My computer is slowly dying

ep2002 · 21-Dec-2011, 11:21 PM #1

Actually I don't know about slowly anymore.

Note before I start. Yes this is my business computer, but I'm a very very small business. My company barely makes enough to support me & I have no money to hire someone even if I could find someone qualified which most people online are not qualified as you know. So PLEASE help me. I don't care what gets deleted, I can barely work & I end up blaming others when the issue in the end is my computer - how embarrassing.

I work 100% on my desktop, the only time I use my laptop is when I'm away out of town which is rare or for personal things. It looks like my laptop is infected too, but probably not as bad as the desktop. It's a brand new laptop too, less than a year old.

Desktop - XP Proff
laptop - 7 b/c I have no choice.

Here are my stats for the desktop - http://speccy.piriform.com/results/x...cD3VF08kzRVGSZ

These problems have been going on for months.

I'm a very very careful user, but I am online all the time & so who knows what is sent to me either by accident or on purpose.

At one point I thought I was hacked, but people said I wasn't. I recently got a new router & it's locked down just like the old one was when I learned how to do it.

If I listed every problem we'd be here all day.

I'll go thru the strangest of them:

1. Screensaver & lockdown (p/w required to get onto the computer) works intermittently. Same issue with the laptop.

2. I only use Firefox (Fx) & Thunderbird (TB). I also use Last Pass (LP). While LP isn't 100% the greatest piece of software, I have yet to find anyone who has the problems I have. It has to be something with the computer that is causing this.

a) sometimes the site doesn't remember the login or inserts the wrong info. Those are even my Word Press (WP) blogs. I know LP doesn't work well with poorly coded sites, but for WP, it should be no problem.
b) my Fx crashes all the time now. Ever since 6 or 7.0 I think. It won't stop crashing, sometimes 2 or more times a day. It's nuts. Different sites so it's not any one particular site.
c) in July suddenly the the site for my hosting company (HD, the ticket site, not the CPanel) became HUGE (fonts, graphics) on my screen. This wasn't happening with any other site & they claim they didn't change anything & it didn't look like that as I sent them a SS.
d) ever since I upgraded from Fx 5, whenever Fx restores previous pages or crashes & restores, some of the pages don't have the URL in the address bar. It's just missing. It's gotten slightly better, but it never happened before.
d) When I forward an e-mail from my sent & maybe other folders within TB, it doesn't forward using the default e-mail account or the e-mail that it was using before. No one has been able to solve this problem.
e) lots of problems with TB.

i) Folders being created (not by me) with a string of numbers/letters.
ii) Can't delete a folder I want to.
iii) Mail missing from folders I need.
iv) sometimes I go into a specific account & when I click on "write" it doesn't use the account's e-mail addy, it uses the default one.
v) I keep getting this script error. It's also intermittent. I thought it was one of the add-ons, but even after I uninstalled that add-on it started happening again.
vi) ever since the time change last month I've been having problems with the e-mail time in TB. At first it was hard to get the computer to manually set to the time I wanted it set to. I think I had daylight savings time set & where I am not there is no daylight savings time, so that screwed up the time. I finally got it to stick on the computer, but ever since then, any mail that comes in shows 1 hour behind the actual time it came in.

I just tested it after unchecking the synch checkmark & I got the current time, but that was ONLY when I sent mail to myself from 2 different gmail accounts (one from the desktop, one from the laptop) When mail from others came thru, again, 1 hour behind.
vii) the laptop has had a time issue as well. It keeps showing 1 hour behind no matter how many times I set it. I've now taking off the synchronization checkmark to see if that helps (someone recommended that)
viii) back in June e-mail that I normally always got from my gateway stopped coming through. HD claimed it was coming into my TB, yet I wasn't getting it. Eventually that problem stopped, but boy was that scary.

3. Starting back in Dec./Jan. of this year, I switched hosting companies & was introduced to CPanel. I used the Spam Assasin (SA) religiously wasting a lot of time b/c every few weeks all the entries I submitted would disappear.

After wasting more time dealing with host dime (the hosting company), they blamed it on my computer saying it was deleting the entries. Yes I had ghosts.

After someone helped to logically think things thru & he actually saw it happen while he was in my computer remotely, he figured out it was a conflict between Fx & SA & the timeout or reboot function.

What I don't understand is why it wasn't reported online. I can't be the ONLY person using Fx with SA. When I switched to Chrome just to use the Cpanel, the problem stopped, but I eventually stopped using SA b/c it was a waste of time blocking good mail that I put on the white list.

My point is, I still think it had something to do with my computer.

4. Files keep disappearing from my computer. I know they were there, just gone & this must have happened a while ago b/c I have everything backed up through Crash Plan & I couldn't find them there either.

5. Shortcuts in the start menu disappeared. All but Fx & TB.

6. Junk files in the “The Car” folder. Can't delete them, warning says some are part of the system file. AlbumArt_{0A0B70F4-AA3C-48FF-B440-70925C53A4A0}_Large.jpg - this file has music in it. I don't save or keep art.

7. On my E drive (used for e-mails & other backup type stuff) this folder is there. I didn't create it. fe19a24640db537895a48aa9e4d1fd

8. Same here, not sure what this is – SMRTNTKY

9. When I tried to listen to VM greetings from RC & my extension 100, they wouldn’t play on Windows Media Player. It kept telling me it didn’t recognize the file type even though it’s an mp3 file. Default intro greeting & default VM greeting

10. In my router had 2 ports opened called RC1 & RC2 ports 5060 to 5090 & 8000 to 8200 (This isn’t a problem that needs to be fixed, but it’s very suspicious, as I have no idea why this was there) I deleted them while on the phone with Linksys.

11. 12-18-11 - Speakers won’t play on the computer. Speakers are fine as they played in the cell phone, drivers are there as someone walked me thru confirming that, nothing will play. : (

12. I use Track Changes in Word religiously. I recently hired a new biz consultant who isn’t tech savvy & he changed the font to some weird font. On my computer it shows up as ALL CAPS, but on his it has both lower & upper case. I forwarded it to someone else also using Word 2003, & they see what he sees. I sent it to my laptop, although it looks blotchy & faint, I can see the lower case.

So as you can see, really strange things.

I'll paste the log files below.

Thank you. I hope some sharp cookie can help

Michelle

ep2002 · 21-Dec-2011, 11:23 PM #2

I didn't DL the beta version...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:32:37 PM, on 12/21/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CrashPlan\CrashPlanService.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe
D:\Notes\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Browny02\Brother\BrStMonW.exe
C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
D:\Notes\LogMeIn\x86\RaMaint.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
D:\Notes\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe
C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\Program Files\CrashPlan\CrashPlanTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Speccy\Speccy.exe
C:\WINDOWS\System32\vssvc.exe
D:\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\ChitChat Toolbar\tbhelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\ChitChat Toolbar\tbcore3.dll
O3 - Toolbar: ChitChat Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\ChitChat Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [rmtemp] cmd /c c:\dostools\rmtemp.bat
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogMeIn GUI] "D:\Notes\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Personal Assistant] C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RCUI] "C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe"
O4 - HKCU\..\Run: [RCHotKey] "C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Chit Chat for Facebook] C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: Add to &Evernote - res://C:\Program Files\Evernote\Evernote3.5\enbar.dll/2000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Billeo - {97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/...nAxControl.CAB
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) -
O16 - DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} (RingCentral Message Player Control) - http://service.ringcentral.com/Activ...age_Player.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://linksyssupport.webex.com/cli...rt/ieatgpc.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Avira Upgrade Service (AviraUpgradeService) - Unknown owner - C:\WINDOWS\TEMP\AVSETUP_4eac0d84\avupgsvc.exe (file missing)
O23 - Service: Bomgar Support Customer Client [1291058205] (bomgar-scc-1291058205) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-4CF3FC1D\bomgar-scc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
O23 - Service: CrashPlan Backup Service (CrashPlanService) - CrashPlan - C:\Program Files\CrashPlan\CrashPlanService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - D:\Notes\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - D:\Notes\LogMeIn\x86\LogMeIn.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 13208 bytes

ep2002 · 21-Dec-2011, 11:25 PM #3

Re: HJT, programs that are on my computer by choice in case you are wondering:

