02-04 14:01 528216 c:\windows\system32\XAudio2_6.dll
+ 2010-06-25 19:52 . 2010-02-04 14:01 238936 c:\windows\system32\xactengine3_6.dll
+ 2006-02-28 12:00 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 293376 c:\windows\system32\winsrv.dll
+ 2006-10-24 16:29 . 2008-07-11 08:55 347648 c:\windows\system32\windowscodecsext.dll
+ 2006-10-24 16:30 . 2008-07-11 08:55 712704 c:\windows\system32\windowscodecs.dll
- 2006-10-24 16:30 . 2008-04-14 00:12 712704 c:\windows\system32\windowscodecs.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 233472 c:\windows\system32\webcheck.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 233472 c:\windows\system32\webcheck.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 406016 c:\windows\system32\usp10.dll
+ 2006-02-28 12:00 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 105984 c:\windows\system32\url.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 105984 c:\windows\system32\url.dll
+ 2010-07-19 20:33 . 2010-07-19 20:33 594944 c:\windows\system32\tsccvid.dll
- 2006-02-28 12:00 . 2009-10-15 16:28 119808 c:\windows\system32\t2embed.dll
+ 2006-02-28 12:00 . 2010-08-27 08:02 119808 c:\windows\system32\t2embed.dll
+ 2006-02-28 12:00 . 2010-06-30 12:31 149504 c:\windows\system32\schannel.dll
+ 2006-02-28 12:00 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll
+ 2010-03-31 04:10 . 2010-03-31 04:10 295264 c:\windows\system32\PresentationHost.exe
+ 2006-02-28 12:00 . 2010-11-23 15:09 459732 c:\windows\system32\perfh009.dat
- 2006-02-28 12:00 . 2010-03-11 12:38 102912 c:\windows\system32\occache.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 102912 c:\windows\system32\occache.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 671232 c:\windows\system32\mstime.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 671232 c:\windows\system32\mstime.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 193024 c:\windows\system32\msrating.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 193024 c:\windows\system32\msrating.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 478208 c:\windows\system32\mshtmled.dll
+ 2006-11-08 01:03 . 2010-11-06 00:34 468480 c:\windows\system32\msfeeds.dll
+ 2009-11-07 05:07 . 2009-11-07 05:07 297808 c:\windows\system32\mscoree.dll
+ 2006-10-19 01:47 . 2010-03-30 16:24 317440 c:\windows\system32\mp4sdecd.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-02-28 12:00 . 2010-09-18 16:23 974848 c:\windows\system32\mfc42u.dll
+ 2006-02-28 12:00 . 2010-09-18 06:53 974848 c:\windows\system32\mfc42.dll
+ 2006-02-28 12:00 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll
+ 2006-02-28 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll
+ 2010-11-29 04:03 . 2010-11-29 04:03 233936 c:\windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe
+ 2010-09-15 05:07 . 2010-09-15 05:07 232912 c:\windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
+ 2010-09-15 05:07 . 2010-09-15 05:07 311760 c:\windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.dll
+ 2007-06-21 04:54 . 2010-06-09 07:43 692736 c:\windows\system32\inetcomm.dll
+ 2006-10-17 15:57 . 2010-11-06 00:34 268288 c:\windows\system32\iertutil.dll
- 2006-10-17 15:57 . 2010-03-11 12:38 268288 c:\windows\system32\iertutil.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 192512 c:\windows\system32\iepeers.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 192512 c:\windows\system32\iepeers.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 384512 c:\windows\system32\iedkcs32.dll
+ 2006-10-17 15:27 . 2010-11-06 00:34 380928 c:\windows\system32\ieapfltr.dll
- 2006-10-17 15:27 . 2010-03-11 12:38 380928 c:\windows\system32\ieapfltr.dll
+ 2006-02-28 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\ieakui.dll
- 2006-02-28 12:00 . 2010-02-23 05:18 161792 c:\windows\system32\ieakui.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 230400 c:\windows\system32\ieaksie.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 230400 c:\windows\system32\ieaksie.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 153088 c:\windows\system32\ieakeng.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 153088 c:\windows\system32\ieakeng.dll
- 2007-06-22 00:46 . 2009-11-11 08:18 107008 c:\windows\system32\FNTCACHE.DAT
+ 2007-06-22 00:46 . 2010-12-16 15:32 107008 c:\windows\system32\FNTCACHE.DAT
- 2006-02-28 12:00 . 2010-03-11 12:38 133120 c:\windows\system32\extmgr.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 133120 c:\windows\system32\extmgr.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 214528 c:\windows\system32\dxtrans.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 214528 c:\windows\system32\dxtrans.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 347136 c:\windows\system32\dxtmsft.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 347136 c:\windows\system32\dxtmsft.dll
+ 2006-02-28 12:00 . 2010-08-26 13:39 357248 c:\windows\system32\drivers\srv.sys
+ 2009-04-15 23:23 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe
+ 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 832512 c:\windows\system32\dllcache\wininet.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 832512 c:\windows\system32\dllcache\wininet.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 105984 c:\windows\system32\dllcache\url.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 105984 c:\windows\system32\dllcache\url.dll
- 2009-06-16 14:36 . 2009-10-15 16:28 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-06-16 14:36 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2008-10-16 03:24 . 2010-08-26 13:39 357248 c:\windows\system32\dllcache\srv.sys
+ 2008-12-05 06:54 . 2010-06-30 12:31 149504 c:\windows\system32\dllcache\schannel.dll
+ 2009-04-15 14:51 . 2010-08-16 08:45 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 102912 c:\windows\system32\dllcache\occache.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 102912 c:\windows\system32\dllcache\occache.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 671232 c:\windows\system32\dllcache\mstime.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 671232 c:\windows\system32\dllcache\mstime.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 193024 c:\windows\system32\dllcache\msrating.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 478208 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-04-25 08:41 . 2010-11-06 00:34 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-03-30 16:24 . 2010-03-30 16:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2006-02-28 12:00 . 2010-09-18 16:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2010-10-14 03:07 . 2010-09-18 06:53 974848 c:\windows\system32\dllcache\mfc42.dll
+ 2010-10-14 03:07 . 2010-09-18 06:53 953856 c:\windows\system32\dllcache\mfc40u.dll
+ 2006-02-28 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
+ 2008-08-13 14:30 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2007-06-21 04:54 . 2010-10-18 11:07 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-06-21 04:54 . 2010-02-23 05:20 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2007-04-25 08:41 . 2010-11-06 00:34 268288 c:\windows\system32\dllcache\iertutil.dll
- 2007-04-25 08:41 . 2010-03-11 12:38 268288 c:\windows\system32\dllcache\iertutil.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-04-25 08:41 . 2010-11-06 00:34 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2007-04-25 08:41 . 2010-03-11 12:38 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2006-02-28 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\dllcache\ieakui.dll
- 2006-02-28 12:00 . 2010-02-23 05:18 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2010-07-14 07:49 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
- 2006-02-28 12:00 . 2010-03-11 12:38 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 133120 c:\windows\system32\dllcache\extmgr.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2010-10-14 03:07 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2010-04-20 05:30 . 2010-10-28 13:13 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 124928 c:\windows\system32\dllcache\advpack.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 124928 c:\windows\system32\dllcache\advpack.dll
+ 2006-02-28 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll
- 2006-02-28 12:00 . 2008-04-14 00:11 617472 c:\windows\system32\comctl32.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 124928 c:\windows\system32\advpack.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 124928 c:\windows\system32\advpack.dll
+ 2007-06-21 04:54 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2007-06-21 04:54 . 2008-04-14 00:12 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2010-03-31 04:16 . 2010-03-31 04:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-29 23:16 . 2008-07-29 23:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-09-22 13:43 . 2010-09-22 13:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-02-09 16:22 . 2010-02-09 16:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2009-08-08 03:51 . 2009-08-08 03:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2008-05-28 04:49 . 2008-05-28 04:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 06:25 . 2010-09-23 06:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2008-05-28 04:48 . 2008-05-28 04:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2010-09-23 07:17 . 2010-09-23 07:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2008-05-28 05:30 . 2008-05-28 05:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-07-25 06:41 . 2010-07-25 06:41 969728 c:\windows\Installer\df9c904.msi
+ 2010-07-25 06:40 . 2010-07-25 06:40 569344 c:\windows\Installer\df9c8ff.msi
+ 2010-07-25 06:40 . 2010-07-25 06:40 181248 c:\windows\Installer\df9c8fa.msi
+ 2010-07-25 06:40 . 2010-07-25 06:40 727040 c:\windows\Installer\df9c8f5.msi
+ 2010-07-25 06:40 . 2010-07-25 06:40 483328 c:\windows\Installer\df9c8f0.msi
+ 2010-07-25 06:40 . 2010-07-25 06:40 778752 c:\windows\Installer\df9c8e5.msi
+ 2010-07-25 06:40 . 2010-07-25 06:40 463872 c:\windows\Installer\df9c8e0.msi
+ 2010-07-25 06:40 . 2010-07-25 06:40 891904 c:\windows\Installer\df9c8db.msi
+ 2010-07-25 06:39 . 2010-07-25 06:39 735744 c:\windows\Installer\df9c8d6.msi
+ 2010-07-25 06:39 . 2010-07-25 06:39 429056 c:\windows\Installer\df9c8b7.msi
+ 2010-07-25 06:38 . 2010-07-25 06:38 149504 c:\windows\Installer\df9c87c.msi
+ 2010-09-24 01:02 . 2010-09-24 01:02 798208 c:\windows\Installer\ce97e33.msp
+ 2010-02-25 04:14 . 2010-02-25 04:14 543232 c:\windows\Installer\2fcba53b.msp
+ 2010-05-18 11:46 . 2010-05-18 11:46 228352 c:\windows\Installer\1fdc605d.msi
+ 2010-10-03 03:20 . 2010-10-03 03:20 700416 c:\windows\Installer\1c684.msi
+ 2010-12-10 04:03 . 2010-12-10 04:03 847872 c:\windows\Installer\19c03de9.msi
+ 2010-07-25 06:40 . 2010-07-25 06:40 132096 c:\windows\Installer\{EE39FFBD-544E-49E4-A999-6819828EAE91}\WLXPhotoGalleryIcon.exe
+ 2010-10-03 03:20 . 2010-10-03 03:20 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-06-22 23:56 . 2010-06-22 23:56 299008 c:\windows\Installer\{B823632F-3B72-4514-8861-B961CE263224}\psql.exe
+ 2010-09-12 04:13 . 2010-09-12 04:13 135168 c:\windows\Installer\{626C034B-50B8-47BD-AF93-EEFD0FA78FF4}\NewShortcut2_F364B64A27374B7B9FEE8D59D1844566.exe
+ 2010-09-12 04:13 . 2010-09-12 04:13 135168 c:\windows\Installer\{626C034B-50B8-47BD-AF93-EEFD0FA78FF4}\NewShortcut11_46E16BA9BC804A5B9F082073366982CC.exe
+ 2010-09-12 04:13 . 2010-09-12 04:13 135168 c:\windows\Installer\{626C034B-50B8-47BD-AF93-EEFD0FA78FF4}\NewShortcut1_1D921DC42ED34978BE04340F71A7460E.exe
+ 2010-09-12 04:13 . 2010-09-12 04:13 135168 c:\windows\Installer\{626C034B-50B8-47BD-AF93-EEFD0FA78FF4}\ARPPRODUCTICON.exe
+ 2010-12-19 21:19 . 2010-12-19 21:19 680448 c:\windows\Installer\{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}\IconEF5C48881.exe
+ 2010-06-09 07:00 . 2010-03-11 12:38 832512 c:\windows\ie7updates\KB982381-IE7\wininet.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 233472 c:\windows\ie7updates\KB982381-IE7\webcheck.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 105984 c:\windows\ie7updates\KB982381-IE7\url.dll
+ 2010-06-09 07:00 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB982381-IE7\spuninst\updspapi.dll
+ 2010-06-09 07:00 . 2008-07-08 13:02 231288 c:\windows\ie7updates\KB982381-IE7\spuninst\spuninst.exe
+ 2010-06-09 07:00 . 2010-03-11 12:38 102912 c:\windows\ie7updates\KB982381-IE7\occache.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 671232 c:\windows\ie7updates\KB982381-IE7\mstime.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 193024 c:\windows\ie7updates\KB982381-IE7\msrating.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 477696 c:\windows\ie7updates\KB982381-IE7\mshtmled.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 459264 c:\windows\ie7updates\KB982381-IE7\msfeeds.dll
+ 2010-06-09 07:00 . 2010-02-23 05:20 634648 c:\windows\ie7updates\KB982381-IE7\iexplore.exe
+ 2010-06-09 07:00 . 2010-03-11 12:38 268288 c:\windows\ie7updates\KB982381-IE7\iertutil.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 192512 c:\windows\ie7updates\KB982381-IE7\iepeers.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 385024 c:\windows\ie7updates\KB982381-IE7\iedkcs32.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 380928 c:\windows\ie7updates\KB982381-IE7\ieapfltr.dll
+ 2010-06-09 07:00 . 2010-02-23 05:18 161792 c:\windows\ie7updates\KB982381-IE7\ieakui.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 230400 c:\windows\ie7updates\KB982381-IE7\ieaksie.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 153088 c:\windows\ie7updates\KB982381-IE7\ieakeng.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 133120 c:\windows\ie7updates\KB982381-IE7\extmgr.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 214528 c:\windows\ie7updates\KB982381-IE7\dxtrans.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 347136 c:\windows\ie7updates\KB982381-IE7\dxtmsft.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 124928 c:\windows\ie7updates\KB982381-IE7\advpack.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 832512 c:\windows\ie7updates\KB2416400-IE7\wininet.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 233472 c:\windows\ie7updates\KB2416400-IE7\webcheck.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 105984 c:\windows\ie7updates\KB2416400-IE7\url.dll
+ 2010-12-16 08:03 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB2416400-IE7\spuninst\updspapi.dll
+ 2010-12-16 08:03 . 2010-02-22 14:23 231288 c:\windows\ie7updates\KB2416400-IE7\spuninst\spuninst.exe
+ 2010-12-16 08:03 . 2010-09-09 13:38 102912 c:\windows\ie7updates\KB2416400-IE7\occache.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 671232 c:\windows\ie7updates\KB2416400-IE7\mstime.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 193024 c:\windows\ie7updates\KB2416400-IE7\msrating.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 478208 c:\windows\ie7updates\KB2416400-IE7\mshtmled.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 468480 c:\windows\ie7updates\KB2416400-IE7\msfeeds.dll
+ 2010-12-16 08:03 . 2010-08-25 11:30 634648 c:\windows\ie7updates\KB2416400-IE7\iexplore.exe
+ 2010-12-16 08:03 . 2010-09-09 13:38 268288 c:\windows\ie7updates\KB2416400-IE7\iertutil.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 192512 c:\windows\ie7updates\KB2416400-IE7\iepeers.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 384512 c:\windows\ie7updates\KB2416400-IE7\iedkcs32.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 380928 c:\windows\ie7updates\KB2416400-IE7\ieapfltr.dll
+ 2010-12-16 08:03 . 2010-08-25 11:29 161792 c:\windows\ie7updates\KB2416400-IE7\ieakui.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 230400 c:\windows\ie7updates\KB2416400-IE7\ieaksie.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 153088 c:\windows\ie7updates\KB2416400-IE7\ieakeng.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 133120 c:\windows\ie7updates\KB2416400-IE7\extmgr.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 214528 c:\windows\ie7updates\KB2416400-IE7\dxtrans.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 347136 c:\windows\ie7updates\KB2416400-IE7\dxtmsft.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 124928 c:\windows\ie7updates\KB2416400-IE7\advpack.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 832512 c:\windows\ie7updates\KB2360131-IE7\wininet.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 233472 c:\windows\ie7updates\KB2360131-IE7\webcheck.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 105984 c:\windows\ie7updates\KB2360131-IE7\url.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB2360131-IE7\spuninst\updspapi.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 231288 c:\windows\ie7updates\KB2360131-IE7\spuninst\spuninst.exe
+ 2010-10-14 07:03 . 2010-06-24 12:15 102912 c:\windows\ie7updates\KB2360131-IE7\occache.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 671232 c:\windows\ie7updates\KB2360131-IE7\mstime.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 193024 c:\windows\ie7updates\KB2360131-IE7\msrating.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 477696 c:\windows\ie7updates\KB2360131-IE7\mshtmled.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 459264 c:\windows\ie7updates\KB2360131-IE7\msfeeds.dll
+ 2010-10-14 07:03 . 2010-06-17 15:12 634656 c:\windows\ie7updates\KB2360131-IE7\iexplore.exe
+ 2010-10-14 07:03 . 2010-06-24 12:15 268288 c:\windows\ie7updates\KB2360131-IE7\iertutil.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 192512 c:\windows\ie7updates\KB2360131-IE7\iepeers.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 385024 c:\windows\ie7updates\KB2360131-IE7\iedkcs32.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 380928 c:\windows\ie7updates\KB2360131-IE7\ieapfltr.dll
+ 2010-10-14 07:03 . 2010-06-17 15:11 161792 c:\windows\ie7updates\KB2360131-IE7\ieakui.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 230400 c:\windows\ie7updates\KB2360131-IE7\ieaksie.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 153088 c:\windows\ie7updates\KB2360131-IE7\ieakeng.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 133120 c:\windows\ie7updates\KB2360131-IE7\extmgr.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 214528 c:\windows\ie7updates\KB2360131-IE7\dxtrans.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 347136 c:\windows\ie7updates\KB2360131-IE7\dxtmsft.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 124928 c:\windows\ie7updates\KB2360131-IE7\advpack.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 832512 c:\windows\ie7updates\KB2183461-IE7\wininet.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 233472 c:\windows\ie7updates\KB2183461-IE7\webcheck.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 105984 c:\windows\ie7updates\KB2183461-IE7\url.dll
+ 2010-08-13 07:04 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB2183461-IE7\spuninst\updspapi.dll
+ 2010-08-13 07:04 . 2010-02-22 14:23 231288 c:\windows\ie7updates\KB2183461-IE7\spuninst\spuninst.exe
+ 2010-08-13 07:04 . 2010-05-04 17:20 102912 c:\windows\ie7updates\KB2183461-IE7\occache.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 671232 c:\windows\ie7updates\KB2183461-IE7\mstime.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 193024 c:\windows\ie7updates\KB2183461-IE7\msrating.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 477696 c:\windows\ie7updates\KB2183461-IE7\mshtmled.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 459264 c:\windows\ie7updates\KB2183461-IE7\msfeeds.dll
+ 2010-08-13 07:04 . 2010-04-16 11:43 634656 c:\windows\ie7updates\KB2183461-IE7\iexplore.exe
+ 2010-08-13 07:04 . 2010-05-04 17:20 268288 c:\windows\ie7updates\KB2183461-IE7\iertutil.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 192512 c:\windows\ie7updates\KB2183461-IE7\iepeers.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 385024 c:\windows\ie7updates\KB2183461-IE7\iedkcs32.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 380928 c:\windows\ie7updates\KB2183461-IE7\ieapfltr.dll
