[RESOLVED] Does this points to an infection?

Started By Scorpy, Apr 20 2011 11:05 AM

You cannot start a new topic
You cannot reply to this topic
Go to first unread post

26 replies to this topic

#1 Scorpy

Member

101 posts
Joined: July 03, 2010
7 topics
Age: 36
Skin: IP.Board
Local time: 01:14 AM

Zodiac:Scorpio
Gender:Male
Location:Anywhere Anytime ;)
OS:Windows 7
Country:

Offline

Posted 20 April 2011 - 11:05 AM

Hi Broni

I am attaching some scan logs from my friend's laptop. Imo his machine is surely infected. Please check the logs and advice accordingly.
Thanks.

MBRCHECK
MBRCheck, version 1.2.3© 2010, ADCommand-line: Windows Version: Windows XP ProfessionalWindows Information: Service Pack 3 (build 2600)Logical Drives Mask: 0x0040101cKernel Drivers (total 127): 0x804D7000 \WINDOWS\system32\ntkrnlpa.exe 0x806E5000 \WINDOWS\system32\hal.dll 0xBA5A8000 \WINDOWS\system32\KDCOM.DLL 0xBA4B8000 \WINDOWS\system32\BOOTVID.dll 0xB9F79000 ACPI.sys 0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS 0xB9F68000 pci.sys 0xBA0A8000 isapnp.sys 0xBA4BC000 compbatt.sys 0xBA4C0000 \WINDOWS\system32\DRIVERS\BATTC.SYS 0xBA0B8000 MountMgr.sys 0xB9F49000 ftdisk.sys 0xBA5AC000 dmload.sys 0xB9F23000 dmio.sys 0xBA328000 PartMgr.sys 0xBA4C4000 ACPIEC.sys 0xBA670000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 0xBA0C8000 VolSnap.sys 0xB9E4A000 iaStor.sys 0xBA0D8000 disk.sys 0xBA0E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS 0xB9E2A000 fltmgr.sys 0xB9E18000 sr.sys 0xB9DC3000 bdfsfltr.sys 0xBA330000 PxHelp20.sys 0xB9DAC000 KSecDD.sys 0xB9D1F000 Ntfs.sys 0xB9CF2000 NDIS.sys 0xB9CD8000 Mup.sys 0xBA1A8000 \SystemRoot\system32\DRIVERS\intelppm.sys 0xB9BCB000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0xB89DB000 \SystemRoot\system32\DRIVERS\igxpmp32.sys 0xB89C7000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS 0xBA3B0000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0xB89A3000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0xBA3B8000 \SystemRoot\system32\DRIVERS\usbehci.sys 0xB897B000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0xB8960000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys 0xB8948000 \SystemRoot\system32\DRIVERS\jmcr.sys 0xB8930000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS 0xBA1B8000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0xBA3C0000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0xBA3C8000 \SystemRoot\system32\DRIVERS\mouclass.sys 0xBA1C8000 \SystemRoot\system32\DRIVERS\imapi.sys 0xBA1D8000 \SystemRoot\system32\DRIVERS\cdrom.sys 0xBA1E8000 \SystemRoot\system32\DRIVERS\redbook.sys 0xB890D000 \SystemRoot\system32\DRIVERS\ks.sys 0xB9BC3000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0xB883C000 \SystemRoot\system32\DRIVERS\btkrnl.sys 0xBA6ED000 \SystemRoot\system32\DRIVERS\audstub.sys 0xBA1F8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0xB9BBF000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0xB8825000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0xBA208000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0xBA218000 \SystemRoot\system32\DRIVERS\raspptp.sys 0xBA3D0000 \SystemRoot\system32\DRIVERS\TDI.SYS 0xB8814000 \SystemRoot\system32\DRIVERS\psched.sys 0xBA228000 \SystemRoot\system32\DRIVERS\msgpc.sys 0xBA3D8000 \SystemRoot\system32\DRIVERS\ptilink.sys 0xBA3E0000 \SystemRoot\system32\DRIVERS\raspti.sys 0xB87E4000 \SystemRoot\system32\DRIVERS\rdpdr.sys 0xBA238000 \SystemRoot\system32\DRIVERS\termdd.sys 0xB9CB4000 \SystemRoot\system32\DRIVERS\ic1kenum.sys 0xBA248000 \SystemRoot\system32\DRIVERS\aksifdh.sys 0xB87CA000 \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys 0xBA5EE000 \SystemRoot\system32\DRIVERS\swenum.sys 0xB876C000 \SystemRoot\system32\DRIVERS\update.sys 0xB9CA0000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0xAAF05000 \SystemRoot\system32\DRIVERS\btport.sys 0xAB357000 \SystemRoot\System32\Drivers\NDProxy.SYS 0xAB4AB000 \SystemRoot\system32\DRIVERS\usbic1k.sys 0xAB4A7000 \SystemRoot\system32\DRIVERS\SMCLIB.SYS 0xAB337000 \SystemRoot\system32\DRIVERS\usbhub.sys 0xBA642000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x993FB000 \SystemRoot\system32\drivers\sthda.sys 0x993D7000 \SystemRoot\system32\drivers\portcls.sys 0xAB327000 \SystemRoot\system32\drivers\drmk.sys 0x993BB000 \SystemRoot\system32\drivers\AESTAud.sys 0x99295000 \SystemRoot\system32\DRIVERS\AGRSM.sys 0xAA9A3000 \SystemRoot\System32\Drivers\Modem.SYS 0x99275000 \SystemRoot\system32\drivers\IntcHdmi.sys 0xBA64A000 \SystemRoot\system32\DRIVERS\bdrawpr.sys 0xBA64C000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0xAA848000 \SystemRoot\System32\Drivers\Null.SYS 0xBA64E000 \SystemRoot\System32\Drivers\Beep.SYS 0xAA963000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0xAA95B000 \SystemRoot\System32\drivers\vga.sys 0xBA650000 \SystemRoot\System32\Drivers\mnmdd.SYS 0xBA652000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0xAA698000 \SystemRoot\System32\Drivers\Msfs.SYS 0xAA690000 \SystemRoot\System32\Drivers\Npfs.SYS 0xAA859000 \SystemRoot\system32\DRIVERS\rasacd.sys 0x99242000 \SystemRoot\system32\DRIVERS\ipsec.sys 0x991E9000 \SystemRoot\system32\DRIVERS\tcpip.sys 0x991CB000 \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys 0x991A5000 \SystemRoot\system32\DRIVERS\ipnat.sys 0x9917D000 \SystemRoot\system32\DRIVERS\netbt.sys 0x9915B000 \SystemRoot\System32\drivers\afd.sys 0xAB317000 \SystemRoot\system32\DRIVERS\netbios.sys 0x99130000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x990C0000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xAAA35000 \SystemRoot\System32\Drivers\Fips.SYS 0xAAA25000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x990AC000 \SystemRoot\system32\DRIVERS\bdvedisk.sys 0xAA688000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x9908E000 \SystemRoot\System32\Drivers\usbvideo.sys 0xAA9F5000 \SystemRoot\System32\Drivers\Cdfs.SYS 0x98FB5000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0xBF800000 \SystemRoot\System32\win32k.sys 0xB706F000 \SystemRoot\System32\drivers\Dxapi.sys 0xAA670000 \SystemRoot\System32\watchdog.sys 0xBF000000 \SystemRoot\System32\drivers\dxg.sys 0xBA7CA000 \SystemRoot\System32\drivers\dxgthk.sys 0xBF024000 \SystemRoot\System32\igxpgd32.dll 0xBF012000 \SystemRoot\System32\igxprd32.dll 0xBF04F000 \SystemRoot\System32\igxpdv32.DLL 0xBF25B000 \SystemRoot\System32\igxpdx32.DLL 0xBF562000 \SystemRoot\System32\ATMFD.DLL 0x98F61000 \SystemRoot\system32\DRIVERS\Trufos.sys 0xB8009000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x98E94000 \SystemRoot\system32\DRIVERS\mrxdav.sys 0x98DC4000 \SystemRoot\system32\DRIVERS\srv.sys 0x98B2F000 \SystemRoot\system32\drivers\wdmaud.sys 0xB82BC000 \SystemRoot\system32\drivers\sysaudio.sys 0x98688000 \SystemRoot\System32\Drivers\HTTP.sys 0x983CF000 \SystemRoot\system32\drivers\kmixer.sys 0x7C900000 \WINDOWS\system32\ntdll.dllProcesses (total 44): 0 System Idle Process 4 System 1076 C:\WINDOWS\system32\smss.exe 1160 csrss.exe 1192 C:\WINDOWS\system32\winlogon.exe 1236 C:\WINDOWS\system32\services.exe 1248 C:\WINDOWS\system32\lsass.exe 1444 C:\WINDOWS\system32\svchost.exe 1512 svchost.exe 1732 C:\WINDOWS\system32\svchost.exe 1756 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 1904 svchost.exe 1948 svchost.exe 340 C:\WINDOWS\system32\spoolsv.exe 388 scardsvr.exe 452 svchost.exe 520 C:\WINDOWS\system32\agrsmsvc.exe 548 C:\Program Files\Aladdin\eToken\PKIClient\x32\eTSrv.exe 764 C:\WINDOWS\system32\svchost.exe 776 C:\Program Files\Java\jre6\bin\jqs.exe 812 C:\WINDOWS\system32\svchost.exe 956 C:\Program Files\Google\Update\GoogleUpdate.exe 996 C:\WINDOWS\system32\svchost.exe 1316 C:\WINDOWS\system32\svchost.exe 1576 C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe 1884 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 1012 C:\WINDOWS\system32\wuauclt.exe 2356 C:\WINDOWS\explorer.exe 2396 wmiprvse.exe 2484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 2644 C:\WINDOWS\system32\igfxtray.exe 2656 C:\WINDOWS\system32\hkcmd.exe 2664 C:\WINDOWS\system32\igfxpers.exe 2680 C:\WINDOWS\system32\ep1k_certd.exe 2696 C:\WINDOWS\system32\igfxsrvc.exe 2756 C:\Program Files\Common Files\Java\Java Update\jusched.exe 2804 C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe 2836 C:\WINDOWS\system32\ep1ksrv.exe 2848 C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe 2872 C:\WINDOWS\system32\ctfmon.exe 2940 C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe 3560 alg.exe 604 C:\WINDOWS\system32\wuauclt.exe 2708 E:\MBRCheck.exe\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000013`a719aa00 (NTFS)\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000000e`a6094200 (NTFS)\\.\M: --> \\.\PhysicalDrive0 at offset 0x00000020`2a003400 (NTFS)PhysicalDrive0 Model Number: WDCWD2500BEVT-60ZCT1, Rev: 13.01A13 Size Device Name MBR Status -------------------------------------------- 232 GB \\.\PhysicalDrive0 Windows XP MBR code detected SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644ADone!

ATTACH.TXT

.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_11-03-05.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 7/30/2009 11:32:31 AMSystem Uptime: 4/20/2011 11:56:52 AM (1 hours ago).Motherboard: Compal | | 3607Processor: Intel® Pentium® Dual CPU T3400 @ 2.16GHz | CPU | 2161/667mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 59 GiB total, 43.5 GiB free.D: is FIXED (NTFS) - 50 GiB total, 47.125 GiB free.E: is FIXED (NTFS) - 20 GiB total, 19.806 GiB free.M: is FIXED (NTFS) - 104 GiB total, 101.35 GiB free.W: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: Description: Network ControllerDevice ID: PCI\VEN_14E4&DEV_4315&SUBSYS_137D103C&REV_01\4&2A17DF6C&0&00E2Manufacturer: Name: Network ControllerPNP Device ID: PCI\VEN_14E4&DEV_4315&SUBSYS_137D103C&REV_01\4&2A17DF6C&0&00E2Service: .Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}Description: Device ID: ACPI\ENE0100\3&B1BFB68&0Manufacturer: Name: PNP Device ID: ACPI\ENE0100\3&B1BFB68&0Service: .==== System Restore Points ===================.RP159: 3/15/2011 2:17:15 PM - Software Distribution Service 3.0RP160: 3/16/2011 8:56:21 PM - Software Distribution Service 3.0RP161: 3/17/2011 3:36:28 PM - Software Distribution Service 3.0RP162: 3/18/2011 4:04:14 PM - System CheckpointRP163: 3/18/2011 7:04:18 PM - Software Distribution Service 3.0RP164: 3/19/2011 1:00:14 PM - Software Distribution Service 3.0RP165: 3/20/2011 8:14:40 PM - System CheckpointRP166: 3/21/2011 3:58:00 PM - Removed Adobe Reader 7.0.7RP167: 3/25/2011 4:47:54 PM - System CheckpointRP168: 3/25/2011 7:25:13 PM - Software Distribution Service 3.0RP169: 3/27/2011 9:00:59 PM - System CheckpointRP170: 3/29/2011 7:20:30 PM - System CheckpointRP171: 4/3/2011 3:16:12 PM - System CheckpointRP172: 4/4/2011 6:25:57 PM - System CheckpointRP173: 4/6/2011 4:34:05 PM - System CheckpointRP174: 4/8/2011 10:27:03 PM - System CheckpointRP175: 4/10/2011 12:26:49 PM - System CheckpointRP176: 4/12/2011 2:35:55 PM - System CheckpointRP177: 4/15/2011 1:00:21 PM - Software Distribution Service 3.0RP178: 4/16/2011 2:50:00 PM - Software Distribution Service 3.0RP179: 4/17/2011 1:30:59 PM - Software Distribution Service 3.0RP180: 4/18/2011 10:48:57 PM - System Checkpoint.==== Installed Programs ======================.32 Bit HP CIO Components InstallerAdobe AIRAdobe Common File InstallerAdobe Flash Player 10 ActiveXAdobe Flash Player 10 PluginAdobe Help Center 1.0Adobe Photoshop CS2Adobe Reader X (10.0.1)Adobe Stock Photos 1.0Agere Systems HDA ModemBitDefender Total Security 2011BufferChmCopyCustomerResearchQFolderDestination ComponentDeviceDiscoveryDeviceManagementQFolderDJ_AIO_03_F4200_ProductContextDJ_AIO_03_F4200_SoftwareDJ_AIO_03_F4200_Software_MineSupportQFoldereToken PKI Client 5.1 SP1F4200F4200_HelpFLV Player 2.0 (build 25)Google ChromeGoogle Talk PluginGoogle Update HelperGPBaseServiceHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB942288-v3)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB958655-v2)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)Hotfix for Windows XP (KB981793)HP Customer Participation Program 10.0HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3HP Imaging Device Functions 10.0HP Integrated Module with Bluetooth wireless technologyHP Photosmart Essential 2.5HP Smart Web PrintingHP SoftPaq Download ManagerHP Solution Center 10.0HP UpdateHPProductAssistantHPSSupplyIntel® Graphics Media Accelerator DriverJava Auto UpdaterJava™ 6 Update 24JMicron JMB38X Flash Media ControllerMarketResearchMBlaze UIMicrosoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Application Error ReportingMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Office 2007 Service Pack 2 (SP2)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SOAP Toolkit 3.0Microsoft Software Update for Web Folders (English) 12Microsoft SQL Server Compact 3.5 SP2 ENUMicrosoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Mozilla Firefox (3.6.16)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Nero SuiteOGA Notifier 2.0.0048.0PowerDVDPSSWCOREREALTEK GbE & FE Ethernet PCI-E NIC DriverScanSecurity Update for 2007 Microsoft Office System (KB2288621)Security Update for 2007 Microsoft Office System (KB2288931)Security Update for 2007 Microsoft Office System (KB2345043)Security Update for 2007 Microsoft Office System (KB2466156)Security Update for 2007 Microsoft Office System (KB2509488)Security Update for 2007 Microsoft Office System (KB969559)Security Update for 2007 Microsoft Office System (KB976321)Security Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)Security Update for Microsoft Office Access 2007 (KB979440)Security Update for Microsoft Office Excel 2007 (KB2464583)Security Update for Microsoft Office Groove 2007 (KB2494047)Security Update for Microsoft Office InfoPath 2007 (KB979441)Security Update for Microsoft Office PowerPoint 2007 (KB2464594)Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)Security Update for Microsoft Office Publisher 2007 (KB2284697)Security Update for Microsoft Office system 2007 (972581)Security Update for Microsoft Office system 2007 (KB974234)Security Update for Microsoft Office Visio Viewer 2007 (KB973709)Security Update for Microsoft Office Word 2007 (KB2344993)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player (KB979402)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2160329)Security Update for Windows XP (KB2183461)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360131)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2416400)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2482017)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2497640)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2510581)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371-v2)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974455)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB976325)Security Update for Windows XP (KB977165-v2)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981349)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982381)Security Update for Windows XP (KB982665)Security Update for Windows XP (KB982802)Shop for HP SuppliesSmartWebPrintingOCSolutionCenterStatusToolboxTrayAppUnloadSupportUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft Office OneNote 2007 (KB980729)Update for Microsoft Office Outlook 2007 (KB2509470)Update for Outlook 2007 Junk Email Filter (KB2522999)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)Update for Windows XP (KB976749)Update for Windows XP (KB978207)Update for Windows XP (KB980182)USB Token 1000 v4.1 (Remove only)VideoToolkit01VLC media player 1.1.8WebFldrs XPWebRegWindows Genuine Advantage Notifications (KB905474)Windows Live ID Sign-in AssistantWindows Media Format 11 runtimeWindows Media Player 11Windows XP Service Pack 3WinRAR archiverYahoo! Messenger.==== Event Viewer Messages From Past Week ========.4/20/2011 11:55:29 AM, error: Service Control Manager [7031] - The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.4/20/2011 11:51:30 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: bdfsfltr BdRawPr Bdvedisk Fips intelppm4/20/2011 11:50:26 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}4/20/2011 11:50:14 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}4/20/2011 11:48:04 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.4/20/2011 11:44:46 AM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.4/20/2011 11:44:45 AM, error: Service Control Manager [7034] - The UDisk Monitor service terminated unexpectedly. It has done this 1 time(s).4/20/2011 11:44:45 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).4/20/2011 11:44:45 AM, error: Service Control Manager [7034] - The ETOKSRV service terminated unexpectedly. It has done this 1 time(s).4/20/2011 11:44:45 AM, error: Service Control Manager [7034] - The Agere Modem Call Progress Audio service terminated unexpectedly. It has done this 1 time(s).4/15/2011 8:21:26 PM, error: Service Control Manager [7000] - The Audio Service service failed to start due to the following error: The system cannot find the file specified.4/14/2011 10:17:48 PM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.4/14/2011 10:16:22 PM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.4/14/2011 10:16:22 PM, error: Service Control Manager [7000] - The Audio Service service failed to start due to the following error: The system cannot find the path specified.4/13/2011 8:03:47 PM, error: Service Control Manager [7000] - The Adobe LM Service service failed to start due to the following error: The pipe has been ended..==== End Of File ===========================

DDS.txt
.DDS (Ver_11-03-05.01) - NTFSx86 Run by Ahmed at 12:03:32.59 on Wed 04/20/2011Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_24Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2011.1613 [GMT 5.5:30].AV: BitDefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}FW: BitDefender Firewall *Enabled* .============== Running Processes ===============.C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exesvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\WINDOWS\system32\agrsmsvc.exeC:\Program Files\Aladdin\eToken\PKIClient\x32\eTSrv.exeC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\svchost.exe -k HPZ12C:\Program Files\Google\Update\GoogleUpdate.exeC:\WINDOWS\System32\svchost.exe -k HPZ12C:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\MBlaze UI\bin\MonServiceUDisk.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\system32\ep1k_certd.exeC:\WINDOWS\system32\igfxsrvc.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\BitDefender\BitDefender 2011\bdagent.exeC:\WINDOWS\system32\ep1ksrv.exeC:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exeC:\WINDOWS\system32\wuauclt.exeE:\AV Tools\dds.scr.============== Pseudo HJT Report ===============.uSearch Page = hxxp://in.rd.yahoo.com/customize/ycomp/defaults/sp/*http://in.yahoo.comuStart Page = hxxp://www.google.co.in/mDefault_Page_URL = hxxp://in.yahoo.commStart Page = hxxp://in.yahoo.commURLSearchHooks: H - No FileBHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No FileBHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllBHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dllTB: Bitdefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dlluRun: [ctfmon.exe] c:\windows\system32\ctfmon.exemRun: [IgfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [ep1k_certd] c:\windows\system32\ep1k_certd.exe -r -s -amRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe"mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe"mRun: [eTMonitor] "c:\program files\aladdin\etoken\pkiclient\x32\PKIMonitor.exe"dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -tdRunOnce: [RunNarrator] Narrator.exeIE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htmIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLLIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dllDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258735569000DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {8EB6C15E-D180-4BA5-94D2-442867296F93} - hxxps://delhi.govtprocurement.com/include/api/C1Sign.CABDPF: {9765B508-0C62-4F32-AB7C-D30D0615580B} - hxxp://202.71.152.162/SecurityClientComponents//TCSDataSigner.cabDPF: {A4BE311B-469C-41AC-B87A-649C1CFD1425} - hxxps://delhi.govtprocurement.com/Components/prjUtilities.cabDPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: {2530333E-2C10-49CA-8752-704502CF9C3E} = 172.16.75.1,202.89.66.2Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dllNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll.================= FIREFOX ===================.FF - ProfilePath - c:\docume~1\ahmed\applic~1\mozilla\firefox\profiles\1twp3wjh.default\FF - prefs.js: browser.startup.homepage - google.comFF - prefs.js: network.proxy.type - 0FF - component: c:\program files\bitdefender\bitdefender 2011\bdaphffext\components\bdaphff3.6.dllFF - component: c:\program files\bitdefender\bitdefender 2011\bdaphffext\components\bdaphff3.dllFF - plugin: c:\documents and settings\ahmed\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dllFF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtensionFF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ffFF - Ext: BitDefender Antiphishing Toolbar: FFToolbar@bitdefender.com - c:\program files\bitdefender\bitdefender 2011\bdaphffext.============= SERVICES / DRIVERS ===============.R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [2011-3-25 12960]R1 Bdvedisk;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2010-1-19 85128]R2 eTSrv;ETOKSRV;c:\program files\aladdin\etoken\pkiclient\x32\eTSrv.exe [2009-11-15 12640]R2 UDisk Monitor;UDisk Monitor;c:\program files\mblaze ui\bin\MonServiceUDisk.exe [2010-1-15 512000]R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2009-3-19 113664]R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2010-8-20 111696]R3 ft1kEnum;usb Card Device 1000;c:\windows\system32\drivers\IC1KENUM.SYS [2009-7-30 8832]R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2009-7-30 110080]R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2009-7-30 100184]R3 Reader_1000;USB SmartCard Reader Device 1000 ;c:\windows\system32\drivers\usbic1k.sys [2009-7-30 9856]S1 mferkdk;VSCore mferkdk;\??\c:\program files\mcafee\virusscan enterprise\mferkdk.sys --> c:\program files\mcafee\virusscan enterprise\mferkdk.sys [?]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-19 136176]S3 AKSUP;AKSUP;c:\windows\system32\drivers\aksup.sys [2008-7-29 34472]S3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-4-22 149520]S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys --> c:\windows\system32\drivers\ewusbnet.sys [?]S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys --> c:\windows\system32\drivers\ewusbdev.sys [?]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe --> c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [?]S3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys [2010-1-15 104704]S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2010-11-29 535824]S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2010-11-29 1066232]S4 Update Server;BitDefender Update Server v2;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2010-11-30 307544]S4 Updatesrv;BitDefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2011\updatesrv.exe [2011-2-11 43936].=============== Created Last 30 ================.2011-04-13 02:51:13 -------- d-----w- c:\windows\pss2011-04-04 16:41:00 -------- d--h--w- c:\windows\PIF2011-03-25 13:14:01 -------- d-----w- c:\docume~1\alluse~1\applic~1\bdch2011-03-25 12:48:56 -------- d-----w- c:\docume~1\ahmed\applic~1\BitDefender2011-03-25 12:48:29 -------- d-----w- c:\program files\MSSOAP2011-03-25 12:48:20 -------- d-----w- c:\program files\BitDefender2011-03-25 12:37:53 -------- d-----w- c:\docume~1\ahmed\applic~1\QuickScan2011-03-25 12:37:03 -------- d-----w- c:\docume~1\alluse~1\applic~1\BitDefender2011-03-25 12:36:56 307784 ----a-w- c:\windows\system32\drivers\trufos.sys2011-03-25 12:36:54 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys2011-03-25 12:36:54 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys2011-03-23 11:19:16 -------- d-----w- c:\docume~1\ahmed\applic~1\TeamViewer.==================== Find3M ====================.2011-03-25 12:50:48 579622 ----a-w- c:\docume~1\alluse~1\applic~1\bdinstall.bin2011-03-15 17:01:58 24 ----a-w- c:\docume~1\alluse~1\applic~1\~f926.tmp2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll2011-03-04 06:45:07 434176 ----a-w- c:\windows\system32\vbscript.dll2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys2011-02-17 13:51:57 81920 ----a-w- c:\windows\system32\ieencode.dll2011-02-17 13:51:57 667136 ----a-w- c:\windows\system32\wininet.dll2011-02-17 13:51:57 61952 ----a-w- c:\windows\system32\tdc.ocx2011-02-17 12:37:38 369664 ------w- c:\windows\system32\html.iec2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll2011-02-02 16:10:23 472808 -c--a-w- c:\windows\system32\deployJava1.dll2011-02-02 13:49:39 73728 ----a-w- c:\windows\system32\javacpl.cpl2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll2010-07-08 04:07:14 101544 ----a-w- c:\program files\common files\LinkInstaller.exe.============= FINISH: 12:04:19.95 ===============

#2 Scorpy Re: [RESOLVED] Does this points to an infection?

Member

101 posts
Joined: July 03, 2010
7 topics
Age: 36
Skin: IP.Board
Local time: 01:14 AM

Zodiac:Scorpio
Gender:Male
Location:Anywhere Anytime ;)
OS:Windows 7
Country:

Offline

Posted 20 April 2011 - 11:29 AM

MBAM Log

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6402

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

4/20/2011 1:29:29 PM
mbam-log-2011-04-20 (13-29-29).txt

Scan type: Full scan (C:\|D:\|E:\|M:\|)
Objects scanned: 224152
Time elapsed: 25 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER Log

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-20 17:34:41
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD25 rev.13.0
Running: vf2o4rvt.exe; Driver: C:\DOCUME~1\Ahmed\LOCALS~1\Temp\pwacqkob.sys

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\DRIVERS\aksifdh.sys entry point in "init" section [0xBA281090]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Classes\CLSID\{18d32b24-8dfe-4ca7-8531-a1989f3dae77}@Model 182
Reg HKLM\SOFTWARE\Classes\CLSID\{18d32b24-8dfe-4ca7-8531-a1989f3dae77}@Therad 30
Reg HKLM\SOFTWARE\Classes\CLSID\{18d32b24-8dfe-4ca7-8531-a1989f3dae77}@MData 0x2B 0x8F 0x78 0x29 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}@scansk 0xF1 0x25 0x0A 0x56 ...

---- EOF - GMER 1.0.15 ----

#3 Scorpy Re: [RESOLVED] Does this points to an infection?

Member

101 posts
Joined: July 03, 2010
7 topics
Age: 36
Skin: IP.Board
Local time: 01:14 AM

Zodiac:Scorpio
Gender:Male
Location:Anywhere Anytime ;)
OS:Windows 7
Country:

Offline

Posted 20 April 2011 - 12:32 PM

Attaching Combfix log. Unable to post contents in the post dude to error message : Error- post is too long pls shorten it a bit.

ComboFix.txt 259.5K 32 downloads

#4 Broni Re: [RESOLVED] Does this points to an infection?