1. personal assistant
2. Chat Chat for FB

Michelle

ep2002 · 21-Dec-2011, 11:25 PM #4

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Michelle at 19:37:30 on 2011-12-21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.1131 [GMT -6:00]
.
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CrashPlan\CrashPlanService.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe
D:\Notes\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Browny02\Brother\BrStMonW.exe
C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
D:\Notes\LogMeIn\x86\RaMaint.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
D:\Notes\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe
C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\Program Files\CrashPlan\CrashPlanTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Speccy\Speccy.exe
C:\WINDOWS\System32\vssvc.exe
D:\Downloads\HijackThis.exe
C:\WINDOWS\system32\mspaint.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\chitchat toolbar\tbhelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\chitchat toolbar\tbcore3.dll
TB: ChitChat Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\chitchat toolbar\tbcore3.dll
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [Personal Assistant] c:\program files\shelltoys\personal assistant\assistant.exe
uRun: [Google Update] "c:\documents and settings\michelle\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RCUI] "c:\program files\ringcentral\ringcentral call controller\RCUI.exe"
uRun: [RCHotKey] "c:\program files\ringcentral\ringcentral call controller\RCHotKey.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Chit Chat for Facebook] c:\program files\chit chat for facebook\CCFFacebook.exe
mRun: [rmtemp] cmd /c c:\dostools\rmtemp.bat
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [LogMeIn GUI] "d:\notes\logmein\x86\LogMeInSystray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [BrStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN
mRun: [KodakShareButtonApp] c:\program files\kodak\kodak share button app\Listener.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\michelle\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\crashp~1.lnk - c:\program files\crashplan\CrashPlanTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
IE: Add to &Evernote - c:\program files\evernote\evernote3.5\enbar.dll/2000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - c:\program files\evernote\evernote3.5\enbar.dll
Trusted Zone: exoticpublishing.com
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} - hxxp://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://linksyssupport.webex.com/client/T27L10NSP11EP13-5395-linksyssupport/support/ieatgpc.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
TCP: DhcpNameServer = 200.75.200.3 200.75.200.2
TCP: Interfaces\{23E4F7C4-7DC6-489A-9574-0FF705F312F3} : DhcpNameServer = 200.75.200.3 200.75.200.2
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: intu-res - {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - c:\program files\common files\intuit\intu-res.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\michelle\application data\mozilla\firefox\profiles\vc1po946.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.exoticpublishing.com/adminDB/freelancers_maintenance.php|http://exoticpublishing.hyperoffice....14.224/cpanel/
FF - prefs.js: network.proxy.http - http://proxy.uconn.edu:3000/proxy.pac
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\michelle\application data\mozilla\firefox\profiles\vc1po946.default\extensions\support@lastpass. com\platform\winnt_x86-msvc\components\lpxpcom.dll
FF - plugin: c:\documents and settings\michelle\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\michelle\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\michelle\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\michelle\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPCltInst11.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-29 36000]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-29 86224]
R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2011-10-29 110032]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-29 74640]
R2 CrashPlanService;CrashPlan Backup Service;c:\program files\crashplan\CrashPlanService.exe [2011-6-29 152576]
R2 LMIGuardianSvc;LMIGuardianSvc;d:\notes\logmein\x86\LMIGuardianSvc.exe [2010-9-16 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;d:\notes\logmein\x86\rainfo.sys [2010-5-31 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-9-24 47640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-11-27 366152]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2011-3-21 196928]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-3-21 68928]
R3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2011-2-22 245760]
R3 cpuz135;cpuz135;\??\c:\docume~1\michelle\locals~1\temp\cpuz135\cpuz135_x32. sys --> c:\docume~1\michelle\locals~1\temp\cpuz135\cpuz135_x32.sys [?]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-27 22216]
R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\drivers\stdriver32.sys [2010-7-25 49208]
R4 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.s ys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S2 AviraUpgradeService;Avira Upgrade Service;"c:\windows\temp\avsetup_4eac0d84\avupgsvc.exe" /tempstart:""c:\windows\temp\avsetup_4eac0d84\setup.exe" /notempcleanup /crossupgrade" --> c:\windows\temp\avsetup_4eac0d84\avupgsvc.exe [?]
S2 bomgar-scc-1291058205;Bomgar Support Customer Client [1291058205];"c:\documents and settings\all users\application data\bomgar-scc-4cf3fc1d\bomgar-scc.exe" -service:run --> c:\documents and settings\all users\application data\bomgar-scc-4cf3fc1d\bomgar-scc.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-10-15 136176]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2011-2-22 71424]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [2011-2-22 11520]
S3 cpuz129;cpuz129;\??\c:\docume~1\michelle\locals~1\temp\cpuz_x32.sys --> c:\docume~1\michelle\locals~1\temp\cpuz_x32.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-10-15 136176]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-12-10 27064]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys --> c:\windows\system32\drivers\RT2860.sys [?]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2011-12-11 19:39:48 -------- dc----w- c:\documents and settings\michelle\application data\Domain Name Analyzer v4.1
2011-12-11 19:39:40 -------- dc----w- c:\program files\Softnik Technologies
2011-12-10 15:38:09 -------- d-sh--w- C:\found.001
2011-12-09 04:28:11 -------- dc----w- C:\EVENTDB
2011-12-09 04:28:01 -------- dc----w- C:\REPORTS
2011-12-09 04:28:01 -------- dc----w- C:\LOGFILES
2011-12-09 04:28:01 -------- dc----w- C:\INFECTED
2011-12-09 01:39:48 -------- dc----w- c:\program files\OverDrive Media Console
2011-12-05 23:43:04 -------- dc----w- c:\program files\Cisco Systems
2011-12-05 23:13:32 -------- dc----w- c:\documents and settings\all users\application data\Cisco Systems
2011-11-25 02:38:28 -------- dc----w- c:\program files\Chit Chat For Facebook
2011-11-25 02:38:28 -------- dc----w- c:\documents and settings\all users\application data\Chit Chat For Facebook
.
==================== Find3M ====================
.
2011-12-15 19:24:26 83360 -c--a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-12-15 19:24:25 52096 -c--a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2011-12-15 19:24:24 87424 -c--a-w- c:\windows\system32\LMIinit.dll
2011-12-15 19:24:24 30592 -c--a-w- c:\windows\system32\LMIport.dll
2011-11-23 13:25:32 1859584 -c--a-w- c:\windows\system32\win32k.sys
2011-11-15 01:21:32 414368 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-07 16:52:52 4734 -c--a-w- c:\windows\system32\PerfStringBackup.TMP
2011-11-04 19:20:51 916992 -c--a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 -c--a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 -c----w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 -c--a-w- c:\windows\system32\html.iec
2011-11-01 16:07:10 1288704 -c--a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 -c--a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 -c----w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 -c----w- c:\windows\system32\ntkrnlpa.exe
2011-10-19 21:56:50 74640 -c--a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-19 21:56:50 36000 -c--a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-18 11:13:22 186880 -c--a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22:41 692736 -c--a-w- c:\windows\system32\inetcomm.dll
2011-10-07 14:37:30 83360 -c--a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2011-10-07 14:37:27 87424 -c--a-w- c:\windows\system32\LMIinit.dll.000.bak
2011-10-03 11:06:03 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-10-03 08:37:52 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06:50 599040 -c--a-w- c:\windows\system32\crypt32.dll
2011-09-26 16:41:20 611328 -c--a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 16:41:20 220160 -c--a-w- c:\windows\system32\oleacc.dll
2011-09-26 16:41:14 20480 -c--a-w- c:\windows\system32\oleaccrc.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
c:\windows\system32\drivers\nvata.sys NVIDIA Corporation NVIDIA nForce(TM) IDE Driver
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8B120AB8]
3 CLASSPNP[0xBA108FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000072[0x8B121AC0]
5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000071[0x8B120030]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
.
============= FINISH: 19:38:24.71 ===============

ep2002 · 21-Dec-2011, 11:28 PM #5

Here is the attach file

ep2002 · 21-Dec-2011, 11:31 PM #6

Ok, first the GMER software hung the computer so I had to reboot.

The 2nd time it worked, BUT it took around 1.5 hours give or take, to run thru C drive. Is that normal?