+ 2010-08-13 07:04 . 2010-04-16 11:43 161792 c:\windows\ie7updates\KB2183461-IE7\ieakui.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 230400 c:\windows\ie7updates\KB2183461-IE7\ieaksie.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 153088 c:\windows\ie7updates\KB2183461-IE7\ieakeng.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 133120 c:\windows\ie7updates\KB2183461-IE7\extmgr.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 214528 c:\windows\ie7updates\KB2183461-IE7\dxtrans.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 347136 c:\windows\ie7updates\KB2183461-IE7\dxtmsft.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 124928 c:\windows\ie7updates\KB2183461-IE7\advpack.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_4a4d1f87\System.Drawing.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_962b5ef3\System.Drawing.Design.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_43993a35\CustomMarshalers.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-10-06 19:47 . 2010-10-06 19:47 626688 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\cf67b75a1da96795723d2034e48ba183\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f7eecdbf8f73f127df632e81bc835484\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dd5335b13b4ce8f10990c752f3c0a6b9\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cf5151086dd038a82602c9167c9acad5\WindowsLive.Writer.Passport.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cc7d0d688ca1fb7bd0e0ba3f17e3add1\WindowsLive.Writer.HtmlParser.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c46d84073499887c745801bda334c97f\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\879fd6f22250247f79ee663b80199b73\WindowsLive.Writer.Localization.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\80ce7f3c877dff36e07711517ed49b19\WindowsLive.Writer.BrowserControl.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\796b11733fd16a0128c89ae37abce0f4\WindowsLive.Writer.Instrumentation.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\70cc2bbf8d87c63f36d05bf7a4a01a69\WindowsLive.Writer.Mshtml.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\69968aa6fb3a6fb47df1b2dd59f1e1a2\WindowsLive.Writer.FileDestinations.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5efde99101ca1afd5ad2b21f793e2854\WindowsLive.Writer.BlogClient.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\36888cd642eab375b37c2d8ae121d2ad\WindowsLive.Writer.Controls.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\323d5898b41430c73305874d4b93bf25\WindowsLive.Writer.Extensibility.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0e5d49b051e355c696ed7a2b5b24a623\WindowsLive.Writer.Interop.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0d82d08289c6b8f928d8804f69f959ec\WindowsLive.Writer.SpellChecker.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\b34623aa698e02b699e5b4706b1cd248\WindowsLive.Client.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-10-06 16:20 . 2010-10-06 16:20 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a140e8da81b3af34c864ad851fe150fd\System.Runtime.Remoting.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\97bd2a5d946aa3a824e4cfe5b6ef95aa\System.Messaging.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\a055d54c458b7557d957c714551873c3\sysglobl.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-08-13 07:07 . 2010-08-13 07:07 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2010-08-13 07:05 . 2010-08-13 07:05 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-08-13 07:08 . 2010-08-13 07:08 159744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\fe0435ac70c5d7f23a98b3a15ff97e22\Microsoft.VisualStudio.WizardFramework.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 373248 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b78b1e69a965f05fc8e75713402076a3\Microsoft.VisualStudio.Shell.Interop.8.0.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 306176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\b2e003b4acafeea7f9d476181c9f29e2\Microsoft.VisualStudio.OLE.Interop.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\8a066879bc8b2957345e32999d6b86d1\Microsoft.VisualStudio.Configuration.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 513024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\3988d1aad25669ad07b1190139a9c23b\Microsoft.VisualStudio.Shell.Design.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 876032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\2a5c3c957764d8fa9fbc57bae8b41827\Microsoft.VisualStudio.Shell.9.0.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 822272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\230f269f9bca21a0fb2e17acf0a294a0\Microsoft.VisualStudio.Shell.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 244736 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\edb591895a614f435dbf354b80ab1d71\Microsoft.SqlServer.ConnectionInfo.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 128000 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\d2019214126a9523881dcdae76c829df\Microsoft.SqlServer.RegSvrEnum.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\b81172e4105732a5888c34f43ac71973\Microsoft.SqlServer.SmoExtended.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 137216 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\a886cbb7235014796042c1dd5f4def6b\Microsoft.SqlServer.ConnectionInfoExtended.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 251904 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\93346229aefa38a12c04ef1ac9412c9e\Microsoft.SqlServer.SqlWmiManagement.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 632320 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\3bdb1af077cd229f4dd31c6be4dbae84\Microsoft.SqlServer.BatchParser.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 276480 c:\windows\assembly\NativeImages_v2.0.50727_32\EnvDTE80\28565c8b63e1d26e9fbf127bc9b73203\EnvDTE80.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 573440 c:\windows\assembly\NativeImages_v2.0.50727_32\EnvDTE\bba291bdf7f1308d4b836e6182901ea3\EnvDTE.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-10-06 19:46 . 2010-10-06 19:46 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-09 07:03 . 2010-06-09 07:03 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-06-09 07:03 . 2010-06-09 07:03 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2010-10-06 06:55 . 2010-10-06 06:55 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-07-25 06:40 . 2010-07-25 06:40 236392 c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\9.0.242.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-06-09 07:03 . 2010-06-09 07:03 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-08-14 21:05 . 2009-08-14 21:05 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-01-07 21:24 . 2011-01-07 21:24 132359 c:\windows\49471DB87F3C42DB89C2AC50FA0C5290.TMP\WiseCustomCalla3.exe
+ 2011-01-07 21:24 . 2011-01-07 21:24 394072 c:\windows\49471DB87F3C42DB89C2AC50FA0C5290.TMP\WiseCustomCalla.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB982802$\spuninst\updspapi.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB982802$\spuninst\spuninst.exe
+ 2010-09-16 07:02 . 2009-04-15 14:51 585216 c:\windows\$NtUninstallKB982802$\rpcrt4.dll
+ 2010-08-13 07:00 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB982665$\spuninst\updspapi.dll
+ 2010-08-13 07:00 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB982665$\spuninst\spuninst.exe
+ 2010-08-13 07:03 . 2009-12-31 16:50 353792 c:\windows\$NtUninstallKB982214$\srv.sys
+ 2010-08-13 07:03 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB982214$\spuninst\updspapi.dll
+ 2010-08-13 07:03 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB982214$\spuninst\spuninst.exe
+ 2010-10-14 07:03 . 2009-10-15 16:28 119808 c:\windows\$NtUninstallKB982132$\t2embed.dll
+ 2010-10-14 07:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB982132$\spuninst\updspapi.dll
+ 2010-10-14 07:03 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB982132$\spuninst\spuninst.exe
+ 2010-08-13 07:00 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB981997$\spuninst\updspapi.dll
+ 2010-08-13 07:00 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB981997$\spuninst\spuninst.exe
+ 2010-10-14 07:00 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB981957$\spuninst\updspapi.dll
+ 2010-10-14 07:00 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB981957$\spuninst\spuninst.exe
+ 2010-08-13 07:03 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB981852$\spuninst\updspapi.dll
+ 2010-08-13 07:03 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB981852$\spuninst\spuninst.exe
+ 2010-05-26 07:00 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB981793$\spuninst\updspapi.dll
+ 2010-05-26 07:00 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB981793$\spuninst\spuninst.exe
+ 2010-09-16 07:02 . 2008-04-14 00:12 406016 c:\windows\$NtUninstallKB981322$\usp10.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB981322$\spuninst\updspapi.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB981322$\spuninst\spuninst.exe
+ 2010-08-13 07:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB980436$\spuninst\updspapi.dll
+ 2010-08-13 07:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB980436$\spuninst\spuninst.exe
+ 2010-08-13 07:02 . 2009-06-25 08:25 147456 c:\windows\$NtUninstallKB980436$\schannel.dll
+ 2010-06-09 07:05 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB980218$\spuninst\updspapi.dll
+ 2010-06-09 07:05 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB980218$\spuninst\spuninst.exe
+ 2010-06-09 07:05 . 2008-04-14 00:09 285696 c:\windows\$NtUninstallKB980218$\atmfd.dll
+ 2010-06-09 07:05 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB980195$\spuninst\updspapi.dll
+ 2010-06-09 07:05 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB980195$\spuninst\spuninst.exe
+ 2010-10-14 07:02 . 2008-04-21 12:08 215552 c:\windows\$NtUninstallKB979687$\wordpad.exe
+ 2010-10-14 07:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979687$\spuninst\updspapi.dll
+ 2010-10-14 07:02 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB979687$\spuninst\spuninst.exe
+ 2010-06-09 07:05 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979559$\spuninst\updspapi.dll
+ 2010-06-09 07:05 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB979559$\spuninst\spuninst.exe
+ 2010-06-09 07:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979482$\spuninst\updspapi.dll
+ 2010-06-09 07:03 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB979482$\spuninst\spuninst.exe
+ 2010-06-09 07:03 . 2007-07-28 03:11 382840 c:\windows\$NtUninstallKB978695_WM9$\spuninst\updspapi.dll
+ 2010-06-09 07:03 . 2007-07-28 03:11 231288 c:\windows\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe
+ 2010-05-12 07:00 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB978542$\spuninst\updspapi.dll
+ 2010-05-12 07:00 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB978542$\spuninst\spuninst.exe
+ 2010-05-12 07:00 . 2008-04-11 19:04 691712 c:\windows\$NtUninstallKB978542$\inetcomm.dll
+ 2010-06-09 07:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975562$\spuninst\updspapi.dll
+ 2010-06-09 07:03 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB975562$\spuninst\spuninst.exe
+ 2010-09-16 07:02 . 2007-07-28 03:11 382840 c:\windows\$NtUninstallKB975558_WM8$\spuninst\updspapi.dll
+ 2010-09-16 07:02 . 2007-07-28 03:11 231288 c:\windows\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe
+ 2010-09-16 07:02 . 2006-10-19 01:47 317440 c:\windows\$NtUninstallKB975558_WM8$\mp4sdecd.dll
+ 2010-07-25 06:39 . 2008-04-14 00:12 346112 c:\windows\$NtUninstallKB954708$\windowscodecsext.dll
+ 2010-07-25 06:39 . 2008-04-14 00:12 712704 c:\windows\$NtUninstallKB954708$\windowscodecs.dll
+ 2010-07-25 06:39 . 2007-11-30 12:39 382840 c:\windows\$NtUninstallKB954708$\spuninst\updspapi.dll
+ 2010-07-25 06:39 . 2007-11-30 12:39 231288 c:\windows\$NtUninstallKB954708$\spuninst\spuninst.exe
+ 2010-10-14 07:03 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2387149$\spuninst\updspapi.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2387149$\spuninst\spuninst.exe
+ 2010-10-14 07:03 . 2006-10-14 08:13 981760 c:\windows\$NtUninstallKB2387149$\mfc42u.dll
+ 2010-10-14 07:03 . 2008-04-14 00:11 927504 c:\windows\$NtUninstallKB2387149$\mfc40u.dll
+ 2010-10-14 07:03 . 2006-02-28 12:00 924432 c:\windows\$NtUninstallKB2387149$\mfc40.dll
+ 2010-10-14 07:03 . 2007-07-28 03:11 382840 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\updspapi.dll
+ 2010-10-14 07:03 . 2007-07-28 03:11 231288 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe
+ 2010-10-14 07:00 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2360937$\spuninst\updspapi.dll
+ 2010-10-14 07:00 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2360937$\spuninst\spuninst.exe
+ 2010-10-14 07:00 . 2010-07-22 15:49 590848 c:\windows\$NtUninstallKB2360937$\rpcrt4.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2347290$\spuninst\updspapi.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2347290$\spuninst\spuninst.exe
+ 2010-10-14 07:03 . 2010-06-21 15:27 354304 c:\windows\$NtUninstallKB2345886$\srv.sys
+ 2010-10-14 07:03 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2345886$\spuninst\updspapi.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2345886$\spuninst\spuninst.exe
+ 2010-10-14 07:03 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB2296011$\spuninst\updspapi.dll
+ 2010-10-14 07:03 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB2296011$\spuninst\spuninst.exe
+ 2010-10-14 07:03 . 2008-04-14 00:11 617472 c:\windows\$NtUninstallKB2296011$\comctl32.dll
+ 2010-08-03 07:00 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2286198$\spuninst\updspapi.dll
+ 2010-08-03 07:00 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2286198$\spuninst\spuninst.exe
+ 2010-10-14 07:03 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2279986$\spuninst\updspapi.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2279986$\spuninst\spuninst.exe
+ 2010-10-14 07:03 . 2010-04-20 05:30 285696 c:\windows\$NtUninstallKB2279986$\atmfd.dll
+ 2010-09-16 07:02 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB2259922$\spuninst\updspapi.dll
+ 2010-09-16 07:02 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB2259922$\spuninst\spuninst.exe
+ 2010-07-15 07:02 . 2010-02-22 23:53 382840 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll
+ 2010-07-15 07:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe
+ 2010-07-15 07:02 . 2008-04-14 00:12 744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe
+ 2010-08-13 07:02 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2160329$\spuninst\updspapi.dll
+ 2010-08-13 07:02 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2160329$\spuninst\spuninst.exe
+ 2010-09-29 07:00 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2158563$\spuninst\updspapi.dll
+ 2010-09-29 07:00 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2158563$\spuninst\spuninst.exe
+ 2010-09-16 07:00 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2141007$\spuninst\updspapi.dll
+ 2010-09-16 07:00 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2141007$\spuninst\spuninst.exe
+ 2010-09-16 07:00 . 2010-01-29 15:01 691712 c:\windows\$NtUninstallKB2141007$\inetcomm.dll
+ 2010-09-16 07:02 . 2008-04-14 00:12 293376 c:\windows\$NtUninstallKB2121546$\winsrv.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2121546$\spuninst\updspapi.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2121546$\spuninst\spuninst.exe
+ 2010-08-13 07:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2115168$\spuninst\updspapi.dll
+ 2010-08-13 07:03 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2115168$\spuninst\spuninst.exe
+ 2010-08-13 07:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2079403$\spuninst\updspapi.dll
+ 2010-08-13 07:03 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2079403$\spuninst\spuninst.exe
+ 2010-09-16 07:02 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982802\update\updspapi.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982802\update\update.exe
+ 2010-09-16 07:02 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982802\spuninst.exe
+ 2010-07-23 06:13 . 2010-07-23 06:13 590848 c:\windows\$hf_mig$\KB982802\SP3QFE\rpcrt4.dll
+ 2010-08-13 07:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982665\update\updspapi.dll
+ 2010-08-13 07:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982665\update\update.exe
+ 2010-08-13 07:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982665\spuninst.exe
+ 2010-06-09 07:00 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB982381-IE7\update\updspapi.dll
+ 2010-06-09 07:00 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB982381-IE7\update\update.exe
+ 2010-06-09 07:00 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB982381-IE7\spuninst.exe
+ 2010-05-04 17:20 . 2010-05-04 17:20 841216 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\wininet.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 233472 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\webcheck.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 105984 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\url.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 102912 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\occache.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 671232 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mstime.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 193024 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msrating.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 477696 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mshtmled.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 459264 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msfeeds.dll
+ 2010-04-16 11:08 . 2010-04-16 11:08 634648 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
+ 2010-05-04 17:20 . 2010-05-04 17:20 268288 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iertutil.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 193024 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iepeers.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 388608 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iedkcs32.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 380928 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieapfltr.dll
+ 2010-04-16 11:06 . 2010-04-16 11:06 161792 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieakui.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 230400 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieaksie.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 153088 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieakeng.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 132608 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\extmgr.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 214528 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\dxtrans.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 347136 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\dxtmsft.dll
+ 2010-05-04 17:19 . 2010-05-04 17:19 124928 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\advpack.dll
+ 2010-08-13 07:03 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982214\update\updspapi.dll
+ 2010-08-13 07:03 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982214\update\update.exe
+ 2010-08-13 07:03 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982214\spuninst.exe
+ 2010-08-12 18:04 . 2010-06-21 14:18 354304 c:\windows\$hf_mig$\KB982214\SP3QFE\srv.sys
+ 2010-10-14 07:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB982132\update\updspapi.dll
+ 2010-10-14 07:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB982132\update\update.exe
+ 2010-10-14 07:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB982132\spuninst.exe
+ 2010-08-27 08:01 . 2010-08-27 08:01 119808 c:\windows\$hf_mig$\KB982132\SP3QFE\t2embed.dll
+ 2010-08-13 07:00 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981997\update\updspapi.dll
+ 2010-08-13 07:00 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981997\update\update.exe
+ 2010-08-13 07:00 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981997\spuninst.exe
+ 2010-10-14 07:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB981957\update\updspapi.dll
+ 2010-10-14 07:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB981957\update\update.exe
+ 2010-10-14 07:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB981957\spuninst.exe
+ 2010-08-13 07:03 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB981852\update\updspapi.dll
+ 2010-08-13 07:03 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB981852\update\update.exe
+ 2010-08-13 07:03 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB981852\spuninst.exe
+ 2010-09-16 07:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981322\update\updspapi.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981322\update\update.exe
+ 2010-09-16 07:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981322\spuninst.exe
+ 2010-04-16 15:29 . 2010-04-16 15:29 406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
+ 2010-08-13 07:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980436\update\updspapi.dll
+ 2010-08-13 07:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980436\update\update.exe
+ 2010-08-13 07:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB980436\spuninst.exe
+ 2010-06-30 12:23 . 2010-06-30 12:23 149504 c:\windows\$hf_mig$\KB980436\SP3QFE\schannel.dll
+ 2010-06-09 07:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980218\update\updspapi.dll
+ 2010-06-09 07:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980218\update\update.exe
+ 2010-06-09 07:05 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB980218\spuninst.exe
+ 2010-04-20 05:37 . 2010-04-20 05:37 285824 c:\windows\$hf_mig$\KB980218\SP3QFE\atmfd.dll
+ 2010-06-09 07:05 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB980195\update\updspapi.dll
+ 2010-06-09 07:05 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB980195\update\update.exe
+ 2010-06-09 07:05 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB980195\spuninst.exe
+ 2010-10-14 07:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979687\update\updspapi.dll
+ 2010-10-14 07:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979687\update\update.exe
+ 2010-10-14 07:02 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB979687\spuninst.exe
+ 2010-07-12 13:02 . 2010-07-12 13:02 218112 c:\windows\$hf_mig$\KB979687\SP3QFE\wordpad.exe
+ 2010-06-09 07:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979559\update\updspapi.dll
+ 2010-06-09 07:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979559\update\update.exe
+ 2010-06-09 07:05 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB979559\spuninst.exe
+ 2010-06-09 07:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979482\update\updspapi.dll
+ 2010-06-09 07:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979482\update\update.exe
+ 2010-06-09 07:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB979482\spuninst.exe