Malware Annihilator

24,880 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 12:44 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 9h 13m 9s

Posted 20 April 2011 - 10:35 PM

omboFix 11-04-19.05 - Ahmed 04/20/2011 17:46:38.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2011.1521 [GMT 5.5:30]
Running from: D:\ComboFix.exe
AV: BitDefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: BitDefender Firewall *Enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
c:\program files\FunWebProducts\ScreenSaver\Images\003F15C7.urr
c:\program files\FunWebProducts\Shared\002E7DDB.dat
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\MyWebSearch\bar\1.bin\CHROME.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTtpct.dll
c:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\1.bin\F3SCrctr.dll
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\INSTALL.RDF
c:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\1.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MSg.dll
c:\program files\MyWebSearch\bar\1.bin\M3OUtlcn.dll
c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSUABTN.DLL
c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\002DAF30
c:\program files\MyWebSearch\bar\Cache\002DB9CF
c:\program files\MyWebSearch\bar\Cache\002DBC9E.bin
c:\program files\MyWebSearch\bar\Cache\002DBCBD.bin
c:\program files\MyWebSearch\bar\Cache\002DBCEC.bin
c:\program files\MyWebSearch\bar\Cache\002DBD1B.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\system32\f3PSSavr.scr
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService
.
.
((((((((((((((((((((((((( Files Created from 2011-03-20 to 2011-04-20 )))))))))))))))))))))))))))))))
.
.
2011-04-20 06:36 . 2010-12-20 12:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-20 06:36 . 2011-04-20 06:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-20 06:36 . 2010-12-20 12:38 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-04 16:41 . 2011-04-04 16:41 -------- d--h--w- c:\windows\PIF
2011-03-27 17:01 . 2011-03-27 17:01 -------- d-----w- c:\documents and settings\Ahmed\Application Data\dvdcss
2011-03-25 13:18 . 2011-03-25 13:18 -------- d-----w- c:\documents and settings\NetworkService\Application Data\QuickScan
2011-03-25 13:14 . 2011-03-25 13:14 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\bdch
2011-03-25 13:14 . 2011-03-25 13:14 -------- d-----w- c:\documents and settings\All Users\Application Data\bdch
2011-03-25 12:48 . 2011-03-25 12:48 -------- d-----w- c:\documents and settings\Ahmed\Application Data\BitDefender
2011-03-25 12:48 . 2011-03-25 12:48 -------- d-----w- c:\program files\MSSOAP
2011-03-25 12:48 . 2011-03-25 12:48 -------- d-----w- c:\program files\BitDefender
2011-03-25 12:37 . 2011-03-25 12:37 -------- d-----w- c:\documents and settings\Ahmed\Application Data\QuickScan
2011-03-25 12:37 . 2011-03-25 12:49 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2011-03-25 12:36 . 2011-04-13 03:04 307784 ----a-w- c:\windows\system32\drivers\trufos.sys
2011-03-25 12:36 . 2011-04-02 06:05 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2011-03-25 12:36 . 2010-05-13 10:32 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys
2011-03-23 11:19 . 2011-03-23 11:19 -------- d-----w- c:\documents and settings\Ahmed\Application Data\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-02 06:05 . 2010-05-13 10:22 105808 ----a-w- c:\windows\system32\drivers\bdhv.sys
2011-03-25 12:50 . 2011-03-18 16:39 579622 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin
2011-03-15 17:01 . 2011-03-15 16:00 24 ----a-w- c:\documents and settings\All Users\Application Data\~f926.tmp
2011-03-07 05:33 . 2009-07-30 05:59 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:45 . 2004-03-11 19:48 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2004-03-11 18:42 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-17 13:51 . 2004-03-11 19:48 667136 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 13:51 . 2004-03-11 19:48 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 13:51 . 2004-03-11 18:16 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-02-17 13:18 . 2004-03-11 18:41 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2004-03-11 18:41 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:37 . 2006-10-17 07:36 369664 ------w- c:\windows\system32\html.iec
2011-02-17 12:32 . 2009-11-20 16:49 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2004-03-11 19:48 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2004-03-11 19:48 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-03-11 19:48 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2004-03-11 19:48 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2004-03-11 19:48 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 16:10 . 2010-04-16 09:53 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-02-02 13:49 . 2009-10-06 09:08 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2009-07-30 05:57 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2009-07-30 05:57 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2004-03-11 19:48 439296 ----a-w- c:\windows\system32\shimgvw.dll
2010-07-08 04:07 . 2010-07-08 04:07 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2010-07-09_14.49.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-11 05:29 . 2011-01-11 05:29 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_214ee422\vcomp90.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90rus.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90kor.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90jpn.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90ita.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90fra.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esp.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esn.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90enu.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90deu.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90cht.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90chs.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90u.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90.dll
+ 2011-01-10 17:33 . 2011-01-10 17:33 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_189d6662\vcomp.dll
+ 2009-07-11 15:24 . 2009-07-11 15:24 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2011-01-10 17:02 . 2011-01-10 17:02 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80KOR.dll
+ 2011-01-10 17:02 . 2011-01-10 17:02 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80JPN.dll
+ 2011-01-10 17:02 . 2011-01-10 17:02 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ITA.dll
+ 2011-01-10 17:02 . 2011-01-10 17:02 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80FRA.dll
+ 2011-01-10 17:02 . 2011-01-10 17:02 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ESP.dll
+ 2011-01-10 17:02 . 2011-01-10 17:02 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80ENU.dll
+ 2011-01-10 17:02 . 2011-01-10 17:02 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80DEU.dll
+ 2011-01-10 17:02 . 2011-01-10 17:02 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHT.dll
+ 2011-01-10 17:02 . 2011-01-10 17:02 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_3dcd24cb\mfc80CHS.dll
+ 2009-07-11 15:02 . 2009-07-11 15:02 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 15:02 . 2009-07-11 15:02 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 15:02 . 2009-07-11 15:02 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 15:02 . 2009-07-11 15:02 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 15:02 . 2009-07-11 15:02 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 15:02 . 2009-07-11 15:02 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 15:02 . 2009-07-11 15:02 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-11 15:02 . 2009-07-11 15:02 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 15:02 . 2009-07-11 15:02 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2011-01-10 22:35 . 2011-01-10 22:35 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80u.dll
+ 2011-01-10 22:53 . 2011-01-10 22:53 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfcm80.dll
+ 2009-07-11 19:37 . 2009-07-11 19:37 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-11 19:49 . 2009-07-11 19:49 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2011-01-10 15:51 . 2011-01-10 15:51 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_7837863c\ATL80.dll
+ 2009-07-11 14:11 . 2009-07-11 14:11 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2010-07-09 17:21 . 2010-07-09 17:21 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
+ 2011-04-20 11:05 . 2011-04-20 11:05 16384 c:\windows\Temp\Perflib_Perfdata_300.dat
- 2009-11-25 14:49 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
+ 2009-11-25 14:49 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2004-03-11 19:48 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll
+ 2009-07-30 06:26 . 2007-07-27 17:41 26488 c:\windows\system32\spupdsvc.exe
- 2009-07-30 06:26 . 2007-07-27 05:11 26488 c:\windows\system32\spupdsvc.exe
+ 2004-03-11 19:49 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2009-07-30 06:14 . 2008-11-10 06:11 67472 c:\windows\system32\spool\drivers\w32x86\msonpui.dll
+ 2009-07-30 06:14 . 2008-11-10 06:11 67472 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll
+ 2010-10-19 14:13 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
+ 2008-07-29 11:10 . 2008-07-29 11:10 34472 c:\windows\system32\Setup\Aladdin\eToken\aksup.sys
+ 2008-07-29 11:10 . 2008-07-29 11:10 48296 c:\windows\system32\Setup\Aladdin\eToken\aksifdh.sys
+ 2010-11-01 11:34 . 2008-07-29 11:10 34472 c:\windows\system32\ReinstallBackups\0030\DriverFiles\aksup.sys
+ 2010-10-02 12:25 . 2008-07-29 11:10 48296 c:\windows\system32\ReinstallBackups\0029\DriverFiles\aksifdh.sys
+ 2001-08-23 05:30 . 2011-04-20 11:09 69732 c:\windows\system32\perfc009.dat
+ 2009-07-30 06:15 . 2008-11-10 06:11 32656 c:\windows\system32\msonpmon.dll
+ 2004-03-11 19:48 . 2008-05-19 01:03 18944 c:\windows\system32\msisip.dll
+ 2004-03-11 19:49 . 2008-05-18 20:27 95744 c:\windows\system32\msiexec.exe
- 2009-07-30 05:59 . 2008-04-14 00:11 81920 c:\windows\system32\isign32.dll
+ 2009-07-30 05:59 . 2010-11-18 18:12 81920 c:\windows\system32\isign32.dll
+ 2004-03-11 19:48 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
- 2004-03-11 19:48 . 2008-04-14 00:11 80384 c:\windows\system32\iccvid.dll
+ 2009-11-15 07:15 . 2009-11-15 07:15 11104 c:\windows\system32\eTSAPI.dll
+ 2009-11-15 07:14 . 2009-11-15 07:14 12128 c:\windows\system32\eTPKCS11.dll
+ 2009-08-02 06:09 . 2009-08-02 06:09 53248 c:\windows\system32\eTOKCSP.dll
+ 2009-11-15 07:14 . 2009-11-15 07:14 10080 c:\windows\system32\eTCAPI.dll
+ 2010-03-18 07:46 . 2010-03-18 07:46 70472 c:\windows\system32\dxva2.dll
+ 2001-08-23 05:30 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
+ 2010-01-19 13:02 . 2010-01-19 13:02 85128 c:\windows\system32\drivers\bdvedisk.sys
+ 2008-07-29 11:10 . 2008-07-29 11:10 34472 c:\windows\system32\drivers\aksup.sys
+ 2010-10-02 12:25 . 2008-07-29 11:10 48296 c:\windows\system32\drivers\aksifdh.sys
- 2004-03-11 19:48 . 2008-04-14 00:11 45568 c:\windows\system32\dnsrslvr.dll
+ 2004-03-11 19:48 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
+ 2009-07-30 11:26 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2004-03-11 19:48 . 2008-04-14 00:12 75776 c:\windows\system32\dllcache\wiascr.dll
- 2009-07-30 11:25 . 2001-08-23 05:30 13600 c:\windows\system32\dllcache\wfwnet.drv
+ 2001-08-23 05:30 . 2001-08-23 05:30 13600 c:\windows\system32\dllcache\wfwnet.drv
+ 2009-07-30 07:04 . 2008-04-14 00:12 23552 c:\windows\system32\dllcache\wdmaud.drv
+ 2009-11-30 07:12 . 2008-04-13 16:34 25471 c:\windows\system32\dllcache\watv10nt.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 22271 c:\windows\system32\dllcache\watv06nt.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 11935 c:\windows\system32\dllcache\wadv11nt.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 11871 c:\windows\system32\dllcache\wadv09nt.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 11295 c:\windows\system32\dllcache\wadv08nt.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 11807 c:\windows\system32\dllcache\wadv07nt.sys
+ 2009-11-30 07:12 . 2008-04-13 18:43 14208 c:\windows\system32\dllcache\wacompen.sys
+ 2009-07-30 05:59 . 2008-04-14 00:12 32768 c:\windows\system32\dllcache\wabfind.dll
+ 2009-07-30 05:59 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
+ 2004-03-11 19:48 . 2008-04-14 00:12 15872 c:\windows\system32\dllcache\w3ssl.dll
+ 2004-03-11 18:16 . 2008-04-13 18:41 52352 c:\windows\system32\dllcache\volsnap.sys
+ 2009-11-30 07:12 . 2008-04-13 18:36 42240 c:\windows\system32\dllcache\viaagp.sys
+ 2001-08-17 14:02 . 2001-08-23 05:30 58112 c:\windows\system32\dllcache\vdmindvd.sys
+ 2009-11-30 07:12 . 2008-04-14 00:12 11325 c:\windows\system32\dllcache\vchnt5.dll
+ 2004-03-12 00:54 . 2008-04-13 18:45 15872 c:\windows\system32\dllcache\usbintel.sys
+ 2001-08-17 14:03 . 2008-04-13 18:45 25728 c:\windows\system32\dllcache\usbcamd2.sys
+ 2001-08-17 14:03 . 2008-04-13 18:45 25600 c:\windows\system32\dllcache\usbcamd.sys
+ 2009-11-30 07:12 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023x.sys
+ 2001-08-23 05:30 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023.sys
+ 2004-03-11 19:49 . 2008-04-14 00:12 18432 c:\windows\system32\dllcache\ups.exe
+ 2004-03-11 18:17 . 2008-04-13 18:32 66048 c:\windows\system32\dllcache\udfs.sys
+ 2009-11-30 07:12 . 2008-04-13 18:36 44672 c:\windows\system32\dllcache\uagp35.sys
+ 2004-03-12 00:54 . 2008-04-13 18:56 12288 c:\windows\system32\dllcache\tunmp.sys
+ 2001-08-17 14:06 . 2001-08-23 05:30 21376 c:\windows\system32\dllcache\tsbvcap.sys
+ 2001-08-17 14:01 . 2001-08-23 05:30 51712 c:\windows\system32\dllcache\tosdvd.sys
+ 2004-03-11 19:49 . 2008-04-14 00:12 73216 c:\windows\system32\dllcache\tlntsvr.exe
+ 2009-07-30 05:58 . 2008-04-14 00:13 21896 c:\windows\system32\dllcache\tdtcp.sys
+ 2009-07-30 05:58 . 2008-04-14 00:13 12040 c:\windows\system32\dllcache\tdpipe.sys
+ 2004-03-11 18:16 . 2008-04-13 18:40 14976 c:\windows\system32\dllcache\tape.sys
+ 2009-07-30 11:26 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2010-08-27 05:57 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2009-07-30 05:59 . 2008-04-13 18:36 73472 c:\windows\system32\dllcache\sr.sys
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2004-03-12 00:54 . 2008-04-13 18:46 25344 c:\windows\system32\dllcache\sonydcam.sys
+ 2004-03-11 19:49 . 2008-04-14 00:12 89600 c:\windows\system32\dllcache\smlogsvc.exe
+ 2009-11-30 07:12 . 2008-04-13 18:23 13240 c:\windows\system32\dllcache\slwdmsup.sys
+ 2009-11-30 07:12 . 2008-04-13 18:23 95424 c:\windows\system32\dllcache\slnthal.sys
+ 2009-07-30 11:26 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys
+ 2004-03-11 19:48 . 2008-04-14 00:12 25088 c:\windows\system32\dllcache\slayerxp.dll
+ 2009-11-30 07:12 . 2008-04-13 18:36 40960 c:\windows\system32\dllcache\sisagp.sys
+ 2004-03-11 19:49 . 2008-04-14 00:12 45056 c:\windows\system32\dllcache\shmgrate.exe
+ 2004-03-11 18:16 . 2008-04-13 18:40 11008 c:\windows\system32\dllcache\sffp_sd.sys
+ 2004-03-11 18:16 . 2008-04-13 18:40 11904 c:\windows\system32\dllcache\sffdisk.sys
+ 2009-07-30 05:59 . 2008-04-14 00:12 73216 c:\windows\system32\dllcache\setup50.exe
+ 2004-03-11 18:15 . 2008-04-13 18:40 15744 c:\windows\system32\dllcache\serenum.sys
+ 2004-03-11 18:24 . 2008-04-13 18:36 79232 c:\windows\system32\dllcache\sdbus.sys
+ 2004-03-11 19:49 . 2008-04-14 00:12 95744 c:\windows\system32\dllcache\scardsvr.exe
+ 2001-08-23 05:30 . 2008-04-14 00:12 92672 c:\windows\system32\dllcache\rsvpsp.dll
+ 2009-11-30 07:12 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismpx.sys
+ 2001-08-23 05:30 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismp.sys
+ 2001-08-17 13:24 . 2001-08-23 05:30 12032 c:\windows\system32\dllcache\riodrv.sys
+ 2001-08-17 13:24 . 2001-08-23 05:30 12032 c:\windows\system32\dllcache\rio8drv.sys
+ 2009-11-30 07:12 . 2008-04-13 18:46 59136 c:\windows\system32\dllcache\rfcomm.sys
+ 2004-03-11 19:49 . 2008-04-14 00:12 11776 c:\windows\system32\dllcache\regsvr32.exe
+ 2004-03-11 19:48 . 2008-04-14 00:12 59904 c:\windows\system32\dllcache\regsvc.dll
+ 2009-11-30 07:12 . 2008-04-13 18:23 13776 c:\windows\system32\dllcache\recagent.sys
+ 2009-07-30 05:57 . 2008-04-14 00:12 62976 c:\windows\system32\dllcache\rdpclip.exe
+ 2004-03-11 19:48 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\rasauto.dll
- 2008-04-14 00:09 . 2008-04-14 00:09 24064 c:\windows\system32\dllcache\pidgen.dll
+ 2004-03-11 19:48 . 2008-04-14 00:09 24064 c:\windows\system32\dllcache\pidgen.dll
+ 2004-03-11 18:16 . 2008-04-13 18:40 24960 c:\windows\system32\dllcache\pciidex.sys
+ 2009-07-30 06:21 . 2008-04-13 18:36 68224 c:\windows\system32\dllcache\pci.sys
+ 2001-08-23 05:30 . 2008-04-13 18:40 19712 c:\windows\system32\dllcache\partmgr.sys
+ 2004-03-12 00:45 . 2008-04-13 18:31 42752 c:\windows\system32\dllcache\p3.sys
+ 2001-08-23 05:30 . 2001-08-23 05:30 24064 c:\windows\system32\dllcache\olesvr.dll
- 2009-07-30 11:25 . 2001-08-23 05:30 24064 c:\windows\system32\dllcache\olesvr.dll
+ 2001-08-23 05:30 . 2001-08-23 05:30 82944 c:\windows\system32\dllcache\olecli.dll
- 2009-07-30 11:25 . 2001-08-23 05:30 82944 c:\windows\system32\dllcache\olecli.dll
+ 2004-03-11 18:24 . 2008-04-13 18:56 88320 c:\windows\system32\dllcache\nwlnkipx.sys
+ 2004-03-11 18:18 . 2008-04-13 18:53 40320 c:\windows\system32\dllcache\nmnt.sys
+ 2001-08-17 13:24 . 2001-08-23 05:30 12032 c:\windows\system32\dllcache\nikedrv.sys
+ 2004-03-12 00:44 . 2008-04-13 18:51 61824 c:\windows\system32\dllcache\nic1394.sys
+ 2010-12-15 08:34 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
+ 2009-07-30 11:26 . 2008-04-13 18:46 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2009-07-30 11:26 . 2008-04-13 18:46 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2009-11-30 07:12 . 2008-04-13 18:43 12672 c:\windows\system32\dllcache\mutohpen.sys
+ 2008-05-19 01:03 . 2008-05-19 01:03 18944 c:\windows\system32\dllcache\msisip.dll
+ 2008-05-18 20:27 . 2008-05-18 20:27 95744 c:\windows\system32\dllcache\msiexec.exe
+ 2004-03-11 19:49 . 2008-04-14 00:12 29184 c:\windows\system32\dllcache\mshta.exe
+ 2004-03-11 19:48 . 2008-04-14 00:12 33792 c:\windows\system32\dllcache\msgsvc.dll
+ 2004-03-11 18:14 . 2008-04-13 18:39 92544 c:\windows\system32\dllcache\mqac.sys
+ 2001-08-23 05:30 . 2008-04-14 00:11 53248 c:\windows\system32\dllcache\mprdim.dll
+ 2004-03-11 18:14 . 2008-04-13 18:39 42368 c:\windows\system32\dllcache\mountmgr.sys
+ 2009-07-30 05:59 . 2008-04-14 00:12 32768 c:\windows\system32\dllcache\mnmsrvc.exe
+ 2004-03-11 17:52 . 2004-03-11 17:52 68768 c:\windows\system32\dllcache\mmsystem.dll
- 2009-07-30 11:25 . 2004-03-11 17:52 68768 c:\windows\system32\dllcache\mmsystem.dll
+ 2004-03-12 00:54 . 2008-04-13 18:36 63744 c:\windows\system32\dllcache\mf.sys
+ 2001-08-23 05:30 . 2001-08-23 05:30 28160 c:\windows\system32\dllcache\mciwave.drv
- 2009-07-30 11:25 . 2001-08-23 05:30 28160 c:\windows\system32\dllcache\mciwave.drv
+ 2001-08-23 05:30 . 2001-08-23 05:30 25264 c:\windows\system32\dllcache\mciseq.drv
- 2009-07-30 11:25 . 2001-08-23 05:30 25264 c:\windows\system32\dllcache\mciseq.drv
+ 2001-08-23 05:30 . 2001-08-23 05:30 73376 c:\windows\system32\dllcache\mciavi.drv
- 2009-07-30 11:25 . 2001-08-23 05:30 73376 c:\windows\system32\dllcache\mciavi.drv
+ 2004-03-11 19:49 . 2008-04-14 00:12 75264 c:\windows\system32\dllcache\locator.exe
- 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2004-03-11 18:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2009-11-30 07:15 . 2008-04-14 00:11 61440 c:\windows\system32\dllcache\kmsvc.dll
- 2009-07-30 05:59 . 2008-04-14 00:11 81920 c:\windows\system32\dllcache\isign32.dll
+ 2009-07-30 05:59 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
+ 2009-07-30 06:21 . 2008-04-13 18:36 37248 c:\windows\system32\dllcache\isapnp.sys
+ 2009-07-30 11:25 . 2008-04-13 18:54 11264 c:\windows\system32\dllcache\irenum.sys
+ 2009-11-30 07:15 . 2008-04-13 18:45 46592 c:\windows\system32\dllcache\irbus.sys
+ 2001-08-23 05:30 . 2008-04-13 18:57 20864 c:\windows\system32\dllcache\ipinip.sys
+ 2004-03-11 18:18 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\ip6fw.sys
- 2009-09-25 05:37 . 2010-04-16 16:09 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-09-25 05:37 . 2011-02-17 13:51 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2004-03-11 19:49 . 2008-04-14 00:12 34304 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-07-30 09:18 . 2008-04-13 18:45 10368 c:\windows\system32\dllcache\hidusb.sys
+ 2009-11-30 07:12 . 2008-04-13 18:45 19200 c:\windows\system32\dllcache\hidir.sys
+ 2004-03-11 18:23 . 2008-04-13 18:45 36864 c:\windows\system32\dllcache\hidclass.sys
+ 2009-11-30 07:12 . 2008-04-13 18:46 25600 c:\windows\system32\dllcache\hidbth.sys
+ 2009-11-30 07:12 . 2008-04-13 18:36 46464 c:\windows\system32\dllcache\gagp30kx.sys
+ 2001-08-17 13:57 . 2001-08-23 05:30 12160 c:\windows\system32\dllcache\fsvga.sys
+ 2004-03-11 19:48 . 2008-04-14 00:11 21504 c:\windows\system32\dllcache\feclient.dll
+ 2004-03-11 19:48 . 2008-04-14 00:11 55808 c:\windows\system32\dllcache\extmgr.dll
+ 2009-11-30 07:15 . 2008-04-14 00:11 33792 c:\windows\system32\dllcache\eapsvc.dll
+ 2004-03-11 19:48 . 2008-04-14 00:11 51200 c:\windows\system32\dllcache\dssec.dll
+ 2004-03-11 19:48 . 2008-04-14 00:11 48128 c:\windows\system32\dllcache\docprop2.dll
+ 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2004-03-11 18:16 . 2008-04-13 18:40 14208 c:\windows\system32\dllcache\diskdump.sys
+ 2004-03-11 18:16 . 2008-04-13 18:40 36352 c:\windows\system32\dllcache\disk.sys
+ 2004-03-11 19:48 . 2008-04-14 00:11 28672 c:\windows\system32\dllcache\dfsshlex.dll
+ 2009-12-14 07:08 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2004-03-12 00:45 . 2008-04-13 18:31 36736 c:\windows\system32\dllcache\crusoe.sys
+ 2001-08-17 13:24 . 2001-08-23 05:30 11776 c:\windows\system32\dllcache\cpqdap01.sys
+ 2009-07-30 11:26 . 2008-04-13 18:36 10240 c:\windows\system32\dllcache\compbatt.sys
- 2009-07-30 11:25 . 2001-08-23 05:30 32816 c:\windows\system32\dllcache\commdlg.dll
+ 2001-08-23 05:30 . 2001-08-23 05:30 32816 c:\windows\system32\dllcache\commdlg.dll
+ 2004-03-11 19:48 . 2008-04-14 00:12 33280 c:\windows\system32\dllcache\clipsrv.exe
+ 2004-03-11 18:42 . 2008-04-13 19:16 49536 c:\windows\system32\dllcache\classpnp.sys
+ 2009-11-30 07:12 . 2008-04-14 00:11 15423 c:\windows\system32\dllcache\ch7xxnt5.dll
+ 2009-07-30 11:26 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2001-08-23 05:30 . 2001-08-23 05:30 13952 c:\windows\system32\dllcache\cbidf2k.sys
- 2010-01-13 14:01 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
+ 2004-03-11 19:48 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
+ 2009-11-30 07:12 . 2008-04-13 18:46 18944 c:\windows\system32\dllcache\bthusb.sys
+ 2009-11-30 07:12 . 2008-04-13 18:46 36480 c:\windows\system32\dllcache\bthprint.sys
+ 2009-11-30 07:12 . 2008-04-13 18:46 37888 c:\windows\system32\dllcache\bthmodem.sys
+ 2009-11-30 07:12 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\bthenum.sys
+ 2004-03-11 18:18 . 2008-04-13 18:53 71552 c:\windows\system32\dllcache\bridge.sys
+ 2009-07-30 11:26 . 2008-04-13 18:36 14208 c:\windows\system32\dllcache\battc.sys
+ 2001-08-23 05:30 . 2001-08-23 05:30 69584 c:\windows\system32\dllcache\avicap.dll
- 2009-07-30 11:25 . 2001-08-23 05:30 69584 c:\windows\system32\dllcache\avicap.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 17279 c:\windows\system32\dllcache\atv10nt5.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 14143 c:\windows\system32\dllcache\atv06nt5.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 25471 c:\windows\system32\dllcache\atv04nt5.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 11359 c:\windows\system32\dllcache\atv02nt5.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 21183 c:\windows\system32\dllcache\atv01nt5.dll
+ 2004-03-11 18:14 . 2008-04-13 18:51 55808 c:\windows\system32\dllcache\atmlane.sys
+ 2004-03-11 18:14 . 2008-04-13 18:51 59904 c:\windows\system32\dllcache\atmarpc.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 63488 c:\windows\system32\dllcache\atinxsxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 31744 c:\windows\system32\dllcache\atinxbxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 73216 c:\windows\system32\dllcache\atintuxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 13824 c:\windows\system32\dllcache\atinttxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 28672 c:\windows\system32\dllcache\atinsnxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 52224 c:\windows\system32\dllcache\atinraxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 14336 c:\windows\system32\dllcache\atinpdxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 13824 c:\windows\system32\dllcache\atinmdxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 57856 c:\windows\system32\dllcache\atinbtxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 34735 c:\windows\system32\dllcache\ati1xsxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 29455 c:\windows\system32\dllcache\ati1xbxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 36463 c:\windows\system32\dllcache\ati1tuxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 21343 c:\windows\system32\dllcache\ati1ttxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 26367 c:\windows\system32\dllcache\ati1snxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 63663 c:\windows\system32\dllcache\ati1rvxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 30671 c:\windows\system32\dllcache\ati1raxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 12047 c:\windows\system32\dllcache\ati1pdxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 11615 c:\windows\system32\dllcache\ati1mdxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 56623 c:\windows\system32\dllcache\ati1btxx.sys
+ 2004-03-11 18:16 . 2008-04-13 18:40 96512 c:\windows\system32\dllcache\atapi.sys
+ 2004-03-12 00:44 . 2008-04-13 18:51 60800 c:\windows\system32\dllcache\arp1394.sys
+ 2004-03-12 00:45 . 2008-04-13 18:31 37760 c:\windows\system32\dllcache\amdk7.sys
+ 2004-03-12 00:45 . 2008-04-13 18:31 37376 c:\windows\system32\dllcache\amdk6.sys
+ 2009-11-30 07:12 . 2008-04-13 18:36 43008 c:\windows\system32\dllcache\amdagp.sys
+ 2004-03-11 19:48 . 2008-04-14 00:11 17408 c:\windows\system32\dllcache\alrsvc.dll
+ 2009-11-30 07:12 . 2008-04-13 18:36 42752 c:\windows\system32\dllcache\alim1541.sys
+ 2009-11-30 07:12 . 2008-04-13 18:36 44928 c:\windows\system32\dllcache\agpcpq.sys
+ 2009-11-30 07:12 . 2008-04-13 18:36 42368 c:\windows\system32\dllcache\agp440.sys
+ 2004-03-11 19:48 . 2008-04-14 00:11 24064 c:\windows\system32\dllcache\agentpsh.dll
+ 2001-08-23 05:30 . 2001-08-23 05:30 11648 c:\windows\system32\dllcache\acpiec.sys
+ 2004-03-11 19:48 . 2010-12-09 14:30 33280 c:\windows\system32\csrsrv.dll
- 2004-03-11 19:48 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
+ 2010-09-22 04:13 . 2010-09-22 04:13 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2010-03-23 00:01 . 2010-03-23 00:01 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-03-18 07:46 . 2010-03-18 07:46 13648 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2010-03-18 07:46 . 2010-03-18 07:46 13648 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2010-03-18 07:46 . 2010-03-18 07:46 13648 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2010-03-18 07:46 . 2010-03-18 07:46 13648 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2010-03-18 07:46 . 2010-03-18 07:46 13648 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2010-03-18 07:46 . 2010-03-18 07:46 13648 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2010-03-18 07:46 . 2010-03-18 07:46 13648 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2010-03-18 07:46 . 2010-03-18 07:46 13648 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2010-03-18 07:46 . 2010-03-18 07:46 13648 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2010-07-09 17:27 . 2010-07-09 17:27 35152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\msddslmp\v4.0_10.0.0.0__b03f5f7f11d50a3a\msddslmp.dll
+ 2011-01-23 13:34 . 2011-01-23 13:34 49664 c:\windows\Installer\927d86.msi
+ 2010-11-19 09:46 . 2010-11-19 09:46 21504 c:\windows\Installer\1d339d.msi
+ 2011-03-21 09:27 . 2011-03-21 09:27 28160 c:\windows\Installer\1551ba.msi
+ 2009-07-30 06:15 . 2011-04-16 09:22 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-01-29 15:35 . 2011-02-17 08:56 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-03-25 12:49 . 2011-03-25 12:49 57344 c:\windows\Installer\{73FAD870-C7A8-4344-BA8F-DF8675276E91}\texticon.exe
+ 2011-03-25 12:49 . 2011-03-25 12:49 32768 c:\windows\Installer\{73FAD870-C7A8-4344-BA8F-DF8675276E91}\maintenance_icon.exe
+ 2011-03-25 12:49 . 2011-03-25 12:49 61440 c:\windows\Installer\{73FAD870-C7A8-4344-BA8F-DF8675276E91}\helpicon.exe
+ 2010-11-10 07:19 . 2010-11-10 07:19 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\ViewerPS.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\reader_sl.exe
+ 2010-11-10 07:19 . 2010-11-10 07:19 84896 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlr.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\eula.exe
+ 2010-11-10 07:19 . 2010-11-10 07:19 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrotextextractor.exe
+ 2010-11-10 07:19 . 2010-11-10 07:19 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32Info.exe
+ 2010-11-10 07:19 . 2010-11-10 07:19 62376 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acroiehelpershim.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroIEHelper.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\Acrofx32.dll
+ 2009-04-02 08:53 . 2009-04-02 08:53 10104 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\XLCALL32.DLL
+ 2009-04-03 12:31 . 2009-04-03 12:31 71504 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\XL12CNVP.DLL
+ 2009-04-03 12:27 . 2009-04-03 12:27 21320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\WRD12EXE.EXE
+ 2006-07-24 05:20 . 2006-07-24 05:20 47920 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\VBAME.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 54088 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\SCANOST.EXE
+ 2009-03-04 11:54 . 2009-03-04 11:54 75608 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\RM.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 38240 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\RECALL.DLL
+ 2009-01-06 16:01 . 2009-01-06 16:01 48512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PUBTRAP.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 52072 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLVBA.DLL
+ 2008-10-25 02:48 . 2008-10-25 02:48 72568 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONFILTER.DLL
+ 2008-10-25 02:48 . 2008-10-25 02:48 98696 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONENOTEM.EXE
+ 2006-07-24 05:20 . 2006-07-24 05:20 92976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSADDNDR.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 34192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\DUMPSTER.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 87392 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\DLGSETP.DLL
+ 2006-10-26 15:47 . 2006-10-26 15:47 11072 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2006-10-26 15:43 . 2006-10-26 15:43 72472 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XL12CNVP.DLL
+ 2006-10-27 09:41 . 2006-10-27 09:41 21504 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WRD12EXE.EXE
+ 2006-10-26 17:28 . 2006-10-26 17:28 33280 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VPREVIEW.EXE
+ 2006-10-26 08:34 . 2006-10-26 08:34 76624 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWSTRUCT.DLL
+ 2006-10-26 08:34 . 2006-10-26 08:34 19784 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWRECS.DLL
+ 2006-10-26 08:34 . 2006-10-26 08:34 51008 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWRECE.DLL