Thanks everyone & have a lovely night

Michelle

----------------------------------
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-12-21 21:59:03
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\00000073 ST3500418AS rev.CC38
Running: 8f0c5e3u.exe; Driver: C:\DOCUME~1\Michelle\LOCALS~1\Temp\awndyfow.sys

---- System - GMER 1.0.15 ----

SSDT BA7EE8B4 ZwClose
SSDT BA7EE86E ZwCreateKey
SSDT BA7EE8BE ZwCreateSection
SSDT BA7EE864 ZwCreateThread
SSDT BA7EE873 ZwDeleteKey
SSDT BA7EE87D ZwDeleteValueKey
SSDT BA7EE8AF ZwDuplicateObject
SSDT BA7EE882 ZwLoadKey
SSDT BA7EE850 ZwOpenProcess
SSDT BA7EE855 ZwOpenThread
SSDT BA7EE8D7 ZwQueryValueKey
SSDT BA7EE88C ZwReplaceKey
SSDT BA7EE8C8 ZwRequestWaitReplyPort
SSDT BA7EE887 ZwRestoreKey
SSDT BA7EE8C3 ZwSetContextThread
SSDT BA7EE8CD ZwSetSecurityObject
SSDT BA7EE878 ZwSetValueKey
SSDT BA7EE8D2 ZwSystemDebugControl
SSDT BA7EE85F ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2C48 805044E4 4 Bytes CALL D1CEFF67
.text ntkrnlpa.exe!ZwCallbackReturn + 2C88 80504524 4 Bytes [6E, E8, 7E, BA]
.text ntkrnlpa.exe!ZwCallbackReturn + 2CAC 80504548 4 Bytes CALL D09EFFCB
.text ntkrnlpa.exe!ZwCallbackReturn + 2CB8 80504554 4 Bytes CALL EFBEFFD7
.text ntkrnlpa.exe!ZwCallbackReturn + 2CE0 8050457C 4 Bytes CALL D2DAFFFF
.text ...
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB85B6000, 0x1C5DC8, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Thunderbird\thunderbird.exe[4296] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 0040142F C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Thunderbird/Mozilla Messaging)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

ep2002 · 22-Dec-2011, 09:20 PM #7

Ok, update...

Someone who is a software person more than a hardware person came over today to install the new video card.

It wouldn't work

I got those 3 beeps that were causing problems a month or two ago.

He took out the stupid wireless card that never worked, so that's good, but I just paid $50 for that video card & it won't work in my computer (HELP).

He thinks it's the MB <sigh> I can't afford a new MB right now & I don't even have anyone I can trust to put it in even if I could afford it.

He tried to redo the drivers for the sound card (realteck), but that didn't solve the speaker issue.

Oh gawd, I'm really getting scared now. We almost couldn't get the computer back once he put the old video card back in. I had to pray to my baby that she stay with me.

Michelle

ep2002 · 27-Dec-2011, 03:01 AM #8

I know it's the holidays so I'm waiting patiently.

Pls. help.

The speakers are suddenly working thank gawd.

Everything else is the same.

Thank you

Michelle

**eddie5659** · 01-Jan-2012, 12:21 PM #9

Hiya

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Download and scan with SUPERAntiSpyware Free for Home Users

Double-click SUPERAntiSpyware.exe and use the default settings for installation.
An icon will be created on your desktop. Double-click that icon to launch the program.
If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
Under "Configuration and Preferences", click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked (leave all others unchecked):
- Close browsers before scanning.
- Scan for tracking cookies.
- Terminate memory threats before quarantining.
Click the "Close" button to leave the control center screen.
Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
On the left, make sure you check C:\Fixed Drive.
On the right, under "Complete Scan", choose Perform Complete Scan.
Click "Next" to start the scan. Please be patient while it scans your computer.
After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
Make sure everything has a checkmark next to it and click "Next".
A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
If asked if you want to reboot, click "Yes".
To retrieve the removal information after reboot, launch SUPERAntispyware again.
- Click Preferences, then click the Statistics/Logs tab.
- Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
- If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
- Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Please include the MBAM log and, SUPERAntiSpyware Scan Log and a fresh HijackThis log in your next reply

eddie

ep2002 · 01-Jan-2012, 02:39 PM **#10**

Umm, I already have the paid version of MBAM on my computer, so I'm not sure why you awnat to me to add it again.

As for Super Anti spyware, I had the paid version for the longest time & it recently experienced. I was told not to h ave both on my computer, so I am not renewing it.

Michelle

**eddie5659** · 01-Jan-2012, 03:06 PM **#11**

Okay, as you have the paid version of MBAM, can you update it and run a full system scan

Also, can you do the following:

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

eddie

ep2002 · 01-Jan-2012, 11:05 PM **#12**

Hi,

Not sure what happened, but no "extra" notepad opened, so all I have is the other one.

OTL logfile created on: 1/1/2012 7:10:40 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.65 Gb Available Physical Memory | 75.65% Memory free
6.34 Gb Paging File | 5.35 Gb Available in Paging File | 84.35% Paging File free
Paging file location(s): C:\pagefile.sys 3072 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 147.72 Gb Total Space | 114.70 Gb Free Space | 77.65% Space Free | Partition Type: NTFS
Drive D: | 142.83 Gb Total Space | 130.83 Gb Free Space | 91.60% Space Free | Partition Type: NTFS
Drive E: | 175.22 Gb Total Space | 147.80 Gb Free Space | 84.36% Space Free | Partition Type: NTFS

Computer Name: EXOTIC-3C629299 | User Name: Michelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/01 18:50:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL(1).exe
PRC - [2011/12/15 13:24:36 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\ramaint.exe
PRC - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/11/21 23:33:42 | 003,788,288 | ---- | M] (Athena IT Limited) -- C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
PRC - [2011/11/14 16:24:33 | 000,399,512 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2011/10/19 15:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/10/19 15:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/08/31 16:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) -- C:\Program Files\CrashPlan\CrashPlanService.exe
PRC - [2011/06/29 03:21:40 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Program Files\CrashPlan\CrashPlanTray.exe
PRC - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
PRC - [2011/03/21 10:17:44 | 000,196,928 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
PRC - [2011/03/07 10:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
PRC - [2011/02/23 15:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2011/02/02 17:37:22 | 000,500,992 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe
PRC - [2011/02/02 17:37:18 | 000,038,144 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe
PRC - [2010/11/08 11:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LogMeIn.exe
PRC - [2010/10/27 17:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/05/31 09:31:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010/03/18 09:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/02/09 15:43:16 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe
PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/31 12:01:38 | 000,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/14 16:24:35 | 001,988,760 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2011/11/14 16:24:35 | 000,161,944 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2011/11/14 16:24:35 | 000,021,656 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2011/10/19 15:56:38 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/10/15 15:23:47 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839ab be7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/04/13 23:19:48 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2011/04/13 23:19:48 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2011/04/13 23:19:48 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2011/04/13 23:19:48 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2011/04/13 23:19:48 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2011/04/13 23:19:48 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2011/04/13 23:19:48 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2011/04/13 23:19:48 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2011/04/13 23:19:48 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2011/04/13 23:19:48 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2011/04/13 23:19:48 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2011/04/13 23:19:47 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2011/04/13 23:19:47 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2011/04/13 23:19:47 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2011/04/13 23:19:46 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2011/04/13 23:19:46 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2011/04/13 23:19:46 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2011/04/13 23:19:46 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2011/04/13 23:19:46 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2011/04/13 23:19:46 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2011/04/13 23:19:45 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2011/04/13 23:19:45 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2011/04/13 23:19:45 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2011/04/13 23:19:45 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2011/04/13 23:19:45 | 000,234,496 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2011/04/13 23:19:44 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2011/04/13 23:19:44 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2011/04/13 23:19:44 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2011/04/13 23:19:44 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2011/04/13 23:19:44 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2011/04/13 23:19:43 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2011/04/13 23:19:42 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2011/04/13 23:19:42 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2011/04/13 23:19:41 | 000,078,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2011/02/02 17:38:46 | 001,049,856 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCTH.dll
MOD - [2011/02/02 17:38:28 | 000,369,920 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCABEx.dll
MOD - [2011/02/02 17:31:32 | 001,548,288 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\Characters\RCSPSkSPVista.dll
MOD - [2010/05/05 10:21:58 | 000,126,976 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\NetFixDll.dll
MOD - [2010/02/16 12:57:38 | 000,301,568 | ---- | M] () -- C:\Program Files\ChitChat Toolbar\tbhelper.dll
MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/02/28 06:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
MOD - [2003/02/16 11:06:44 | 000,122,880 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\tcdbtext.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [1291058205] [Auto | Stopped] -- -- (bomgar-scc-1291058205)
SRV - File not found [Auto | Stopped] -- -- (AviraUpgradeService)
SRV - [2011/12/15 13:24:36 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Notes\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2011/03/21 10:17:44 | 000,196,928 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe -- (NitroDriverReadSpool)
SRV - [2010/11/08 11:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Notes\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/03/18 09:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/08/26 12:40:16 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)