+ 2010-05-12 07:00 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-05-12 07:00 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-05-12 07:00 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-01-29 14:53 . 2010-01-29 14:53 691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
+ 2010-06-09 07:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
+ 2010-06-09 07:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-06-09 07:03 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975562\spuninst.exe
+ 2010-10-14 07:03 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2387149\update\updspapi.dll
+ 2010-10-14 07:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2387149\update\update.exe
+ 2010-10-14 07:03 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2387149\spuninst.exe
+ 2010-10-14 03:07 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42u.dll
+ 2010-10-14 03:07 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42.dll
+ 2010-10-14 03:07 . 2010-09-18 07:18 953856 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
+ 2010-10-14 03:07 . 2010-09-18 07:18 954368 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40.dll
+ 2010-10-14 07:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2360937\update\updspapi.dll
+ 2010-10-14 07:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2360937\update\update.exe
+ 2010-10-14 07:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2360937\spuninst.exe
+ 2010-10-14 03:07 . 2010-08-16 08:43 590848 c:\windows\$hf_mig$\KB2360937\SP3QFE\rpcrt4.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2360131-IE7\update\updspapi.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2360131-IE7\update\update.exe
+ 2010-10-14 07:03 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2360131-IE7\spuninst.exe
+ 2010-09-09 13:36 . 2010-09-09 13:36 841216 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\wininet.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 233472 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\webcheck.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 105984 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\url.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 102912 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\occache.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 671232 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\mstime.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 193024 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\msrating.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 478208 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\mshtmled.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 468480 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\msfeeds.dll
+ 2010-08-25 11:07 . 2010-08-25 11:07 634648 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
+ 2010-09-09 13:36 . 2010-09-09 13:36 268288 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iertutil.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 193024 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iepeers.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 388608 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iedkcs32.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 380928 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieapfltr.dll
+ 2010-08-25 11:06 . 2010-08-25 11:06 161792 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieakui.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 230400 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieaksie.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 153088 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieakeng.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 132608 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\extmgr.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 214528 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\dxtrans.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 347136 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\dxtmsft.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 124928 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\advpack.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll
+ 2010-09-16 07:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2347290\update\update.exe
+ 2010-09-16 07:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2347290\spuninst.exe
+ 2010-10-14 07:03 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2345886\update\updspapi.dll
+ 2010-10-14 07:03 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2345886\update\update.exe
+ 2010-10-14 07:03 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2345886\spuninst.exe
+ 2010-08-26 13:37 . 2010-08-26 13:37 357248 c:\windows\$hf_mig$\KB2345886\SP3QFE\srv.sys
+ 2010-08-03 07:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2286198\update\updspapi.dll
+ 2010-08-03 07:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2286198\update\update.exe
+ 2010-08-03 07:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2286198\spuninst.exe
+ 2010-10-14 07:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2279986\update\updspapi.dll
+ 2010-10-14 07:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2279986\update\update.exe
+ 2010-10-14 07:03 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2279986\spuninst.exe
+ 2010-09-01 11:48 . 2010-09-01 11:48 285824 c:\windows\$hf_mig$\KB2279986\SP3QFE\atmfd.dll
+ 2010-09-16 07:02 . 2009-05-26 09:01 382840 c:\windows\$hf_mig$\KB2259922\update\updspapi.dll
+ 2010-09-16 07:02 . 2009-05-26 09:01 755576 c:\windows\$hf_mig$\KB2259922\update\update.exe
+ 2010-09-16 07:02 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB2259922\spuninst.exe
+ 2010-07-15 07:02 . 2010-02-22 23:53 382840 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
+ 2010-07-15 07:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2229593\update\update.exe
+ 2010-07-15 07:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2229593\spuninst.exe
+ 2010-07-14 07:49 . 2010-06-14 14:38 744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe
+ 2010-08-13 07:04 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2183461-IE7\update\updspapi.dll
+ 2010-08-13 07:04 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2183461-IE7\update\update.exe
+ 2010-08-13 07:04 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2183461-IE7\spuninst.exe
+ 2010-06-24 12:16 . 2010-06-24 12:16 841216 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\wininet.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 233472 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\webcheck.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 105984 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\url.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 102912 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\occache.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 671232 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\mstime.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 193024 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\msrating.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 477696 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\mshtmled.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 459264 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\msfeeds.dll
+ 2010-06-17 14:45 . 2010-06-17 14:45 634648 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\iexplore.exe
+ 2010-06-24 12:16 . 2010-06-24 12:16 268288 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\iertutil.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 193024 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\iepeers.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 388608 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\iedkcs32.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 380928 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\ieapfltr.dll
+ 2010-06-17 14:43 . 2010-06-17 14:43 161792 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\ieakui.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 230400 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\ieaksie.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 153088 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\ieakeng.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 132608 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\extmgr.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 214528 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\dxtrans.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 347136 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\dxtmsft.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 124928 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\advpack.dll
+ 2010-08-13 07:02 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2160329\update\updspapi.dll
+ 2010-08-13 07:02 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2160329\update\update.exe
+ 2010-08-13 07:02 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2160329\spuninst.exe
+ 2010-09-16 07:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2141007\update\updspapi.dll
+ 2010-09-16 07:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2141007\update\update.exe
+ 2010-09-16 07:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2141007\spuninst.exe
+ 2010-06-09 07:41 . 2010-06-09 07:41 692736 c:\windows\$hf_mig$\KB2141007\SP3QFE\inetcomm.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2121546\update\updspapi.dll
+ 2010-09-16 07:02 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2121546\update\update.exe
+ 2010-09-16 07:02 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2121546\spuninst.exe
+ 2010-06-18 17:43 . 2010-06-18 17:43 293376 c:\windows\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
+ 2010-08-13 07:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2115168\update\updspapi.dll
+ 2010-08-13 07:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2115168\update\update.exe
+ 2010-08-13 07:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2115168\spuninst.exe
+ 2010-08-13 07:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2079403\update\updspapi.dll
+ 2010-08-13 07:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2079403\update\update.exe
+ 2010-08-13 07:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2079403\spuninst.exe
+ 2010-10-14 03:07 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
- 2008-07-29 12:05 . 2008-07-29 12:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2008-07-29 13:05 . 2008-07-29 13:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2006-02-28 12:00 . 2010-04-06 08:52 2462720 c:\windows\system32\WMVCore.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 1168384 c:\windows\system32\urlmon.dll
- 2006-02-28 12:00 . 2010-03-11 12:38 1168384 c:\windows\system32\urlmon.dll
+ 2006-02-28 12:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
- 2006-02-28 12:00 . 2009-11-27 17:11 1291776 c:\windows\system32\quartz.dll
+ 2006-02-28 12:00 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll
+ 2006-02-28 12:00 . 2010-07-16 12:05 1288192 c:\windows\system32\ole32.dll
+ 2006-02-28 12:00 . 2010-04-27 13:59 2146304 c:\windows\system32\ntoskrnl.exe
- 2006-02-28 12:00 . 2010-02-16 14:08 2146304 c:\windows\system32\ntoskrnl.exe
- 2004-08-03 22:59 . 2010-02-16 13:25 2024448 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-03 22:59 . 2010-04-27 13:05 2024448 c:\windows\system32\ntkrnlpa.exe
+ 2006-02-28 12:00 . 2010-06-14 07:41 1172480 c:\windows\system32\msxml3.dll
- 2006-02-28 12:00 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 3604480 c:\windows\system32\mshtml.dll
+ 2010-01-27 01:07 . 2010-11-29 04:03 5971408 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2006-11-08 01:03 . 2010-11-06 00:34 6075904 c:\windows\system32\ieframe.dll
+ 2001-09-06 02:00 . 2001-09-06 02:00 1700352 c:\windows\system32\gdiplus.dll
+ 2006-02-28 12:00 . 2010-04-06 08:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-16 03:23 . 2010-10-26 13:25 1853312 c:\windows\system32\dllcache\win32k.sys
- 2006-02-28 12:00 . 2010-03-11 12:38 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
- 2008-05-07 05:12 . 2009-11-27 17:11 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:12 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2010-07-16 12:05 . 2010-07-16 12:05 1288192 c:\windows\system32\dllcache\ole32.dll
+ 2008-10-16 03:23 . 2010-04-28 02:25 2189952 c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-10-16 03:23 . 2010-02-17 13:10 2189952 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-16 03:23 . 2010-04-27 13:05 2024448 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-10-16 03:23 . 2010-02-16 13:25 2024448 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-16 03:23 . 2010-04-27 13:05 2066816 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-10-16 03:23 . 2010-02-16 13:25 2066816 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-10-16 03:23 . 2010-02-16 14:08 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-10-16 03:23 . 2010-04-27 13:59 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2008-11-13 00:46 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2008-11-13 00:46 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-08-12 08:35 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-12 08:35 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2006-02-28 12:00 . 2010-11-06 00:34 3604480 c:\windows\system32\dllcache\mshtml.dll
- 2010-03-10 01:08 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2010-03-10 01:08 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2007-04-25 08:41 . 2010-11-06 00:34 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2009-11-07 05:06 . 2009-11-07 05:06 1130824 c:\windows\system32\dfshim.dll
+ 2010-04-08 03:48 . 2010-04-08 03:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-11-25 08:59 . 2008-11-25 08:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-09-22 13:44 . 2010-09-22 13:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 09:32 . 2010-03-23 09:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2009-08-08 03:51 . 2009-08-08 03:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 10:40 . 2010-05-11 10:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-05-28 05:35 . 2008-05-28 05:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2008-05-28 05:35 . 2008-05-28 05:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2008-05-28 04:48 . 2008-05-28 04:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2008-05-28 04:48 . 2008-05-28 04:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-09-23 06:25 . 2010-09-23 06:25 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2008-05-28 04:43 . 2008-05-28 04:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2009-11-09 04:25 . 2009-11-09 04:25 1935360 c:\windows\Installer\fc503cc.msp
+ 2010-06-22 23:56 . 2010-06-22 23:56 1412608 c:\windows\Installer\e408fcf.msi
+ 2010-09-23 11:39 . 2010-09-23 11:39 4265472 c:\windows\Installer\ce97e2c.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 2607104 c:\windows\Installer\2fcba547.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 4210688 c:\windows\Installer\2fcba546.msp
+ 2010-06-25 19:52 . 2010-06-25 19:52 1489920 c:\windows\Installer\1cd459f4.msi
+ 2010-10-03 03:20 . 2010-10-03 03:20 1575936 c:\windows\Installer\1c67d.msi
+ 2010-12-10 04:03 . 2010-12-10 04:03 2317312 c:\windows\Installer\19c03de1.msi
+ 2010-09-12 04:13 . 2010-09-12 04:13 1189376 c:\windows\Installer\10d4a3e.msi
+ 2008-12-05 23:30 . 2008-12-05 23:30 5283840 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\PresentationFramework_x86.dll
+ 2009-08-15 07:02 . 2009-08-15 07:02 5283840 c:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\PresentationFramework_GAC_x86.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 1168384 c:\windows\ie7updates\KB982381-IE7\urlmon.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 3599872 c:\windows\ie7updates\KB982381-IE7\mshtml.dll
+ 2010-06-09 07:00 . 2010-03-11 12:38 6067200 c:\windows\ie7updates\KB982381-IE7\ieframe.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 1168384 c:\windows\ie7updates\KB2416400-IE7\urlmon.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 3601920 c:\windows\ie7updates\KB2416400-IE7\mshtml.dll
+ 2010-12-16 08:03 . 2010-09-09 13:38 6075904 c:\windows\ie7updates\KB2416400-IE7\ieframe.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 1168384 c:\windows\ie7updates\KB2360131-IE7\urlmon.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 3600896 c:\windows\ie7updates\KB2360131-IE7\mshtml.dll
+ 2010-10-14 07:03 . 2010-06-24 12:15 6067200 c:\windows\ie7updates\KB2360131-IE7\ieframe.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 1168384 c:\windows\ie7updates\KB2183461-IE7\urlmon.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 3600384 c:\windows\ie7updates\KB2183461-IE7\mshtml.dll
+ 2010-08-13 07:04 . 2010-05-04 17:20 6067200 c:\windows\ie7updates\KB2183461-IE7\ieframe.dll
+ 2008-10-16 03:23 . 2010-04-28 02:25 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2008-10-16 03:23 . 2010-02-17 13:10 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-16 03:23 . 2010-04-27 13:05 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-10-16 03:23 . 2010-02-16 13:25 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-16 03:23 . 2010-04-27 13:05 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-10-16 03:23 . 2010-02-16 13:25 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-10-16 03:23 . 2010-02-16 14:08 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-10-16 03:23 . 2010-04-27 13:59 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-10-06 06:54 . 2010-10-06 06:54 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_5792a7df\System.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_15804a97\System.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_e9526810\System.Xml.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_abb7ce8f\System.Xml.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_ca885aa5\System.Windows.Forms.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_c3ab35ab\System.Windows.Forms.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_5107b52b\System.Drawing.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_db958482\System.Design.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_528f5e15\System.Design.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b9c23631\mscorlib.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2cc6eb12\mscorlib.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 2018816 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ec6601e9b75d691ee7339616559b5232\WindowsLive.Writer.CoreServices.ni.dll
+ 2010-10-06 19:46 . 2010-10-06 19:46 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7226cd21c68247fa3b23612fa1b848f9\WindowsLive.Writer.PostEditor.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4f183789843f054fba4ea676b9637b04\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll
+ 2010-10-06 16:20 . 2010-10-06 16:20 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4200f716e9a41cb91d17516ba864e586\System.Web.Mobile.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-10-06 19:46 . 2010-10-06 19:46 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\58202ed61096113d08815c0a78313b66\System.Data.OracleClient.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 1873920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\89e3c81f30c5b28fe06d1e60a5223240\Microsoft.VisualStudio.CommonIDE.ni.dll
+ 2010-10-06 19:47 . 2010-10-06 19:47 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll
+ 2010-08-13 07:07 . 2010-08-13 07:07 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 6115328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\938a917fdd99679593903a571d706690\Microsoft.SqlServer.Smo.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 1488384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\91d96700af39b4bdcaf923cb3df67929\Microsoft.SqlServer.SqlEnum.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 1125888 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\91bd0e4e2712b37494cd06965feaeac4\Microsoft.SqlServer.Management.Sdk.Sfc.ni.dll
+ 2010-08-13 07:09 . 2010-08-13 07:09 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-08-13 07:08 . 2010-08-13 07:08 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2010-06-23 07:01 . 2010-06-23 07:01 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2009-08-15 07:02 . 2009-08-15 07:02 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-06-09 07:03 . 2010-06-09 07:03 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-06-23 07:01 . 2010-06-23 07:01 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-10-15 07:04 . 2009-10-15 07:04 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-06-23 07:01 . 2010-06-23 07:01 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2009-08-14 21:05 . 2009-08-14 21:05 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-10-06 06:55 . 2010-10-06 06:55 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-10-15 07:01 . 2009-10-15 07:01 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-10-15 07:01 . 2009-10-15 07:01 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-10-06 06:54 . 2010-10-06 06:54 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-03-17 01:17 . 2010-03-17 01:17 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-25 19:51 . 2010-06-25 19:51 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-08-13 07:00 . 2009-10-23 15:28 3558912 c:\windows\$NtUninstallKB981997$\moviemk.exe