+ 2006-10-26 08:34 . 2006-10-26 08:34 27456 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWORIENT.DLL
+ 2006-10-26 08:34 . 2006-10-26 08:34 58168 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWLAY32.DLL
+ 2006-10-26 08:35 . 2006-10-26 08:35 86840 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWCUTLIN.DLL
+ 2006-10-26 08:34 . 2006-10-26 08:34 29976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\THOCRAPI.DLL
+ 2006-10-26 14:29 . 2006-10-26 14:29 15872 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SMARTTAGINSTALL.EXE
+ 2006-10-26 14:19 . 2006-10-26 14:19 34304 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETLANG.EXE
+ 2006-10-26 15:25 . 2006-10-26 15:25 55296 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SCANOST.EXE
+ 2006-10-26 15:25 . 2006-10-26 15:25 76576 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RM.DLL
+ 2006-10-26 08:34 . 2006-10-26 08:34 19784 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REVERSE.DLL
+ 2006-10-26 14:42 . 2006-10-26 14:42 40424 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REFIEBAR.DLL
+ 2006-10-26 15:43 . 2006-10-26 15:43 38168 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 39208 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RECALL.DLL
+ 2006-10-26 14:39 . 2006-10-26 14:39 48448 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PUBTRAP.DLL
+ 2006-10-26 08:35 . 2006-10-26 08:35 77144 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PSOM.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 53048 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLVBA.DLL
+ 2006-10-27 09:46 . 2006-10-27 09:46 46864 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLRPC.DLL
+ 2006-10-27 09:46 . 2006-10-27 09:46 31000 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLACCT.DLL
+ 2006-10-26 14:29 . 2006-10-26 14:29 46936 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OSETUPPS.DLL
+ 2006-10-26 14:29 . 2006-10-26 14:29 18760 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OPHPROXY.DLL
+ 2006-10-26 14:54 . 2006-10-26 14:54 72504 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONFILTER.DLL
+ 2006-10-26 14:54 . 2006-10-26 14:54 98816 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONENOTEM.EXE
+ 2006-10-26 14:29 . 2006-10-26 14:29 16728 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OMUOPTINPS.DLL
+ 2006-10-26 14:30 . 2006-10-26 14:30 23392 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OISCTRL.DLL
+ 2006-10-27 09:41 . 2006-10-27 09:41 54680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OFFRHD.DLL
+ 2006-10-26 14:42 . 2006-10-26 14:42 16192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\NPOFF12.DLL
+ 2006-10-26 14:42 . 2006-10-26 14:42 65824 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-26 14:29 . 2006-10-26 14:29 43832 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSSH.DLL
+ 2006-10-27 09:56 . 2006-10-27 09:56 35152 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOSTYLE.DLL
+ 2006-10-26 14:26 . 2006-10-26 14:26 67408 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSONPUI.DLL
+ 2006-10-26 14:26 . 2006-10-26 14:26 33104 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSONPPPR.DLL
+ 2006-10-26 14:26 . 2006-10-26 14:26 32592 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSONPMON.DLL
+ 2006-10-26 14:22 . 2006-10-26 14:22 66368 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOMSE.DLL
+ 2006-10-26 14:42 . 2006-10-26 14:42 68096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOHTMED.EXE
+ 2006-10-27 09:31 . 2006-10-27 09:31 76088 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOHEV.DLL
+ 2006-10-26 15:43 . 2006-10-26 15:43 26936 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 14:18 . 2006-10-26 14:18 14664 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 14:29 . 2006-10-26 14:29 19768 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSMH.DLL
+ 2006-10-26 14:22 . 2006-10-26 14:22 48640 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSE7.EXE
+ 2006-10-26 15:48 . 2006-10-26 15:48 66880 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSAEXP30.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 21312 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MLSHEXT.DLL
+ 2006-10-26 14:42 . 2006-10-26 14:42 89400 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\METCONV.DLL
+ 2006-10-26 16:11 . 2006-10-26 16:11 66368 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\INLAUNCH.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 35112 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESYSTEMMODE.DLL
+ 2006-10-26 19:17 . 2006-10-26 19:17 16896 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESTDURLLAUNCHER.EXE
+ 2006-10-26 19:17 . 2006-10-26 19:17 22808 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVENEW.DLL
+ 2006-10-26 19:17 . 2006-10-26 19:17 31016 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEMONITOR.EXE
+ 2006-10-26 19:17 . 2006-10-26 19:17 33792 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECLEAN.EXE
+ 2006-10-27 10:07 . 2006-10-27 10:07 34088 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEAUTOPROXY.DLL
+ 2006-10-26 19:17 . 2006-10-26 19:17 66048 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEAUDITSERVICE.EXE
+ 2006-10-26 08:34 . 2006-10-26 08:34 75576 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FORM.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 35160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DUMPSTER.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 87344 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DLGSETP.DLL
+ 2006-10-26 16:00 . 2006-10-26 16:00 65312 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\COLLIMP.DLL
+ 2006-10-26 14:42 . 2006-10-26 14:42 53576 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\AUTHZAX.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 56120 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 15160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 15160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 15160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 15160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-27 09:30 . 2006-10-27 09:30 47976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-26 15:48 . 2006-10-26 15:48 94016 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACCOLK.DLL
+ 2011-04-15 14:56 . 2011-04-15 14:56 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\368187bcb570d202a019fc7c53b1df4c\UIAutomationProvider.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3f621b90371e67197bd4d0b86aa6f21d\System.Windows.Presentation.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\577b049541803541e6b00e2c36c00852\System.Web.DynamicData.Design.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\636ed65b7e5481320e3010b78a5e6cfa\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f83b1e8dd8c90490c8d924826c8b107d\System.AddIn.Contract.ni.dll
+ 2011-04-15 14:52 . 2011-04-15 14:52 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\2740ba673b1040f1995f13c6044da64c\PresentationFontCache.ni.exe
+ 2011-04-15 14:52 . 2011-04-15 14:52 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\8514e7de63d46b6f8232ef70d93a1650\PresentationCFFRasterizer.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\108426b4dc654100c9a99bfa71f69886\Microsoft.Vsa.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8905268997c77a27c7f9c54aeba37f24\Microsoft.Build.Framework.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\11bb8ef375848eb1c074da1afd5cecdc\Microsoft.Build.Framework.ni.dll
+ 2011-04-16 09:22 . 2011-04-16 09:22 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\6d74b9308a1517bfe959e597c3dd2427\dfsvc.ni.exe
+ 2011-04-16 09:21 . 2011-04-16 09:21 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\fdf7f1404f4a5c7f5a0463d8e7a442e4\Accessibility.ni.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2010-07-09 17:28 . 2010-07-09 17:28 10096 c:\windows\assembly\GAC_MSIL\policy.3.5.System.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\policy.3.5.System.Data.SqlServerCe.dll
+ 2010-07-09 17:28 . 2010-07-09 17:28 10096 c:\windows\assembly\GAC_MSIL\policy.3.5.System.Data.SqlServerCe.Entity\3.5.0.0__89845dcd8080cc91\policy.3.5.System.Data.SqlServerCe.Entity.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-07-09 17:28 . 2010-07-09 17:28 92016 c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.SqlServerCe.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-06-18 17:32 . 2006-09-28 13:31 58368 c:\windows\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
+ 2010-10-19 14:10 . 2006-09-28 13:31 58368 c:\windows\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
+ 2010-10-19 14:12 . 2008-04-14 00:12 73728 c:\windows\$NtUninstallwmp11$\wmplayer.exe
- 2010-06-18 17:34 . 2008-04-14 00:12 73728 c:\windows\$NtUninstallwmp11$\wmplayer.exe
- 2010-06-18 17:34 . 2008-04-14 00:12 98304 c:\windows\$NtUninstallwmp11$\wmpband.dll
+ 2010-10-19 14:12 . 2008-04-14 00:12 98304 c:\windows\$NtUninstallwmp11$\wmpband.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 23552 c:\windows\$NtUninstallWMFDist11$\wmdmps.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 23552 c:\windows\$NtUninstallWMFDist11$\wmdmps.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 27136 c:\windows\$NtUninstallWMFDist11$\wmdmlog.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 27136 c:\windows\$NtUninstallWMFDist11$\wmdmlog.dll
+ 2010-10-19 14:11 . 2006-11-02 06:16 13312 c:\windows\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
- 2010-06-18 17:33 . 2006-11-02 06:16 13312 c:\windows\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 52224 c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 52224 c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
+ 2010-10-02 16:20 . 2008-04-14 00:11 80384 c:\windows\$NtUninstallKB982665$\iccvid.dll
+ 2010-07-09 17:22 . 2008-04-14 00:12 15360 c:\windows\$NtUninstallKB942288-v3$\msisip.dll
+ 2010-07-09 17:22 . 2008-04-14 00:12 78848 c:\windows\$NtUninstallKB942288-v3$\msiexec.exe
+ 2011-02-09 07:31 . 2010-11-05 05:05 81920 c:\windows\$NtUninstallKB2482017$\ieencode.dll
+ 2011-02-09 07:31 . 2009-12-14 07:08 33280 c:\windows\$NtUninstallKB2476687$\csrsrv.dll
+ 2010-12-15 09:38 . 2010-06-21 14:46 46080 c:\windows\$NtUninstallKB2443685$\tzchange.exe
+ 2010-12-15 09:38 . 2010-11-05 05:57 16896 c:\windows\$NtUninstallKB2443685$\spuninst\tzchange.dll
+ 2010-12-15 09:38 . 2008-04-14 00:11 81920 c:\windows\$NtUninstallKB2443105$\isign32.dll
+ 2010-12-15 09:38 . 2008-04-13 18:57 40576 c:\windows\$NtUninstallKB2440591$\ndproxy.sys
+ 2010-12-15 09:35 . 2008-04-14 00:12 46080 c:\windows\$NtUninstallKB2423089$\wab.exe
+ 2010-12-15 09:37 . 2010-09-09 14:16 81920 c:\windows\$NtUninstallKB2416400$\ieencode.dll
+ 2010-10-17 12:58 . 2010-06-24 12:10 81920 c:\windows\$NtUninstallKB2360131$\ieencode.dll
+ 2010-10-04 08:41 . 2008-04-14 00:12 57856 c:\windows\$NtUninstallKB2347290$\spoolsv.exe
+ 2010-10-17 13:00 . 2008-04-14 00:12 96768 c:\windows\$NtUninstallKB2345886$\srvsvc.dll
+ 2010-10-04 08:43 . 2010-04-16 16:09 81920 c:\windows\$NtUninstallKB2183461$\ieencode.dll
+ 2010-10-02 16:20 . 2010-04-21 13:28 46080 c:\windows\$NtUninstallKB2158563$\tzchange.exe
+ 2010-10-02 16:20 . 2010-06-23 00:54 16896 c:\windows\$NtUninstallKB2158563$\spuninst\tzchange.dll
+ 2010-10-04 08:41 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982802\update\spcustom.dll
+ 2010-10-04 08:41 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982802\spmsg.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982665\spmsg.dll
+ 2010-06-17 14:02 . 2010-06-17 14:02 80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll
+ 2010-10-04 08:43 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB982214\update\spcustom.dll
+ 2010-10-04 08:43 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB982214\spmsg.dll
+ 2010-10-17 12:59 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982132\update\spcustom.dll
+ 2010-10-17 12:59 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB982132\spmsg.dll
+ 2010-10-02 16:20 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll
+ 2010-10-02 16:20 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981997\spmsg.dll
+ 2010-10-17 12:56 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB981957\update\spcustom.dll
+ 2010-10-17 12:56 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB981957\spmsg.dll
+ 2010-10-02 16:21 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB981852\update\spcustom.dll
+ 2010-10-02 12:55 . 2010-06-18 06:28 16896 c:\windows\$hf_mig$\KB981852\update\mpsyschk.dll
+ 2010-10-02 16:21 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB981852\spmsg.dll
+ 2010-10-04 08:39 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll
+ 2010-10-04 08:39 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981322\spmsg.dll
+ 2010-10-04 08:39 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll
+ 2010-10-04 08:39 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB980436\spmsg.dll
+ 2010-10-17 12:58 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979687\update\spcustom.dll
+ 2010-10-17 12:58 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB979687\spmsg.dll
+ 2011-03-03 08:18 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2011-03-03 08:18 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485376\update\spcustom.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485376\spmsg.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2483185\update\spcustom.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2483185\spmsg.dll
+ 2011-02-09 07:31 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2482017\update\spcustom.dll
+ 2011-02-09 07:31 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2482017\spmsg.dll
+ 2010-12-20 22:13 . 2010-12-20 22:13 81920 c:\windows\$hf_mig$\KB2482017\SP3QFE\ieencode.dll
+ 2011-03-10 07:31 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
+ 2011-03-10 07:31 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2481109\spmsg.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
+ 2011-03-10 07:33 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-10 07:33 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479628\update\spcustom.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479628\spmsg.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478971\update\spcustom.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478971\spmsg.dll
+ 2011-02-09 07:30 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478960\update\spcustom.dll
+ 2011-02-09 07:30 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478960\spmsg.dll
+ 2011-02-09 07:31 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476687\update\spcustom.dll
+ 2011-02-09 07:31 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476687\spmsg.dll
+ 2010-12-09 14:29 . 2010-12-09 14:29 33280 c:\windows\$hf_mig$\KB2476687\SP3QFE\csrsrv.dll
+ 2010-12-15 09:37 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2467659\update\spcustom.dll
+ 2010-12-15 09:37 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2467659\spmsg.dll
+ 2010-12-15 09:38 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2443105\update\spcustom.dll
+ 2010-12-15 09:38 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2443105\spmsg.dll
+ 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\$hf_mig$\KB2443105\SP3QFE\isign32.dll
+ 2010-12-15 09:38 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2440591\update\spcustom.dll
+ 2010-12-15 09:38 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2440591\spmsg.dll
+ 2010-12-15 08:34 . 2010-11-03 05:55 40960 c:\windows\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys
+ 2010-12-15 09:38 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2436673\update\spcustom.dll
+ 2010-12-15 09:38 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2436673\spmsg.dll
+ 2010-12-15 09:35 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2423089\update\spcustom.dll
+ 2010-12-15 09:35 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2423089\spmsg.dll
+ 2010-12-15 08:30 . 2010-10-11 14:55 45568 c:\windows\$hf_mig$\KB2423089\SP3QFE\wab.exe
+ 2011-01-13 07:38 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2419632\update\spcustom.dll
+ 2011-01-13 07:38 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2419632\spmsg.dll
+ 2010-12-15 09:37 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2416400\update\spcustom.dll
+ 2010-12-15 09:37 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2416400\spmsg.dll
+ 2010-11-05 05:04 . 2010-11-05 05:04 81920 c:\windows\$hf_mig$\KB2416400\SP3QFE\ieencode.dll
+ 2011-02-09 07:30 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2393802\update\spcustom.dll
+ 2011-02-09 06:47 . 2010-12-09 15:15 16896 c:\windows\$hf_mig$\KB2393802\update\mpsyschk.dll
+ 2011-02-09 07:30 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2393802\spmsg.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2387149\update\spcustom.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2387149\spmsg.dll
+ 2010-10-15 07:30 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2360937\update\spcustom.dll
+ 2010-10-15 07:30 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2360937\spmsg.dll
+ 2010-10-17 12:58 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2360131\update\spcustom.dll
+ 2010-10-17 12:58 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2360131\spmsg.dll
+ 2010-09-09 14:25 . 2010-09-09 14:25 81920 c:\windows\$hf_mig$\KB2360131\SP3QFE\ieencode.dll
+ 2010-10-04 08:41 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll
+ 2010-10-04 08:41 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2347290\spmsg.dll
+ 2010-08-17 13:19 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
+ 2010-10-17 13:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2345886\update\spcustom.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2345886\spmsg.dll
+ 2010-08-27 06:05 . 2010-08-27 06:05 99840 c:\windows\$hf_mig$\KB2345886\SP3QFE\srvsvc.dll
+ 2010-12-15 09:39 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2296199\update\spcustom.dll
+ 2010-12-15 09:39 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2296199\spmsg.dll
+ 2010-10-02 16:21 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll
+ 2010-10-02 16:21 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2286198\spmsg.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2279986\update\spcustom.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2279986\spmsg.dll
+ 2010-10-02 16:21 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2259922\update\spcustom.dll
+ 2010-10-02 16:21 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2259922\spmsg.dll
+ 2010-07-14 13:22 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-07-14 13:22 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2229593\spmsg.dll
+ 2010-10-04 08:43 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2183461\update\spcustom.dll
+ 2010-10-04 08:43 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2183461\spmsg.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 81920 c:\windows\$hf_mig$\KB2183461\SP3QFE\ieencode.dll
+ 2010-10-04 08:39 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2160329\update\spcustom.dll
+ 2010-10-04 08:39 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2160329\spmsg.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2141007\update\spcustom.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2141007\spmsg.dll
+ 2010-10-04 12:47 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2121546\update\spcustom.dll
+ 2010-10-04 12:47 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2121546\spmsg.dll
+ 2010-10-04 08:42 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2115168\update\spcustom.dll
+ 2010-10-04 08:42 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2115168\spmsg.dll
+ 2010-10-04 08:41 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll
+ 2010-10-04 08:41 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2079403\spmsg.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2004-03-11 16:54 . 2008-04-16 20:13 2560 c:\windows\system32\msimsg.dll
+ 2009-11-15 07:14 . 2009-11-15 07:14 9056 c:\windows\system32\eTFS.dll
- 2009-07-30 11:25 . 2001-08-23 05:30 2176 c:\windows\system32\dllcache\vga.drv
+ 2001-08-23 05:30 . 2001-08-23 05:30 2176 c:\windows\system32\dllcache\vga.drv
- 2009-07-30 11:25 . 2001-08-23 05:30 4048 c:\windows\system32\dllcache\timer.drv
+ 2001-08-23 05:30 . 2001-08-23 05:30 4048 c:\windows\system32\dllcache\timer.drv
- 2009-07-30 11:25 . 2001-08-23 05:30 3360 c:\windows\system32\dllcache\system.drv
+ 2001-08-23 05:30 . 2001-08-23 05:30 3360 c:\windows\system32\dllcache\system.drv
- 2009-07-30 11:25 . 2001-08-23 05:30 1744 c:\windows\system32\dllcache\sound.drv
+ 2001-08-23 05:30 . 2001-08-23 05:30 1744 c:\windows\system32\dllcache\sound.drv
+ 2009-11-30 07:12 . 2008-04-13 18:36 5888 c:\windows\system32\dllcache\smbali.sys
+ 2009-11-30 07:12 . 2008-04-14 00:12 3901 c:\windows\system32\dllcache\siint5.dll
+ 2001-08-23 05:30 . 2001-08-23 05:30 5120 c:\windows\system32\dllcache\shell.dll
- 2009-07-30 11:25 . 2001-08-23 05:30 5120 c:\windows\system32\dllcache\shell.dll
+ 2001-08-23 05:30 . 2001-08-23 05:30 3456 c:\windows\system32\dllcache\oprghdlr.sys
+ 2009-07-30 11:26 . 2008-04-13 18:39 5504 c:\windows\system32\dllcache\mstee.sys
+ 2009-07-30 11:26 . 2008-04-13 18:39 7552 c:\windows\system32\dllcache\mskssrv.sys
+ 2004-03-11 16:54 . 2008-04-16 20:13 2560 c:\windows\system32\dllcache\msimsg.dll
+ 2009-07-30 05:57 . 2008-04-14 00:12 6144 c:\windows\system32\dllcache\msdtc.exe
+ 2001-08-23 05:30 . 2001-08-23 05:30 2032 c:\windows\system32\dllcache\mouse.drv
- 2009-07-30 11:25 . 2001-08-23 05:30 2032 c:\windows\system32\dllcache\mouse.drv
+ 2009-07-30 07:04 . 2008-04-14 00:11 4096 c:\windows\system32\dllcache\ksuser.dll
- 2009-07-30 11:25 . 2001-08-23 05:30 2000 c:\windows\system32\dllcache\keyboard.drv
+ 2001-08-23 05:30 . 2001-08-23 05:30 2000 c:\windows\system32\dllcache\keyboard.drv
+ 2004-03-11 19:48 . 2008-04-14 00:12 5120 c:\windows\system32\dllcache\dllhost.exe
+ 2004-03-11 19:48 . 2008-04-14 00:12 5632 c:\windows\system32\dllcache\cisvc.exe
+ 2009-11-30 07:12 . 2008-04-14 00:11 3775 c:\windows\system32\dllcache\adv11nt5.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 3711 c:\windows\system32\dllcache\adv09nt5.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 3135 c:\windows\system32\dllcache\adv08nt5.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 3647 c:\windows\system32\dllcache\adv07nt5.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 3615 c:\windows\system32\dllcache\adv05nt5.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 3967 c:\windows\system32\dllcache\adv02nt5.dll
+ 2009-11-30 07:12 . 2008-04-14 00:11 4255 c:\windows\system32\dllcache\adv01nt5.dll
+ 2010-10-02 12:25 . 2010-11-01 11:34 8192 c:\windows\Installer\{3909BE71-2D8F-42D2-BA46-3831B60CFD0F}\IconTmpl2.23A84520_76E7_41E2_A9CC_A14FB7416C8B.exe
+ 2010-10-02 12:25 . 2010-11-01 11:34 7680 c:\windows\Installer\{3909BE71-2D8F-42D2-BA46-3831B60CFD0F}\IconTmpl1.23A84520_76E7_41E2_A9CC_A14FB7416C8B.exe
+ 2010-10-02 12:25 . 2010-11-01 11:34 7680 c:\windows\Installer\{3909BE71-2D8F-42D2-BA46-3831B60CFD0F}\IconTmpl.4E925A60_ECBB_48B2_A8A2_CB68847266E1.exe
+ 2010-10-02 12:25 . 2010-11-01 11:34 8192 c:\windows\Installer\{3909BE71-2D8F-42D2-BA46-3831B60CFD0F}\IconTmpl.23A84520_76E7_41E2_A9CC_A14FB7416C8B.exe
+ 2010-10-04 13:40 . 2010-10-04 13:40 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-06-23 17:39 . 2010-06-23 17:39 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-06-18 17:34 . 2008-04-13 17:23 8192 c:\windows\$NtUninstallwmp11$\asferror.dll
+ 2010-10-19 14:12 . 2008-04-13 17:23 8192 c:\windows\$NtUninstallwmp11$\asferror.dll
+ 2010-10-19 14:11 . 2008-04-14 00:11 6656 c:\windows\$NtUninstallWMFDist11$\laprxy.dll
- 2010-06-18 17:33 . 2008-04-14 00:11 6656 c:\windows\$NtUninstallWMFDist11$\laprxy.dll
+ 2010-10-04 08:41 . 2008-05-03 11:55 2560 c:\windows\$NtUninstallKB982802$\xpsp4res.dll
+ 2010-10-15 07:30 . 2010-07-22 05:57 5120 c:\windows\$NtUninstallKB2360937$\xpsp4res.dll
+ 2010-10-17 13:00 . 2010-08-13 12:53 5120 c:\windows\$NtUninstallKB2345886$\xpsp4res.dll
+ 2010-07-22 05:57 . 2010-07-22 05:57 5120 c:\windows\$hf_mig$\KB982802\SP3QFE\xpsp4res.dll
+ 2010-07-12 12:53 . 2010-07-12 12:53 5120 c:\windows\$hf_mig$\KB979687\SP3QFE\xpsp4res.dll
+ 2010-10-14 14:36 . 2010-08-13 12:53 5120 c:\windows\$hf_mig$\KB2360937\SP3QFE\xpsp4res.dll
+ 2010-08-26 12:52 . 2010-08-26 12:52 5120 c:\windows\$hf_mig$\KB2345886\SP3QFE\xpsp4res.dll
+ 2010-07-09 17:18 . 2010-07-09 17:18 109568 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2010-07-09 17:18 . 2010-07-09 17:18 246128 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcr90.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcp90.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcm90.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_65b7a93a\atl90.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2006-12-01 17:24 . 2006-12-01 17:24 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-01 17:24 . 2006-12-01 17:24 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-01 17:24 . 2006-12-01 17:24 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2011-01-10 22:57 . 2011-01-10 22:57 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcr80.dll
+ 2011-01-10 22:54 . 2011-01-10 22:54 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcp80.dll
+ 2011-01-10 22:38 . 2011-01-10 22:38 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcm80.dll
+ 2009-07-11 19:42 . 2009-07-11 19:42 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-11 19:39 . 2009-07-11 19:39 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-11 19:38 . 2009-07-11 19:38 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2007-01-31 08:20 . 2007-01-31 08:20 913408 c:\windows\system32\xreglib.dll
+ 2004-03-11 19:48 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
- 2004-03-11 19:48 . 2008-04-14 00:12 293376 c:\windows\system32\winsrv.dll
+ 2001-09-07 06:11 . 2001-09-07 06:11 290816 c:\windows\system32\WINHTTP5.DLL
+ 2004-03-11 19:48 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
- 2004-03-11 19:48 . 2008-04-14 00:12 406016 c:\windows\system32\usp10.dll
+ 2004-03-11 19:48 . 2011-02-17 13:51 629760 c:\windows\system32\urlmon.dll
- 2001-08-23 05:30 . 2009-10-15 16:28 119808 c:\windows\system32\t2embed.dll
+ 2001-08-23 05:30 . 2010-08-27 08:02 119808 c:\windows\system32\t2embed.dll
- 2009-07-30 07:04 . 2009-06-03 15:13 217170 c:\windows\system32\stacsv.exe
+ 2010-07-18 09:09 . 2009-06-03 15:13 217170 c:\windows\system32\stacsv.exe
+ 2009-06-03 15:13 . 2009-06-03 15:13 175104 c:\windows\system32\staco.dll
- 2009-07-30 07:03 . 2009-06-03 15:13 175104 c:\windows\system32\staco.dll
- 2009-07-30 07:03 . 2009-06-03 15:13 520290 c:\windows\system32\stacapi.dll
+ 2009-06-03 15:13 . 2009-06-03 15:13 520290 c:\windows\system32\stacapi.dll
+ 2009-07-30 06:14 . 2008-11-10 06:11 864144 c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll
+ 2011-03-17 10:25 . 2008-04-14 00:12 543232 c:\windows\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL
+ 2011-03-17 10:25 . 2008-04-14 00:12 728576 c:\windows\system32\spool\drivers\w32x86\3\PS5UI.DLL
+ 2009-07-30 06:14 . 2008-11-10 06:11 864144 c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll
- 2004-03-11 19:48 . 2008-04-14 00:12 135168 c:\windows\system32\shsvcs.dll
+ 2004-03-11 19:48 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
+ 2004-03-11 19:48 . 2010-06-30 12:31 149504 c:\windows\system32\schannel.dll
+ 2004-03-11 19:48 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll
+ 2001-08-23 05:30 . 2011-04-20 11:09 437210 c:\windows\system32\perfh009.dat
+ 2009-08-03 09:37 . 2009-08-03 09:37 230768 c:\windows\system32\OGAEXEC.exe
+ 2009-08-03 09:37 . 2009-08-03 09:37 403816 c:\windows\system32\OGACheckControl.dll
+ 2009-08-03 09:37 . 2009-08-03 09:37 322928 c:\windows\system32\OGAAddin.dll
- 2004-03-11 19:48 . 2008-04-14 00:12 249856 c:\windows\system32\odbc32.dll
+ 2004-03-11 19:48 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll
+ 2004-03-11 19:48 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll
+ 2010-10-02 12:09 . 2009-08-06 13:53 215920 c:\windows\system32\muweb.dll
+ 2010-10-02 12:09 . 2009-08-06 13:53 274288 c:\windows\system32\mucltui.dll
+ 2004-03-11 19:48 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
- 2004-03-11 19:48 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2004-03-11 19:48 . 2011-02-17 13:51 532480 c:\windows\system32\mstime.dll
- 2004-03-11 19:48 . 2008-04-14 00:12 532480 c:\windows\system32\mstime.dll
+ 2004-03-11 19:48 . 2008-05-19 01:03 332800 c:\windows\system32\msihnd.dll
- 2004-03-11 19:48 . 2008-04-14 00:12 449024 c:\windows\system32\mshtmled.dll
+ 2004-03-11 19:48 . 2011-02-17 13:51 449024 c:\windows\system32\mshtmled.dll
+ 2009-09-23 19:00 . 2009-09-23 19:00 156488 c:\windows\system32\mscorier.dll
+ 2010-10-02 12:35 . 2010-10-19 20:51 222080 c:\windows\system32\MpSigStub.exe
+ 2006-10-18 16:17 . 2010-03-30 06:54 317440 c:\windows\system32\mp4sdecd.dll
- 2006-10-18 16:17 . 2006-10-18 16:17 317440 c:\windows\system32\MP4SDECD.dll
+ 2001-08-23 05:30 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll
+ 2001-08-23 05:30 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll
+ 2011-03-25 10:11 . 2011-03-25 10:11 235168 c:\windows\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe
+ 2011-03-25 10:11 . 2011-03-25 10:11 311456 c:\windows\system32\Macromed\Flash\FlashUtil10o_ActiveX.dll
+ 2010-12-30 12:09 . 2010-12-30 12:09 233936 c:\windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe
- 2004-03-11 19:48 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2004-03-11 19:48 . 2010-12-20 17:26 730112 c:\windows\system32\lsasrv.dll
+ 2004-03-11 19:48 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll
- 2004-03-11 19:48 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
- 2004-03-11 19:48 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
+ 2004-03-11 19:48 . 2011-03-04 06:45 512000 c:\windows\system32\jscript.dll
+ 2011-03-11 16:07 . 2011-02-02 16:10 157472 c:\windows\system32\javaws.exe
+ 2011-03-11 16:07 . 2011-02-02 16:10 145184 c:\windows\system32\javaw.exe
- 2010-04-01 08:19 . 2010-04-12 11:59 145184 c:\windows\system32\javaw.exe
- 2010-04-01 08:19 . 2010-04-12 11:59 145184 c:\windows\system32\java.exe
+ 2011-03-11 16:07 . 2011-02-02 16:10 145184 c:\windows\system32\java.exe
- 2004-03-11 19:48 . 2010-04-16 16:09 251904 c:\windows\system32\iepeers.dll
+ 2004-03-11 19:48 . 2011-02-17 13:51 251904 c:\windows\system32\iepeers.dll
+ 2009-07-30 11:24 . 2011-04-16 09:24 270192 c:\windows\system32\FNTCACHE.DAT
- 2009-07-30 11:24 . 2010-06-12 07:35 270192 c:\windows\system32\FNTCACHE.DAT
+ 2010-03-18 07:46 . 2010-03-18 07:46 486216 c:\windows\system32\evr.dll
+ 2009-11-15 07:15 . 2009-11-15 07:15 140640 c:\windows\system32\etVerifier.dll
+ 2009-11-15 07:14 . 2009-11-15 07:14 701792 c:\windows\system32\eToken.dll
+ 2009-11-15 07:14 . 2009-11-15 07:14 783712 c:\windows\system32\eTCoreInst.dll
+ 2010-08-20 09:11 . 2010-08-20 09:11 111696 c:\windows\system32\drivers\bdfndisf.sys
+ 2010-04-22 06:49 . 2010-04-22 06:49 149520 c:\windows\system32\drivers\bdfm.sys
+ 2010-11-29 07:42 . 2010-11-29 07:42 535824 c:\windows\system32\drivers\avc3.sys
+ 2004-03-11 18:41 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys
- 2004-03-11 18:41 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2009-03-19 10:25 . 2009-03-19 10:25 113664 c:\windows\system32\drivers\AESTAud.sys
- 2009-07-30 07:03 . 2009-03-19 10:25 113664 c:\windows\system32\drivers\AESTAud.sys
+ 2004-03-11 19:48 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
+ 2004-03-11 19:48 . 2008-04-14 00:12 129024 c:\windows\system32\dllcache\xmlprov.dll
+ 2009-11-20 16:49 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe
+ 2009-07-30 05:57 . 2008-04-14 00:12 126464 c:\windows\system32\dllcache\wmiapsrv.exe
+ 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2009-09-25 05:37 . 2011-02-17 13:51 667136 c:\windows\system32\dllcache\wininet.dll