========== Driver Services (SafeList) ==========

DRV - [2011/12/15 13:24:26 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/12/09 04:58:16 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/10/19 15:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/19 15:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/08/31 16:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/07/25 02:56:58 | 000,049,208 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stdriver32.sys -- (stdriver)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/31 09:31:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- D:\Notes\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/05/31 09:31:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2009/12/30 10:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/11/02 21:06:12 | 000,011,520 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb) Brother Serial USB Driver(WDM)
DRV - [2009/11/02 21:06:11 | 000,071,424 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb) Brother Serial Interface Driver(WDM)
DRV - [2009/03/04 01:49:58 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/07/24 00:55:23 | 000,007,296 | --S- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.SYS -- (EIO)
DRV - [2008/02/27 11:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/01/23 15:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
DRV - [2007/11/09 02:14:09 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2006/11/15 22:34:40 | 004,225,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/04/24 15:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/02/17 09:28:32 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/02/17 09:28:30 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/11/24 17:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2004/07/20 12:19:16 | 000,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2004/07/06 17:56:26 | 000,044,544 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D.sys -- (Video3D)
DRV - [2003/11/30 20:54:20 | 000,043,136 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2003/09/25 20:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 95 A5 63 2D 6B CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\ChitChat Toolbar\tbhelper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.exoticpublishing.com/adminDB/freelancers_maintenance.php|http://exoticpublishing.hyperoffice.com/|https://www.mcssl.com/Netcart/login/login.asp?pr=6|https://www.secure-ebook.com/login.jsp?myAction=login|http://www.mimeo.com/|http://www.fiverr.com/|http://www.odesk.com|http://66.7.214.224/cpanel/"
FF - prefs.js..extensions.enabledItems: areadecoder@kevski:1.0.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: smartbookmarksbar@remy.juteau:1.4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.72.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.autoconfig_url: "http://proxy.uconn.edu:3000/proxy.pac"
FF - prefs.js..network.proxy.http: "http://proxy.uconn.edu:3000/proxy.pac"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/09 14:28:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/03 22:30:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/16 23:36:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions
[2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/12/30 02:00:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions
[2011/08/24 19:36:44 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/04/27 15:01:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/17 10:25:22 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011/09/05 11:16:07 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/05/28 14:52:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}-trash
[2011/10/20 21:52:19 | 000,000,000 | ---D | M] (PRFrame) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{67119310-420c-11df-9879-0800200c9a66}
[2009/12/17 16:02:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}-trash
[2010/08/29 12:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}-trash
[2011/10/04 01:33:43 | 000,000,000 | ---D | M] (Page Speed) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2011/04/20 12:37:07 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2011/01/12 22:30:07 | 000,000,000 | ---D | M] (Area deCoder) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\areadecoder@kevsk i
[2010/09/11 17:43:40 | 000,000,000 | ---D | M] (NewsBasis) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\platosforms@plato sforms.com
[2011/01/12 22:30:07 | 000,000,000 | ---D | M] ("Show Parent Folder") -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\showParentFolder@ alice
[2011/11/17 22:45:06 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\support@lastpass. com
[2011/11/25 20:38:03 | 000,000,000 | ---D | M] (WASP) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\wasp@immeria.net
[2010/05/28 14:52:59 | 000,000,000 | ---D | M] (Xsticky-Tool) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\Xsticky-StickyNotes@xsticky.com
[2011/11/10 20:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/10 20:42:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{3474C305-9DAD-11D8-9207-00055D74C2E4}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{B442F4C0-C292-4998-AABE-48608A73BA75}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\AMZNUWL2@AMAZON.C OM.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\COMPATIBILITY@ADD ONS.MOZILLA.ORG.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\IZER@CAMELCAMELCA MEL.COM.XPI
[2011/11/09 14:28:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/10 19:56:39 | 000,583,528 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInst11.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/30 10:01:44 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/09 14:28:30 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google

rigi nalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:ins tantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: NPLastPass (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.75.9_0\nplastpas s.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: iLinc Communications Netscape/Mozilla Install Plugin v 11.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCltInst11.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: LastPass = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.80.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2010/11/19 00:50:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\ChitChat Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (ChitChat Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\ChitChat Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (ChitChat Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\ChitChat Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [LogMeIn GUI] D:\Notes\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [rmtemp] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Chit Chat for Facebook] C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe (Athena IT Limited)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Personal Assistant] C:\Program Files\Shelltoys\Personal Assistant\assistant.exe ()
O4 - HKCU..\Run: [RCHotKey] C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe (RingCentral, Inc.)
O4 - HKCU..\Run: [RCUI] C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe (RingCentral, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to &Evernote - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
O15 - HKCU\..Trusted Domains: exoticpublishing.com ([]https in Trusted sites)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} http://service.ringcentral.com/Activ...age_Player.cab (RingCentral Message Player Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/s...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://linksyssupport.webex.com/cli...rt/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll (PCPitstop Exam)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/...nAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.15.12.5 8.5.244.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E4F7C4-7DC6-489A-9574-0FF705F312F3}: DhcpNameServer = 8.15.12.5 8.5.244.6
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\intu-res {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - C:\Program Files\Common Files\Intuit\intu-res.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/23 20:31:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/22 15:25:42 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/12/11 13:39:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle\Application Data\Domain Name Analyzer v4.1
[2011/12/11 13:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Softnik Technologies
[2011/12/11 13:39:40 | 000,000,000 | ---D | C] -- C:\Program Files\Softnik Technologies
[2011/12/10 09:38:09 | 000,000,000 | -HSD | C] -- C:\found.001
[2011/12/08 22:28:11 | 000,000,000 | ---D | C] -- C:\EVENTDB
[2011/12/08 22:28:01 | 000,000,000 | ---D | C] -- C:\REPORTS
[2011/12/08 22:28:01 | 000,000,000 | ---D | C] -- C:\LOGFILES
[2011/12/08 22:28:01 | 000,000,000 | ---D | C] -- C:\INFECTED
[2011/12/08 19:39:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OverDrive Media Console
[2011/12/08 19:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\OverDrive Media Console
[2011/12/05 17:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco Systems
[2011/12/05 17:13:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/01 19:22:14 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003UA.job
[2012/01/01 19:22:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job
[2012/01/01 18:51:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/01 18:51:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/01 01:22:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003Core.job
[2011/12/31 02:33:00 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\SDMsgUpdate (TE).job
[2011/12/30 11:14:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/30 11:13:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/27 11:52:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/21 02:30:32 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/12/21 02:27:17 | 000,741,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/20 22:10:38 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/12/16 11:52:43 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/12/15 13:24:26 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2011/12/15 13:24:24 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2011/12/15 13:24:24 | 000,030,592 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2011/12/11 13:39:41 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\Michelle\Desktop\Domain Name Analyzer v4.lnk
[2011/12/09 04:58:16 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/12/08 19:39:51 | 000,001,888 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OverDrive Media Console.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/22 15:26:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/12/11 13:39:41 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\Michelle\Desktop\Domain Name Analyzer v4.lnk
[2011/12/08 19:39:51 | 000,001,888 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OverDrive Media Console.lnk
[2011/12/05 17:43:13 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Cisco Connect.lnk
[2011/11/10 16:51:02 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\ccff.isl
[2011/05/06 12:19:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys
[2011/02/22 18:18:25 | 000,000,242 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2011/02/22 18:18:25 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2011/02/22 18:17:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF10B.DAT
[2011/02/22 18:16:51 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2011/02/22 18:16:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2011/01/03 13:49:39 | 000,166,704 | ---- | C] () -- C:\WINDOWS\System32\R0tiff.dll
[2010/09/25 19:43:50 | 000,364,128 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/02 10:12:21 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/08/02 09:52:52 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\bd7030.dat
[2010/08/02 09:52:31 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2010/07/28 12:48:27 | 000,112,922 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2010/07/28 12:48:27 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2010/06/15 15:00:33 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat.temp
[2009/12/25 09:24:58 | 000,000,036 | ---- | C] () -- C:\WINDOWS\AEBFONT.INI
[2009/12/11 21:55:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/11/30 01:11:00 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/11/24 23:23:36 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2009/11/20 01:07:44 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/11/20 01:07:44 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/11/20 01:07:44 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009/11/20 01:07:44 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/11/20 01:07:44 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/10/20 22:00:02 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2009/10/20 22:00:00 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2009/10/20 21:59:14 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2009/09/16 17:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2009/06/08 21:32:27 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\$_hpcst$.hpc
[2009/05/17 16:27:09 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/03/03 22:58:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/03/03 22:58:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/01/26 12:55:36 | 000,182,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/01/22 23:23:45 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\ssp1ml3.dll
[2008/08/03 22:38:23 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Michelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/25 14:36:29 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\Acrobat.dll
[2008/07/24 14:51:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/07/24 01:43:18 | 000,479,232 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2008/07/24 01:16:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008/07/24 01:06:45 | 000,000,047 | ---- | C] () -- C:\WINDOWS\winhlp32.ini
[2008/07/24 01:05:15 | 000,017,552 | ---- | C] () -- C:\WINDOWS\System32\TTYTWIN.DRV
[2008/07/24 01:04:55 | 000,117,760 | ---- | C] () -- C:\WINDOWS\System32\NCSPI8EN.DLL
[2008/07/24 01:04:46 | 000,022,480 | ---- | C] () -- C:\WINDOWS\System32\PFMAPI16.DLL
[2008/07/24 01:04:46 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\PFMAPI32.DLL
[2008/07/24 00:53:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\ATKCheckDispIDs.dll
[2008/07/24 00:53:47 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2008/07/24 00:53:47 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2008/07/24 00:45:02 | 000,001,191 | ---- | C] () -- C:\WINDOWS\WTAPI.INI
[2008/07/24 00:41:32 | 000,016,384 | ---- | C] () -- C:\WINDOWS\hpu.dll
[2008/07/23 22:52:34 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/07/23 21:22:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/07/23 21:16:45 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/07/23 20:40:47 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/07/23 20:33:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/07/23 20:29:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/07/23 16:03:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/07/23 16:02:01 | 000,741,424 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/02/28 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 06:00:00 | 000,436,002 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 06:00:00 | 000,068,706 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/10/11 09:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL
[2003/01/07 13:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 13:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1998/08/31 08:40:10 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\vbcrc.dll