+ 2010-10-14 07:00 . 2010-06-23 13:44 1851904 c:\windows\$NtUninstallKB981957$\win32k.sys
+ 2010-08-13 07:03 . 2010-02-16 14:08 2146304 c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
+ 2010-08-13 07:03 . 2010-02-16 13:25 2024448 c:\windows\$NtUninstallKB981852$\ntkrpamp.exe
+ 2010-08-13 07:03 . 2010-02-16 13:25 2024448 c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
+ 2010-08-13 07:03 . 2010-02-16 14:08 2146304 c:\windows\$NtUninstallKB981852$\ntkrnlmp.exe
+ 2010-10-14 07:02 . 2008-04-14 00:12 1287168 c:\windows\$NtUninstallKB979687$\ole32.dll
+ 2010-06-09 07:05 . 2009-08-14 13:21 1850624 c:\windows\$NtUninstallKB979559$\win32k.sys
+ 2010-06-09 07:03 . 2009-05-20 08:56 2458112 c:\windows\$NtUninstallKB978695_WM9$\wmvcore.dll
+ 2010-05-12 07:00 . 2009-07-10 13:27 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-06-09 07:03 . 2009-11-27 17:11 1291776 c:\windows\$NtUninstallKB975562$\quartz.dll
+ 2010-10-14 07:03 . 2008-04-14 00:11 1028096 c:\windows\$NtUninstallKB2387149$\mfc42.dll
+ 2010-08-03 07:00 . 2008-06-17 19:02 8461312 c:\windows\$NtUninstallKB2286198$\shell32.dll
+ 2010-08-13 07:02 . 2010-05-02 05:22 1851264 c:\windows\$NtUninstallKB2160329$\win32k.sys
+ 2010-08-13 07:03 . 2009-07-31 04:35 1172480 c:\windows\$NtUninstallKB2079403$\msxml3.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 1171968 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\urlmon.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 3603456 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mshtml.dll
+ 2010-05-04 17:20 . 2010-05-04 17:20 6071296 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieframe.dll
+ 2010-06-08 20:46 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieapfltr.dat
+ 2010-08-12 18:03 . 2010-06-18 13:43 3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe
+ 2010-08-31 13:38 . 2010-08-31 13:38 1861888 c:\windows\$hf_mig$\KB981957\SP3QFE\win32k.sys
+ 2010-08-12 18:04 . 2010-04-27 13:50 2190080 c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
+ 2010-08-12 18:04 . 2010-04-27 13:14 2024448 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrpamp.exe
+ 2010-04-28 11:14 . 2010-04-28 11:14 2066944 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
+ 2010-08-12 18:04 . 2010-04-27 13:54 2146304 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlmp.exe
+ 2010-07-16 12:04 . 2010-07-16 12:04 1289216 c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
+ 2010-05-02 06:34 . 2010-05-02 06:34 1860352 c:\windows\$hf_mig$\KB979559\SP3QFE\win32k.sys
+ 2010-01-29 14:53 . 2010-01-29 14:53 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2010-02-05 18:29 . 2010-02-05 18:29 1291776 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 1171968 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\urlmon.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 3605504 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\mshtml.dll
+ 2010-09-09 13:36 . 2010-09-09 13:36 6080000 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieframe.dll
+ 2010-10-14 03:07 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\ieapfltr.dat
+ 2010-07-27 06:28 . 2010-07-27 06:28 8463360 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 1171968 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\urlmon.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 3603968 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\mshtml.dll
+ 2010-06-24 12:16 . 2010-06-24 12:16 6071296 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\ieframe.dll
+ 2010-08-12 18:04 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\ieapfltr.dat
+ 2010-06-24 02:14 . 2010-06-24 02:14 1861120 c:\windows\$hf_mig$\KB2160329\SP3QFE\win32k.sys
+ 2010-06-14 07:39 . 2010-06-14 07:39 1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll
+ 2006-02-28 12:00 . 2010-08-26 03:36 10841088 c:\windows\system32\wmp.dll
- 2006-02-28 12:00 . 2009-07-14 03:43 10841088 c:\windows\system32\wmp.dll
+ 2007-06-21 05:51 . 2010-12-16 08:01 37366216 c:\windows\system32\MRT.exe
+ 2006-02-28 12:00 . 2010-08-26 03:36 10841088 c:\windows\system32\dllcache\wmp.dll
- 2006-02-28 12:00 . 2009-07-14 03:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2010-04-02 23:29 . 2010-04-02 23:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-09-24 18:08 . 2010-09-24 18:08 11430400 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp
+ 2010-03-31 05:23 . 2010-03-31 05:23 15638528 c:\windows\Installer\fc503d8.msp
+ 2010-09-24 11:08 . 2010-09-24 11:08 17518080 c:\windows\Installer\ce97e23.msp
+ 2010-09-29 07:00 . 2010-09-29 07:00 20303872 c:\windows\Installer\ca7b93c.msp
+ 2010-05-19 17:08 . 2010-05-19 17:08 11408896 c:\windows\Installer\9241918.msp
+ 2010-09-02 07:00 . 2010-09-02 07:00 20303872 c:\windows\Installer\66a108f2.msp
+ 2011-01-06 08:01 . 2011-01-06 08:01 20304384 c:\windows\Installer\3df901f.msp
+ 2010-04-02 16:30 . 2010-04-02 16:30 17456640 c:\windows\Installer\2fcba572.msp
+ 2010-04-12 02:17 . 2010-04-12 02:17 14599680 c:\windows\Installer\2fcba555.msp
+ 2010-06-04 07:00 . 2010-06-04 07:00 20242432 c:\windows\Installer\160afaaf.msp
+ 2010-12-19 21:19 . 2010-12-19 21:19 17410048 c:\windows\Installer\10b0f6ac.msi
+ 2010-08-13 07:04 . 2010-08-13 07:04 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-10-06 16:20 . 2010-10-06 16:20 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll
+ 2010-10-06 19:46 . 2010-10-06 19:46 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll
+ 2010-10-06 16:21 . 2010-10-06 16:21 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\fdc42078fd10e4dc8b05087900c63977\System.Design.ni.dll
+ 2010-08-13 07:05 . 2010-08-13 07:05 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2010-08-13 07:04 . 2010-08-13 07:04 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
+ 2010-08-13 07:03 . 2010-08-13 07:03 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
+ 2010-10-14 07:03 . 2009-07-14 03:43 10841088 c:\windows\$NtUninstallKB2378111_WM9$\wmp.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [N/A]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-17 3872080]
"Google Update"="c:\documents and settings\Maxim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [N/A]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [N/A]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [N/A]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]
"Mikogo"="c:\documents and settings\Maxim\Application Data\Mikogo\Mikogo-Host.exe" [2010-09-17 2748416]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2010-07-06 2634048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [N/A]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-10-21 29696]
"OfficeKB"="c:\progra~1\OfficeKB\OfficeKB.EXE" [N/A]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [N/A]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [N/A]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [N/A]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [N/A]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [N/A]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RealUpgradeHelper"="c:\program files\Common Files\Real\Update_OB\upgrdhlp.exe" [2010-02-02 136744]