- 2009-09-25 05:37 . 2010-04-16 16:09 667136 c:\windows\system32\dllcache\wininet.dll
+ 2004-03-11 19:49 . 2008-04-14 00:12 433664 c:\windows\system32\dllcache\wiaacmgr.exe
+ 2004-03-11 19:49 . 2008-04-14 00:12 289792 c:\windows\system32\dllcache\vssvc.exe
+ 2008-05-09 10:53 . 2011-03-04 06:45 434176 c:\windows\system32\dllcache\vbscript.dll
+ 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2009-09-25 05:37 . 2011-02-17 13:51 629760 c:\windows\system32\dllcache\urlmon.dll
+ 2004-03-11 19:48 . 2008-04-14 00:12 185856 c:\windows\system32\dllcache\upnphost.dll
- 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2004-03-11 18:30 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
- 2009-07-29 04:37 . 2009-10-15 16:28 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-07-29 04:37 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-11-20 20:06 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2009-11-30 07:12 . 2008-04-13 18:23 404990 c:\windows\system32\dllcache\slntamr.sys
+ 2009-11-30 07:12 . 2008-04-13 18:23 129535 c:\windows\system32\dllcache\slnt7554.sys
+ 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2011-01-21 14:44 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
+ 2009-07-30 05:57 . 2008-04-14 00:12 141312 c:\windows\system32\dllcache\sessmgr.exe
+ 2009-06-25 08:25 . 2010-06-30 12:31 149504 c:\windows\system32\dllcache\schannel.dll
+ 2004-03-11 19:48 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
- 2004-03-11 19:48 . 2008-04-14 00:12 270848 c:\windows\system32\dllcache\sbe.dll
+ 2009-11-30 07:12 . 2008-04-13 16:34 166912 c:\windows\system32\dllcache\s3gnbm.sys
+ 2009-04-15 14:51 . 2010-08-16 08:45 590848 c:\windows\system32\dllcache\rpcrt4.dll
- 2009-11-20 19:33 . 2008-05-08 14:02 203136 c:\windows\system32\dllcache\rmcast.sys
+ 2001-08-23 05:30 . 2008-05-08 14:02 203136 c:\windows\system32\dllcache\rmcast.sys
+ 2004-03-11 19:49 . 2008-04-14 00:12 146432 c:\windows\system32\dllcache\regedit.exe
+ 2009-07-30 05:57 . 2008-04-14 00:13 139656 c:\windows\system32\dllcache\rdpwd.sys
+ 2009-11-30 07:15 . 2008-04-14 00:12 291328 c:\windows\system32\dllcache\qagentrt.dll
+ 2004-03-11 19:49 . 2008-04-14 00:12 109568 c:\windows\system32\dllcache\progman.exe
+ 2004-03-11 18:24 . 2008-04-13 18:36 120192 c:\windows\system32\dllcache\pcmcia.sys
+ 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2004-03-11 18:23 . 2008-04-13 18:34 163584 c:\windows\system32\dllcache\nwrdr.sys
+ 2009-11-30 07:12 . 2008-04-13 18:23 180360 c:\windows\system32\dllcache\ntmtlfax.sys
+ 2004-03-11 19:48 . 2008-04-14 00:12 435200 c:\windows\system32\dllcache\ntmssvc.dll
+ 2004-03-11 18:42 . 2008-04-13 19:15 574976 c:\windows\system32\dllcache\ntfs.sys
+ 2009-11-20 20:36 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
+ 2004-03-11 19:48 . 2008-04-14 00:12 875008 c:\windows\system32\dllcache\netplwiz.dll
+ 2004-03-11 19:49 . 2008-04-14 00:12 111104 c:\windows\system32\dllcache\netdde.exe
+ 2004-03-11 18:41 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\ndis.sys
+ 2004-03-11 18:41 . 2008-04-13 19:17 105344 c:\windows\system32\dllcache\mup.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 452736 c:\windows\system32\dllcache\mtxparhm.sys
+ 2009-11-30 07:12 . 2008-04-13 18:23 126686 c:\windows\system32\dllcache\mtlmnt5.sys
+ 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
- 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2001-08-23 05:30 . 2001-08-23 05:30 126912 c:\windows\system32\dllcache\msvideo.dll
- 2009-07-30 11:25 . 2001-08-23 05:30 126912 c:\windows\system32\dllcache\msvideo.dll
+ 2004-03-11 19:48 . 2011-02-17 13:51 532480 c:\windows\system32\dllcache\mstime.dll
- 2004-03-11 19:48 . 2008-04-14 00:12 532480 c:\windows\system32\dllcache\mstime.dll
+ 2009-07-30 05:59 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
- 2009-07-30 05:59 . 2008-04-14 00:12 102400 c:\windows\system32\dllcache\msjro.dll
+ 2004-03-11 19:48 . 2008-05-19 01:03 332800 c:\windows\system32\dllcache\msihnd.dll
+ 2010-09-09 14:16 . 2011-02-17 13:51 449024 c:\windows\system32\dllcache\mshtmled.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
- 2009-07-30 05:58 . 2008-04-14 00:12 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2009-07-30 05:58 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2009-07-30 05:58 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
+ 2009-11-20 19:48 . 2011-02-17 13:18 455936 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-03-30 06:54 . 2010-03-30 06:54 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2009-07-30 05:57 . 2008-04-14 00:11 123904 c:\windows\system32\dllcache\mofd.dll
+ 2010-09-18 06:53 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2010-10-14 14:46 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2001-08-23 05:30 . 2010-09-18 06:53 953856 c:\windows\system32\dllcache\mfc40u.dll
+ 2001-08-23 05:30 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
+ 2009-06-25 08:25 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-03-11 19:48 . 2008-04-14 00:11 399872 c:\windows\system32\dllcache\lmrt.dll
- 2009-07-30 05:57 . 2008-04-14 00:12 677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2009-07-30 05:57 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
- 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2009-06-25 08:25 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
- 2009-12-02 05:47 . 2009-08-13 15:16 512000 c:\windows\system32\dllcache\jscript.dll
+ 2009-12-02 05:47 . 2011-03-04 06:45 512000 c:\windows\system32\dllcache\jscript.dll
+ 2009-07-30 05:59 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2010-02-26 05:43 . 2010-04-16 16:09 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2010-02-26 05:43 . 2011-02-17 13:51 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2004-03-11 19:48 . 2008-04-14 00:11 323584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-11-30 07:12 . 2008-04-13 18:23 685056 c:\windows\system32\dllcache\hsfcxts2.sys
+ 2009-11-30 07:12 . 2008-04-13 18:23 220032 c:\windows\system32\dllcache\hsfbs2s2.sys
+ 2001-08-23 05:30 . 2008-04-14 00:11 144896 c:\windows\system32\dllcache\hotplug.dll
+ 2010-07-14 09:24 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2001-08-23 05:30 . 2001-08-23 05:30 125056 c:\windows\system32\dllcache\ftdisk.sys
+ 2009-07-30 05:59 . 2008-04-13 18:33 129792 c:\windows\system32\dllcache\fltmgr.sys
+ 2004-03-11 19:48 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
- 2004-03-11 19:48 . 2008-04-14 00:11 186880 c:\windows\system32\dllcache\encdec.dll
+ 2004-03-11 19:48 . 2008-04-14 00:11 113152 c:\windows\system32\dllcache\dsuiext.dll
+ 2004-03-11 19:48 . 2008-04-14 00:11 239104 c:\windows\system32\dllcache\dsquery.dll
+ 2001-08-23 05:30 . 2008-04-14 00:11 155648 c:\windows\system32\dllcache\dskquoui.dll
+ 2009-11-30 07:15 . 2008-04-14 00:11 650752 c:\windows\system32\dllcache\dot3ui.dll
+ 2009-11-30 07:15 . 2008-04-14 00:11 132096 c:\windows\system32\dllcache\dot3svc.dll
+ 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2004-03-11 18:22 . 2008-04-13 18:44 153344 c:\windows\system32\dllcache\dmio.sys
+ 2004-03-11 18:22 . 2008-04-13 18:44 799744 c:\windows\system32\dllcache\dmboot.sys
+ 2004-03-11 19:48 . 2008-04-14 00:12 224768 c:\windows\system32\dllcache\dmadmin.exe
+ 2004-03-11 19:48 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll
- 2004-03-11 19:48 . 2008-04-14 00:11 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2001-08-17 14:02 . 2001-08-23 05:30 262528 c:\windows\system32\dllcache\cinemst2.sys
+ 2009-11-30 07:12 . 2008-06-13 11:05 272128 c:\windows\system32\dllcache\bthport.sys
- 2009-11-20 19:34 . 2008-06-13 11:05 272128 c:\windows\system32\dllcache\bthport.sys
+ 2009-11-30 07:12 . 2008-04-13 18:51 101120 c:\windows\system32\dllcache\bthpan.sys
- 2009-07-30 11:25 . 2001-08-23 05:30 109456 c:\windows\system32\dllcache\avifile.dll
+ 2001-08-23 05:30 . 2001-08-23 05:30 109456 c:\windows\system32\dllcache\avifile.dll
+ 2010-04-20 05:30 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2009-11-30 07:12 . 2008-04-13 16:34 104960 c:\windows\system32\dllcache\atinrvxx.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 701440 c:\windows\system32\dllcache\ati2mtag.sys
+ 2009-11-30 07:12 . 2008-04-13 16:34 327040 c:\windows\system32\dllcache\ati2mtaa.sys
+ 2008-06-20 11:40 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2004-03-11 19:48 . 2008-04-14 00:11 175616 c:\windows\system32\dllcache\adsldp.dll
+ 2004-03-11 18:24 . 2008-04-13 18:36 187776 c:\windows\system32\dllcache\acpi.sys
- 2004-03-11 19:48 . 2008-04-14 00:11 617472 c:\windows\system32\comctl32.dll
+ 2004-03-11 19:48 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll
+ 2007-04-11 04:41 . 2007-04-11 04:41 511328 c:\windows\system32\capicom.dll
+ 2010-10-29 14:10 . 2010-10-29 14:10 292216 c:\windows\system32\Adobe\Shockwave 11\syminstallstub.exe
+ 2010-07-18 09:09 . 2009-06-03 15:13 450652 c:\windows\sttray.exe
- 2009-07-30 07:04 . 2009-06-03 15:13 450652 c:\windows\sttray.exe
- 2009-07-30 05:59 . 2008-04-14 00:12 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2009-07-30 05:59 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2009-11-30 07:27 . 2009-11-30 07:27 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2010-10-04 13:40 . 2010-10-04 13:40 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
- 2010-03-23 00:01 . 2010-03-23 00:01 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-09-22 04:13 . 2010-09-22 04:13 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2011-01-17 23:09 . 2011-01-17 23:09 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-01-17 23:09 . 2011-01-17 23:09 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-01-17 23:09 . 2011-01-17 23:09 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2009-08-07 18:21 . 2009-08-07 18:21 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-07-09 17:18 . 2010-07-09 17:18 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2010-07-09 17:27 . 2010-07-09 17:27 137032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\msddsp\v4.0_10.0.0.0__b03f5f7f11d50a3a\msddsp.dll
+ 2011-01-26 13:25 . 2011-01-26 13:25 301056 c:\windows\Installer\fce2c.msi
+ 2010-08-04 09:43 . 2010-08-04 09:43 686080 c:\windows\Installer\f8341.msp
+ 2009-03-20 06:18 . 2009-03-20 06:18 183808 c:\windows\Installer\f8328.msp
+ 2009-05-26 13:23 . 2009-05-26 13:23 579072 c:\windows\Installer\f826f.msp
+ 2010-10-02 16:21 . 2010-10-02 16:21 470528 c:\windows\Installer\cc9b5e.msi
+ 2010-09-23 15:32 . 2010-09-23 15:32 798208 c:\windows\Installer\89171.msp
+ 2010-12-31 11:03 . 2010-12-31 11:03 424960 c:\windows\Installer\49b356.msi
+ 2010-07-22 19:33 . 2010-07-22 19:33 338432 c:\windows\Installer\403f5d.msp
+ 2011-04-20 07:30 . 2011-04-20 07:30 459264 c:\windows\Installer\3a36ae.msi
+ 2011-03-11 16:07 . 2011-03-11 16:07 180224 c:\windows\Installer\376c58.msi
+ 2010-10-04 12:47 . 2010-10-04 12:47 119296 c:\windows\Installer\334d46.msi
+ 2011-03-19 07:30 . 2011-03-19 07:30 195584 c:\windows\Installer\321b8a.msi
+ 2011-04-17 08:01 . 2011-04-17 08:01 223232 c:\windows\Installer\289ef.msi
+ 2011-03-18 16:40 . 2011-03-18 16:40 228352 c:\windows\Installer\282b89.msi
+ 2008-12-13 04:28 . 2008-12-13 04:28 754688 c:\windows\Installer\26d2c4.msp
+ 2010-07-09 17:28 . 2010-07-09 17:28 905216 c:\windows\Installer\23145.msi
+ 2010-10-04 13:40 . 2010-10-04 13:40 648192 c:\windows\Installer\1b0ab2.msi
- 2009-07-30 06:12 . 2009-07-30 06:12 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2010-10-04 12:43 . 2010-10-04 12:43 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-03-25 12:49 . 2011-03-25 12:49 336782 c:\windows\Installer\{73FAD870-C7A8-4344-BA8F-DF8675276E91}\register_icon.exe
+ 2010-11-10 07:19 . 2010-11-10 07:19 390552 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\pdfshell.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 101288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlrShim.exe
+ 2010-11-10 07:19 . 2010-11-10 07:19 135568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\nppdf32.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 681872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\JP2KLib.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AiodLite.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 702352 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroPDF.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 294808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrobroker.exe
+ 2010-11-10 07:19 . 2010-11-10 07:19 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\a3dutils.dll
+ 2007-02-25 19:31 . 2007-02-25 19:31 437160 c:\windows\Installer\$PatchCache$\Managed\000021599B0090400000000000F01FEC\12.0.6012\DWTRIG20.EXE
+ 2006-10-26 14:18 . 2006-10-26 14:18 439568 c:\windows\Installer\$PatchCache$\Managed\000021599B0090400000000000F01FEC\12.0.6012\DWDCW20.DLL
+ 2009-04-03 12:41 . 2009-04-03 12:41 408424 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\WINWORD.EXE
+ 2009-03-05 21:07 . 2009-03-05 21:07 501640 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\SOA.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 282032 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\SCNPST64.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 273320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\SCNPST32.DLL
+ 2009-03-05 20:36 . 2009-03-05 20:36 407904 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\RTFHTML.DLL
+ 2009-03-05 22:56 . 2009-03-05 22:56 770464 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\REGFORM.EXE
+ 2009-03-05 22:11 . 2009-03-05 22:11 589704 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PUBCONV.DLL
+ 2009-01-08 05:29 . 2009-01-08 05:29 624520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PTXT9.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 420696 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PSTPRX32.DLL
+ 2008-10-25 00:51 . 2008-10-25 00:51 136072 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PRTF9.DLL
+ 2009-04-03 12:34 . 2009-04-03 12:34 521064 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\POWERPNT.EXE
+ 2008-11-20 19:19 . 2008-11-20 19:19 169360 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLPH.DLL
+ 2009-03-05 20:35 . 2009-03-05 20:35 593288 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLMIME.DLL
+ 2008-10-30 15:54 . 2008-10-30 15:54 137552 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLCTL.DLL
+ 2008-10-25 02:22 . 2008-10-25 02:22 664968 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONBTTNOL.DLL
+ 2008-10-25 02:22 . 2008-10-25 02:22 604056 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONBTTNIE.DLL
+ 2009-03-05 23:25 . 2009-03-05 23:25 194448 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OMSXP32.DLL
+ 2009-03-05 23:25 . 2009-03-05 23:25 661888 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OMSMAIN.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 253808 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OLKFSTUB.DLL
+ 2006-07-24 05:20 . 2006-07-24 05:20 125744 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSSTDFMT.DLL
+ 2008-11-03 22:43 . 2008-11-03 22:43 118128 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSCONV97.DLL
+ 2008-11-03 18:34 . 2008-11-03 18:34 498072 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MORPH9.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 340304 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MIMEDIR.DLL
+ 2008-10-25 03:57 . 2008-10-25 03:57 177040 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPOLK.DLL
+ 2009-03-04 11:54 . 2009-03-04 11:54 138072 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IMPMAIL.DLL
+ 2009-02-14 00:34 . 2009-02-14 00:34 625520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEWEBSERVICES.DLL
+ 2009-02-12 09:49 . 2009-02-12 09:49 688512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEWEBPLATFORMSERVICES.DLL
+ 2009-03-05 23:03 . 2009-03-05 23:03 961888 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEUTIL.DLL
+ 2009-02-14 00:33 . 2009-02-14 00:33 337264 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVE.EXE
+ 2008-11-20 19:18 . 2008-11-20 19:18 116600 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\EMABLT32.DLL
+ 2009-03-05 20:35 . 2009-03-05 20:35 127336 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\CONTAB32.DLL
+ 2008-10-26 00:56 . 2008-10-26 00:56 162680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ACCWIZ.DLL
+ 2006-10-26 08:35 . 2006-10-26 08:35 530760 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XPAGE3C.DLL
+ 2006-10-26 15:19 . 2006-10-26 15:19 509200 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WRD12CVR.DLL
+ 2006-10-27 09:53 . 2006-10-27 09:53 347648 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2006-10-26 08:35 . 2006-10-26 08:35 126784 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWCUTCHR.DLL
+ 2006-07-28 09:51 . 2006-07-28 09:51 277320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SSGEN.DLL
+ 2006-10-26 15:48 . 2006-10-26 15:48 502608 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SOA.DLL
+ 2006-10-26 14:36 . 2006-10-26 14:36 439600 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-26 14:43 . 2006-10-26 14:43 503808 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-26 15:25 . 2006-10-26 15:25 272744 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SCNPST64.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 263520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SCNPST32.DLL
+ 2006-10-27 09:46 . 2006-10-27 09:46 408880 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RTFHTML.DLL
+ 2006-10-26 16:12 . 2006-10-26 16:12 744960 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REGFORM.EXE
+ 2006-10-26 14:39 . 2006-10-26 14:39 590144 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-27 09:34 . 2006-10-27 09:34 624456 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 413472 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PSTPRX32.DLL
+ 2006-10-26 14:39 . 2006-10-26 14:39 136008 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2006-10-26 15:37 . 2006-10-26 15:37 368968 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPSLAX.DLL
+ 2006-10-27 09:34 . 2006-10-27 09:34 465408 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-26 16:00 . 2006-10-26 16:00 482088 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-10-27 09:46 . 2006-10-27 09:46 176976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLPH.DLL
+ 2006-10-27 09:46 . 2006-10-27 09:46 594256 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLMIME.DLL
+ 2006-07-26 13:23 . 2006-07-26 13:23 459080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-27 09:46 . 2006-10-27 09:46 138512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLCTL.DLL
+ 2006-10-26 14:53 . 2006-10-26 14:53 782720 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONSYNCPC.DLL
+ 2006-10-27 10:09 . 2006-10-27 10:09 687432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONBTTNOL.DLL
+ 2006-10-26 15:02 . 2006-10-26 15:02 604000 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONBTTNIE.DLL
+ 2006-10-26 15:04 . 2006-10-26 15:04 192848 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OMSXP32.DLL
+ 2006-10-26 15:04 . 2006-10-26 15:04 660792 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OMSMAIN.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 254776 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OLKFSTUB.DLL
+ 2006-10-26 14:30 . 2006-10-26 14:30 285008 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-26 14:30 . 2006-10-26 14:30 998208 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-26 14:30 . 2006-10-26 14:30 274944 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-20 03:07 . 2006-10-20 03:07 637744 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OGALEGIT.DLL
+ 2006-10-26 14:36 . 2006-10-26 14:36 232960 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 14:25 . 2006-10-26 14:25 538904 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 14:25 . 2006-10-26 14:25 145920 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORE.EXE
+ 2006-10-26 14:25 . 2006-10-26 14:25 833024 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 08:26 . 2006-10-26 08:26 505136 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 14:20 . 2006-10-26 14:20 672256 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 09:17 . 2006-10-26 09:17 727840 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSPROOF6.DLL
+ 2006-10-26 08:26 . 2006-10-26 08:26 436520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-26 14:26 . 2006-10-26 14:26 864080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSONPDRV.DLL
+ 2006-10-26 14:42 . 2006-10-26 14:42 428816 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-27 09:29 . 2006-10-27 09:29 161080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 08:28 . 2006-10-26 08:28 117552 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-26 08:28 . 2006-10-26 08:28 290576 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSCDM.DLL
+ 2006-10-27 09:34 . 2006-10-27 09:34 497504 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-26 14:22 . 2006-10-26 14:22 460616 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MODHELP.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 340248 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MIMEDIR.DLL
+ 2006-10-26 14:25 . 2006-10-26 14:25 828704 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-26 16:12 . 2006-10-26 16:12 176976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPOLK.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 138024 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IMPMAIL.DLL
+ 2006-10-26 14:30 . 2006-10-26 14:30 178488 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IETAG.DLL
+ 2006-10-26 14:42 . 2006-10-26 14:42 173328 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 631080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBSERVICES.DLL
+ 2006-10-26 19:18 . 2006-10-26 19:18 572216 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBPLATFORMSERVICES.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 268080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBBROWSERTOOL2.DLL
+ 2006-10-26 19:18 . 2006-10-26 19:18 955680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEUTIL.DLL
+ 2006-10-26 19:18 . 2006-10-26 19:18 222512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESYSTEMSERVICES.DLL
+ 2006-10-26 19:18 . 2006-10-26 19:18 363304 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESKETCHTOOL.DLL
+ 2006-10-26 19:18 . 2006-10-26 19:18 224048 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEPROJECTTOOLSET.DLL
+ 2006-10-26 19:18 . 2006-10-26 19:18 317952 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEMIGRATOR.EXE
+ 2006-10-26 19:18 . 2006-10-26 19:18 197920 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEGAMES.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 284976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEFETCHSERVICES.DLL
+ 2006-10-26 19:18 . 2006-10-26 19:18 377136 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEDATAVIEWERTOOL.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 768304 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMPONENTMGR.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 117584 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSTATUSANDCONTROL.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 300336 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECALENDARTOOL.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 284448 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEAUDIO.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 338432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVE.EXE
+ 2006-10-27 09:39 . 2006-10-27 09:39 983376 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 154960 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ENVELOPE.DLL
+ 2006-10-26 15:25 . 2006-10-26 15:25 116544 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EMABLT32.DLL
+ 2006-10-26 14:18 . 2006-10-26 14:18 439568 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DWDCW20.DLL
+ 2006-10-26 14:42 . 2006-10-26 14:42 107008 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DSSM.EXE
+ 2006-10-26 19:18 . 2006-10-26 19:18 235008 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DRAT.EXE
+ 2006-10-26 14:42 . 2006-10-26 14:42 189760 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL
+ 2006-10-27 09:46 . 2006-10-27 09:46 133936 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CONTAB32.DLL
+ 2006-10-26 14:29 . 2006-10-26 14:29 205824 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-27 10:11 . 2006-10-27 10:11 399640 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 371568 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 10:10 . 2006-10-27 10:10 208760 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 826232 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEWDAT.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 224104 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 551800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 289648 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 260976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 392048 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-27 09:30 . 2006-10-27 09:30 387960 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 279352 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 207736 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 629616 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-26 14:43 . 2006-10-26 14:43 338800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-27 09:30 . 2006-10-27 09:30 191360 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-27 09:30 . 2006-10-27 09:30 576376 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-26 15:48 . 2006-10-26 15:48 162616 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACCWIZ.DLL
+ 2006-10-27 09:30 . 2006-10-27 09:30 576376 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACACEDAO.DLL
+ 2006-10-26 14:19 . 2006-10-26 14:19 970528 c:\windows\Installer\$PatchCache$\Managed\00002109010090400000000000F01FEC\12.0.4518\MSONSEXT.DLL
+ 2009-11-20 19:48 . 2011-02-17 13:18 455936 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-04-16 09:29 . 2011-04-16 09:29 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\95de80b860252231b46014f58226e473\WsatConfig.ni.exe
+ 2011-04-15 14:56 . 2011-04-15 14:56 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\715710f5a31a494ed5c0ec0874dafe3e\WindowsFormsIntegration.ni.dll
+ 2011-04-15 14:56 . 2011-04-15 14:56 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\017be0e6c5f1810f15a696157cd5e2c2\UIAutomationTypes.ni.dll
+ 2011-04-15 14:56 . 2011-04-15 14:56 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\bec5b0a93df12eb26c02c877a4eae678\UIAutomationClient.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3d8f787002439f4942c33f376cfd8555\System.Xml.Linq.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\4b746fea8062a10ccc6e5331914e7dad\System.Web.Routing.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\103956fdb019bce8a173fe9cb9da3e02\System.Web.RegularExpressions.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c0a156fbf46ad272ac262e45eaa998f4\System.Web.Extensions.Design.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e3651e13567ce4e3fa7bb2fbab737d9a\System.Web.Entity.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\834d7769f39e4d937eda1ad3707d4716\System.Web.Entity.Design.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\032c96c6206b53bca122d1fbaf5f8ca2\System.Web.DynamicData.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6ce0e4fb33afcfcce43c427e82b987db\System.Web.Abstractions.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\990d96810a21e0fa95f916ffc66f3a94\System.Transactions.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e0d56c0582316e9ecb4c18186e37217c\System.ServiceProcess.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\9e91cca51a5ed6fb13b67558109d2726\System.Security.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fa6a58394a1f162eecce4cd8af0875c3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\6194eb4bc1e0133d0183d086b747f512\System.Net.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\042658de519bb1e22ec5925092061892\System.Management.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d6ae8171ae6fd4fe83add34e6d70e5b5\System.Management.Instrumentation.ni.dll
+ 2011-04-16 09:22 . 2011-04-16 09:22 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\abd5a61d39e474f12b30ccbbe6277667\System.IO.Log.ni.dll
+ 2011-04-16 09:22 . 2011-04-16 09:22 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\12c4dba6d4ff0278d208c283d9ed7670\System.IdentityModel.Selectors.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.Wrapper.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\ff5c7a52497d892f3a3206384d46b5e7\System.EnterpriseServices.ni.dll
+ 2011-04-15 14:54 . 2011-04-15 14:54 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e6b7128278d8c0e8382a5685f5b196c6\System.Drawing.Design.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ef56bf47fc2fc4204e0fcc1f32bab01\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\447d7b4a7d0add13f8d2086088bcc41c\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ce2afe8854ee9cdc834b6f392348c882\System.Data.Services.Design.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\03d4658290e300e437e745ef4a613b59\System.Data.Services.Client.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\7ce21a2855bb7731de4dab797e69f3f6\System.Data.Entity.Design.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\ea57694aea47c05853516c9bb2ad54b4\System.Data.DataSetExtensions.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d6b4509225efde2a4e3db77205f8a51\System.Configuration.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f312bb844670ebc7458fec9e6b2568b3\System.Configuration.Install.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\afd9595f07a8c68b26e81cf995957f56\System.AddIn.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\3a42b2fbafe93d7b9395e328bea35afa\SMSvcHost.ni.exe
+ 2011-04-16 09:22 . 2011-04-16 09:22 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\97ff96d3fc8d0b10ea294f320acf821e\SMDiagnostics.ni.dll
+ 2011-04-16 09:22 . 2011-04-16 09:22 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\28ed0e9efd938b05b4f53e0d90046701\ServiceModelReg.ni.exe
+ 2011-04-15 14:52 . 2011-04-15 14:52 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ffe13679e6b3e36e5cb6c47f8c4faf9c\PresentationFramework.Aero.ni.dll
+ 2011-04-15 14:52 . 2011-04-15 14:52 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbb40299379f2009c140ddadb04231b4\PresentationFramework.Classic.ni.dll
+ 2011-04-15 14:52 . 2011-04-15 14:52 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a34cd33cec1bdfebe4a3910bceb8723b\PresentationFramework.Royale.ni.dll
+ 2011-04-15 14:52 . 2011-04-15 14:52 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\689bb394bcb437ed085c22a43aba30c6\PresentationFramework.Luna.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5670e74887ef1025c6a8c056ffe86b38\MSBuild.ni.exe
+ 2011-04-16 09:22 . 2011-04-16 09:22 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\653732002ebf5c68f69150a60e145e6a\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\cc62770393640302bd4d7e442b1e49a4\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\352bff1ee71ce114e225f849038dc48d\Microsoft.Build.Utilities.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\7345f4d2d7157bf49de4158e8f2b6847\Microsoft.Build.Engine.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\d7dba901ddd410ca1a0156d0f2a27533\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\010552e529d130ce914765b0801e2367\CustomMarshalers.ni.dll
+ 2011-04-16 09:22 . 2011-04-16 09:22 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\6861f639b13967e9b014b44bbb7c5d4c\ComSvcConfig.ni.exe
+ 2011-04-16 09:22 . 2011-04-16 09:22 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\800da7dec567fadf3392091e9f01ecb9\AspNetMMCExt.ni.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll

#5 Broni Re: [RESOLVED] Does this points to an infection?

Malware Annihilator

24,880 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 12:44 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 9h 13m 9s

Posted 20 April 2011 - 10:36 PM

- 2009-11-30 07:28 . 2009-11-30 07:28 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2010-10-04 13:53 . 2010-10-04 13:53 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
- 2009-11-30 08:12 . 2009-11-30 08:12 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2010-10-04 13:53 . 2010-10-04 13:53 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
- 2009-11-30 08:12 . 2009-11-30 08:12 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-06-23 17:40 . 2010-06-23 17:40 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-07-09 17:28 . 2010-07-09 17:28 296816 c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.1.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
+ 2010-07-09 17:28 . 2010-07-09 17:28 296816 c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.0.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
+ 2010-07-09 17:28 . 2010-07-09 17:28 231280 c:\windows\assembly\GAC_MSIL\System.Data.SqlServerCe.Entity\3.5.1.0__89845dcd8080cc91\System.Data.SqlServerCe.Entity.dll
- 2009-11-30 08:12 . 2009-11-30 08:12 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2010-10-04 13:53 . 2010-10-04 13:53 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2010-10-04 13:53 . 2010-10-04 13:53 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2009-11-30 08:12 . 2009-11-30 08:12 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-07-09 17:28 . 2010-07-09 17:28 115744 c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data\1.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.dll
+ 2010-07-09 17:28 . 2010-07-09 17:28 115744 c:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Data.Server\1.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Data.Server.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-06-18 17:32 . 2006-09-15 19:35 379184 c:\windows\$NtUninstallWudf01000$\spuninst\updspapi.dll
+ 2010-10-19 14:10 . 2006-09-15 19:35 379184 c:\windows\$NtUninstallWudf01000$\spuninst\updspapi.dll
- 2010-06-18 17:32 . 2006-09-15 19:35 221488 c:\windows\$NtUninstallWudf01000$\spuninst\spuninst.exe
+ 2010-10-19 14:10 . 2006-09-15 19:35 221488 c:\windows\$NtUninstallWudf01000$\spuninst\spuninst.exe
- 2010-06-18 17:34 . 2008-04-14 00:12 102400 c:\windows\$NtUninstallwmp11$\wmpshell.dll
+ 2010-10-19 14:12 . 2008-04-14 00:12 102400 c:\windows\$NtUninstallwmp11$\wmpshell.dll
+ 2010-10-19 14:12 . 2009-07-12 06:51 233472 c:\windows\$NtUninstallwmp11$\wmpdxm.dll
- 2010-06-18 17:34 . 2009-07-12 06:51 233472 c:\windows\$NtUninstallwmp11$\wmpdxm.dll
- 2010-06-18 17:34 . 2008-04-14 00:12 114688 c:\windows\$NtUninstallwmp11$\wmpasf.dll
+ 2010-10-19 14:12 . 2008-04-14 00:12 114688 c:\windows\$NtUninstallwmp11$\wmpasf.dll
+ 2010-10-19 14:12 . 2008-04-13 17:23 168448 c:\windows\$NtUninstallwmp11$\wmerror.dll
- 2010-06-18 17:34 . 2008-04-13 17:23 168448 c:\windows\$NtUninstallwmp11$\wmerror.dll
+ 2010-10-19 14:12 . 2008-04-14 00:12 208896 c:\windows\$NtUninstallwmp11$\unregmp2.exe
- 2010-06-18 17:34 . 2008-04-14 00:12 208896 c:\windows\$NtUninstallwmp11$\unregmp2.exe
- 2010-06-18 17:34 . 2006-05-16 12:41 371424 c:\windows\$NtUninstallwmp11$\spuninst\updspapi.dll
+ 2010-10-19 14:12 . 2006-05-16 12:41 371424 c:\windows\$NtUninstallwmp11$\spuninst\updspapi.dll
+ 2010-10-19 14:12 . 2006-05-16 12:41 213216 c:\windows\$NtUninstallwmp11$\spuninst\spuninst.exe
- 2010-06-18 17:34 . 2006-05-16 12:41 213216 c:\windows\$NtUninstallwmp11$\spuninst\spuninst.exe
+ 2010-10-19 14:12 . 2008-04-14 00:12 774144 c:\windows\$NtUninstallwmp11$\setup_wm.exe
- 2010-06-18 17:34 . 2008-04-14 00:12 774144 c:\windows\$NtUninstallwmp11$\setup_wm.exe
- 2010-06-18 17:34 . 2008-04-14 00:11 368640 c:\windows\$NtUninstallwmp11$\mpvis.dll
+ 2010-10-19 14:12 . 2008-04-14 00:11 368640 c:\windows\$NtUninstallwmp11$\mpvis.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 809984 c:\windows\$NtUninstallWMFDist11$\wmvdmod.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 809984 c:\windows\$NtUninstallWMFDist11$\wmvdmod.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 897024 c:\windows\$NtUninstallWMFDist11$\wmspdmoe.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 897024 c:\windows\$NtUninstallWMFDist11$\wmspdmoe.dll
+ 2010-10-19 14:11 . 2009-04-03 06:45 485376 c:\windows\$NtUninstallWMFDist11$\wmspdmod.dll
- 2010-06-18 17:33 . 2009-04-03 06:45 485376 c:\windows\$NtUninstallWMFDist11$\wmspdmod.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 759296 c:\windows\$NtUninstallWMFDist11$\wmsdmod.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 759296 c:\windows\$NtUninstallWMFDist11$\wmsdmod.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 151552 c:\windows\$NtUninstallWMFDist11$\wmidx.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 151552 c:\windows\$NtUninstallWMFDist11$\wmidx.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 230912 c:\windows\$NtUninstallWMFDist11$\wmasf.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 230912 c:\windows\$NtUninstallWMFDist11$\wmasf.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 670720 c:\windows\$NtUninstallWMFDist11$\wmadmoe.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 670720 c:\windows\$NtUninstallWMFDist11$\wmadmoe.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 408064 c:\windows\$NtUninstallWMFDist11$\wmadmod.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 408064 c:\windows\$NtUninstallWMFDist11$\wmadmod.dll
+ 2010-10-19 14:11 . 2006-05-16 12:41 371424 c:\windows\$NtUninstallWMFDist11$\spuninst\updspapi.dll
- 2010-06-18 17:33 . 2006-05-16 12:41 371424 c:\windows\$NtUninstallWMFDist11$\spuninst\updspapi.dll
- 2010-06-18 17:33 . 2006-05-16 12:41 213216 c:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe
+ 2010-10-19 14:11 . 2006-05-16 12:41 213216 c:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe
+ 2010-10-19 14:11 . 2008-04-14 00:12 237568 c:\windows\$NtUninstallWMFDist11$\qasf.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 237568 c:\windows\$NtUninstallWMFDist11$\qasf.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 245760 c:\windows\$NtUninstallWMFDist11$\mswmdm.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 245760 c:\windows\$NtUninstallWMFDist11$\mswmdm.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 356352 c:\windows\$NtUninstallWMFDist11$\msscp.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 356352 c:\windows\$NtUninstallWMFDist11$\msscp.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 201728 c:\windows\$NtUninstallWMFDist11$\mspmsp.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 201728 c:\windows\$NtUninstallWMFDist11$\mspmsp.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 259072 c:\windows\$NtUninstallWMFDist11$\msnetobj.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 259072 c:\windows\$NtUninstallWMFDist11$\msnetobj.dll
- 2010-06-18 17:33 . 2008-04-14 00:11 240640 c:\windows\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2010-10-19 14:11 . 2008-04-14 00:11 240640 c:\windows\$NtUninstallWMFDist11$\mpg4dmod.dll
- 2010-06-18 17:33 . 2008-04-14 00:11 384512 c:\windows\$NtUninstallWMFDist11$\mp4sdmod.dll
+ 2010-10-19 14:11 . 2010-04-05 06:24 384512 c:\windows\$NtUninstallWMFDist11$\mp4sdmod.dll
- 2010-06-18 17:33 . 2008-04-14 00:11 310272 c:\windows\$NtUninstallWMFDist11$\mp43dmod.dll
+ 2010-10-19 14:11 . 2008-04-14 00:11 310272 c:\windows\$NtUninstallWMFDist11$\mp43dmod.dll
+ 2010-10-19 14:11 . 2008-06-09 21:41 103936 c:\windows\$NtUninstallWMFDist11$\logagent.exe
- 2010-06-18 17:33 . 2008-06-09 21:41 103936 c:\windows\$NtUninstallWMFDist11$\logagent.exe
+ 2010-10-19 14:11 . 2008-04-14 00:12 695808 c:\windows\$NtUninstallWMFDist11$\drmv2clt.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 695808 c:\windows\$NtUninstallWMFDist11$\drmv2clt.dll
+ 2010-10-19 14:11 . 2008-04-14 00:11 159232 c:\windows\$NtUninstallWMFDist11$\cewmdm.dll
- 2010-06-18 17:33 . 2008-04-14 00:11 159232 c:\windows\$NtUninstallWMFDist11$\cewmdm.dll
+ 2010-10-19 14:11 . 2008-04-14 00:11 286720 c:\windows\$NtUninstallWMFDist11$\blackbox.dll
- 2010-06-18 17:33 . 2008-04-14 00:11 286720 c:\windows\$NtUninstallWMFDist11$\blackbox.dll
- 2010-06-18 17:35 . 2006-09-25 12:28 379184 c:\windows\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll
+ 2010-10-19 14:13 . 2006-09-25 12:28 379184 c:\windows\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll
+ 2010-10-19 14:13 . 2006-09-25 12:28 221488 c:\windows\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe
- 2010-06-18 17:35 . 2006-09-25 12:28 221488 c:\windows\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe
+ 2010-10-04 08:41 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB982802$\spuninst\updspapi.dll
+ 2010-10-04 08:41 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB982802$\spuninst\spuninst.exe
+ 2010-10-04 08:41 . 2009-04-15 14:51 585216 c:\windows\$NtUninstallKB982802$\rpcrt4.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB982665$\spuninst\updspapi.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB982665$\spuninst\spuninst.exe
+ 2010-10-04 08:43 . 2009-12-31 16:50 353792 c:\windows\$NtUninstallKB982214$\srv.sys
+ 2010-10-04 08:43 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB982214$\spuninst\updspapi.dll
+ 2010-10-04 08:43 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB982214$\spuninst\spuninst.exe
+ 2010-10-17 12:59 . 2009-10-15 16:28 119808 c:\windows\$NtUninstallKB982132$\t2embed.dll
+ 2010-10-17 12:59 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB982132$\spuninst\updspapi.dll
+ 2010-10-17 12:59 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB982132$\spuninst\spuninst.exe
+ 2010-10-02 16:20 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB981997$\spuninst\updspapi.dll
+ 2010-10-02 16:20 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB981997$\spuninst\spuninst.exe
+ 2010-10-17 12:56 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB981957$\spuninst\updspapi.dll
+ 2010-10-17 12:56 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB981957$\spuninst\spuninst.exe
+ 2010-10-02 16:21 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB981852$\spuninst\updspapi.dll
+ 2010-10-02 16:21 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB981852$\spuninst\spuninst.exe
+ 2010-10-04 08:39 . 2008-04-14 00:12 406016 c:\windows\$NtUninstallKB981322$\usp10.dll
+ 2010-10-04 08:39 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB981322$\spuninst\updspapi.dll
+ 2010-10-04 08:39 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB981322$\spuninst\spuninst.exe
+ 2010-10-04 08:39 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB980436$\spuninst\updspapi.dll
+ 2010-10-04 08:39 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB980436$\spuninst\spuninst.exe
+ 2010-10-04 08:39 . 2009-06-25 08:25 147456 c:\windows\$NtUninstallKB980436$\schannel.dll
+ 2010-10-17 12:58 . 2008-04-21 12:08 215552 c:\windows\$NtUninstallKB979687$\wordpad.exe
+ 2010-10-17 12:58 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB979687$\spuninst\updspapi.dll
+ 2010-10-17 12:58 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB979687$\spuninst\spuninst.exe
+ 2010-10-04 08:42 . 2007-07-27 17:41 382840 c:\windows\$NtUninstallKB975558_WM8$\spuninst\updspapi.dll
+ 2010-10-04 08:42 . 2007-07-27 17:41 231288 c:\windows\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe
+ 2010-10-04 08:42 . 2008-04-14 00:11 384512 c:\windows\$NtUninstallKB975558_WM8$\mp4sdmod.dll
+ 2011-03-03 08:18 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971029$\spuninst\updspapi.dll
+ 2011-03-03 08:18 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971029$\spuninst\spuninst.exe
+ 2011-03-03 08:18 . 2008-04-14 00:12 135168 c:\windows\$NtUninstallKB971029$\shsvcs.dll
+ 2010-07-09 17:22 . 2007-11-30 12:39 382840 c:\windows\$NtUninstallKB958655-v2$\spuninst\updspapi.dll
+ 2010-07-09 17:22 . 2007-11-30 12:39 231288 c:\windows\$NtUninstallKB958655-v2$\spuninst\spuninst.exe
+ 2010-07-09 17:22 . 2007-11-30 00:09 382840 c:\windows\$NtUninstallKB942288-v3$\spuninst\updspapi.dll
+ 2010-07-09 17:22 . 2007-11-30 00:09 231288 c:\windows\$NtUninstallKB942288-v3$\spuninst\spuninst.exe
+ 2010-07-09 17:22 . 2008-04-13 15:39 884736 c:\windows\$NtUninstallKB942288-v3$\msimsg.dll
+ 2010-07-09 17:22 . 2008-04-14 00:12 271360 c:\windows\$NtUninstallKB942288-v3$\msihnd.dll
+ 2011-02-09 07:33 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2485376$\spuninst\updspapi.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2485376$\spuninst\spuninst.exe
+ 2011-02-09 07:33 . 2010-10-28 13:13 290048 c:\windows\$NtUninstallKB2485376$\atmfd.dll
+ 2011-02-09 07:33 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2483185$\spuninst\updspapi.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2483185$\spuninst\spuninst.exe
+ 2011-02-09 07:33 . 2008-04-14 00:12 438272 c:\windows\$NtUninstallKB2483185$\shimgvw.dll
+ 2011-02-09 07:31 . 2010-11-05 05:05 667136 c:\windows\$NtUninstallKB2482017$\wininet.dll
+ 2011-02-09 07:31 . 2010-11-05 05:05 629760 c:\windows\$NtUninstallKB2482017$\urlmon.dll
+ 2011-02-09 07:31 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2482017$\spuninst\updspapi.dll
+ 2011-02-09 07:31 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2482017$\spuninst\spuninst.exe
+ 2011-02-09 07:31 . 2010-11-05 05:05 532480 c:\windows\$NtUninstallKB2482017$\mstime.dll
+ 2011-02-09 07:31 . 2010-11-05 05:05 449024 c:\windows\$NtUninstallKB2482017$\mshtmled.dll
+ 2011-02-09 07:31 . 2010-11-05 05:05 251904 c:\windows\$NtUninstallKB2482017$\iepeers.dll
+ 2011-03-10 07:31 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2481109$\spuninst\updspapi.dll
+ 2011-03-10 07:31 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2481109$\spuninst\spuninst.exe
+ 2011-03-10 07:31 . 2008-04-14 00:12 677888 c:\windows\$NtUninstallKB2481109$\mstsc.exe
+ 2011-03-10 07:31 . 2008-04-14 00:12 677888 c:\windows\$NtUninstallKB2481109$\lhmstsc.exe
+ 2011-03-10 07:33 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2479943$\spuninst\updspapi.dll
+ 2011-03-10 07:33 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2479943$\spuninst\spuninst.exe
+ 2011-03-10 07:33 . 2008-04-14 00:12 270848 c:\windows\$NtUninstallKB2479943$\sbe.dll
+ 2011-03-10 07:33 . 2008-04-14 00:11 186880 c:\windows\$NtUninstallKB2479943$\encdec.dll
+ 2011-02-09 07:33 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2479628$\spuninst\updspapi.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2479628$\spuninst\spuninst.exe
+ 2011-02-09 07:33 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2478971$\spuninst\updspapi.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2478971$\spuninst\spuninst.exe
+ 2011-02-09 07:33 . 2009-06-25 08:25 301568 c:\windows\$NtUninstallKB2478971$\kerberos.dll
+ 2011-02-09 07:30 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2478960$\spuninst\updspapi.dll
+ 2011-02-09 07:30 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2478960$\spuninst\spuninst.exe
+ 2011-02-09 07:30 . 2009-06-25 08:25 730112 c:\windows\$NtUninstallKB2478960$\lsasrv.dll
+ 2011-02-09 07:31 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2476687$\spuninst\updspapi.dll
+ 2011-02-09 07:31 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2476687$\spuninst\spuninst.exe
+ 2010-12-15 09:37 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2467659$\spuninst\updspapi.dll
+ 2010-12-15 09:37 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2467659$\spuninst\spuninst.exe
+ 2010-12-15 09:38 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2443685$\spuninst\updspapi.dll
+ 2010-12-15 09:38 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2443685$\spuninst\spuninst.exe
+ 2010-12-15 09:38 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2443105$\spuninst\updspapi.dll
+ 2010-12-15 09:38 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2443105$\spuninst\spuninst.exe
+ 2010-12-15 09:38 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2440591$\spuninst\updspapi.dll
+ 2010-12-15 09:38 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2440591$\spuninst\spuninst.exe
+ 2010-12-15 09:38 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2436673$\spuninst\updspapi.dll
+ 2010-12-15 09:38 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2436673$\spuninst\spuninst.exe
+ 2010-12-15 09:35 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2423089$\spuninst\updspapi.dll
+ 2010-12-15 09:35 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2423089$\spuninst\spuninst.exe
+ 2011-01-13 07:38 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2419632$\spuninst\updspapi.dll
+ 2011-01-13 07:38 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2419632$\spuninst\spuninst.exe
+ 2011-01-13 07:38 . 2008-04-14 00:12 249856 c:\windows\$NtUninstallKB2419632$\odbc32.dll
+ 2011-01-13 07:38 . 2008-04-14 00:12 102400 c:\windows\$NtUninstallKB2419632$\msjro.dll
+ 2011-01-13 07:38 . 2008-04-14 00:12 200704 c:\windows\$NtUninstallKB2419632$\msadox.dll
+ 2011-01-13 07:38 . 2008-04-14 00:12 180224 c:\windows\$NtUninstallKB2419632$\msadomd.dll
+ 2011-01-13 07:38 . 2008-04-14 00:12 536576 c:\windows\$NtUninstallKB2419632$\msado15.dll
+ 2011-01-13 07:38 . 2008-04-14 00:12 143360 c:\windows\$NtUninstallKB2419632$\msadco.dll
+ 2010-12-15 09:37 . 2010-09-09 14:16 667136 c:\windows\$NtUninstallKB2416400$\wininet.dll
+ 2010-12-15 09:37 . 2010-09-09 14:16 627712 c:\windows\$NtUninstallKB2416400$\urlmon.dll
+ 2010-12-15 09:37 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2416400$\spuninst\updspapi.dll
+ 2010-12-15 09:37 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2416400$\spuninst\spuninst.exe
+ 2010-12-15 09:37 . 2008-04-14 00:12 532480 c:\windows\$NtUninstallKB2416400$\mstime.dll
+ 2010-12-15 09:37 . 2010-09-09 14:16 449024 c:\windows\$NtUninstallKB2416400$\mshtmled.dll
+ 2010-12-15 09:37 . 2010-09-09 14:16 251904 c:\windows\$NtUninstallKB2416400$\iepeers.dll
+ 2011-02-09 07:30 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2393802$\spuninst\updspapi.dll
+ 2011-02-09 07:30 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2393802$\spuninst\spuninst.exe
+ 2011-02-09 07:30 . 2009-02-09 12:10 714752 c:\windows\$NtUninstallKB2393802$\ntdll.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2387149$\spuninst\updspapi.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2387149$\spuninst\spuninst.exe
+ 2010-10-17 13:00 . 2007-04-03 03:14 981760 c:\windows\$NtUninstallKB2387149$\mfc42u.dll
+ 2010-10-17 13:00 . 2008-04-14 00:11 927504 c:\windows\$NtUninstallKB2387149$\mfc40u.dll
+ 2010-10-17 13:00 . 2001-08-23 05:30 924432 c:\windows\$NtUninstallKB2387149$\mfc40.dll
+ 2010-10-17 13:00 . 2007-07-27 17:41 382840 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\updspapi.dll
+ 2010-10-17 13:00 . 2007-07-27 17:41 231288 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe
+ 2010-10-15 07:30 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2360937$\spuninst\updspapi.dll
+ 2010-10-15 07:30 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2360937$\spuninst\spuninst.exe
+ 2010-10-15 07:30 . 2010-07-22 15:49 590848 c:\windows\$NtUninstallKB2360937$\rpcrt4.dll
+ 2010-10-17 12:58 . 2010-06-24 12:10 667136 c:\windows\$NtUninstallKB2360131$\wininet.dll
+ 2010-10-17 12:58 . 2010-06-24 12:10 627712 c:\windows\$NtUninstallKB2360131$\urlmon.dll
+ 2010-10-17 12:58 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2360131$\spuninst\updspapi.dll
+ 2010-10-17 12:58 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB2360131$\spuninst\spuninst.exe
+ 2010-10-17 12:58 . 2008-04-14 00:12 449024 c:\windows\$NtUninstallKB2360131$\mshtmled.dll
+ 2010-10-17 12:58 . 2010-06-24 12:10 251904 c:\windows\$NtUninstallKB2360131$\iepeers.dll
+ 2010-10-04 08:41 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2347290$\spuninst\updspapi.dll
+ 2010-10-04 08:41 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2347290$\spuninst\spuninst.exe
+ 2010-10-17 13:00 . 2010-06-21 15:27 354304 c:\windows\$NtUninstallKB2345886$\srv.sys
+ 2010-10-17 13:00 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2345886$\spuninst\updspapi.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2345886$\spuninst\spuninst.exe
+ 2010-12-15 09:39 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2296199$\spuninst\updspapi.dll
+ 2010-12-15 09:39 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2296199$\spuninst\spuninst.exe
+ 2010-12-15 09:39 . 2010-09-01 11:51 285824 c:\windows\$NtUninstallKB2296199$\atmfd.dll
+ 2010-10-17 13:00 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB2296011$\spuninst\updspapi.dll
+ 2010-10-17 13:00 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB2296011$\spuninst\spuninst.exe
+ 2010-10-17 13:00 . 2008-04-14 00:11 617472 c:\windows\$NtUninstallKB2296011$\comctl32.dll
+ 2010-10-02 16:21 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2286198$\spuninst\updspapi.dll
+ 2010-10-02 16:21 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2286198$\spuninst\spuninst.exe
+ 2010-10-17 13:00 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2279986$\spuninst\updspapi.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2279986$\spuninst\spuninst.exe
+ 2010-10-17 13:00 . 2010-04-20 05:30 285696 c:\windows\$NtUninstallKB2279986$\atmfd.dll
+ 2010-10-02 16:21 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB2259922$\spuninst\updspapi.dll
+ 2010-10-02 16:21 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB2259922$\spuninst\spuninst.exe
+ 2010-07-14 13:22 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll
+ 2010-07-14 13:22 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe
+ 2010-07-14 13:22 . 2008-04-14 00:12 744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe
+ 2010-10-04 08:43 . 2010-04-16 16:09 667136 c:\windows\$NtUninstallKB2183461$\wininet.dll
+ 2010-10-04 08:43 . 2010-04-16 16:09 627712 c:\windows\$NtUninstallKB2183461$\urlmon.dll
+ 2010-10-04 08:43 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2183461$\spuninst\updspapi.dll
+ 2010-10-04 08:43 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2183461$\spuninst\spuninst.exe
+ 2010-10-04 08:43 . 2010-04-16 16:09 251904 c:\windows\$NtUninstallKB2183461$\iepeers.dll
+ 2010-10-04 08:39 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2160329$\spuninst\updspapi.dll
+ 2010-10-04 08:39 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2160329$\spuninst\spuninst.exe
+ 2010-10-02 16:20 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2158563$\spuninst\updspapi.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2158563$\spuninst\spuninst.exe
+ 2010-10-02 16:20 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2141007$\spuninst\updspapi.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2141007$\spuninst\spuninst.exe
+ 2010-10-02 16:20 . 2010-01-29 15:01 691712 c:\windows\$NtUninstallKB2141007$\inetcomm.dll
+ 2010-10-04 12:47 . 2008-04-14 00:12 293376 c:\windows\$NtUninstallKB2121546$\winsrv.dll
+ 2010-10-04 12:47 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2121546$\spuninst\updspapi.dll
+ 2010-10-04 12:47 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2121546$\spuninst\spuninst.exe
+ 2010-10-04 08:42 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2115168$\spuninst\updspapi.dll
+ 2010-10-04 08:42 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2115168$\spuninst\spuninst.exe
+ 2010-10-04 08:41 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2079403$\spuninst\updspapi.dll
+ 2010-10-04 08:41 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2079403$\spuninst\spuninst.exe
+ 2010-10-04 08:41 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982802\update\updspapi.dll
+ 2010-10-04 08:41 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982802\update\update.exe
+ 2010-10-04 08:41 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982802\spuninst.exe
+ 2010-07-23 06:13 . 2010-07-23 06:13 590848 c:\windows\$hf_mig$\KB982802\SP3QFE\rpcrt4.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982665\update\updspapi.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982665\update\update.exe
+ 2010-10-02 16:20 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982665\spuninst.exe
+ 2010-10-04 08:43 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982214\update\updspapi.dll
+ 2010-10-04 08:43 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982214\update\update.exe
+ 2010-10-04 08:43 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982214\spuninst.exe
+ 2010-10-04 07:20 . 2010-06-21 14:18 354304 c:\windows\$hf_mig$\KB982214\SP3QFE\srv.sys
+ 2010-10-17 12:59 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB982132\update\updspapi.dll
+ 2010-10-17 12:59 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB982132\update\update.exe
+ 2010-10-17 12:59 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB982132\spuninst.exe
+ 2010-08-27 08:01 . 2010-08-27 08:01 119808 c:\windows\$hf_mig$\KB982132\SP3QFE\t2embed.dll
+ 2010-10-02 16:20 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981997\update\updspapi.dll
+ 2010-10-02 16:20 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981997\update\update.exe
+ 2010-10-02 16:20 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981997\spuninst.exe
+ 2010-10-17 12:56 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB981957\update\updspapi.dll
+ 2010-10-17 12:56 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB981957\update\update.exe
+ 2010-10-17 12:56 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB981957\spuninst.exe
+ 2010-10-02 16:21 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB981852\update\updspapi.dll
+ 2010-10-02 16:21 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB981852\update\update.exe
+ 2010-10-02 16:21 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB981852\spuninst.exe
+ 2010-10-04 08:39 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981322\update\updspapi.dll
+ 2010-10-04 08:39 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981322\update\update.exe
+ 2010-10-04 08:39 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981322\spuninst.exe
+ 2010-04-16 15:29 . 2010-04-16 15:29 406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
+ 2010-10-04 08:39 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980436\update\updspapi.dll
+ 2010-10-04 08:39 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980436\update\update.exe
+ 2010-10-04 08:39 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB980436\spuninst.exe
+ 2010-06-30 12:23 . 2010-06-30 12:23 149504 c:\windows\$hf_mig$\KB980436\SP3QFE\schannel.dll
+ 2010-10-17 12:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979687\update\updspapi.dll
+ 2010-10-17 12:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979687\update\update.exe
+ 2010-10-17 12:58 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB979687\spuninst.exe
+ 2010-07-12 13:02 . 2010-07-12 13:02 218112 c:\windows\$hf_mig$\KB979687\SP3QFE\wordpad.exe
+ 2011-03-03 08:18 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-03-03 08:18 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-03-03 08:18 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2011-02-09 07:33 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485376\update\updspapi.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485376\update\update.exe
+ 2011-02-09 07:33 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485376\spuninst.exe
+ 2011-01-07 14:09 . 2011-01-07 14:09 290048 c:\windows\$hf_mig$\KB2485376\SP3QFE\atmfd.dll
+ 2011-02-09 07:33 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2483185\update\updspapi.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2483185\update\update.exe
+ 2011-02-09 07:33 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2483185\spuninst.exe
+ 2011-01-21 14:42 . 2011-01-21 14:42 439808 c:\windows\$hf_mig$\KB2483185\SP3QFE\shimgvw.dll
+ 2011-02-09 07:31 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2482017\update\updspapi.dll
+ 2011-02-09 07:31 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2482017\update\update.exe
+ 2011-02-09 07:31 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2482017\spuninst.exe
+ 2010-12-20 22:13 . 2010-12-20 22:13 668672 c:\windows\$hf_mig$\KB2482017\SP3QFE\wininet.dll
+ 2010-12-20 22:13 . 2010-12-20 22:13 630784 c:\windows\$hf_mig$\KB2482017\SP3QFE\urlmon.dll
+ 2010-12-20 22:13 . 2010-12-20 22:13 532480 c:\windows\$hf_mig$\KB2482017\SP3QFE\mstime.dll
+ 2010-12-20 22:13 . 2010-12-20 22:13 449024 c:\windows\$hf_mig$\KB2482017\SP3QFE\mshtmled.dll
+ 2010-12-20 22:13 . 2010-12-20 22:13 251904 c:\windows\$hf_mig$\KB2482017\SP3QFE\iepeers.dll
+ 2011-03-10 07:31 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-03-10 07:31 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-03-10 07:31 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-03-10 07:33 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-10 07:33 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-10 07:33 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-02-09 07:33 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479628\update\updspapi.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479628\update\update.exe
+ 2011-02-09 07:33 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479628\spuninst.exe
+ 2011-02-09 07:33 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478971\update\updspapi.dll
+ 2011-02-09 07:33 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478971\update\update.exe
+ 2011-02-09 07:33 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478971\spuninst.exe
+ 2010-12-22 12:32 . 2010-12-22 12:32 301568 c:\windows\$hf_mig$\KB2478971\SP3QFE\kerberos.dll
+ 2011-02-09 07:30 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478960\update\updspapi.dll
+ 2011-02-09 07:30 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478960\update\update.exe
+ 2011-02-09 07:30 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478960\spuninst.exe
+ 2010-12-20 17:24 . 2010-12-20 17:24 730112 c:\windows\$hf_mig$\KB2478960\SP3QFE\lsasrv.dll
+ 2011-02-09 07:31 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476687\update\updspapi.dll
+ 2011-02-09 07:31 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476687\update\update.exe
+ 2011-02-09 07:31 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476687\spuninst.exe
+ 2010-12-15 09:37 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2467659\update\updspapi.dll
+ 2010-12-15 09:37 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2467659\update\update.exe
+ 2010-12-15 09:37 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2467659\spuninst.exe
+ 2010-12-15 09:38 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2443105\update\updspapi.dll
+ 2010-12-15 09:38 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2443105\update\update.exe
+ 2010-12-15 09:38 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2443105\spuninst.exe
+ 2010-12-15 09:38 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2440591\update\updspapi.dll
+ 2010-12-15 09:38 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2440591\update\update.exe
+ 2010-12-15 09:38 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2440591\spuninst.exe
+ 2010-12-15 09:38 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2436673\update\updspapi.dll
+ 2010-12-15 09:38 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2436673\update\update.exe
+ 2010-12-15 09:38 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2436673\spuninst.exe
+ 2010-12-15 09:35 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2423089\update\updspapi.dll
+ 2010-12-15 09:35 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2423089\update\update.exe
+ 2010-12-15 09:35 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2423089\spuninst.exe
+ 2011-01-13 07:38 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2419632\update\updspapi.dll
+ 2011-01-13 07:38 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2419632\update\update.exe
+ 2011-01-13 07:38 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2419632\spuninst.exe
+ 2010-11-09 14:50 . 2010-11-09 14:50 253952 c:\windows\$hf_mig$\KB2419632\SP3QFE\odbc32.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 102400 c:\windows\$hf_mig$\KB2419632\SP3QFE\msjro.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 200704 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadox.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 180224 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadomd.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 565248 c:\windows\$hf_mig$\KB2419632\SP3QFE\msado15.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 143360 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadco.dll
+ 2010-12-15 09:37 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2416400\update\updspapi.dll
+ 2010-12-15 09:37 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2416400\update\update.exe
+ 2010-12-15 09:37 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2416400\spuninst.exe
+ 2010-11-05 05:04 . 2010-11-05 05:04 668672 c:\windows\$hf_mig$\KB2416400\SP3QFE\wininet.dll
+ 2010-11-05 05:04 . 2010-11-05 05:04 630784 c:\windows\$hf_mig$\KB2416400\SP3QFE\urlmon.dll
+ 2010-11-05 05:04 . 2010-11-05 05:04 532480 c:\windows\$hf_mig$\KB2416400\SP3QFE\mstime.dll
+ 2010-11-05 05:04 . 2010-11-05 05:04 449024 c:\windows\$hf_mig$\KB2416400\SP3QFE\mshtmled.dll
+ 2010-11-05 05:04 . 2010-11-05 05:04 251904 c:\windows\$hf_mig$\KB2416400\SP3QFE\iepeers.dll
+ 2011-02-09 07:30 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2393802\update\updspapi.dll
+ 2011-02-09 07:30 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2393802\update\update.exe
+ 2011-02-09 07:30 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2393802\spuninst.exe
+ 2011-02-09 06:47 . 2010-12-09 15:15 718336 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2387149\update\updspapi.dll
+ 2010-10-17 13:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2387149\update\update.exe
+ 2010-10-17 13:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2387149\spuninst.exe
+ 2010-10-14 14:46 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42u.dll
+ 2010-10-14 14:46 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42.dll
+ 2010-10-14 14:46 . 2010-09-18 07:18 953856 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
+ 2010-10-14 14:46 . 2010-09-18 07:18 954368 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40.dll
+ 2010-10-15 07:30 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2360937\update\updspapi.dll
+ 2010-10-15 07:30 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2360937\update\update.exe
+ 2010-10-15 07:30 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2360937\spuninst.exe
+ 2010-10-14 14:36 . 2010-08-16 08:43 590848 c:\windows\$hf_mig$\KB2360937\SP3QFE\rpcrt4.dll
+ 2010-10-17 12:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2360131\update\updspapi.dll
+ 2010-10-17 12:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2360131\update\update.exe
+ 2010-10-17 12:58 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB2360131\spuninst.exe
+ 2010-09-09 14:25 . 2010-09-09 14:25 668672 c:\windows\$hf_mig$\KB2360131\SP3QFE\wininet.dll
+ 2010-09-09 14:25 . 2010-09-09 14:25 628736 c:\windows\$hf_mig$\KB2360131\SP3QFE\urlmon.dll
+ 2010-09-09 14:25 . 2010-09-09 14:25 449024 c:\windows\$hf_mig$\KB2360131\SP3QFE\mshtmled.dll
+ 2010-09-09 14:25 . 2010-09-09 14:25 251904 c:\windows\$hf_mig$\KB2360131\SP3QFE\iepeers.dll
+ 2010-10-04 08:41 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll
+ 2010-10-04 08:41 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2347290\update\update.exe
+ 2010-10-04 08:41 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2347290\spuninst.exe
+ 2010-10-17 13:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2345886\update\updspapi.dll
+ 2010-10-17 13:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2345886\update\update.exe
+ 2010-10-17 13:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2345886\spuninst.exe
+ 2010-08-26 13:37 . 2010-08-26 13:37 357248 c:\windows\$hf_mig$\KB2345886\SP3QFE\srv.sys
+ 2010-12-15 09:39 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2296199\update\updspapi.dll
+ 2010-12-15 09:39 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2296199\update\update.exe
+ 2010-12-15 09:39 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2296199\spuninst.exe
+ 2010-10-28 13:08 . 2010-10-28 13:08 290048 c:\windows\$hf_mig$\KB2296199\SP3QFE\atmfd.dll
+ 2010-10-02 16:21 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2286198\update\updspapi.dll
+ 2010-10-02 16:21 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2286198\update\update.exe
+ 2010-10-02 16:21 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2286198\spuninst.exe
+ 2010-10-17 13:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2279986\update\updspapi.dll
+ 2010-10-17 13:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2279986\update\update.exe
+ 2010-10-17 13:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2279986\spuninst.exe
+ 2010-09-01 11:48 . 2010-09-01 11:48 285824 c:\windows\$hf_mig$\KB2279986\SP3QFE\atmfd.dll
+ 2010-10-02 16:21 . 2009-05-26 09:01 382840 c:\windows\$hf_mig$\KB2259922\update\updspapi.dll
+ 2010-10-02 16:21 . 2009-05-26 09:01 755576 c:\windows\$hf_mig$\KB2259922\update\update.exe
+ 2010-10-02 16:21 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB2259922\spuninst.exe
+ 2010-07-14 13:22 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
+ 2010-07-14 13:22 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2229593\update\update.exe
+ 2010-07-14 13:22 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2229593\spuninst.exe
+ 2010-07-14 09:24 . 2010-06-14 14:38 744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe
+ 2010-10-04 08:43 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2183461\update\updspapi.dll
+ 2010-10-04 08:43 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2183461\update\update.exe
+ 2010-10-04 08:43 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2183461\spuninst.exe
+ 2010-06-24 12:11 . 2010-06-24 12:11 668672 c:\windows\$hf_mig$\KB2183461\SP3QFE\wininet.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 628736 c:\windows\$hf_mig$\KB2183461\SP3QFE\urlmon.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 251904 c:\windows\$hf_mig$\KB2183461\SP3QFE\iepeers.dll
+ 2010-10-04 08:39 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2160329\update\updspapi.dll
+ 2010-10-04 08:39 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2160329\update\update.exe
+ 2010-10-04 08:39 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2160329\spuninst.exe
+ 2010-10-02 16:20 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2141007\update\updspapi.dll
+ 2010-10-02 16:20 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2141007\update\update.exe
+ 2010-10-02 16:20 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2141007\spuninst.exe
+ 2010-06-09 07:41 . 2010-06-09 07:41 692736 c:\windows\$hf_mig$\KB2141007\SP3QFE\inetcomm.dll
+ 2010-10-04 12:47 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2121546\update\updspapi.dll