========== LOP Check ==========

[2010/02/03 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2011/12/30 13:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chit Chat For Facebook
[2011/12/05 17:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2009/08/26 12:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2011/10/04 14:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrashPlan
[2008/09/26 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.4 Output
[2010/10/05 11:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2008/07/28 21:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP
[2009/08/12 12:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2012/01/01 11:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/07/30 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maestro
[2011/11/16 23:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2010/08/01 02:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/09/06 16:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2009/02/21 12:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2008/08/02 01:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2011/10/27 04:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RingCentral
[2009/06/14 16:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2008/07/24 01:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/07/08 21:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/04/13 22:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{A2A58654-12AA-408A-B411-58A76959BE7F}
[2010/08/20 08:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\acccore
[2010/08/29 12:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Auslogics
[2009/11/24 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CBS Interactive
[2008/07/24 02:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/10/04 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CrashPlan
[2011/12/11 16:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Domain Name Analyzer v4.1
[2011/09/06 16:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Downloaded Installations
[2009/07/17 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eBookPro6
[2008/09/26 22:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eFax Messenger
[2008/12/24 14:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eMusic
[2010/04/29 19:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\GARMIN
[2008/09/27 18:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ICQ
[2009/11/11 18:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Image Zone Express
[2011/01/03 17:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ImgBurn
[2008/09/26 22:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\j2 Global
[2011/11/29 15:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\mjusbsp
[2010/08/01 02:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\NCH Swift Sound
[2008/08/07 16:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nexon
[2011/09/06 17:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nitro PDF
[2010/10/06 12:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OpenCandy
[2010/09/01 16:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Password Manager
[2010/07/28 12:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Recordpad
[2011/04/28 01:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Skinux
[2010/04/27 14:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\SmartDraw
[2011/12/08 20:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TeamViewer
[2010/03/07 07:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Thunderbird
[2011/11/10 16:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Toolbar4
[2011/10/07 23:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/08/04 02:57:01 | 000,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\expressripShakeIcon.job
[2011/12/31 02:33:00 | 000,000,470 | ---- | M] () -- C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
[2010/08/04 02:57:01 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\soundtapShakeIcon.job
[2010/07/31 23:56:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
[2012/01/01 19:22:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job
[2010/08/04 02:56:04 | 000,000,288 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job

========== Purity Check ==========

< End of report >

As for MBAM, there seems to be a problem with it, so I have to see if support got back to me on what to do.

It should already be up-to-date, it's on automatic.

Thanks

Michelle

ep2002 · 02-Jan-2012, 01:07 AM **#13**

They had me uninstall & reinstall & now my key isn't working. I have to wait until Tues. to get an answer from that other company if somehow the key changed.

Here's the log...

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.01.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Michelle :: EXOTIC-3C629299 [administrator]

Protection: Enabled

1/1/2012 11:30:06 PM
mbam-log-2012-01-01 (23-30-06).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 345987
Time elapsed: 1 hour(s), 35 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Files Detected: 0
(No malicious items detected)

(end)

**eddie5659** · 02-Jan-2012, 12:42 PM **#14**

For the Extra's log for OTL, is it not in the same place where OTL is run from, ie D:\Downloads?

If not, its okay, as we'll run a different tool to get that part

Do you know what these are? If you do, that's okay:

C:\WINDOWS\Tasks\expressripShakeIcon.job
C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
C:\WINDOWS\Tasks\soundtapShakeIcon.job
C:\WINDOWS\Tasks\switchShakeIcon.job
C:\WINDOWS\Tasks\wavepadShakeIcon.job

--------

Update Java as its out of date:

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Now, go here and download the latest Java Version.

-----

Can you do this for me next:

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

Double-click SystemLook.exe to run it.

Copy the content of the following codebox into the main textfield:

Code:

:file
C:\Program Files\ChitChat Toolbar\tbcore3.dll
C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
C:\WINDOWS\System32\drivers\WLNdis50.sys
:reg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} /sub
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{338B4DFE-2E2C-4338-9E41-E176D497299E} /sub
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D} /sub

Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found at on your Desktop entitled SystemLook.txt

-------

Then, can you run this tool:

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! As you download it rename it to username123.exe and save it to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
- Remember to re-enable the protection again afterwards before connecting to the Internet.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

eddie

ep2002 · 02-Jan-2012, 02:48 PM **#15**

No, the only "extras" I found was from March. It's an old file. I'm going to delete it actually so there's no future confusion.

No clue what these are??? Are they on my computer?

C:\WINDOWS\Tasks\expressripShakeIcon.job
C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
C:\WINDOWS\Tasks\soundtapShakeIcon.job
C:\WINDOWS\Tasks\switchShakeIcon.job
C:\WINDOWS\Tasks\wavepadShakeIcon.job

==================
Ok, here's the log file for the removal of Java

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Mon Jan 02 13:43:20 2012

Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_11

Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_12

Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_13

Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_14

Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_15

Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_17

Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_19

Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_22

Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_24

Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_26

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Mon Jan 02 13:43:54 2012

------------------------------------

Finished reporting.

------------------System Look notepad--------------------
SystemLook 30.07.11 by jpshortstuff
Log created at 13:47 on 02/01/2012 by Michelle
Administrator - Elevation successful

========== file ==========

C:\Program Files\ChitChat Toolbar\tbcore3.dll - File found and opened.
MD5: C68C3397B0339DF5F0B36FAE64B38942
Created at 03:44 on 23/06/2011
Modified at 03:44 on 23/06/2011
Size: 2398720 bytes
Attributes: -----c-
FileDescription: IE Toolbar Engine
FileVersion: 4, 2, 0, 7
ProductVersion: 4, 2, 0, 7
OriginalFilename: tbcore3U.dll
InternalName: tbcore3U
ProductName: IE Toolbar
LegalCopyright: Copyright © 2001-2010. All rights reserved.