c:\documents and settings\Maxim\Start Menu\Programs\Startup\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Loadout Manager.lnk - c:\program files\Belkin\Nostromo\nost_LM.exe [2003-6-24 442368]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-6-23 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2007-6-23 581632]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0-enUS-downloader.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Apprentice\\Appr.exe"=
"c:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Program Files\\THQ\\Dawn Of War\\W40kWA.exe"=
"c:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Documents and Settings\\Maxim\\Desktop\\Max\\Pokemon Game.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.0.8.9506-to-3.0.9.9551-enUS-downloader.exe"=
"c:\\Program Files\\Dawn of War 2\\DOW2.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Riot Games\\League of Legends\\air\\LolClient.exe"=
"c:\\Riot Games\\League of Legends\\game\\League of Legends.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_CLI.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\transformers war for cybertron\\Binaries\\TWFC.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_DX11.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator dedicated server\\AvP_CLI.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dawn of war 2\\DOW2.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Armagetron Advanced\\armagetronad.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"4000:TCP"= 4000:TCP:diablo
"8375:TCP"= 8375:TCP:League of Legends Launcher
"8375:UDP"= 8375:UDP:League of Legends Launcher
"8376:TCP"= 8376:TCP:League of Legends Launcher
"8376:UDP"= 8376:UDP:League of Legends Launcher
"8377:TCP"= 8377:TCP:League of Legends Launcher
"8377:UDP"= 8377:UDP:League of Legends Launcher
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"7921:TCP"= 7921:TCP:Services
"7922:TCP"= 7922:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
"8020:TCP"= 8020:TCP:Services
"8021:TCP"= 8021:TCP:Services
"9020:TCP"= 9020:TCP:Services
"9021:TCP"= 9021:TCP:Services
"8378:TCP"= 8378:TCP:League of Legends Launcher
"8378:UDP"= 8378:UDP:League of Legends Launcher
"8379:TCP"= 8379:TCP:League of Legends Launcher
"8379:UDP"= 8379:UDP:League of Legends Launcher
"8380:TCP"= 8380:TCP:League of Legends Launcher
"8380:UDP"= 8380:UDP:League of Legends Launcher
"8381:TCP"= 8381:TCP:League of Legends Launcher
"8381:UDP"= 8381:UDP:League of Legends Launcher
"6881:TCP"= 6881:TCP:League of Legends Launcher
"6881:UDP"= 6881:UDP:League of Legends Launcher