+ 2010-10-04 12:47 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2121546\update\update.exe
+ 2010-10-04 12:47 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2121546\spuninst.exe
+ 2010-06-18 17:43 . 2010-06-18 17:43 293376 c:\windows\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
+ 2010-10-04 08:42 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2115168\update\updspapi.dll
+ 2010-10-04 08:42 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2115168\update\update.exe
+ 2010-10-04 08:42 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2115168\spuninst.exe
+ 2010-10-04 08:41 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2079403\update\updspapi.dll
+ 2010-10-04 08:41 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2079403\update\update.exe
+ 2010-10-04 08:41 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2079403\spuninst.exe
+ 2011-04-14 09:12 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2010-10-14 14:52 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 3780936 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfc90u.dll
+ 2011-01-11 05:29 . 2011-01-11 05:29 3766088 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfc90.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2008-10-24 15:45 . 2008-10-24 15:45 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2011-01-10 17:20 . 2011-01-10 17:20 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80u.dll
+ 2011-01-10 17:20 . 2011-01-10 17:20 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80.dll
+ 2009-07-11 15:16 . 2009-07-11 15:16 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-11 15:16 . 2009-07-11 15:16 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2010-07-18 09:09 . 2009-06-03 15:13 3567616 c:\windows\system32\stlang.dll
- 2009-07-30 07:04 . 2009-06-03 15:13 3567616 c:\windows\system32\stlang.dll
+ 2004-03-11 19:48 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
+ 2004-03-11 19:48 . 2011-02-17 13:51 1510400 c:\windows\system32\shdocvw.dll
+ 2004-03-11 19:48 . 2010-07-16 12:05 1288192 c:\windows\system32\ole32.dll
+ 2004-03-11 18:43 . 2010-12-09 13:42 2148864 c:\windows\system32\ntoskrnl.exe
+ 2004-03-12 00:44 . 2010-12-09 13:07 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2004-03-11 19:48 . 2010-06-14 07:41 1172480 c:\windows\system32\msxml3.dll
- 2004-03-11 19:48 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll
+ 2004-03-11 19:48 . 2008-11-18 10:43 4445184 c:\windows\system32\msi.dll
+ 2004-03-11 19:48 . 2011-02-17 13:51 3078656 c:\windows\system32\mshtml.dll
+ 2010-12-30 12:09 . 2010-12-30 12:09 5971408 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-08-17 18:03 . 2009-08-17 18:03 1193832 c:\windows\system32\FM20.DLL
- 2009-07-30 07:03 . 2009-06-03 15:13 1640131 c:\windows\system32\drivers\sthda.sys
+ 2009-06-03 15:13 . 2009-06-03 15:13 1640131 c:\windows\system32\drivers\sthda.sys
+ 2010-11-29 07:42 . 2010-11-29 07:42 1066232 c:\windows\system32\drivers\avckf.sys
+ 2004-03-11 17:42 . 2008-04-13 16:48 1647616 c:\windows\system32\dllcache\winbrand.dll
+ 2009-08-14 13:21 . 2011-03-03 13:21 1857920 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2009-09-25 05:37 . 2011-02-17 13:51 1510400 c:\windows\system32\dllcache\shdocvw.dll
+ 2010-07-16 12:05 . 2010-07-16 12:05 1288192 c:\windows\system32\dllcache\ole32.dll
+ 2009-11-30 07:12 . 2008-04-13 16:34 1897408 c:\windows\system32\dllcache\nv4_mini.sys
+ 2009-08-04 15:14 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-11-20 22:09 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-11-20 22:09 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-11-20 22:09 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-11-30 07:12 . 2008-04-13 18:23 1309184 c:\windows\system32\dllcache\mtlstrm.sys
+ 2009-11-20 19:47 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2009-11-20 19:47 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2004-03-11 19:48 . 2008-04-14 00:12 1428992 c:\windows\system32\dllcache\msvidctl.dll
+ 2008-05-19 01:03 . 2008-11-18 10:43 4445184 c:\windows\system32\dllcache\msi.dll
+ 2009-09-25 05:37 . 2011-02-17 13:51 3078656 c:\windows\system32\dllcache\mshtml.dll
+ 2009-07-30 05:59 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2009-07-30 05:59 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2004-03-11 19:49 . 2008-04-14 00:12 1414656 c:\windows\system32\dllcache\mmc.exe
+ 2009-07-30 05:57 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2009-11-30 07:12 . 2008-04-13 18:23 1041536 c:\windows\system32\dllcache\hsfdpsp2.sys
+ 2001-08-23 05:30 . 2008-04-14 00:11 1504256 c:\windows\system32\dllcache\diskcopy.dll
- 2010-03-10 04:33 . 2010-04-16 16:09 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2010-03-10 04:33 . 2011-02-17 13:51 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2004-03-11 19:48 . 2011-02-17 13:51 1025024 c:\windows\system32\browseui.dll
- 2004-03-11 19:48 . 2010-04-16 16:09 1025024 c:\windows\system32\browseui.dll
- 2010-03-23 00:02 . 2010-03-23 00:02 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-09-22 04:14 . 2010-09-22 04:14 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-01-17 23:09 . 2011-01-17 23:09 5813072 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-01-17 23:09 . 2011-01-17 23:09 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-02-20 19:33 . 2010-02-20 19:33 4472832 c:\windows\Installer\f837a.msp
+ 2010-04-24 11:38 . 2010-04-24 11:38 9129984 c:\windows\Installer\f835b.msp
+ 2009-08-05 02:19 . 2009-08-05 02:19 3457024 c:\windows\Installer\f831b.msp
+ 2010-03-24 13:24 . 2010-03-24 13:24 3126272 c:\windows\Installer\f82ff.msp
+ 2010-03-24 13:24 . 2010-03-24 13:24 2516992 c:\windows\Installer\f82fe.msp
+ 2009-07-26 23:01 . 2009-07-26 23:01 3738624 c:\windows\Installer\f82e0.msp
+ 2010-04-24 11:37 . 2010-04-24 11:37 4667392 c:\windows\Installer\f82c7.msp
+ 2010-05-20 14:27 . 2010-05-20 14:27 4989952 c:\windows\Installer\f82ab.msp
+ 2010-05-20 14:27 . 2010-05-20 14:27 5907456 c:\windows\Installer\f82aa.msp
+ 2009-10-16 01:38 . 2009-10-16 01:38 2237952 c:\windows\Installer\f8288.msp
+ 2010-04-24 11:35 . 2010-04-24 11:35 4199424 c:\windows\Installer\f8257.msp
+ 2009-08-18 07:38 . 2009-08-18 07:38 1373696 c:\windows\Installer\f8239.msp
+ 2010-04-24 11:40 . 2010-04-24 11:40 8486400 c:\windows\Installer\f8220.msp
+ 2011-02-16 08:24 . 2011-02-16 08:24 4992000 c:\windows\Installer\dcbb2.msp
+ 2011-01-11 12:23 . 2011-01-11 12:23 1763328 c:\windows\Installer\dcb99.msp
+ 2009-02-25 13:38 . 2009-02-25 13:38 8311808 c:\windows\Installer\cc9b55.msp
+ 2010-08-19 12:27 . 2010-08-19 12:27 3395584 c:\windows\Installer\cc9b3d.msp
+ 2011-01-23 13:34 . 2011-01-23 13:34 2317312 c:\windows\Installer\927d7e.msi
+ 2010-09-23 02:09 . 2010-09-23 02:09 4265472 c:\windows\Installer\89167.msp
+ 2011-03-21 10:28 . 2011-03-21 10:28 2283008 c:\windows\Installer\4cd8d1.msi
+ 2011-03-17 14:35 . 2011-03-17 14:35 4989440 c:\windows\Installer\48601.msp
+ 2011-01-11 12:19 . 2011-01-11 12:19 9003008 c:\windows\Installer\485e8.msp
+ 2010-11-20 18:02 . 2010-11-20 18:02 4165120 c:\windows\Installer\485cf.msp
+ 2011-03-17 14:31 . 2011-03-17 14:31 9563648 c:\windows\Installer\4697b2.msp
+ 2011-01-11 12:20 . 2011-01-11 12:20 8177152 c:\windows\Installer\469799.msp
+ 2010-11-20 18:03 . 2010-11-20 18:03 1980928 c:\windows\Installer\469780.msp
+ 2010-08-13 12:31 . 2010-08-13 12:31 8993280 c:\windows\Installer\45add.msp
+ 2010-08-13 12:29 . 2010-08-13 12:29 8182272 c:\windows\Installer\45ac4.msp
+ 2010-08-13 12:32 . 2010-08-13 12:32 2545664 c:\windows\Installer\45aab.msp
+ 2010-08-13 12:30 . 2010-08-13 12:30 9404928 c:\windows\Installer\45a92.msp
+ 2010-09-17 00:36 . 2010-09-17 00:36 3355648 c:\windows\Installer\45a78.msp
+ 2010-10-21 12:40 . 2010-10-21 12:40 3995136 c:\windows\Installer\403f93.msp
+ 2010-11-20 18:05 . 2010-11-20 18:05 3359744 c:\windows\Installer\403f76.msp
+ 2010-12-16 18:47 . 2010-12-16 18:47 3362304 c:\windows\Installer\3febb.msp
+ 2011-03-25 12:49 . 2011-03-25 12:49 2640896 c:\windows\Installer\3f56d.msi
+ 2011-03-25 12:48 . 2011-03-25 12:48 1470464 c:\windows\Installer\3f564.msi
+ 2009-04-04 11:40 . 2009-04-04 11:40 1282560 c:\windows\Installer\334d3d.msp
+ 2009-04-04 11:40 . 2009-04-04 11:40 7888384 c:\windows\Installer\334d33.msp
+ 2009-04-04 11:40 . 2009-04-04 11:40 9926144 c:\windows\Installer\334d27.msp
+ 2009-04-04 04:44 . 2009-04-04 04:44 1094656 c:\windows\Installer\334b36.msp
+ 2011-01-11 12:22 . 2011-01-11 12:22 3360768 c:\windows\Installer\2b6075.msp
+ 2010-07-10 14:44 . 2010-07-10 14:44 2850816 c:\windows\Installer\2add5e.msp
+ 2010-10-02 12:25 . 2010-10-02 12:25 1816064 c:\windows\Installer\1ea6b1.msi
+ 2010-09-17 00:34 . 2010-09-17 00:34 9401856 c:\windows\Installer\121aed.msp
+ 2010-10-21 12:42 . 2010-10-21 12:42 3359744 c:\windows\Installer\121ad4.msp
+ 2010-10-07 13:13 . 2010-10-07 13:13 1980416 c:\windows\Installer\121abb.msp
- 2009-07-30 06:15 . 2009-07-30 06:15 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-07-30 06:15 . 2009-07-30 06:15 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-07-30 06:15 . 2011-04-16 09:22 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-11-10 07:19 . 2010-11-10 07:19 2207632 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\rt3d.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 6222744 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\authplay.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 5503368 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AGM.dll
+ 2010-11-10 07:19 . 2010-11-10 07:19 1216416 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AdobeCollabSync.exe
+ 2010-11-10 07:19 . 2010-11-10 07:19 1289624 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.exe
+ 2009-04-03 12:27 . 2009-04-03 12:27 4671320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\WRD12CNV.DLL
+ 2008-11-20 21:42 . 2008-11-20 21:42 3750256 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\VVIEWER.DLL
+ 2008-10-25 04:05 . 2008-10-25 04:05 1847160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\VVIEWDWG.DLL
+ 2008-08-25 17:20 . 2008-08-25 17:20 2585592 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\VBE6.DLL
+ 2008-11-09 21:11 . 2008-11-09 21:11 2014584 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PPTVIEW.EXE
+ 2009-04-03 12:34 . 2009-04-03 12:34 8468840 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\PPCORE.DLL
+ 2009-03-05 22:30 . 2009-03-05 22:30 6596472 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONMAIN.DLL
+ 2008-11-10 05:19 . 2008-11-10 05:19 1165680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONLIBS.DLL
+ 2008-11-24 16:46 . 2008-11-24 16:46 1020776 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\ONENOTE.EXE
+ 2009-03-05 20:35 . 2009-03-05 20:35 2964336 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OLMAPI32.DLL
+ 2009-02-05 06:06 . 2009-02-05 06:06 1640800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OGL.DLL
+ 2009-03-05 22:11 . 2009-03-05 22:11 9589096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSPUB.EXE
+ 2009-03-05 22:56 . 2009-03-05 22:56 5291376 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPEDITOR.DLL
+ 2009-03-05 22:56 . 2009-03-05 22:56 5466488 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPDESIGN.DLL
+ 2008-11-03 19:10 . 2008-11-03 19:10 1442160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\INFOPATH.EXE
+ 2009-02-14 00:33 . 2009-02-14 00:33 3070832 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEDOCUMENTSHARETOOL.DLL
+ 2008-11-20 17:36 . 2008-11-20 17:36 1194848 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\FM20.DLL
+ 2006-10-26 08:35 . 2006-10-26 08:35 1181520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XIMAGE3B.DLL
+ 2006-10-27 09:41 . 2006-10-27 09:41 4235560 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WRD12CNV.DLL
+ 2006-10-26 17:28 . 2006-10-26 17:28 3732792 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2006-10-26 17:30 . 2006-10-26 17:30 1841984 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VVIEWDWG.DLL
+ 2006-09-29 19:12 . 2006-09-29 19:12 2583344 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-27 09:27 . 2006-10-27 09:27 2330968 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-26 14:22 . 2006-10-26 14:22 2012672 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPTVIEW.EXE
+ 2006-10-27 09:34 . 2006-10-27 09:34 7980848 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2006-09-15 10:55 . 2006-09-15 10:55 3611416 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DAT
+ 2006-10-26 14:37 . 2006-10-26 14:37 6536992 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-10-27 09:33 . 2006-10-27 09:33 6579512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONMAIN.DLL
+ 2006-10-26 14:54 . 2006-10-26 14:54 1165112 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONLIBS.DLL
+ 2006-10-27 09:33 . 2006-10-27 09:33 1018880 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONENOTE.EXE
+ 2006-10-27 09:46 . 2006-10-27 09:46 2939704 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OLMAPI32.DLL
+ 2006-10-27 09:48 . 2006-10-27 09:48 1658152 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-26 14:44 . 2006-10-26 14:44 7033152 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-26 15:12 . 2006-10-26 15:12 8423224 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-26 09:17 . 2006-10-26 09:17 1512304 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\NLSD0000.DLL
+ 2006-10-27 09:34 . 2006-10-27 09:34 9581568 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2006-10-26 14:30 . 2006-10-26 14:30 6635320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-27 09:40 . 2006-10-27 09:40 5281592 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-27 09:40 . 2006-10-27 09:40 5456704 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPDESIGN.DLL
+ 2006-10-27 09:40 . 2006-10-27 09:40 1439232 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\INFOPATH.EXE
+ 2006-10-27 10:07 . 2006-10-27 10:07 1396008 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEUIFRAMEWORK.DLL
+ 2006-10-27 10:08 . 2006-10-27 10:08 4746536 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVETRANSCEIVER.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 1163048 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVETEXTTOOLS.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 2738472 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESTORAGEMGR.DLL
+ 2006-10-26 19:18 . 2006-10-26 19:18 2210608 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESHELLEXTENSIONS.DLL
+ 2006-10-27 10:08 . 2006-10-27 10:08 7053096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVERESOURCE.DLL
+ 2006-10-26 19:18 . 2006-10-26 19:18 1555232 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEMISC.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 3071288 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEDOCUMENTSHARETOOL.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 1359648 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECRYPTO.DLL
+ 2006-10-27 10:08 . 2006-10-27 10:08 3508544 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSERVICES.DLL
+ 2006-10-27 10:07 . 2006-10-27 10:07 2689336 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMONCOMPONENTS.DLL
+ 2006-10-27 10:08 . 2006-10-27 10:08 6191400 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEACCOUNTMGR.DLL
+ 2006-10-26 14:32 . 2006-10-26 14:32 2526720 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GRAPH.EXE
+ 2006-10-26 13:51 . 2006-10-26 13:51 1682232 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-26 08:40 . 2006-10-26 08:40 1190688 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FM20.DLL
+ 2006-09-13 03:39 . 2006-09-13 03:39 1277496 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CRYPTOPP.DLL
+ 2006-10-27 09:30 . 2006-10-27 09:30 1751904 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2006-10-26 08:35 . 2006-10-26 08:35 1165584 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACCICONS.EXE
+ 2006-10-26 14:19 . 2006-10-26 14:19 1011488 c:\windows\Installer\$PatchCache$\Managed\00002109010090400000000000F01FEC\12.0.4518\MSDAIPP.DLL
+ 2009-08-04 15:14 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-11-20 22:09 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-11-20 22:09 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-11-20 22:09 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-04-15 14:52 . 2011-04-15 14:52 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\76e431fde1b252312b331f7108259fda\WindowsBase.ni.dll
+ 2011-04-15 14:56 . 2011-04-15 14:56 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\9e022c95e79f2b6f383a501ad99f08a9\UIAutomationClientsideProviders.ni.dll
+ 2010-10-04 09:39 . 2010-10-04 09:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP42.tmp\System.Deployment.dll
+ 2011-04-15 14:52 . 2011-04-15 14:52 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\f02cf6430a9fc77908a74ab6925cb73c\System.ni.dll
+ 2011-04-15 14:56 . 2011-04-15 14:56 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b06e49ed8cbe07dbb90e313fa634b27b\System.Xml.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\6346221cecf631e5c0b754d842aad102\System.WorkflowServices.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\1fbcd203ff8d77d561df8bf806417ab6\System.Workflow.Runtime.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\efbaf3696c44fd7d4b3cd925e0437b36\System.Workflow.ComponentModel.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\52a9bc5dd1fa497af7c7f4600bd8e6d1\System.Workflow.Activities.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f5ebeeb0a8aaba9db15ec3df591339ba\System.Web.Services.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\92d6b75e3b63b528d4069bf4ee01983a\System.Web.Mobile.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\02d53154634c8000382942e0f43ead41\System.Web.Extensions.ni.dll
+ 2011-04-15 14:54 . 2011-04-15 14:55 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\dd128c8e21e7fa14c12b71df9892d046\System.Speech.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8b0bb430bb6af96c18b43e3c54cfafe8\System.ServiceModel.Web.ni.dll
+ 2011-04-16 09:22 . 2011-04-16 09:22 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\85090bd451617e204ffda625b8d9fc30\System.Runtime.Serialization.ni.dll
+ 2011-04-15 14:54 . 2011-04-15 14:54 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\85a7a7aace114e78fc6c9b219bcd5551\System.Printing.ni.dll
+ 2011-04-16 09:22 . 2011-04-16 09:22 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\86c59378e9a43bf101a10ad452a4bb8e\System.IdentityModel.ni.dll
+ 2011-04-15 14:54 . 2011-04-15 14:54 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d912066086a59f09424c7c69f95e2c55\System.Drawing.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c05d9332116964104c721e97f7ce1058\System.DirectoryServices.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0118c0c73ea5c77bda7b10b188102ab6\System.Deployment.ni.dll
+ 2011-04-15 14:53 . 2011-04-15 14:53 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\1337829e3df6888464a17aab78bb9b8f\System.Data.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ba3ca7a93e227c32ce7b50d0a7ba935f\System.Data.SqlXml.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de52be5da96059651b5bec800cb4605\System.Data.Services.ni.dll
+ 2011-04-15 14:53 . 2011-04-15 14:53 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\11f1306e0e311a0d0cbd139fb2fa4c36\System.Data.Linq.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\c91e83e85c030bc914ecc302fa9b2c60\System.Data.Entity.ni.dll
+ 2011-04-15 14:53 . 2011-04-15 14:53 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\684fe21837d3cf3e5935bbd0a7f53141\System.Core.ni.dll
+ 2011-04-15 14:53 . 2011-04-15 14:53 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\12efddabe6fe35be21246c88ed9bf8ab\ReachFramework.ni.dll
+ 2011-04-15 14:52 . 2011-04-15 14:52 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\257c9327ba9cc5cd87f58de224aa2e0d\PresentationUI.ni.dll
+ 2011-04-15 14:52 . 2011-04-15 14:52 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b117bf63daa7e587f1bb2d975dccb4af\PresentationBuildTasks.ni.dll
+ 2011-04-16 09:30 . 2011-04-16 09:30 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\269103939243ec6929739c8b9a645c0d\Microsoft.VisualBasic.ni.dll
+ 2011-04-16 09:22 . 2011-04-16 09:22 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\bf7bd26d2828e35156814018939ce4f6\Microsoft.Transactions.Bridge.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\6594c17d7e112b0507b701d5b8a67bba\Microsoft.JScript.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\f5eb1e42ccd0f67f7496b94a31949cd0\Microsoft.Build.Tasks.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cc7f05675a5cd8014222be1483d6beaf\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-04-16 09:29 . 2011-04-16 09:29 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\41cf95aa4ff5765b515d3252abc6353b\Microsoft.Build.Engine.ni.dll
- 2010-06-23 17:40 . 2010-06-23 17:40 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-06-23 17:40 . 2010-06-23 17:40 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-10-06 10:08 . 2010-10-06 10:08 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2009-11-30 08:12 . 2009-11-30 08:12 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-11-30 07:28 . 2009-11-30 07:28 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2010-10-04 13:40 . 2010-10-04 13:40 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-06-23 17:39 . 2010-06-23 17:39 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-04-15 07:38 . 2011-04-15 07:38 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-06-18 17:34 . 2008-04-13 17:28 2940928 c:\windows\$NtUninstallwmp11$\wmploc.dll
+ 2010-10-19 14:12 . 2008-04-13 17:28 2940928 c:\windows\$NtUninstallwmp11$\wmploc.dll
+ 2010-10-19 14:12 . 2010-08-26 11:46 4886528 c:\windows\$NtUninstallwmp11$\wmp.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 1001472 c:\windows\$NtUninstallWMFDist11$\wmvdmoe2.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 1001472 c:\windows\$NtUninstallWMFDist11$\wmvdmoe2.dll
+ 2010-10-19 14:11 . 2010-04-08 08:33 2113536 c:\windows\$NtUninstallWMFDist11$\wmvcore.dll
- 2010-06-18 17:33 . 2010-04-08 08:33 2113536 c:\windows\$NtUninstallWMFDist11$\wmvcore.dll
- 2010-06-18 17:33 . 2008-04-14 00:12 1119744 c:\windows\$NtUninstallWMFDist11$\wmsdmoe2.dll
+ 2010-10-19 14:11 . 2008-04-14 00:12 1119744 c:\windows\$NtUninstallWMFDist11$\wmsdmoe2.dll
- 2010-06-18 17:33 . 2008-06-10 00:41 1053696 c:\windows\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2010-10-19 14:11 . 2008-06-10 00:41 1053696 c:\windows\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2010-10-02 16:20 . 2009-10-23 15:28 3558912 c:\windows\$NtUninstallKB981997$\moviemk.exe
+ 2010-10-17 12:56 . 2010-06-23 13:44 1851904 c:\windows\$NtUninstallKB981957$\win32k.sys
+ 2010-10-02 16:21 . 2010-02-16 14:08 2146304 c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
+ 2010-10-02 16:21 . 2010-02-16 13:25 2024448 c:\windows\$NtUninstallKB981852$\ntkrpamp.exe
+ 2010-10-02 16:21 . 2010-02-16 13:25 2024448 c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
+ 2010-10-02 16:21 . 2010-02-16 14:08 2146304 c:\windows\$NtUninstallKB981852$\ntkrnlmp.exe
+ 2010-10-17 12:58 . 2008-04-14 00:12 1287168 c:\windows\$NtUninstallKB979687$\ole32.dll
+ 2010-07-09 17:22 . 2008-05-19 01:03 4445184 c:\windows\$NtUninstallKB958655-v2$\msi.dll
+ 2010-07-09 17:22 . 2008-04-14 00:12 2843136 c:\windows\$NtUninstallKB942288-v3$\msi.dll
+ 2011-02-09 07:33 . 2010-07-27 06:30 8462336 c:\windows\$NtUninstallKB2483185$\shell32.dll
+ 2011-02-09 07:31 . 2010-11-05 05:05 1510400 c:\windows\$NtUninstallKB2482017$\shdocvw.dll
+ 2011-02-09 07:31 . 2010-11-05 05:05 3076096 c:\windows\$NtUninstallKB2482017$\mshtml.dll
+ 2011-02-09 07:31 . 2010-11-05 05:05 1025024 c:\windows\$NtUninstallKB2482017$\browseui.dll
+ 2011-03-10 07:31 . 2009-06-10 03:49 2066432 c:\windows\$NtUninstallKB2481109$\mstscax.dll
+ 2011-03-10 07:31 . 2009-06-10 03:49 2066432 c:\windows\$NtUninstallKB2481109$\lhmstscx.dll
+ 2011-02-09 07:33 . 2010-10-26 13:25 1853312 c:\windows\$NtUninstallKB2479628$\win32k.sys
+ 2010-12-15 09:38 . 2010-08-31 13:42 1852800 c:\windows\$NtUninstallKB2436673$\win32k.sys
+ 2010-12-15 09:37 . 2010-09-09 14:16 1510400 c:\windows\$NtUninstallKB2416400$\shdocvw.dll
+ 2010-12-15 09:37 . 2010-09-09 14:16 3073536 c:\windows\$NtUninstallKB2416400$\mshtml.dll
+ 2010-12-15 09:37 . 2010-09-09 14:16 1025024 c:\windows\$NtUninstallKB2416400$\browseui.dll
+ 2011-02-09 07:30 . 2010-04-27 13:59 2146304 c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
+ 2011-02-09 07:30 . 2010-04-27 13:05 2024448 c:\windows\$NtUninstallKB2393802$\ntkrpamp.exe
+ 2011-02-09 07:30 . 2010-04-27 13:05 2024448 c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
+ 2011-02-09 07:30 . 2010-04-27 13:59 2146304 c:\windows\$NtUninstallKB2393802$\ntkrnlmp.exe
+ 2010-10-17 13:00 . 2008-04-14 00:11 1028096 c:\windows\$NtUninstallKB2387149$\mfc42.dll
+ 2010-10-17 13:00 . 2010-03-19 12:35 4874240 c:\windows\$NtUninstallKB2378111_WM9$\wmp.dll
+ 2010-10-17 12:58 . 2010-06-24 12:10 1509888 c:\windows\$NtUninstallKB2360131$\shdocvw.dll
+ 2010-10-17 12:58 . 2010-06-24 12:10 3073024 c:\windows\$NtUninstallKB2360131$\mshtml.dll
+ 2010-10-17 12:58 . 2010-06-24 12:10 1025024 c:\windows\$NtUninstallKB2360131$\browseui.dll
+ 2010-10-02 16:21 . 2008-06-17 19:02 8461312 c:\windows\$NtUninstallKB2286198$\shell32.dll
+ 2010-10-04 08:43 . 2010-04-16 16:09 1509888 c:\windows\$NtUninstallKB2183461$\shdocvw.dll
+ 2010-10-04 08:43 . 2010-04-16 16:09 3073024 c:\windows\$NtUninstallKB2183461$\mshtml.dll
+ 2010-10-04 08:43 . 2010-04-16 16:09 1025024 c:\windows\$NtUninstallKB2183461$\browseui.dll
+ 2010-10-04 08:39 . 2010-05-02 05:22 1851264 c:\windows\$NtUninstallKB2160329$\win32k.sys
+ 2010-10-04 08:41 . 2009-07-31 04:35 1172480 c:\windows\$NtUninstallKB2079403$\msxml3.dll
+ 2010-10-02 13:00 . 2010-06-18 13:43 3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe
+ 2010-08-31 13:38 . 2010-08-31 13:38 1861888 c:\windows\$hf_mig$\KB981957\SP3QFE\win32k.sys
+ 2010-10-02 12:55 . 2010-04-27 13:50 2190080 c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
+ 2010-10-02 12:55 . 2010-04-27 13:14 2024448 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrpamp.exe
+ 2010-04-28 01:44 . 2010-04-28 01:44 2066944 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
+ 2010-10-02 12:55 . 2010-04-27 13:54 2146304 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlmp.exe
+ 2010-07-16 12:04 . 2010-07-16 12:04 1289216 c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2011-01-21 14:42 . 2011-01-21 14:42 8463360 c:\windows\$hf_mig$\KB2483185\SP3QFE\shell32.dll
+ 2010-12-20 22:13 . 2010-12-20 22:13 1510400 c:\windows\$hf_mig$\KB2482017\SP3QFE\shdocvw.dll
+ 2010-12-20 22:13 . 2010-12-20 22:13 3078144 c:\windows\$hf_mig$\KB2482017\SP3QFE\mshtml.dll
+ 2010-12-20 22:13 . 2010-12-20 22:13 1025024 c:\windows\$hf_mig$\KB2482017\SP3QFE\browseui.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2010-12-31 13:14 . 2010-12-31 13:14 1864064 c:\windows\$hf_mig$\KB2479628\SP3QFE\win32k.sys
+ 2010-10-26 13:27 . 2010-10-26 13:27 1862272 c:\windows\$hf_mig$\KB2436673\SP3QFE\win32k.sys
+ 2010-11-05 05:04 . 2010-11-05 05:04 1510400 c:\windows\$hf_mig$\KB2416400\SP3QFE\shdocvw.dll
+ 2010-11-05 05:04 . 2010-11-05 05:04 3076608 c:\windows\$hf_mig$\KB2416400\SP3QFE\mshtml.dll
+ 2010-11-05 05:04 . 2010-11-05 05:04 1025024 c:\windows\$hf_mig$\KB2416400\SP3QFE\browseui.dll
+ 2011-02-09 06:47 . 2010-12-09 13:43 2192768 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
+ 2011-02-09 06:47 . 2010-12-09 13:09 2027008 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe
+ 2010-12-09 13:09 . 2010-12-09 13:09 2069376 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
+ 2011-02-09 06:47 . 2010-12-09 13:47 2148864 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe
+ 2010-09-09 14:25 . 2010-09-09 14:25 1510400 c:\windows\$hf_mig$\KB2360131\SP3QFE\shdocvw.dll
+ 2010-09-09 14:25 . 2010-09-09 14:25 3074560 c:\windows\$hf_mig$\KB2360131\SP3QFE\mshtml.dll
+ 2010-09-09 14:25 . 2010-09-09 14:25 1025024 c:\windows\$hf_mig$\KB2360131\SP3QFE\browseui.dll
+ 2010-07-27 06:28 . 2010-07-27 06:28 8463360 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 1509888 c:\windows\$hf_mig$\KB2183461\SP3QFE\shdocvw.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 3073536 c:\windows\$hf_mig$\KB2183461\SP3QFE\mshtml.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 1025024 c:\windows\$hf_mig$\KB2183461\SP3QFE\browseui.dll
+ 2010-06-24 02:14 . 2010-06-24 02:14 1861120 c:\windows\$hf_mig$\KB2160329\SP3QFE\win32k.sys
+ 2010-06-14 07:39 . 2010-06-14 07:39 1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll
- 2004-03-11 19:48 . 2009-07-13 18:13 10841088 c:\windows\system32\wmp.dll
+ 2004-03-11 19:48 . 2010-08-25 18:06 10841088 c:\windows\system32\wmp.dll
+ 2009-11-30 07:32 . 2011-04-15 07:31 39828936 c:\windows\system32\MRT.exe
+ 2004-03-11 19:48 . 2010-08-25 18:06 10841088 c:\windows\system32\dllcache\wmp.dll
- 2004-03-11 19:48 . 2009-07-13 18:13 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2010-04-24 11:39 . 2010-04-24 11:39 11750912 c:\windows\Installer\f8393.msp
+ 2011-01-23 13:34 . 2011-01-23 13:34 15709696 c:\windows\Installer\927d8f.msp
+ 2011-01-31 07:30 . 2011-01-31 07:30 20304384 c:\windows\Installer\4fcc16.msp
+ 2011-01-30 20:44 . 2011-01-30 20:44 12425728 c:\windows\Installer\4cd8d2.msp
+ 2011-02-11 15:17 . 2011-02-11 15:17 12028928 c:\windows\Installer\4697c0.msp
+ 2011-02-24 09:45 . 2011-02-24 09:45 11551232 c:\windows\Installer\469767.msp
+ 2008-09-24 06:35 . 2008-09-24 06:35 16381440 c:\windows\Installer\45f32.msp
+ 2008-08-11 06:19 . 2008-08-11 06:19 22457344 c:\windows\Installer\45f19.msp
+ 2010-05-19 07:38 . 2010-05-19 07:38 11408896 c:\windows\Installer\45f00.msp
+ 2010-10-08 16:37 . 2010-10-08 16:37 11559424 c:\windows\Installer\403f44.msp
+ 2010-12-21 07:36 . 2010-12-21 07:36 11570688 c:\windows\Installer\3fea2.msp
+ 2009-04-04 11:39 . 2009-04-04 11:39 15190016 c:\windows\Installer\334b59.msp
+ 2009-04-04 06:06 . 2009-04-04 06:06 21390848 c:\windows\Installer\334b37.msp
+ 2010-07-22 19:34 . 2010-07-22 19:34 11395072 c:\windows\Installer\2add43.msp
+ 2010-07-10 14:36 . 2010-07-10 14:36 10120192 c:\windows\Installer\2add0f.msp
+ 2011-02-17 08:55 . 2011-02-17 08:55 20308992 c:\windows\Installer\276e8.msp
+ 2011-01-29 15:34 . 2011-01-29 15:34 20303872 c:\windows\Installer\244a4.msp
+ 2011-01-29 15:33 . 2011-01-29 15:33 15710720 c:\windows\Installer\2449a.msp
+ 2010-11-10 07:19 . 2010-11-10 07:19 23724952 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.dll
+ 2009-04-03 12:31 . 2009-04-03 12:31 15108448 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\XL12CNV.EXE
+ 2009-04-03 12:41 . 2009-04-03 12:41 17740136 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\WWLIB.DLL
+ 2009-03-05 20:36 . 2009-03-05 20:36 12707696 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLOOK.EXE
+ 2009-04-03 13:16 . 2009-04-03 13:16 17314688 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSO.DLL
+ 2009-03-05 21:07 . 2009-03-05 21:07 10222432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSACCESS.EXE
+ 2009-04-03 12:41 . 2009-04-03 12:41 18330984 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\EXCEL.EXE
+ 2006-10-26 15:43 . 2006-10-26 15:43 14674432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XL12CNV.EXE
+ 2006-10-27 09:53 . 2006-10-27 09:53 17483560 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-27 09:46 . 2006-10-27 09:46 12813312 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLOOK.EXE
+ 2006-10-27 09:44 . 2006-10-27 09:44 14151456 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-27 09:56 . 2006-10-27 09:56 16870712 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-27 09:31 . 2006-10-27 09:31 10372096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2006-10-27 09:37 . 2006-10-27 09:37 17891328 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2011-04-15 14:55 . 2011-04-15 14:55 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ed2bf0d86229128c194a872f70fe15ee\System.Windows.Forms.ni.dll
+ 2011-04-16 09:31 . 2011-04-16 09:31 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d7b7ee04166212533ae21eaeb584fb0d\System.Web.ni.dll
+ 2011-04-16 09:22 . 2011-04-16 09:22 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b5f24d96334ea08b99350421450d3ba4\System.ServiceModel.ni.dll
+ 2011-04-15 14:54 . 2011-04-15 14:54 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\5aeadb9ff9a86f49130de5976a9f1744\System.Design.ni.dll
+ 2011-04-15 14:52 . 2011-04-15 14:52 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1a5d89d569e2e12842daf4d87c57361a\PresentationFramework.ni.dll
+ 2011-04-15 14:52 . 2011-04-15 14:52 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\46c57d845e55232a89e98101075cd455\PresentationCore.ni.dll
+ 2011-04-15 14:51 . 2011-04-15 14:51 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62d5f089dd51f18472a7caf1593d9f6b\mscorlib.ni.dll
+ 2009-04-04 11:38 . 2009-04-04 11:38 343058432 c:\windows\Installer\334d1a.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-31 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-31 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-31 141848]
"ep1k_certd"="c:\windows\system32\ep1k_certd.exe" [2009-07-30 385024]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2011\ieshow.exe" [2011-01-11 71216]
"BDAgent"="c:\program files\BitDefender\BitDefender 2011\bdagent.exe" [2011-04-02 1443712]
"eTMonitor"="c:\program files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe" [2009-11-15 230752]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Ahmed^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Ahmed\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 07:19 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-10-25 08:09 136176 ----atw- c:\documents and settings\Ahmed\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 06:14 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-14 15:47 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 11:01 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 06:20 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
.
R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [3/25/2011 6:06 PM 12960]
R1 Bdvedisk;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [1/19/2010 6:32 PM 85128]
R2 eTSrv;ETOKSRV;c:\program files\Aladdin\eToken\PKIClient\x32\eTSrv.exe [11/15/2009 12:45 PM 12640]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/20/2011 12:06 PM 363344]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [3/19/2009 3:55 PM 113664]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys [8/20/2010 2:41 PM 111696]
R3 ft1kEnum;usb Card Device 1000;c:\windows\system32\drivers\IC1KENUM.SYS [7/30/2009 9:36 PM 8832]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [7/30/2009 12:15 PM 110080]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [7/30/2009 11:52 AM 100184]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/20/2011 12:06 PM 20952]
R3 Reader_1000;USB SmartCard Reader Device 1000 ;c:\windows\system32\drivers\usbic1k.sys [7/30/2009 9:36 PM 9856]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [11/19/2010 3:16 PM 136176]
S2 UDisk Monitor;UDisk Monitor;c:\program files\MBlaze UI\bin\MonServiceUDisk.exe [1/15/2010 10:55 PM 512000]
S3 AKSUP;AKSUP;c:\windows\system32\drivers\aksup.sys [7/29/2008 4:40 PM 34472]
S3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [4/22/2010 12:19 PM 149520]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys --> c:\windows\system32\DRIVERS\ewusbnet.sys [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
S3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys [1/15/2010 10:55 PM 104704]
S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [11/29/2010 1:12 PM 535824]
S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [11/29/2010 1:12 PM 1066232]
S4 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [11/30/2010 6:19 AM 307544]
S4 Updatesrv;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [2/11/2011 11:14 AM 43936]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - pwacqkob
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-19 08:09]
.
2011-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-19 08:09]
.
2011-04-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1292428093-839522115-1007Core.job
- c:\documents and settings\Ahmed\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-03-18 08:09]
.
2011-04-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1292428093-839522115-1007UA.job
- c:\documents and settings\Ahmed\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-03-18 08:09]
.
2011-04-18 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-10-12 05:01]
.
2010-06-03 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.in/
mStart Page = hxxp://in.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {2530333E-2C10-49CA-8752-704502CF9C3E} = 172.16.75.1,202.89.66.2
DPF: {8EB6C15E-D180-4BA5-94D2-442867296F93} - hxxps://delhi.govtprocurement.com/include/api/C1Sign.CAB
DPF: {9765B508-0C62-4F32-AB7C-D30D0615580B} - hxxp://202.71.152.162/SecurityClientComponents//TCSDataSigner.cab
DPF: {A4BE311B-469C-41AC-B87A-649C1CFD1425} - hxxps://delhi.govtprocurement.com/Components/prjUtilities.cab
FF - ProfilePath - c:\documents and settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\1twp3wjh.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: BitDefender Antiphishing Toolbar: FFToolbar@bitdefender.com - c:\program files\BitDefender\BitDefender 2011\bdaphffext
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-AESTFltr - c:\windows\system32\AESTFltr.exe
MSConfigStartUp-SysTrayApp - %ProgramFiles%\IDT\WDM\sttray.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-20 17:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
ep1k_certd = c:\windows\system32\ep1k_certd.exe -r -s -a????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\SetId\Internal]
@Denied: (A 2) (LocalSystem)
"DEVICE2"="vaaur8rPygA="
"DATA2"="<settings accountStatus=\"4\" oldDevice=\"\" timeDiff=\"1106312873\" expireTime=\"1309830893\" productStatus=\"1\" obSize=\"2\" InstallTS=\"1289332796\" isSubsc=\"0\" authStat_ts=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"1\" moduleId1=\"7\" moduleId2=\"10\" relType=\"1\" />"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{18d32b24-8dfe-4ca7-8531-a1989f3dae77}]
@Denied: (Full) (Everyone)
"Model"=dword:000000b6
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,ab,9e,50,1b,eb,77,d1,ab,be,d2,f0,e1,81,4a,6c,e4,83,e0,8b,c5,07,bb,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):f1,25,0a,56,04,b9,10,90,5b,18,35,80,dc,a1,2b,b9,39,16,aa,5b,32,
0c,9a,02,fc,c2,91,f0,fa,4b,32,13,14,a1,a1,ac,a0,26,ea,ee,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1188)
c:\windows\system32\igfxdev.dll
.
- - - - - - - > 'explorer.exe'(3072)
c:\windows\system32\wpdshext.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\Audiodev.dll
c:\windows\system32\WMVCore.DLL
c:\windows\system32\WMASF.DLL
c:\program files\BitDefender\BitDefender 2011\pchook32.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
.
Completion time: 2011-04-20 17:52:30
ComboFix-quarantined-files.txt 2011-04-20 12:22
ComboFix2.txt 2010-07-09 14:50
.
Pre-Run: 46,536,863,744 bytes free
Post-Run: 46,518,722,560 bytes free
.
- - End Of File - - E3911005A2CFC76D1A028F2306E90A6D