C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe - File found and opened.
MD5: 67A77933DF3C81047E905972AF990534
Created at 02:38 on 25/11/2011
Modified at 05:33 on 22/11/2011
Size: 3788288 bytes
Attributes: --a--c-
FileDescription: Chit Chat for Facebook
FileVersion: 1.4.5.4
ProductVersion: 1.4.5.4
OriginalFilename:
InternalName:
ProductName:
CompanyName: Athena IT Limited
LegalCopyright: Copyright 2011
Comments:

C:\WINDOWS\System32\drivers\WLNdis50.sys - File found and opened.
MD5: BB2C5A7A555B387B85481B8BDE5370D7
Created at 18:19 on 06/05/2011
Modified at 15:54 on 27/02/2008
Size: 20480 bytes
Attributes: --a--c-
FileDescription: WLAN NDIS 5.0 User Mode Control Driver
FileVersion: 1.0.0.50
ProductVersion: 1.0.0.50
OriginalFilename: WLNDIS50.SYS
InternalName: WLNDIS50.SYS
ProductName: Windows (R) DDK driver
CompanyName:
LegalCopyright: Copyright (C)
Comments:

========== reg ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
@="SMTTB2009"
"NoExplorer"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{338B4DFE-2E2C-4338-9E41-E176D497299E}]
(Unable to open key - key not found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D}]
"SystemComponent"= 0x0000000000 (0)
"Installer"="MSICD"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D}\Contains]
(No values found)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D}\Contains\Files]
"C:\WINDOWS\system32\RCMedia.dll"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D}\DownloadInformation]
"CODEBASE"="http://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab"
"INF"="C:\WINDOWS\Downloaded Program Files\RCMedia.inf"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D}\InstalledVersion]
@="1,4,0,31"
"LastModified"="Thu, 19 Aug 2010 08:58:15 GMT"

-= EOF =-

-----------------------------ComboFix

Why do you have to rename it?

Also it didn't ask me if I wanted to continue or give me any prompts, it just copied the secure point (I hope) & then started fixing.

Thank you

Ok, CF did stuff to the computer while I stepped away. It shut down Fx & I lost Yahoo & my ring central, thank gawd everything came back online when I clicked on it. I thought I lost my Internet & everything I had written in this post up until now.