R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2/28/2006 7:00 AM 14336]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/9/2009 5:35 PM 297752]
R2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [12/10/2009 2:39 AM 65536]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [4/1/2008 9:47 AM 24652]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2/27/2010 10:44 AM 57248]
S3 B-Service;B-Service;c:\documents and settings\Maxim\Application Data\Mikogo\B-Service.exe [9/17/2010 11:13 AM 185640]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [7/23/2003 2:16 PM 22821]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/12/2007 11:28 PM 722416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2011-01-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-03 21:27]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = localhost
FF - ProfilePath - c:\documents and settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Veoh Web Player Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - %profile%\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\Real\RealPlayer\browserrecord\firefox\ext
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-08 02:57
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(6780)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\Belkin\Nostromo\nost_FSH.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\WMASF.DLL
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-01-08 02:59:19
ComboFix-quarantined-files.txt 2011-01-08 07:59
ComboFix2.txt 2010-05-06 15:38
ComboFix3.txt 2010-05-05 19:46
ComboFix4.txt 2009-08-10 21:15

Pre-Run: 113,649,348,608 bytes free
Post-Run: 114,194,862,080 bytes free

- - End Of File - - CC83776660F73EC4317E953AF8C3074F

Hi,

Re-running ComboFix to remove infections:

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   
   RenV::
   c:\program files\Alcohol Soft\Alcohol 120\axcmd .exe
   c:\program files\Analog Devices\Core\smax4pnp .exe
   c:\program files\Common Files\Adobe\ARM\1.0\adobearm .exe
   c:\program files\Common Files\Ahead\Lib\nerocheck .exe
   c:\program files\Common Files\Ahead\Lib\nmbgmonitor .exe
   c:\program files\Common Files\Real\Update_OB\realsched .exe
   c:\program files\iTunes\ituneshelper .exe
   c:\program files\OfficeKB\officekb .exe
   c:\program files\QuickTime\qttask .exe
   

4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.

ComboFix 11-01-08.04 - Maxim 01/09/2011 2:10.7.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3326.2606 [GMT -5:00]
Running from: c:\documents and settings\Maxim\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Maxim\Desktop\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2010-12-09 to 2011-01-09 )))))))))))))))))))))))))))))))
.

2011-01-08 07:51 . 2011-01-08 07:59 -------- d-----w- C:\Combo-Fix2296C
2011-01-07 21:24 . 2011-01-07 21:24 -------- d-----w- c:\windows\49471DB87F3C42DB89C2AC50FA0C5290.TMP
2010-12-25 01:04 . 2010-12-25 01:04 -------- d-----w- c:\documents and settings\Maxim\Application Data\Armagetron
2010-12-25 01:04 . 2010-12-25 03:44 -------- d-----w- c:\program files\Armagetron Advanced
2010-12-25 01:04 . 2010-12-25 01:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Armagetron
2010-12-19 21:20 . 2010-12-19 21:20 -------- d-----w- c:\documents and settings\Maxim\Local Settings\Application Data\TechSmith
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\windows\system32\QuickTime
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\program files\TechSmith
2010-12-18 21:04 . 2010-12-18 21:27 -------- d-----w- c:\documents and settings\Maxim\Ultramarines
2010-12-16 00:52 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-16 00:51 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 23:09 . 2009-08-09 21:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 23:08 . 2009-08-09 21:50 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:12 . 2007-06-21 04:54 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:34 . 2006-02-28 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34 . 2006-02-28 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34 . 2006-02-28 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34 . 2006-02-28 12:00 17408 ------w- c:\windows\system32\corpol.dll
2010-11-03 12:25 . 2006-02-28 12:00 389120 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2006-02-28 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2006-02-28 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2006-02-28 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-14 06:36 . 2010-10-14 06:36 15451288 ----a-w- c:\windows\system32\xlive.dll
2010-10-14 06:36 . 2010-10-14 06:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-17 3872080]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]
"Mikogo"="c:\documents and settings\Maxim\Application Data\Mikogo\Mikogo-Host.exe" [2010-09-17 2748416]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2010-07-06 2634048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-10-21 29696]
"OfficeKB"="c:\progra~1\OfficeKB\OfficeKB.EXE" [2004-10-22 200704]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-02-02 198160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-06-02 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RealUpgradeHelper"="c:\program files\Common Files\Real\Update_OB\upgrdhlp.exe" [2010-02-02 136744]

c:\documents and settings\Maxim\Start Menu\Programs\Startup\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Loadout Manager.lnk - c:\program files\Belkin\Nostromo\nost_LM.exe [2003-6-24 442368]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-6-23 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2007-6-23 581632]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0-enUS-downloader.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Apprentice\\Appr.exe"=
"c:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Program Files\\THQ\\Dawn Of War\\W40kWA.exe"=
"c:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Documents and Settings\\Maxim\\Desktop\\Max\\Pokemon Game.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.0.8.9506-to-3.0.9.9551-enUS-downloader.exe"=
"c:\\Program Files\\Dawn of War 2\\DOW2.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Riot Games\\League of Legends\\air\\LolClient.exe"=
"c:\\Riot Games\\League of Legends\\game\\League of Legends.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_CLI.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\transformers war for cybertron\\Binaries\\TWFC.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_DX11.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator dedicated server\\AvP_CLI.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dawn of war 2\\DOW2.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Armagetron Advanced\\armagetronad.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"4000:TCP"= 4000:TCP:diablo
"8375:TCP"= 8375:TCP:League of Legends Launcher
"8375:UDP"= 8375:UDP:League of Legends Launcher
"8376:TCP"= 8376:TCP:League of Legends Launcher
"8376:UDP"= 8376:UDP:League of Legends Launcher
"8377:TCP"= 8377:TCP:League of Legends Launcher
"8377:UDP"= 8377:UDP:League of Legends Launcher
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"7921:TCP"= 7921:TCP:Services
"7922:TCP"= 7922:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
"8020:TCP"= 8020:TCP:Services
"8021:TCP"= 8021:TCP:Services
"9020:TCP"= 9020:TCP:Services
"9021:TCP"= 9021:TCP:Services
"8378:TCP"= 8378:TCP:League of Legends Launcher
"8378:UDP"= 8378:UDP:League of Legends Launcher
"8379:TCP"= 8379:TCP:League of Legends Launcher
"8379:UDP"= 8379:UDP:League of Legends Launcher
"8380:TCP"= 8380:TCP:League of Legends Launcher
"8380:UDP"= 8380:UDP:League of Legends Launcher
"8381:TCP"= 8381:TCP:League of Legends Launcher
"8381:UDP"= 8381:UDP:League of Legends Launcher
"6881:TCP"= 6881:TCP:League of Legends Launcher
"6881:UDP"= 6881:UDP:League of Legends Launcher

R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2/28/2006 7:00 AM 14336]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/9/2009 5:35 PM 297752]
R2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [12/10/2009 2:39 AM 65536]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [4/1/2008 9:47 AM 24652]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2/27/2010 10:44 AM 57248]
S3 B-Service;B-Service;c:\documents and settings\Maxim\Application Data\Mikogo\B-Service.exe [9/17/2010 11:13 AM 185640]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [7/23/2003 2:16 PM 22821]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/12/2007 11:28 PM 722416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2011-01-08 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-03 21:27]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = localhost
FF - ProfilePath - c:\documents and settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Veoh Web Player Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - %profile%\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\Real\RealPlayer\browserrecord\firefox\ext
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Google Update - c:\documents and settings\Maxim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
HKCU-Run-LDM - c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
HKLM-Run-nwiz - c:\program files\NVIDIA Corporation\nView\nwiz.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-09 02:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(5760)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\Belkin\Nostromo\nost_FSH.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-01-09 02:15:12
ComboFix-quarantined-files.txt 2011-01-09 07:14
ComboFix2.txt 2011-01-08 07:59
ComboFix3.txt 2010-05-06 15:38
ComboFix4.txt 2010-05-05 19:46
ComboFix5.txt 2011-01-09 07:07

Pre-Run: 114,149,281,792 bytes free
Post-Run: 114,135,064,576 bytes free

- - End Of File - - FCEDDF6B5260151770617A40F2DD180C

Hi,

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5489

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

1/9/2011 3:37:27 PM
mbam-log-2011-01-09 (15-37-27).txt

Scan type: Quick scan
Objects scanned: 170255
Time elapsed: 3 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Hi,

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

How come ESET found things MBAM could not??????



ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17093 (vista_gdr.101017-1200)
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=0654487f7391264794caf0e90d4cd848
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-01-10 01:53:53
# local_time=2011-01-09 08:53:53 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 43834356 43834356 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=177606
# found=37
# cleaned=37
# scan_time=3416
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Update\googleupdate.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\jodpehbio\tsawndytssd .exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\jodpehbio\tsawndytssd.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\wngpefagk\ttsmqkktssd .exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\wngpefagk\ttsmqkktssd.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\temp\7913dc72.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\temp\lcibai.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\temp\system.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\temp\xxtxx2yz.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\Temporary Internet Files\Content.IE5\B3W5W0V2\fwevpovto[1].htm Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Maxim\Local Settings\Application Data\jodpehbio\tsawndytssd .exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Maxim\Local Settings\Application Data\wngpefagk\ttsmqkktssd .exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Documents and Settings\Maxim\Local Settings\Application Data\Google\Update\googleupdate.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Analog Devices\Core\smax4pnp.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Common Files\Adobe\ARM\1.0\adobearm.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Common Files\Ahead\Lib\nerocheck.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Common Files\Ahead\Lib\nmbgmonitor.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\CyberLink\PowerDVD\pdvdserv.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\CyberLink\PowerDVD\Language\language.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\iTunes\ituneshelper.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Logitech\Desktop Messenger\8876480\Program\backweb-8876480.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\khalmnpr.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\rundll32 .exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\NVIDIA Corporation\nView\nwiz.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Pando Networks\Media Booster\pmb.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\PROGRA~1\OfficeKB\officekb.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\isapnp.sys.vir Win32/Olmarik.ZC trojan (cleaned - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038959.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038960.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038961.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038962.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038963.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038964.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038965.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Hi,

Most of that was already quarantined files and system restore points.

Please download HAMeb_check.exe and save it to your desktop.

• Double-click on HAMeb_check.exe to run the utility and it will create a log.
• Copy and paste the contents of that log in your next reply.

C:\Documents and Settings\Maxim\Desktop\HAMeb_check.exe
Sun 01/09/2011 at 22:06:03.46

Account active Yes
Local Group Memberships *Administrators

~~ Checking profile list ~~

S-1-5-21-1417001333-1801674531-839522115-1000
%SystemDrive%\Documents and Settings\HelpAssistant

~~ Checking for HelpAssistant directories ~~

HelpAssistant

~~ Checking mbr ~~

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 0x02542D6C1
malicious code @ sector 0x02542D6C4 !
PE file found in sector at 0x02542D6DA !

~~ Checking for termsrv32.dll ~~

termsrv32.dll present!


HKEY_LOCAL_MACHINE\system\currentcontrolset\services\termservice\parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\termsrv.dll

~~ Checking firewall ports ~~

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]
"65533:TCP"=65533:TCP:*:Enabled:Services
"52344:TCP"=52344:TCP:*:Enabled:Services
"7921:TCP"=7921:TCP:*:Enabled:Services
"7922:TCP"=7922:TCP:*:Enabled:Services
"3389:TCP"=3389:TCP:*:Enabled:Remote Desktop
"8020:TCP"=8020:TCP:*:Enabled:Services
"8021:TCP"=8021:TCP:*:Enabled:Services
"9020:TCP"=9020:TCP:*:Enabled:Services
"9021:TCP"=9021:TCP:*:Enabled:Services

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"65533:TCP"=65533:TCP:*:Enabled:Services
"52344:TCP"=52344:TCP:*:Enabled:Services
"7921:TCP"=7921:TCP:*:Enabled:Services
"7922:TCP"=7922:TCP:*:Enabled:Services
"3389:TCP"=3389:TCP:*:Enabled:Remote Desktop
"8020:TCP"=8020:TCP:*:Enabled:Services
"8021:TCP"=8021:TCP:*:Enabled:Services
"9020:TCP"=9020:TCP:*:Enabled:Services
"9021:TCP"=9021:TCP:*:Enabled:Services


~~ EOF ~~

Hi,

Ha! That's found it

Please download HelpAsst_mebroot_fix.exe and save it to your desktop.

• Close out all other open programs and windows.
  
• Double click the file to run it and follow any prompts.
  
• If the tool detects an mbr infection, please allow it to run mbr -f and shutdown your computer.
  
• Upon restarting, please wait about 5 minutes, click Start>Run and type the following bolded command, then hit Enter.
  
  helpasst -mbrt
  
  
• Make sure you leave a space between helpasst and -mbrt
  
• When it completes, a log will open.
  
• Please post the contents of that log.

It did not ask to reboot, it said user mbr and kernel okay and then it closed.

Hmm well that failed

Please download HelpAsst_mebroot_fix.exe and save it to your desktop.

• Close out all other open programs and windows.
  
• Double click the file to run it and follow any prompts.
  
• If the tool detects an mbr infection, please allow it to run mbr -f and shutdown your computer.
  
• Upon restarting, please wait about 5 minutes, click Start>Run and type the following bolded command, then hit Enter.
  
  helpasst -mbrt
  
  
• Make sure you leave a space between helpasst and -mbrt
  
• When it completes, a log will open.
  
• Please post the contents of that log.

*In the event the tool does not detect an mbr infection and completes, click Start>Run and type the following bolded command, then hit Enter: mbr -f

• Now, please do the Start>Run>mbr -f command a second time.
  
• Now shut down the computer (do not restart, but shut it down), wait a few minutes then start it back up.
  
• Give it about 5 minutes, then click Start>Run and type the following bolded command, then hit Enter:
  
  helpasst -mbrt
  
  
• Make sure you leave a space between helpasst and -mbrt
  
• When it completes, a log will open.
  
• Please post the contents of that log.

In your next reply, please include the following: HelpAsst_mebroot_fix Log

C:\Documents and Settings\Maxim\Desktop\HelpAsst_mebroot_fix.exe
Mon 01/10/2011 at 15:52:52.62

HelpAssistant account Inactive

~~ Checking for termsrv32.dll ~~

termsrv32.dll not found

~~ Checking firewall ports ~~

HKLM\~\services\sharedaccess\parameters\firewallpolicy\domainprofile\globallyopenports\list

HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\globallyopenports\list

~~ Checking profile list ~~

No HelpAssistant profile in registry

~~ Checking mbr ~~

user & kernel MBR OK

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Status check on Mon 01/10/2011 at 16:35:40.32

Account active No
Local Group Memberships

~~ Checking mbr ~~

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 0x02542D6C1
malicious code @ sector 0x02542D6C4 !
PE file found in sector at 0x02542D6DA !

~~ Checking for termsrv32.dll ~~

termsrv32.dll not found


HKEY_LOCAL_MACHINE\system\currentcontrolset\services\termservice\parameters
ServiceDll REG_EXPAND_SZ %systemroot%\System32\termsrv.dll

~~ Checking profile list ~~

No HelpAssistant profile in registry

~~ Checking for HelpAssistant directories ~~

HelpAssistant

~~ Checking firewall ports ~~

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\domainprofile\GloballyOpenPorts\List]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]


~~ EOF ~~

How's the machine running now?

We will have to wait and see for it to do it again.

Ok. Keep me posted.

Right this instant it has just done it again.

Hi,

Please download a fresh copy of ComboFix and run it. Post that log here.

ComboFix 11-01-14.01 - Maxim 01/14/2011 17:07:18.8.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3326.2692 [GMT -5:00]
Running from: c:\documents and settings\Maxim\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2010-12-14 to 2011-01-14 )))))))))))))))))))))))))))))))
.

2011-01-10 07:40 . 2011-01-10 07:40 -------- d-----w- C:\HelpAsst_backup
2011-01-10 00:54 . 2011-01-10 00:54 -------- d-----w- c:\program files\ESET
2011-01-09 23:01 . 2011-01-09 23:01 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-09 07:07 . 2011-01-09 07:15 -------- d-----w- C:\Combo-Fix1679C
2011-01-08 07:51 . 2011-01-08 07:59 -------- d-----w- C:\Combo-Fix2296C
2011-01-07 21:24 . 2011-01-07 21:24 -------- d-----w- c:\windows\49471DB87F3C42DB89C2AC50FA0C5290.TMP
2010-12-25 01:04 . 2010-12-25 01:04 -------- d-----w- c:\documents and settings\Maxim\Application Data\Armagetron
2010-12-25 01:04 . 2010-12-25 03:44 -------- d-----w- c:\program files\Armagetron Advanced
2010-12-25 01:04 . 2010-12-25 01:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Armagetron
2010-12-19 21:20 . 2010-12-19 21:20 -------- d-----w- c:\documents and settings\Maxim\Local Settings\Application Data\TechSmith
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\windows\system32\QuickTime
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2010-12-19 21:19 . 2010-12-19 21:19 -------- d-----w- c:\program files\TechSmith
2010-12-18 21:04 . 2010-12-18 21:27 -------- d-----w- c:\documents and settings\Maxim\Ultramarines
2010-12-16 00:52 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-16 00:51 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 23:09 . 2009-08-09 21:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 23:08 . 2009-08-09 21:50 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:12 . 2007-06-21 04:54 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2006-02-28 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:34 . 2006-02-28 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34 . 2006-02-28 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34 . 2006-02-28 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34 . 2006-02-28 12:00 17408 ------w- c:\windows\system32\corpol.dll
2010-11-03 12:25 . 2006-02-28 12:00 389120 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2006-02-28 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2006-02-28 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2006-02-28 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot_2011-01-08_07.57.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-14 21:48 . 2011-01-14 21:48 16384 c:\windows\temp\Perflib_Perfdata_5ac.dat
+ 2011-01-14 21:48 . 2011-01-14 21:48 16384 c:\windows\temp\Perflib_Perfdata_558.dat
+ 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
+ 2010-09-22 23:10 . 2010-09-22 23:10 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\nppdf32.dll
+ 2010-11-08 07:14 . 2010-11-08 07:14 3402752 c:\windows\Installer\8bdf74.msp
+ 2011-01-09 23:01 . 2011-01-09 23:01 3940864 c:\windows\Installer\8bdf60.msi
+ 2010-09-16 08:08 . 2010-09-16 08:08 6210560 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\authplay.dll
+ 2007-06-21 05:51 . 2011-01-13 08:00 37403080 c:\windows\system32\MRT.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-17 3872080]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]
"Mikogo"="c:\documents and settings\Maxim\Application Data\Mikogo\Mikogo-Host.exe" [2010-09-17 2748416]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-10-21 29696]
"OfficeKB"="c:\progra~1\OfficeKB\OfficeKB.EXE" [2004-10-22 200704]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-02-02 198160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-06-02 267048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RealUpgradeHelper"="c:\program files\Common Files\Real\Update_OB\upgrdhlp.exe" [2010-02-02 136744]