#6 Broni Re: [RESOLVED] Does this points to an infection?

Malware Annihilator

24,880 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 12:44 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 9h 13m 9s

Posted 20 April 2011 - 10:37 PM

There is surely some infection present.

Is this the very same computer, we just cleaned few days ago?

DDS logs are not readable, so you'll have to repost them.

#7 Scorpy Re: [RESOLVED] Does this points to an infection?

Member

101 posts
Joined: July 03, 2010
7 topics
Age: 36
Skin: IP.Board
Local time: 01:14 AM

Zodiac:Scorpio
Gender:Male
Location:Anywhere Anytime ;)
OS:Windows 7
Country:

Offline

Posted 21 April 2011 - 07:25 AM

Hi Broni

I am putting up the DDS logs again and this machine is different from the previous one which we cleaned few days back.

DDS Logs
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Ahmed at 12:03:32.59 on Wed 04/20/2011
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2011.1613 [GMT 5.5:30]
.
AV: BitDefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: BitDefender Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Aladdin\eToken\PKIClient\x32\eTSrv.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ep1k_certd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
C:\WINDOWS\system32\ep1ksrv.exe
C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
C:\WINDOWS\system32\wuauclt.exe
E:\AV Tools\dds.scr
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://in.rd.yahoo.com/customize/ycomp/defaults/sp/*http://in.yahoo.com
uStart Page = hxxp://www.google.co.in/
mDefault_Page_URL = hxxp://in.yahoo.com
mStart Page = hxxp://in.yahoo.com
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Bitdefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ep1k_certd] c:\windows\system32\ep1k_certd.exe -r -s -a
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe"
mRun: [eTMonitor] "c:\program files\aladdin\etoken\pkiclient\x32\PKIMonitor.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [RunNarrator] Narrator.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258735569000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8EB6C15E-D180-4BA5-94D2-442867296F93} - hxxps://delhi.govtprocurement.com/include/api/C1Sign.CAB
DPF: {9765B508-0C62-4F32-AB7C-D30D0615580B} - hxxp://202.71.152.162/SecurityClientComponents//TCSDataSigner.cab
DPF: {A4BE311B-469C-41AC-B87A-649C1CFD1425} - hxxps://delhi.govtprocurement.com/Components/prjUtilities.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {2530333E-2C10-49CA-8752-704502CF9C3E} = 172.16.75.1,202.89.66.2
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\ahmed\applic~1\mozilla\firefox\profiles\1twp3wjh.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\bitdefender\bitdefender 2011\bdaphffext\components\bdaphff3.6.dll
FF - component: c:\program files\bitdefender\bitdefender 2011\bdaphffext\components\bdaphff3.dll
FF - plugin: c:\documents and settings\ahmed\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: BitDefender Antiphishing Toolbar: FFToolbar@bitdefender.com - c:\program files\bitdefender\bitdefender 2011\bdaphffext
.
============= SERVICES / DRIVERS ===============
.
R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [2011-3-25 12960]
R1 Bdvedisk;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2010-1-19 85128]
R2 eTSrv;ETOKSRV;c:\program files\aladdin\etoken\pkiclient\x32\eTSrv.exe [2009-11-15 12640]
R2 UDisk Monitor;UDisk Monitor;c:\program files\mblaze ui\bin\MonServiceUDisk.exe [2010-1-15 512000]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2009-3-19 113664]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2010-8-20 111696]
R3 ft1kEnum;usb Card Device 1000;c:\windows\system32\drivers\IC1KENUM.SYS [2009-7-30 8832]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2009-7-30 110080]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2009-7-30 100184]
R3 Reader_1000;USB SmartCard Reader Device 1000 ;c:\windows\system32\drivers\usbic1k.sys [2009-7-30 9856]
S1 mferkdk;VSCore mferkdk;\??\c:\program files\mcafee\virusscan enterprise\mferkdk.sys --> c:\program files\mcafee\virusscan enterprise\mferkdk.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-19 136176]
S3 AKSUP;AKSUP;c:\windows\system32\drivers\aksup.sys [2008-7-29 34472]
S3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-4-22 149520]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys --> c:\windows\system32\drivers\ewusbnet.sys [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys --> c:\windows\system32\drivers\ewusbdev.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe --> c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [?]
S3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys [2010-1-15 104704]
S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2010-11-29 535824]
S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2010-11-29 1066232]
S4 Update Server;BitDefender Update Server v2;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2010-11-30 307544]
S4 Updatesrv;BitDefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2011\updatesrv.exe [2011-2-11 43936]
.
=============== Created Last 30 ================
.
2011-04-13 02:51:13 -------- d-----w- c:\windows\pss
2011-04-04 16:41:00 -------- d--h--w- c:\windows\PIF
2011-03-25 13:14:01 -------- d-----w- c:\docume~1\alluse~1\applic~1\bdch
2011-03-25 12:48:56 -------- d-----w- c:\docume~1\ahmed\applic~1\BitDefender
2011-03-25 12:48:29 -------- d-----w- c:\program files\MSSOAP
2011-03-25 12:48:20 -------- d-----w- c:\program files\BitDefender
2011-03-25 12:37:53 -------- d-----w- c:\docume~1\ahmed\applic~1\QuickScan
2011-03-25 12:37:03 -------- d-----w- c:\docume~1\alluse~1\applic~1\BitDefender
2011-03-25 12:36:56 307784 ----a-w- c:\windows\system32\drivers\trufos.sys
2011-03-25 12:36:54 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2011-03-25 12:36:54 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys
2011-03-23 11:19:16 -------- d-----w- c:\docume~1\ahmed\applic~1\TeamViewer
.
==================== Find3M ====================
.
2011-03-25 12:50:48 579622 ----a-w- c:\docume~1\alluse~1\applic~1\bdinstall.bin
2011-03-15 17:01:58 24 ----a-w- c:\docume~1\alluse~1\applic~1\~f926.tmp
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:45:07 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-17 13:51:57 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 13:51:57 667136 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 13:51:57 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-02-17 12:37:38 369664 ------w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 16:10:23 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-02-02 13:49:39 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2010-07-08 04:07:14 101544 ----a-w- c:\program files\common files\LinkInstaller.exe
.
============= FINISH: 12:04:19.95 ===============

.DDS

Attached Files

DDS.txt 13.65K 24 downloads

#8 Broni Re: [RESOLVED] Does this points to an infection?

Malware Annihilator

24,880 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 12:44 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 9h 13m 9s

Posted 21 April 2011 - 11:46 PM

All logs have to be pasted....

I still need Attach.txt log.

#9 Broni Re: [RESOLVED] Does this points to an infection?

Malware Annihilator

24,880 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 12:44 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 9h 13m 9s

Posted 21 April 2011 - 11:48 PM

You're running two AV programs, Microsoft Security Essentials and BitDefender.
One of them has to go.
Your choice.

#10 Scorpy Re: [RESOLVED] Does this points to an infection?

Member

101 posts
Joined: July 03, 2010
7 topics
Age: 36
Skin: IP.Board
Local time: 01:14 AM

Zodiac:Scorpio
Gender:Male
Location:Anywhere Anytime ;)
OS:Windows 7
Country:

Offline

Posted 22 April 2011 - 01:41 AM

Attach.txt logs re posted.

Attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/30/2009 11:32:31 AM
System Uptime: 4/20/2011 11:56:52 AM (1 hours ago)
.
Motherboard: Compal | | 3607
Processor: Intel® Pentium® Dual CPU T3400 @ 2.16GHz | CPU | 2161/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 59 GiB total, 43.5 GiB free.
D: is FIXED (NTFS) - 50 GiB total, 47.125 GiB free.
E: is FIXED (NTFS) - 20 GiB total, 19.806 GiB free.
M: is FIXED (NTFS) - 104 GiB total, 101.35 GiB free.
W: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Network Controller
Device ID: PCI\VEN_14E4&DEV_4315&SUBSYS_137D103C&REV_01\4&2A17DF6C&0&00E2
Manufacturer:
Name: Network Controller
PNP Device ID: PCI\VEN_14E4&DEV_4315&SUBSYS_137D103C&REV_01\4&2A17DF6C&0&00E2
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\ENE0100\3&B1BFB68&0
Manufacturer:
Name:
PNP Device ID: ACPI\ENE0100\3&B1BFB68&0
Service:
.
==== System Restore Points ===================
.
RP159: 3/15/2011 2:17:15 PM - Software Distribution Service 3.0
RP160: 3/16/2011 8:56:21 PM - Software Distribution Service 3.0
RP161: 3/17/2011 3:36:28 PM - Software Distribution Service 3.0
RP162: 3/18/2011 4:04:14 PM - System Checkpoint
RP163: 3/18/2011 7:04:18 PM - Software Distribution Service 3.0
RP164: 3/19/2011 1:00:14 PM - Software Distribution Service 3.0
RP165: 3/20/2011 8:14:40 PM - System Checkpoint
RP166: 3/21/2011 3:58:00 PM - Removed Adobe Reader 7.0.7
RP167: 3/25/2011 4:47:54 PM - System Checkpoint
RP168: 3/25/2011 7:25:13 PM - Software Distribution Service 3.0
RP169: 3/27/2011 9:00:59 PM - System Checkpoint
RP170: 3/29/2011 7:20:30 PM - System Checkpoint
RP171: 4/3/2011 3:16:12 PM - System Checkpoint
RP172: 4/4/2011 6:25:57 PM - System Checkpoint
RP173: 4/6/2011 4:34:05 PM - System Checkpoint
RP174: 4/8/2011 10:27:03 PM - System Checkpoint
RP175: 4/10/2011 12:26:49 PM - System Checkpoint
RP176: 4/12/2011 2:35:55 PM - System Checkpoint
RP177: 4/15/2011 1:00:21 PM - Software Distribution Service 3.0
RP178: 4/16/2011 2:50:00 PM - Software Distribution Service 3.0
RP179: 4/17/2011 1:30:59 PM - Software Distribution Service 3.0
RP180: 4/18/2011 10:48:57 PM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe AIR
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader X (10.0.1)
Adobe Stock Photos 1.0
Agere Systems HDA Modem
BitDefender Total Security 2011
BufferChm
Copy
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_03_F4200_ProductContext
DJ_AIO_03_F4200_Software
DJ_AIO_03_F4200_Software_Min
eSupportQFolder
eToken PKI Client 5.1 SP1
F4200
F4200_Help
FLV Player 2.0 (build 25)
Google Chrome
Google Talk Plugin
Google Update Helper
GPBaseService
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB958655-v2)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 10.0
HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
HP Imaging Device Functions 10.0
HP Integrated Module with Bluetooth wireless technology
HP Photosmart Essential 2.5
HP Smart Web Printing
HP SoftPaq Download Manager
HP Solution Center 10.0
HP Update
HPProductAssistant
HPSSupply
Intel® Graphics Media Accelerator Driver
Java Auto Updater
Java™ 6 Update 24
JMicron JMB38X Flash Media Controller
MarketResearch
MBlaze UI
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SOAP Toolkit 3.0
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.16)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero Suite
OGA Notifier 2.0.0048.0
PowerDVD
PSSWCORE
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2464594)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2482017)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2497640)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shop for HP Supplies
SmartWebPrintingOC
SolutionCenter
Status
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Outlook 2007 Junk Email Filter (KB2522999)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
USB Token 1000 v4.1 (Remove only)
VideoToolkit01
VLC media player 1.1.8
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Live ID Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
4/20/2011 11:55:29 AM, error: Service Control Manager [7031] - The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/20/2011 11:51:30 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: bdfsfltr BdRawPr Bdvedisk Fips intelppm
4/20/2011 11:50:26 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/20/2011 11:50:14 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
4/20/2011 11:48:04 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
4/20/2011 11:44:46 AM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/20/2011 11:44:45 AM, error: Service Control Manager [7034] - The UDisk Monitor service terminated unexpectedly. It has done this 1 time(s).
4/20/2011 11:44:45 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
4/20/2011 11:44:45 AM, error: Service Control Manager [7034] - The ETOKSRV service terminated unexpectedly. It has done this 1 time(s).
4/20/2011 11:44:45 AM, error: Service Control Manager [7034] - The Agere Modem Call Progress Audio service terminated unexpectedly. It has done this 1 time(s).
4/15/2011 8:21:26 PM, error: Service Control Manager [7000] - The Audio Service service failed to start due to the following error: The system cannot find the file specified.
4/14/2011 10:17:48 PM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
4/14/2011 10:16:22 PM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.
4/14/2011 10:16:22 PM, error: Service Control Manager [7000] - The Audio Service service failed to start due to the following error: The system cannot find the path specified.
4/13/2011 8:03:47 PM, error: Service Control Manager [7000] - The Adobe LM Service service failed to start due to the following error: The pipe has been ended.
.
==== End Of File ===========================

#11 Scorpy Re: [RESOLVED] Does this points to an infection?