Here's the log

ComboFix 12-01-02.01 - Michelle 01/02/2012 14:10:30.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.1446 [GMT -6:00]
Running from: d:\downloads\Username123.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Michelle\231.97]
c:\documents and settings\Michelle\Application Data\HPSU_48BitScanUpdate.log
c:\documents and settings\Michelle\Application Data\Toolbar4
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\affid.dat
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\basis.xml
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\13b7a417232703c4b27b193fba6e2cde
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\27c746d432b7a753a0af8d7c033b46fe
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\3b194b7303d1532b1f5d39dea9b3ec11
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\44567846e0387d6a62062ab4dbf9ae96
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\52b66d6979ef2abcea9a736d1b4dbc82
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\5d25dd004ed9512e16e1d76d6deb2a6c
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\622bce39c48e19cebc684ad479f30525
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\6edbc2eba99f3ac95a3e57b92dbd9418
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\757a20d7a75ae93435ac64a6095eab39
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\89c35566d3dfdce78572ff8c2a627ad2
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\92cca852350b3e48532151afdadcc5c5
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9840cd5f73490a37d4f3e47107ced675
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9956734e872eec3ea3e17f52e84dc6cc
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9d810aab3f7bcbacb07c241f8d726714
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9e43b23ad10de3e0eceb370efafb39ef
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\acfc834035dccfb94e7f9067f5d48a83
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\b801583e8861fc45946de3f28fe5bb04
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\bdcf0ed363b85538f740c9b718bf611c
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c48c9e27c16419ab995d48b077a802ff
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c594d37e13c887da6ddc9975fa9aae82
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c81d0870792eee856f1fa6c4f43ceeee
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\db97ecdde59727f50132d25b008ece4e
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\dcd16c0f4842bc19d648b261e3cf263d
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\icons.bmp
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\24c38a4b7ed33b16baefa8b8e3daf9f0
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\e31285dc114a51462284ab6f06d92dd8
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\fad0bb3b6dde19a843f661b9bec8e194
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\info.txt
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\install.ico
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbback.bmp
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbbigopen.bmp
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbclose.bmp
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbfwd.bmp
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbsep.bmp
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\nav1c.bmp
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\tbcore3.inf
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\TbHelper2.exe
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\uninstall.exe
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\UninstallToolbar.exe
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\update.exe
c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\version.txt
c:\documents and settings\Michelle\g2ax_customer_downloadhelper_win32_x86.exe
c:\documents and settings\Michelle\g2mdlhlpx.exe
c:\documents and settings\Michelle\WINDOWS
c:\program files\ChitChat Toolbar\tbHElper.dll
c:\windows\system32\Acrobat.dll
c:\windows\system32\IME\svchost.exe
c:\windows\system32\SET7C.tmp
c:\windows\system32\SET80.tmp
c:\windows\system32\SET81.tmp
c:\windows\system32\SET88.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-12-02 to 2012-01-02 )))))))))))))))))))))))))))))))
.
.
2012-01-02 19:46 . 2011-11-10 11:54 476904 -c--a-w- c:\program files\Mozilla Firefox\plugins\REN204.tmp
2012-01-02 05:25 . 2012-01-02 05:25 -------- dc----w- c:\documents and settings\Michelle\Application Data\Malwarebytes
2012-01-02 05:25 . 2012-01-02 05:25 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-01-02 05:25 . 2012-01-02 05:25 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-02 05:25 . 2011-12-10 21:24 20464 -c--a-w- c:\windows\system32\drivers\mbam.sys
2011-12-22 21:26 . 2006-08-02 05:02 49152 -c--a-w- c:\windows\system32\ChCfg.exe
2011-12-22 21:25 . 2006-05-17 08:04 2879488 -c--a-w- c:\windows\SkyTel.exe
2011-12-22 21:25 . 2011-12-22 21:25 -------- dc----w- c:\program files\Realtek
2011-12-22 21:25 . 2006-09-13 04:34 499712 -c--a-w- c:\windows\RtlExUpd.dll
2011-12-22 21:25 . 2006-02-07 21:45 757760 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2011-12-22 21:25 . 2006-02-07 21:40 204800 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2011-12-22 21:25 . 2006-02-07 21:40 69715 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2011-12-22 21:25 . 2006-02-07 21:40 274432 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2011-12-22 21:25 . 2005-11-14 05:19 5632 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2011-12-22 21:25 . 2011-12-22 21:25 331908 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2011-12-22 21:25 . 2011-12-22 21:25 200836 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2011-12-11 19:39 . 2011-12-11 22:57 -------- dc----w- c:\documents and settings\Michelle\Application Data\Domain Name Analyzer v4.1
2011-12-11 19:39 . 2011-12-11 19:39 -------- dc----w- c:\program files\Softnik Technologies
2011-12-10 15:38 . 2011-12-10 15:38 -------- d-----w- C:\found.001
2011-12-09 04:28 . 2011-12-10 04:01 -------- dc----w- C:\EVENTDB
2011-12-09 04:28 . 2011-12-09 10:59 -------- dc----w- C:\LOGFILES
2011-12-09 04:28 . 2011-12-09 05:55 -------- dc----w- C:\REPORTS
2011-12-09 04:28 . 2011-12-09 05:55 -------- dc----w- C:\INFECTED
2011-12-09 01:39 . 2011-12-09 01:39 -------- dc----w- c:\program files\OverDrive Media Console
2011-12-05 23:43 . 2011-12-05 23:43 -------- dc----w- c:\program files\Cisco Systems
2011-12-05 23:13 . 2011-12-05 23:13 -------- dc----w- c:\documents and settings\All Users\Application Data\Cisco Systems
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-15 19:24 . 2010-09-24 07:11 83360 -c--a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-12-15 19:24 . 2010-09-24 07:11 52096 -c--a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2011-12-15 19:24 . 2010-09-24 07:11 30592 -c--a-w- c:\windows\system32\LMIport.dll
2011-12-15 19:24 . 2010-09-24 07:11 87424 -c--a-w- c:\windows\system32\LMIinit.dll
2011-12-09 10:58 . 2011-10-29 15:05 134856 -c--a-w- c:\windows\system32\drivers\avipbb.sys
2011-11-23 13:25 . 2006-02-28 12:00 1859584 -c--a-w- c:\windows\system32\win32k.sys
2011-11-15 01:21 . 2011-05-26 16:10 414368 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-10 11:54 . 2010-11-19 07:32 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-11-10 09:27 . 2008-10-06 07:12 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2011-11-07 16:52 . 2011-11-07 16:52 4734 -c--a-w- c:\windows\system32\PerfStringBackup.TMP
2011-11-04 19:20 . 2006-02-28 12:00 916992 -c--a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2006-02-28 12:00 43520 -c--a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2006-02-28 12:00 1469440 -c----w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2006-02-28 12:00 385024 -c--a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2006-02-28 12:00 1288704 -c--a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2006-02-28 12:00 33280 -c--a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2006-02-28 12:00 2148864 -c----w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-03 22:59 2027008 -c----w- c:\windows\system32\ntkrnlpa.exe
2011-10-19 21:56 . 2011-10-29 15:05 74640 -c--a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-19 21:56 . 2011-10-29 15:05 36000 -c--a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-18 11:13 . 2006-02-28 12:00 186880 -c--a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2008-07-24 02:29 692736 -c--a-w- c:\windows\system32\inetcomm.dll
2011-10-07 14:37 . 2010-09-24 07:11 83360 -c--a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2011-10-07 14:37 . 2010-09-24 07:11 87424 -c--a-w- c:\windows\system32\LMIinit.dll.000.bak
2011-11-09 20:28 . 2011-06-25 00:57 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\ERDNT\cache\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[7] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[7] 2006-02-28 12:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
.
[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\ERDNT\cache\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[7] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2006-02-28 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
.
((((((((((((((((((((((((((((( SnapShot_2010-11-19_06.50.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-19 03:51 . 2011-04-19 03:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_4ddc769f\vcomp90.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_fda75712\vcomp90.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90rus.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90kor.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90jpn.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90ita.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90fra.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90esp.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90esn.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90enu.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90deu.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90cht.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161 _x-ww_730c3508\mfc90chs.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_22d7157b\mfc90kor.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 43840 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_22d7157b\mfc90jpn.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 56128 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_22d7157b\mfc90ita.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 57168 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_22d7157b\mfc90fra.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 56128 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_22d7157b\mfc90esp.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 56144 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_22d7157b\mfc90esn.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_22d7157b\mfc90enu.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 57664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_22d7157b\mfc90deu.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 38736 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_22d7157b\mfc90cht.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 38224 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_ x-ww_22d7157b\mfc90chs.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
+ 2009-07-12 03:54 . 2009-07-12 03:54 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_b256a1bb\mfcm90u.dll
+ 2009-07-12 03:54 . 2009-07-12 03:54 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_b256a1bb\mfcm90.dll