c:\documents and settings\Maxim\Start Menu\Programs\Startup\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-8-17 393216]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Loadout Manager.lnk - c:\program files\Belkin\Nostromo\nost_LM.exe [2003-6-24 442368]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-6-23 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2007-6-23 581632]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0-enUS-downloader.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Apprentice\\Appr.exe"=
"c:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Program Files\\THQ\\Dawn Of War\\W40kWA.exe"=
"c:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Documents and Settings\\Maxim\\Desktop\\Max\\Pokemon Game.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.0.8.9506-to-3.0.9.9551-enUS-downloader.exe"=
"c:\\Program Files\\Dawn of War 2\\DOW2.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Riot Games\\League of Legends\\air\\LolClient.exe"=
"c:\\Riot Games\\League of Legends\\game\\League of Legends.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_CLI.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\transformers war for cybertron\\Binaries\\TWFC.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_DX11.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator dedicated server\\AvP_CLI.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dawn of war 2\\DOW2.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Armagetron Advanced\\armagetronad.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"4000:TCP"= 4000:TCP:diablo
"8375:TCP"= 8375:TCP:League of Legends Launcher
"8375:UDP"= 8375:UDP:League of Legends Launcher
"8376:TCP"= 8376:TCP:League of Legends Launcher
"8376:UDP"= 8376:UDP:League of Legends Launcher
"8377:TCP"= 8377:TCP:League of Legends Launcher
"8377:UDP"= 8377:UDP:League of Legends Launcher
"8378:TCP"= 8378:TCP:League of Legends Launcher
"8378:UDP"= 8378:UDP:League of Legends Launcher
"8379:TCP"= 8379:TCP:League of Legends Launcher
"8379:UDP"= 8379:UDP:League of Legends Launcher
"8380:TCP"= 8380:TCP:League of Legends Launcher
"8380:UDP"= 8380:UDP:League of Legends Launcher
"8381:TCP"= 8381:TCP:League of Legends Launcher
"8381:UDP"= 8381:UDP:League of Legends Launcher
"6881:TCP"= 6881:TCP:League of Legends Launcher
"6881:UDP"= 6881:UDP:League of Legends Launcher
"4756:TCP"= 4756:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2/28/2006 7:00 AM 14336]
R2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [12/10/2009 2:39 AM 65536]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [4/1/2008 9:47 AM 24652]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2/27/2010 10:44 AM 57248]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/9/2009 5:35 PM 297752]
S3 B-Service;B-Service;c:\documents and settings\Maxim\Application Data\Mikogo\B-Service.exe [9/17/2010 11:13 AM 185640]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [7/23/2003 2:16 PM 22821]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/12/2007 11:28 PM 722416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2011-01-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-03 21:27]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = localhost
FF - ProfilePath - c:\documents and settings\Maxim\Application Data\Mozilla\Firefox\Profiles\pu9jai39.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Veoh Web Player Toolbar: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - %profile%\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\Real\RealPlayer\browserrecord\firefox\ext
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(network.protocol-handler.warn-external.dnupdate, false
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-14 17:11
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(332)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\Belkin\Nostromo\nost_FSH.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-01-14 17:14:05
ComboFix-quarantined-files.txt 2011-01-14 22:13
ComboFix2.txt 2011-01-09 07:15
ComboFix3.txt 2011-01-08 07:59
ComboFix4.txt 2010-05-06 15:38
ComboFix5.txt 2011-01-14 21:58

Pre-Run: 112,166,715,392 bytes free
Post-Run: 112,207,937,536 bytes free

- - End Of File - - 4B9BEA370DE6D749EB0668975DB1BC6D

Hi,

Peer-to-Peer Programs Warning

Your log shows that you are using so called peer-to-peer or file-sharing programs (in your case BitTorrent and uTorrent). These programs allow to share files between users as the name(s) suggest. In today's world cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: File-Sharing, otherwise known as Peer To Peer and Risks of File-Sharing Technology.

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organizations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."

It is your decision whether or not you wish to keep your program(s) but I suggest you remove it via add/remove. However, please refrain from using them until your computer has been declared clean.
======

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". Read this article: http://www.clickz.com/news/article.php/3561546

Additional info: http://vil.nai.com/vil/content/v_137262.htm

I suggest you remove the program now.

Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.

• Viewpoint
  
• Viewpoint Manager
  
• Viewpoint Media Player
  
• Viewpoint Toolbar
  

I have removed both file sharing software like you suggested and viewpoint media player.

However, I am greatly confused as to why peer to peer haring is bad, as most free stuff I have gotten came from file sharing using peer to peer.

Free games for exemple, frees softwares (Gimp, open office) also DLL or softwares related to my outdated hardwares that I cannot find anywhere else. Also the new video games that I got cannot be update without the use of peer to peer (World of warcraft, all my steam games.) So without all these peer to peer how can I remedy to certain problems I encounter. (Like I bought some times ago a copy of Diablo 2, the game but we wanted me and my friends to play an older version of a certain patch instead of the new version that we don't like, so we needed to download the specific patches up to this one because if we logged online it would auto patch the new one. Those are hard problems to solve without peer to peer)


I don't use peer to peer to not have to buy music or stuff like that, I still buy cds and I got a big DvD collection. The thing is, when you want something out of print or something like our problem above, or e-books that I purchase and are given to me via peer to peer. What are the alternatives besides peer to peer file sharing? Sorry if I burden you with this question, im just confused about all this. Thank you for your time.

Hi,

Well, in the end it's your choice whether or not you want to keep your P2P programs. The risk is quite high when using them that you will get an infected download since you can't verify the author or the source of the files, even if you are downloading perfectly legal things like patches etc.

Steam is a different service from P2P programs like Limewire, Frostwire, BitTorrent etc simply because they offer that ability to download patches and such or even pay for games.

As I said, it's up to you I simply caution you since the odds aren't exactly in your favor.

I have removed them as per your suggestion, but the problems have not yet been solved concerning receiving batches of spam from my computer(My friends have confirmed) Is there anything I could hope to do, or is it damaged beyond repair?

Your email was likely harvested. Have you changed your password from a known clean machine since this started happening?

Nope

I ran ESET again and it found 4 more infections it had not previously found. Hope this is of any help:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17093 (vista_gdr.101017-1200)
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=0654487f7391264794caf0e90d4cd848
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-01-10 01:53:53
# local_time=2011-01-09 08:53:53 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 43834356 43834356 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=177606
# found=37
# cleaned=37
# scan_time=3416
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Update\googleupdate.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\jodpehbio\tsawndytssd .exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\jodpehbio\tsawndytssd.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\wngpefagk\ttsmqkktssd .exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\wngpefagk\ttsmqkktssd.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\temp\7913dc72.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\temp\lcibai.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\temp\system.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\temp\xxtxx2yz.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HelpAssistant\Local Settings\Temporary Internet Files\Content.IE5\B3W5W0V2\fwevpovto[1].htm Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Maxim\Local Settings\Application Data\jodpehbio\tsawndytssd .exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Maxim\Local Settings\Application Data\wngpefagk\ttsmqkktssd .exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Documents and Settings\Maxim\Local Settings\Application Data\Google\Update\googleupdate.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Analog Devices\Core\smax4pnp.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Common Files\Adobe\ARM\1.0\adobearm.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Common Files\Ahead\Lib\nerocheck.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Common Files\Ahead\Lib\nmbgmonitor.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\CyberLink\PowerDVD\pdvdserv.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\CyberLink\PowerDVD\Language\language.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\iTunes\ituneshelper.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Logitech\Desktop Messenger\8876480\Program\backweb-8876480.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\khalmnpr.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\rundll32 .exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\NVIDIA Corporation\nView\nwiz.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\Pando Networks\Media Booster\pmb.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\Program Files\QuickTime\qttask.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\PROGRA~1\OfficeKB\officekb.exe.vir Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\isapnp.sys.vir Win32/Olmarik.ZC trojan (cleaned - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038959.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038960.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038961.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038962.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038963.exe Win32/TrojanDownloader.Unruy.BO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038964.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{67B3C756-D887-4359-B4D9-A09C29921E96}\RP245\A0038965.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
# version=7
# iexplore.exe=7.00.6000.17093 (vista_gdr.101017-1200)
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=0654487f7391264794caf0e90d4cd848
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-01-15 06:10:54
# local_time=2011-01-15 01:10:54 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 44279256 44279256 0 0
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 362243 362243 0 0
# scanned=205329
# found=4
# cleaned=4
# scan_time=5938
C:\Documents and Settings\HelpAssistant\Application Data\Sun\Java\Deployment\cache\6.0\49\6b800f31-20171b78 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Maxim\Application Data\Sun\Java\Deployment\cache\6.0\49\6b800f31-20171b78 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\HelpAsst_backup\C\DOCUME~1\HELPAS~1\Application Data\Sun\Java\Deployment\cache\6.0\49\6b800f31-20171b78 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\_qnzdbec_.sys.zip Win32/Bubnix.AO trojan (deleted - quarantined) 00000000000000000000000000000000 C

Hi,

Please change your password ASAP. Do you still have HA_Meb_Check on your desktop? Please run that once more and post its log here.

Finally, please don't run any scans unless asked to do so by a member of staff here

C:\Documents and Settings\Maxim\Desktop\HAMeb_check.exe
Sat 01/15/2011 at 15:45:30.79

Account active No
Local Group Memberships

~~ Checking profile list ~~

No HelpAssistant profile in registry

~~ Checking for HelpAssistant directories ~~

HelpAssistant

~~ Checking mbr ~~

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 0x02542D6C1
malicious code @ sector 0x02542D6C4 !
PE file found in sector at 0x02542D6DA !

~~ Checking for termsrv32.dll ~~

termsrv32.dll was not found


HKEY_LOCAL_MACHINE\system\currentcontrolset\services\termservice\parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\termsrv.dll

~~ Checking firewall ports ~~

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]


~~ EOF ~~

Hi,

It seems the MBR has stood up to disinfection. I will be back asap with a fix for you

Okay, sounds great.

Hi Uthanak,

Unfortunately the only way to remedy that malicious code in the MBR is a reformat and a reinstall of your operating system. Occasionally it comes down to this when malware does a lot of damage to a machine.

If you would like help backing up your data and reformatting I would be happy to help

Can we give help assist mbr root fix another try before that? Maybe i did not do it correctly the first time.

Sure, go ahead. The MBR looks fine though. It's just the leftover malicious code.

Well even so it has not done it ever since, here to hoping.



C:\Documents and Settings\Maxim\Desktop\HelpAsst_mebroot_fix.exe
Wed 01/19/2011 at 3:50:29.44

HelpAssistant account Inactive

~~ Checking for termsrv32.dll ~~

termsrv32.dll not found

~~ Checking firewall ports ~~

HKLM\~\services\sharedaccess\parameters\firewallpolicy\domainprofile\globallyopenports\list

HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\globallyopenports\list

~~ Checking profile list ~~

No HelpAssistant profile in registry

~~ Checking mbr ~~

user & kernel MBR OK

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Status check on Wed 01/19/2011 at 7:39:50.76

Account active No
Local Group Memberships

~~ Checking mbr ~~

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 0x02542D6C1
malicious code @ sector 0x02542D6C4 !
PE file found in sector at 0x02542D6DA !

~~ Checking for termsrv32.dll ~~

termsrv32.dll not found


HKEY_LOCAL_MACHINE\system\currentcontrolset\services\termservice\parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\termsrv.dll

~~ Checking profile list ~~

No HelpAssistant profile in registry

~~ Checking for HelpAssistant directories ~~

HelpAssistant

~~ Checking firewall ports ~~

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\domainprofile\GloballyOpenPorts\List]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]


~~ EOF ~~

Yeah just as I thought. Everything else has been remedied but that malicious code remains. A reformat is the way to go here unfortunately

Well okay, thanks for your help.

No problem. Glad to help. Sorry it had to come to this