Member

101 posts
Joined: July 03, 2010
7 topics
Age: 36
Skin: IP.Board
Local time: 01:14 AM

Zodiac:Scorpio
Gender:Male
Location:Anywhere Anytime ;)
OS:Windows 7
Country:

Offline

Posted 22 April 2011 - 01:42 AM

Which av should be kept according to you - ms or bd?

#12 Broni Re: [RESOLVED] Does this points to an infection?

Malware Annihilator

24,880 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 12:44 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 9h 13m 9s

Posted 22 April 2011 - 01:43 AM

One of AV programs removed?

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: http://www.appremover.com/
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
Do not reboot until instructed.
If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

#13 Broni Re: [RESOLVED] Does this points to an infection?

Malware Annihilator

24,880 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 12:44 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 9h 13m 9s

Posted 22 April 2011 - 01:44 AM

BitDefender is not free, so, if it's paid for, keep it.

#14 Scorpy Re: [RESOLVED] Does this points to an infection?

Member

101 posts
Joined: July 03, 2010
7 topics
Age: 36
Skin: IP.Board
Local time: 01:14 AM

Zodiac:Scorpio
Gender:Male
Location:Anywhere Anytime ;)
OS:Windows 7
Country:

Offline

Posted 22 April 2011 - 01:47 AM

Broni do I need to get the combofix log again- You had already analysed the earlier one posted above?

#15 Broni Re: [RESOLVED] Does this points to an infection?

Malware Annihilator

24,880 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 12:44 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 9h 13m 9s

Posted 22 April 2011 - 01:49 AM

Oooops, sorry about that.
Hold on....

#16 Broni Re: [RESOLVED] Does this points to an infection?

Malware Annihilator

24,880 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 12:44 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 9h 13m 9s

Posted 22 April 2011 - 01:52 AM

Combofix log looks good now.

Make sure to uninstall one of those AV programs.

When done.....

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Scan All Users checkbox.
Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

#17 Scorpy Re: [RESOLVED] Does this points to an infection?

Member

101 posts
Joined: July 03, 2010
7 topics
Age: 36
Skin: IP.Board
Local time: 01:14 AM

Zodiac:Scorpio
Gender:Male
Location:Anywhere Anytime ;)
OS:Windows 7
Country:

Offline

Posted 22 April 2011 - 07:48 AM

Extras.txt

OTL Extras logfile created on: 4/22/2011 12:58:06 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Ahmed\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 76.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 42.93 Gb Free Space | 73.27% Space Free | Partition Type: NTFS
Drive D: | 50.05 Gb Total Space | 47.12 Gb Free Space | 94.16% Space Free | Partition Type: NTFS
Drive E: | 20.02 Gb Total Space | 19.81 Gb Free Space | 98.95% Space Free | Partition Type: NTFS
Drive M: | 104.23 Gb Total Space | 101.34 Gb Free Space | 97.23% Space Free | Partition Type: NTFS

Computer Name: COMPAQ-F3996EBD | User Name: Ahmed | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1606980848-1292428093-839522115-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:NetBIOS Session Service
"445:TCP" = 445:TCP:*:Enabled:SMB over TCP
"137:UDP" = 137:UDP:*:Enabled:NetBIOS Name Service
"138:UDP" = 138:UDP:*:Enabled:NetBIOS Datagram Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:SSDP
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:UPnP framework over TCP
"139:TCP" = 139:TCP:LocalSubNet:Enabled:NetBIOS Session Service
"445:TCP" = 445:TCP:LocalSubNet:Enabled:SMB over TCP
"137:UDP" = 137:UDP:LocalSubNet:Enabled:NetBIOS Name Service
"138:UDP" = 138:UDP:LocalSubNet:Enabled:NetBIOS Datagram Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{005F78AF-110D-398A-8430-BE98950A1E22}" = Google Talk Plugin
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 24
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3909BE71-2D8F-42D2-BA46-3831B60CFD0F}" = eToken PKI Client 5.1 SP1
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{62653245-3DC5-4019-AF6B-4E62D6150D9E}" = F4200_Help
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67DFCE0D-BBA9-43AC-90B3-548390ECE522}" = F4200
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{73FAD870-C7A8-4344-BA8F-DF8675276E91}" = BitDefender Total Security 2011
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = HP Integrated Module with Bluetooth wireless technology
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BCB4C18A-ACA6-4383-8688-E19933A705DD}" = Microsoft SOAP Toolkit 3.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{FDEA20CD-61CF-436C-A7BA-848E0EBA0AE8}" = HP SoftPaq Download Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"BitDefender" = BitDefender Total Security 2011
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player" = FLV Player 2.0 (build 25)
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Shop for HP Supplies" = Shop for HP Supplies
"USB Token 1000 v4.1" = USB Token 1000 v4.1 (Remove only)
"VLC media player" = VLC media player 1.1.8
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
"ZTEWireless-101_is1" = MBlaze UI

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1606980848-1292428093-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/15/2011 1:23:57 AM | Computer Name = COMPAQ-F3996EBD | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x077f22a0.

Error - 4/20/2011 8:19:16 AM | Computer Name = COMPAQ-F3996EBD | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: A connection with the server could not be established

Error - 4/20/2011 11:59:33 AM | Computer Name = COMPAQ-F3996EBD | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/20/2011 12:32:07 PM | Computer Name = COMPAQ-F3996EBD | Source = Application Hang | ID = 1002
Description = Hanging application chrome.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 4/22/2011 2:13:34 AM | Computer Name = COMPAQ-F3996EBD | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x650522a0.

Error - 4/22/2011 2:17:12 AM | Computer Name = COMPAQ-F3996EBD | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x650522a0.

Error - 4/22/2011 2:33:00 AM | Computer Name = COMPAQ-F3996EBD | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x650522a0.

Error - 4/22/2011 2:36:38 AM | Computer Name = COMPAQ-F3996EBD | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x650522a0.

Error - 4/22/2011 2:43:41 AM | Computer Name = COMPAQ-F3996EBD | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x650522a0.

Error - 4/22/2011 2:56:03 AM | Computer Name = COMPAQ-F3996EBD | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x650522a0.

[ OSession Events ]
Error - 10/4/2010 9:46:48 AM | Computer Name = COMPAQ-F3996EBD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/4/2010 9:46:57 AM | Computer Name = COMPAQ-F3996EBD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 4/20/2011 12:00:01 PM | Computer Name = COMPAQ-F3996EBD | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/21/2011 3:39:04 AM | Computer Name = COMPAQ-F3996EBD | Source = Service Control Manager | ID = 7000
Description = The Audio Service service failed to start due to the following error:
%%3

Error - 4/21/2011 3:40:29 AM | Computer Name = COMPAQ-F3996EBD | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/21/2011 7:26:40 AM | Computer Name = COMPAQ-F3996EBD | Source = Service Control Manager | ID = 7000
Description = The Audio Service service failed to start due to the following error:
%%2

Error - 4/21/2011 7:28:01 AM | Computer Name = COMPAQ-F3996EBD | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/21/2011 11:05:10 AM | Computer Name = COMPAQ-F3996EBD | Source = Service Control Manager | ID = 7000
Description = The Audio Service service failed to start due to the following error:
%%3

Error - 4/21/2011 11:06:32 AM | Computer Name = COMPAQ-F3996EBD | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 4/21/2011 12:38:41 PM | Computer Name = COMPAQ-F3996EBD | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{2530333E-2C10-49CA-8752-704502CF9C3E}. The
backup browser is stopping.

Error - 4/22/2011 2:04:04 AM | Computer Name = COMPAQ-F3996EBD | Source = Service Control Manager | ID = 7000
Description = The Audio Service service failed to start due to the following error:
%%3

Error - 4/22/2011 2:05:29 AM | Computer Name = COMPAQ-F3996EBD | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

< End of report >

#18 Scorpy Re: [RESOLVED] Does this points to an infection?

Member

101 posts
Joined: July 03, 2010
7 topics
Age: 36
Skin: IP.Board
Local time: 01:14 AM

Zodiac:Scorpio
Gender:Male
Location:Anywhere Anytime ;)
OS:Windows 7
Country:

Offline

Posted 22 April 2011 - 07:49 AM

OTl.txt

OTL logfile created on: 4/22/2011 12:58:06 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Ahmed\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 76.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 42.93 Gb Free Space | 73.27% Space Free | Partition Type: NTFS
Drive D: | 50.05 Gb Total Space | 47.12 Gb Free Space | 94.16% Space Free | Partition Type: NTFS
Drive E: | 20.02 Gb Total Space | 19.81 Gb Free Space | 98.95% Space Free | Partition Type: NTFS
Drive M: | 104.23 Gb Total Space | 101.34 Gb Free Space | 97.23% Space Free | Partition Type: NTFS

Computer Name: COMPAQ-F3996EBD | User Name: Ahmed | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/22 12:55:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ahmed\Desktop\OTL.exe
PRC - [2011/04/02 11:36:11 | 000,064,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
PRC - [2011/04/02 11:34:41 | 001,443,712 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
PRC - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/12/20 18:08:56 | 000,443,728 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2009/11/17 18:40:00 | 000,512,000 | ---- | M] () -- C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
PRC - [2009/11/15 12:45:56 | 000,230,752 | ---- | M] (Aladdin Knowledge Systems, Ltd.) -- C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe
PRC - [2009/11/15 12:45:46 | 000,012,640 | ---- | M] (Aladdin Knowledge Systems, Ltd.) -- C:\Program Files\Aladdin\eToken\PKIClient\x32\eTSrv.exe
PRC - [2009/07/30 21:36:42 | 000,385,024 | ---- | M] () -- C:\WINDOWS\system32\ep1k_certd.exe
PRC - [2009/07/30 21:36:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\ep1ksrv.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/11 09:45:04 | 000,012,800 | R--- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe

========== Modules (SafeList) ==========

MOD - [2011/04/22 12:55:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ahmed\Desktop\OTL.exe
MOD - [2011/01/11 10:59:44 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_0517bbc6\msvcr90.dll
MOD - [2010/11/30 06:34:58 | 000,015,624 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\pchook32.dll
MOD - [2010/08/23 21:42:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2001/08/23 11:00:00 | 000,149,019 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crtdll.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - File not found [Auto | Stopped] -- -- (STacSV)
SRV - [2011/04/02 11:36:17 | 000,043,936 | ---- | M] (BitDefender S.R.L.) [Disabled | Stopped] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV - [2011/04/02 11:35:32 | 002,084,848 | ---- | M] (BitDefender S.R.L.) [Disabled | Stopped] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV - [2010/12/20 18:08:58 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/11/30 06:19:06 | 000,307,544 | ---- | M] (BitDefender) [Disabled | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2009/11/17 18:40:00 | 000,512,000 | ---- | M] () [Auto | Running] -- C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe -- (UDisk Monitor)
SRV - [2009/11/15 12:45:46 | 000,012,640 | ---- | M] (Aladdin Knowledge Systems, Ltd.) [Auto | Running] -- C:\Program Files\Aladdin\eToken\PKIClient\x32\eTSrv.exe -- (eTSrv)
SRV - [2007/12/11 09:45:04 | 000,012,800 | R--- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)

========== Driver Services (SafeList) ==========

DRV - [2011/04/13 08:34:19 | 000,307,784 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trufos.sys -- (Trufos)
DRV - [2011/04/02 11:35:49 | 000,105,152 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Stopped] -- C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys -- (bdselfpr)
DRV - [2011/04/02 11:35:45 | 000,353,096 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/11/29 13:12:20 | 001,066,232 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\avckf.sys -- (avckf)
DRV - [2010/11/29 13:12:14 | 000,535,824 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\avc3.sys -- (avc3)
DRV - [2010/08/20 17:41:52 | 000,126,800 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (Bdftdif)
DRV - [2010/08/20 14:41:56 | 000,111,696 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys -- (Bdfndisf)
DRV - [2010/05/13 16:02:31 | 000,012,960 | ---- | M] (BITDEFENDER LLC) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\bdrawpr.sys -- (BdRawPr)
DRV - [2010/04/22 12:19:50 | 000,149,520 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (BDFM)
DRV - [2010/01/19 18:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bdvedisk.sys -- (Bdvedisk)
DRV - [2009/10/12 11:53:06 | 000,104,704 | ---- | M] (ZTEMT Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CT_ZTEMT_U_USBSER.sys -- (ztemtusbser)
DRV - [2009/07/30 21:36:34 | 000,009,856 | ---- | M] (OEM) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbic1k.sys -- (Reader_1000)
DRV - [2009/07/30 21:36:34 | 000,008,832 | ---- | M] (OEM Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IC1KENUM.SYS -- (ft1kEnum)
DRV - [2009/07/30 11:54:48 | 001,287,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/06/03 20:43:18 | 001,640,131 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/03/19 15:55:06 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/07/31 09:15:59 | 000,110,080 | R--- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/07/31 09:15:32 | 000,108,800 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/07/31 09:12:47 | 000,100,184 | R--- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/07/29 16:40:04 | 000,048,296 | ---- | M] (Aladdin Knowledge Systems, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aksifdh.sys -- (AKSIFDH)
DRV - [2008/07/29 16:40:04 | 000,034,472 | ---- | M] (Aladdin Knowledge Systems, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aksup.sys -- (AKSUP)
DRV - [2008/05/14 13:38:16 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/05/14 13:38:16 | 000,037,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2008/05/14 13:38:14 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/05/14 13:38:14 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/05/14 13:38:14 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/05/14 13:38:14 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/02/29 13:43:38 | 001,202,560 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1606980848-1292428093-839522115-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
IE - HKU\S-1-5-21-1606980848-1292428093-839522115-1007\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
IE - HKU\S-1-5-21-1606980848-1292428093-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011/03/29 21:17:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/29 22:26:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/29 22:26:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdtbext\ [2011/03/25 18:19:00 | 000,000,000 | ---D | M]

[2011/03/16 20:53:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ahmed\Application Data\Mozilla\Extensions
[2011/04/20 18:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\1twp3wjh.default\extensions
[2011/04/08 17:44:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\1twp3wjh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/08 17:44:47 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\1twp3wjh.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/03/27 20:17:20 | 000,002,306 | ---- | M] () -- C:\Documents and Settings\Ahmed\Application Data\Mozilla\Firefox\Profiles\1twp3wjh.default\searchplugins\wot-safe-search.xml
[2011/04/20 18:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/16 15:23:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/01 21:49:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/19 14:05:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/28 18:43:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/11 21:37:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/03/29 21:17:49 | 000,000,000 | ---D | M] ("BitDefender Antiphishing Toolbar") -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2011\BDAPHFFEXT
[2009/10/06 14:38:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/07/16 19:36:51 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [ep1k_certd] C:\WINDOWS\System32\ep1k_certd.exe ()
O4 - HKLM..\Run: [eTMonitor] C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe (Aladdin Knowledge Systems, Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-1292428093-839522115-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1606980848-1292428093-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1606980848-1292428093-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1606980848-1292428093-839522115-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1258735569000 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8EB6C15E-D180-4BA5-94D2-442867296F93} https://delhi.govtpr.../api/C1Sign.CAB (C1Sign.Sign)
O16 - DPF: {9765B508-0C62-4F32-AB7C-D30D0615580B} http://202.71.152.16...SDataSigner.cab (TCSDataSigner Control)
O16 - DPF: {A4BE311B-469C-41AC-B87A-649C1CFD1425} https://delhi.govtpr...rjUtilities.cab (prjUtilities.clsHashFile)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D7B039C1-5929-49B3-913E-EB62C8866FC4} http://192.168.1.53/HtmlAnvView.cab (HtmlAnvView Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ahmed\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/30 11:31:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2011/04/22 12:55:03 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ahmed\Desktop\OTL.exe
[2011/04/20 19:20:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/04/20 12:06:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/04/20 12:06:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/20 12:06:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/04/20 12:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/13 08:45:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ahmed\Recent
[2011/04/13 08:21:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/04/04 22:11:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011/04/04 20:55:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/04/04 17:26:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ahmed\Desktop\sarasach.com
[2011/03/27 22:31:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ahmed\Application Data\dvdcss
[2011/03/25 18:48:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\QuickScan
[2011/03/25 18:44:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\bdch
[2011/03/25 18:44:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\bdch
[2011/03/25 18:19:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BitDefender 2011
[2011/03/25 18:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ahmed\Application Data\BitDefender
[2011/03/25 18:18:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2011/03/25 18:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender
[2011/03/25 18:07:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ahmed\Application Data\QuickScan
[2011/03/25 18:07:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2011/03/25 18:06:56 | 000,307,784 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2011/03/25 18:06:54 | 000,353,096 | ---- | C] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys
[2011/03/25 18:06:54 | 000,012,960 | ---- | C] (BITDEFENDER LLC) -- C:\WINDOWS\System32\drivers\bdrawpr.sys
[2011/03/23 16:49:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ahmed\Application Data\TeamViewer
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/22 12:55:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ahmed\Desktop\OTL.exe
[2011/04/22 12:21:00 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/22 12:18:01 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1292428093-839522115-1007UA.job
[2011/04/22 11:50:03 | 000,370,901 | ---- | M] () -- C:\Documents and Settings\Ahmed\Desktop\emd 2.jpg
[2011/04/22 11:47:56 | 000,355,787 | ---- | M] () -- C:\Documents and Settings\Ahmed\Desktop\pf 2.jpg
[2011/04/22 11:46:01 | 000,366,205 | ---- | M] () -- C:\Documents and Settings\Ahmed\Desktop\emd 1.jpg
[2011/04/22 11:44:38 | 000,343,118 | ---- | M] () -- C:\Documents and Settings\Ahmed\Desktop\pf 1.jpg
[2011/04/22 11:38:10 | 000,437,210 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/22 11:38:10 | 000,069,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/22 11:36:56 | 000,399,420 | ---- | M] () -- C:\Documents and Settings\Ahmed\Desktop\Untitled-1.jpg
[2011/04/22 11:34:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/22 11:34:10 | 000,000,872 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/22 11:34:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/22 11:33:59 | 2108,645,376 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/21 22:37:34 | 000,229,500 | ---- | M] () -- C:\Documents and Settings\Ahmed\Desktop\LOGO.JPG
[2011/04/21 21:18:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1292428093-839522115-1007Core.job
[2011/04/20 22:18:54 | 000,002,294 | ---- | M] () -- C:\Documents and Settings\Ahmed\Desktop\Google Chrome.lnk
[2011/04/20 22:18:54 | 000,002,272 | ---- | M] () -- C:\Documents and Settings\Ahmed\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/20 19:25:04 | 000,000,021 | ---- | M] () -- C:\Documents and Settings\Ahmed\Desktop\server.bat
[2011/04/20 18:00:00 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/04/20 12:06:11 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/16 14:54:47 | 000,270,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/16 14:51:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/13 08:43:15 | 000,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI
[2011/04/13 08:34:19 | 000,307,784 | ---- | M] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2011/04/13 08:23:05 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2011/04/11 10:49:52 | 000,000,376 | ---- | M] () -- C:\Documents and Settings\Ahmed\Application Dataprivacy.xml
[2011/04/04 20:51:52 | 020,586,196 | ---- | M] () -- C:\Documents and Settings\Ahmed\My Documents\vlc-1.1.8-win32.exe
[2011/04/04 17:50:25 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\Ahmed\Application Data\Microsoft\Internet Explorer\Quick Launch\Paint.lnk
[2011/04/04 17:48:26 | 000,001,525 | ---- | M] () -- C:\Documents and Settings\Ahmed\Desktop\Paint.lnk
[2011/04/02 11:35:50 | 000,105,808 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdhv.sys
[2011/04/02 11:35:45 | 000,353,096 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys
[2011/03/30 18:49:01 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\Ahmed\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 18:34:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Ahmed\Ÿ·Ÿ·
[2011/03/25 18:21:01 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\asdict.dat
[2011/03/25 18:20:48 | 000,579,622 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2011/03/25 18:20:27 | 000,000,415 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2011/03/25 18:19:04 | 000,001,879 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Total Security 2011.lnk
[2011/03/24 15:38:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Ahmed\My Documents\vlc-1.1.7-win32.exe
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/22 11:50:02 | 000,370,901 | ---- | C] () -- C:\Documents and Settings\Ahmed\Desktop\emd 2.jpg
[2011/04/22 11:47:54 | 000,355,787 | ---- | C] () -- C:\Documents and Settings\Ahmed\Desktop\pf 2.jpg
[2011/04/22 11:45:59 | 000,366,205 | ---- | C] () -- C:\Documents and Settings\Ahmed\Desktop\emd 1.jpg
[2011/04/22 11:44:36 | 000,343,118 | ---- | C] () -- C:\Documents and Settings\Ahmed\Desktop\pf 1.jpg
[2011/04/22 11:36:53 | 000,399,420 | ---- | C] () -- C:\Documents and Settings\Ahmed\Desktop\Untitled-1.jpg
[2011/04/21 22:37:34 | 000,229,500 | ---- | C] () -- C:\Documents and Settings\Ahmed\Desktop\LOGO.JPG
[2011/04/21 14:01:48 | 000,008,292 | ---- | C] () -- C:\Documents and Settings\Ahmed\My Documents\ASFAK ALI.pfx
[2011/04/21 14:01:38 | 000,001,303 | ---- | C] () -- C:\Documents and Settings\Ahmed\My Documents\ASFAK ALI.cer
[2011/04/20 19:25:04 | 000,000,021 | ---- | C] () -- C:\Documents and Settings\Ahmed\Desktop\server.bat
[2011/04/20 12:06:11 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/13 08:43:15 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2011/04/04 20:45:30 | 020,586,196 | ---- | C] () -- C:\Documents and Settings\Ahmed\My Documents\vlc-1.1.8-win32.exe
[2011/04/04 17:50:25 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\Ahmed\Application Data\Microsoft\Internet Explorer\Quick Launch\Paint.lnk
[2011/04/04 17:48:26 | 000,001,525 | ---- | C] () -- C:\Documents and Settings\Ahmed\Desktop\Paint.lnk
[2011/04/02 13:14:23 | 000,000,376 | ---- | C] () -- C:\Documents and Settings\Ahmed\Application Dataprivacy.xml
[2011/03/27 22:24:08 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Ahmed\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 18:34:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ahmed\Ÿ·Ÿ·
[2011/03/25 18:21:01 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2011/03/25 18:20:27 | 000,000,415 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2011/03/25 18:19:04 | 000,001,879 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitDefender Total Security 2011.lnk
[2011/03/24 15:38:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ahmed\My Documents\vlc-1.1.7-win32.exe
[2011/03/18 22:09:40 | 000,579,622 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin
[2010/09/06 12:53:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/09 20:11:10 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/07/09 20:11:10 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/07/09 20:11:10 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/09 20:11:10 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/07/09 20:11:10 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/07/09 18:38:52 | 000,157,529 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2010/07/09 18:38:52 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2010/07/08 15:18:00 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat.temp
[2010/07/08 09:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010/06/06 11:09:05 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/01/13 20:40:54 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/08/06 20:20:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/30 21:36:42 | 000,446,464 | ---- | C] () -- C:\WINDOWS\System32\EP1CSP32.DAT
[2009/07/30 21:36:42 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\ep1k_certd.exe
[2009/07/30 21:36:42 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\EP1CSP32.DLL
[2009/07/30 21:36:42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\EP1KSSP.DLL
[2009/07/30 21:36:42 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\EP1KDL20.DLL
[2009/07/30 21:36:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\ep1ksrv.exe
[2009/07/30 21:36:34 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\ft1kco.dll
[2009/07/30 16:55:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/07/30 16:54:31 | 000,270,192 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/07/30 14:45:46 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/07/30 12:15:11 | 001,991,464 | R--- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2009/07/30 12:15:11 | 000,432,400 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2009/07/30 11:49:46 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4964.dll
[2009/07/30 11:32:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/07/30 11:28:39 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/05/12 14:51:50 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2006/12/31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/03/12 01:30:32 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/03/12 01:18:50 | 001,262,592 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/08/23 11:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 11:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 11:00:00 | 000,437,210 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 11:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 11:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 11:00:00 | 000,069,732 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 11:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 11:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 11:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 11:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011/03/25 18:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ahmed\Application Data\BitDefender
[2011/03/25 18:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ahmed\Application Data\QuickScan
[2011/03/23 16:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ahmed\Application Data\TeamViewer
[2011/03/25 18:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bdch
[2011/03/25 18:19:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2009/09/26 10:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/06/03 18:58:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/07/18 13:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/25 18:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\QuickScan
[2011/04/20 18:00:00 | 000,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration3.job
[2010/06/03 18:58:26 | 000,000,410 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version3.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2009/07/30 11:31:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/07/30 11:55:03 | 000,000,086 | ---- | M] () -- C:\bcmwl5.log
[2011/04/20 11:48:54 | 000,066,667 | ---- | M] () -- C:\bdlog.txt
[2010/07/09 20:14:57 | 000,000,281 | ---- | M] () -- C:\Boot.bak
[2011/04/13 08:23:05 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2011/04/20 17:52:31 | 000,265,732 | ---- | M] () -- C:\ComboFix.txt
[2009/07/30 11:31:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/04/22 11:33:59 | 2108,645,376 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/30 11:31:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/07/30 11:31:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/03/11 22:51:14 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/11/30 12:42:32 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2009/10/08 15:59:30 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2010/12/31 16:34:33 | 000,001,024 | -H-- | M] () -- C:\ntuser.dat.LOG
[2011/04/22 11:33:56 | 2147,483,648 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/07/30 11:30:45 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 17:36:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/10/20 18:21:50 | 000,278,016 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5mu.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 16:20:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2011/04/20 18:15:06 | 000,001,642 | -H-- | M] () -- C:\Documents and Settings\Ahmed\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/07/30 16:53:56 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/07/30 16:53:56 | 000,651,264 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/07/30 16:53:55 | 000,925,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/11/30 12:45:29 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/03/15 23:29:20 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Ahmed\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/04/22 12:55:01 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ahmed\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >
[2010/07/08 09:37:14 | 000,101,544 | ---- | M] () -- C:\Program Files\Common Files\LinkInstaller.exe

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2011/03/24 15:38:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Ahmed\My Documents\vlc-1.1.7-win32.exe
[2011/04/04 20:51:52 | 020,586,196 | ---- | M] () -- C:\Documents and Settings\Ahmed\My Documents\vlc-1.1.8-win32.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/03/15 23:29:19 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Ahmed\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011/04/22 12:57:40 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Ahmed\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 05:41:52 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2002/08/20 19:29:46 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/03/12 02:29:54 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 19:31:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 23:00:30 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 05:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2002/08/20 19:29:48 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2002/08/20 19:30:06 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2002/08/20 19:30:06 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/03/12 02:29:56 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2007/04/02 23:34:02 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-21 11:08:47

========== Alternate Data Streams ==========

@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

#19 Broni Re: [RESOLVED] Does this points to an infection?

Malware Annihilator

24,880 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 12:44 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 9h 13m 9s

Posted 22 April 2011 - 03:01 PM

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
@Alternate Data Stream - 176 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1


:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.

===================================================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Tick the box next to YES, I accept the Terms of Use
Click Start
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If Eset won't find any threats, it won't produce any log.

#20 Scorpy Re: [RESOLVED] Does this points to an infection?

Member

101 posts
Joined: July 03, 2010
7 topics
Age: 36
Skin: IP.Board
Local time: 01:14 AM

Zodiac:Scorpio
Gender:Male
Location:Anywhere Anytime ;)
OS:Windows 7
Country:

Offline

Posted 26 April 2011 - 06:09 AM

OTL Log

System got hanged when the scan was run for first time, had to be hard rebooted before the scan was run again and results obtained.
All processes killed
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000}
C:\WINDOWS\Downloaded Program Files\swdir.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Documents and Settings\All Users\Application Data\~f926.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Ahmed
->Temp folder emptied: 33839260 bytes
->Temporary Internet Files folder emptied: 9189278 bytes
->Java cache emptied: 3524 bytes
->FireFox cache emptied: 12012934 bytes
->Google Chrome cache emptied: 364749120 bytes
->Flash cache emptied: 2201 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: you
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2362466 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1960178 bytes

Total Files Cleaned = 405.00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: Ahmed
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

User: you
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 04242011_213958

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Back to Virus, Spyware and Malware Removal · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

This topic has been visited by 1 user(s)

Exactly