+ 2011-05-14 01:17 . 2011-05-14 01:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195 _x-ww_452bf920\vcomp.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195 _x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195 _x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195 _x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195 _x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195 _x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195 _x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195 _x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195 _x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-14 00:45 . 2011-05-14 00:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195 _x-ww_6a5bb789\mfc80CHS.dll
+ 2011-05-14 06:06 . 2011-05-14 06:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-14 06:23 . 2011-05-14 06:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
+ 2011-05-13 23:37 . 2011-05-13 23:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2011-04-14 05:12 . 2011-04-14 05:12 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
- 2010-07-28 18:51 . 2010-07-28 18:51 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2009-08-20 02:51 . 2009-08-20 02:51 73728 c:\windows\twain_32\BrSc09c\Common\BrStiIf.dll
+ 2008-07-09 04:16 . 2008-07-09 04:16 81920 c:\windows\twain_32\BrSc09c\Common\BrScnFlt.dll
+ 2009-08-20 02:51 . 2009-08-20 02:51 90112 c:\windows\twain_32\BrSc09c\Common\BrScnDev.dll
+ 2012-01-02 05:14 . 2012-01-02 05:14 16384 c:\windows\TEMP\Perflib_Perfdata_9fc.dat
+ 2012-01-02 19:46 . 2012-01-02 19:46 16384 c:\windows\TEMP\Perflib_Perfdata_1e3c.dat
+ 2011-06-11 06:58 . 2011-06-11 06:58 51024 c:\windows\system32\vcomp100.dll
+ 2011-05-28 23:08 . 1998-06-18 05:00 89360 c:\windows\system32\VB5DB.DLL
+ 2008-07-24 05:57 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
- 2008-07-24 05:57 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
+ 2011-09-06 22:57 . 2011-03-21 16:15 79168 c:\windows\system32\spool\drivers\w32x86\NitroUI.dll
+ 2011-09-06 22:57 . 2011-03-21 16:15 42304 c:\windows\system32\spool\drivers\w32x86\NitroGraphics.dll
+ 2010-09-24 07:11 . 2011-12-15 19:24 55168 c:\windows\system32\spool\drivers\w32x86\LMIprinterui.dll
+ 2010-09-24 07:11 . 2011-12-15 19:24 55168 c:\windows\system32\spool\drivers\w32x86\LMIprinterdat.dll
+ 2010-09-24 07:11 . 2011-12-15 19:24 43392 c:\windows\system32\spool\drivers\w32x86\LMIprinter.dll
+ 2011-02-23 00:17 . 2010-01-08 04:43 53760 c:\windows\system32\spool\drivers\w32x86\brothermfc_j615w89be\bril10b.dll
+ 2010-07-10 00:22 . 2010-10-11 21:39 52992 c:\windows\system32\spool\drivers\w32x86\3\RCPrnDrv.DLL
+ 2010-07-10 00:22 . 2010-10-11 21:39 33024 c:\windows\system32\spool\drivers\w32x86\3\RCLog.DLL
+ 2011-09-06 22:57 . 2011-03-21 16:15 79168 c:\windows\system32\spool\drivers\w32x86\3\NitroUI.dll
+ 2011-09-06 22:57 . 2011-03-21 16:15 42304 c:\windows\system32\spool\drivers\w32x86\3\NitroGraphics.dll
+ 2010-09-24 07:11 . 2011-12-15 19:24 55168 c:\windows\system32\spool\drivers\w32x86\3\LMIprinterui.dll
+ 2010-09-24 07:11 . 2011-12-15 19:24 55168 c:\windows\system32\spool\drivers\w32x86\3\LMIprinterdat.dll
+ 2010-09-24 07:11 . 2011-12-15 19:24 43392 c:\windows\system32\spool\drivers\w32x86\3\LMIprinter.dll
+ 2011-02-23 00:17 . 2010-01-08 04:43 53760 c:\windows\system32\spool\drivers\w32x86\3\bril10b.dll
+ 2010-07-10 00:22 . 2010-10-11 21:39 52992 c:\windows\system32\spool\drivers\w32x86\1\RCPrnDrv.DLL
+ 2010-07-10 00:22 . 2010-10-11 21:39 33024 c:\windows\system32\spool\drivers\w32x86\1\RCLog.DLL
+ 2011-12-22 21:25 . 2005-09-21 14:24 86016 c:\windows\system32\ReinstallBackups\0006\DriverFiles\SOUNDMAN.EXE
+ 2011-12-22 21:25 . 2008-04-14 00:12 23552 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\wdmaud.drv
+ 2011-12-22 21:25 . 2008-04-13 18:45 49408 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\stream.sys
+ 2011-12-22 21:25 . 2008-04-13 18:45 60160 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\drmk.sys
+ 2011-12-22 21:26 . 2005-05-03 22:43 69632 c:\windows\system32\ReinstallBackups\0006\DriverFiles\ALCMTR.EXE
+ 2007-02-08 05:40 . 2007-02-08 05:40 64512 c:\windows\system32\ptpitcp.dll
+ 2006-02-28 12:00 . 2011-11-07 16:52 68706 c:\windows\system32\perfc009.dat
+ 2006-02-28 12:00 . 2011-09-26 16:41 20480 c:\windows\system32\oleaccrc.dll
+ 2011-03-21 16:17 . 2011-03-21 16:17 68928 c:\windows\system32\NLSSRV32.EXE
+ 2011-09-06 22:57 . 2011-03-21 16:15 17728 c:\windows\system32\nitrolocalui.dll
+ 2011-09-06 22:57 . 2011-03-21 16:15 26432 c:\windows\system32\nitrolocalmon.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 66560 c:\windows\system32\mshtmled.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 66560 c:\windows\system32\mshtmled.dll
- 2007-08-13 22:54 . 2010-09-10 05:58 55296 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 22:54 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 81744 c:\windows\system32\mfcm100u.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 81744 c:\windows\system32\mfcm100.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 60752 c:\windows\system32\mfc100rus.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 43344 c:\windows\system32\mfc100kor.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 43856 c:\windows\system32\mfc100jpn.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 62288 c:\windows\system32\mfc100ita.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 64336 c:\windows\system32\mfc100fra.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 63824 c:\windows\system32\mfc100esn.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 55120 c:\windows\system32\mfc100enu.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 64336 c:\windows\system32\mfc100deu.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 36176 c:\windows\system32\mfc100cht.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 36176 c:\windows\system32\mfc100chs.dll
+ 2011-09-16 06:45 . 2007-04-09 17:23 28040 c:\windows\system32\mdimon.dll
- 2008-07-24 04:52 . 2007-04-09 17:23 28040 c:\windows\system32\mdimon.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 17744 c:\windows\system32\lfwpgu.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 68432 c:\windows\system32\lfjbgu.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 35152 c:\windows\system32\lfgifu.dll
+ 2010-07-10 00:22 . 2009-03-11 17:28 73728 c:\windows\system32\lffax13n.dll
- 2010-07-10 00:22 . 2009-03-11 16:28 73728 c:\windows\system32\lffax13n.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 26448 c:\windows\system32\lfepsu.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 30544 c:\windows\system32\lfbmpu.dll
- 2010-07-10 00:22 . 2009-03-11 16:28 30208 c:\windows\system32\lfbmp13n.dll
+ 2010-07-10 00:22 . 2009-03-11 17:28 30208 c:\windows\system32\lfbmp13n.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 25600 c:\windows\system32\jsproxy.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll
+ 2008-07-24 02:29 . 2010-11-18 18:12 81920 c:\windows\system32\isign32.dll
- 2008-07-24 02:29 . 2008-04-14 00:11 81920 c:\windows\system32\isign32.dll
+ 2011-01-03 19:49 . 2010-05-05 18:21 77712 c:\windows\system32\ICONLIB.dll
+ 2011-04-14 05:16 . 2007-06-06 13:25 40960 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\K PDLM.dll
+ 2011-04-14 05:16 . 2007-06-06 13:36 28672 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\K PDGPD.dll
+ 2011-04-14 05:16 . 2007-06-06 13:18 45056 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\K PDDynCC.DLL
+ 2011-02-23 00:17 . 2010-01-06 09:51 31051 c:\windows\system32\DRVSTORE\brpri10b_6EDA772B2903AB2A7EC33EFF6A4672C19A725 5E8\brprtink.dll
+ 2011-02-23 00:17 . 2010-01-08 04:43 17328 c:\windows\system32\DRVSTORE\brpri10b_6EDA772B2903AB2A7EC33EFF6A4672C19A725 5E8\bril10b.dll
+ 2011-02-23 00:17 . 2009-11-03 03:06 11520 c:\windows\system32\DRVSTORE\brpoi10b_D82372677EA608145D1247216F03684A9E107 41C\x86\BrUsbSib.sys
+ 2011-02-23 00:17 . 2009-11-03 03:06 71424 c:\windows\system32\DRVSTORE\brpoi10b_D82372677EA608145D1247216F03684A9E107 41C\x86\BrSerIb.sys
+ 2011-02-23 00:17 . 2009-08-18 10:36 27901 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\BrUsi09c.dll
+ 2011-02-23 00:17 . 2009-08-20 02:50 87430 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\BrTwdsUi.dll
+ 2011-02-23 00:17 . 2009-08-20 02:49 98460 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\BrTwds.dll
+ 2011-02-23 00:17 . 2009-08-20 03:51 48425 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\BrTwdLng.dll
+ 2011-02-23 00:17 . 2009-08-20 02:51 41679 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\BrStiIf.dll
+ 2011-02-23 00:17 . 2004-10-15 03:50 10713 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\BrScnUsb.sys
+ 2011-02-23 00:17 . 2008-07-09 04:16 48653 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\BrScnFlt.dll
+ 2011-02-23 00:17 . 2009-08-20 02:51 49296 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\BrScnDev.dll
+ 2011-05-06 18:19 . 2008-02-27 15:54 20480 c:\windows\system32\drivers\WLNdis50.sys
+ 2011-11-17 05:05 . 2008-04-13 20:45 60032 c:\windows\system32\drivers\USBAUDIO.sys
- 2004-08-03 23:08 . 2008-04-13 18:45 49408 c:\windows\system32\drivers\stream.sys
+ 2004-08-03 23:08 . 2008-04-13 20:45 49408 c:\windows\system32\drivers\stream.sys
+ 2008-07-24 07:45 . 2010-06-17 20:14 28520 c:\windows\system32\drivers\ssmdrv.sys
- 2008-07-24 07:45 . 2009-05-11 13:12 28520 c:\windows\system32\drivers\ssmdrv.sys
+ 2010-12-10 23:17 . 2009-12-30 16:20 27064 c:\windows\system32\drivers\revoflt.sys
+ 2006-02-28 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
+ 2006-02-28 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
- 2008-07-24 08:38 . 2008-04-13 18:45 60160 c:\windows\system32\drivers\drmk.sys
+ 2008-07-24 08:38 . 2008-04-13 20:45 60160 c:\windows\system32\drivers\drmk.sys
+ 2006-02-28 12:00 . 2008-05-02 10:49 62976 c:\windows\system32\drivers\cdrom.sys
- 2006-02-28 12:00 . 2008-04-13 18:40 62976 c:\windows\system32\drivers\cdrom.sys
+ 2011-02-23 00:17 . 2009-11-03 03:06 11520 c:\windows\system32\drivers\BrUsbSib.sys
+ 2011-02-23 00:17 . 2009-11-03 03:06 71424 c:\windows\system32\drivers\BrSerIb.sys
+ 2010-08-02 15:52 . 2004-10-15 03:50 15295 c:\windows\system32\drivers\BrScnUsb.sys
- 2010-08-02 15:52 . 2004-10-15 16:50 15295 c:\windows\system32\drivers\BrScnUsb.sys
+ 2006-02-28 12:00 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
- 2006-02-28 12:00 . 2008-04-14 00:11 45568 c:\windows\system32\dnsrslvr.dll
- 2009-06-12 18:56 . 2010-09-10 05:58 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-06-12 18:56 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2008-07-24 02:29 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
+ 2011-11-17 05:05 . 2008-04-13 20:45 60032 c:\windows\system32\dllcache\usbaudio.sys
- 2004-08-03 23:08 . 2008-04-13 18:45 49408 c:\windows\system32\dllcache\stream.sys
+ 2004-08-03 23:08 . 2008-04-13 20:45 49408 c:\windows\system32\dllcache\stream.sys
+ 2006-02-28 12:00 . 2011-09-26 16:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2006-02-28 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
+ 2006-02-28 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
+ 2006-02-28 12:00 . 2011-11-04 19:20 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2008-07-24 04:59 . 2010-09-10 05:58 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-07-24 04:59 . 2011-11-04 19:20 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2008-07-24 02:29 . 2008-04-14 00:11 81920 c:\windows\system32\dllcache\isign32.dll
+ 2008-07-24 02:29 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
+ 2008-07-24 08:38 . 2008-04-13 20:45 60160 c:\windows\system32\dllcache\drmk.sys
- 2008-07-24 08:38 . 2008-04-13 18:45 60160 c:\windows\system32\dllcache\drmk.sys
+ 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
- 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2009-12-14 07:08 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2006-02-28 12:00 . 2008-04-13 18:40 62976 c:\windows\system32\dllcache\cdrom.sys
+ 2006-02-28 12:00 . 2008-05-02 10:49 62976 c:\windows\system32\dllcache\cdrom.sys
+ 2008-07-24 02:35 . 2011-11-30 17:34 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-07-24 02:35 . 2008-07-24 08:36 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-24 02:35 . 2011-11-30 17:34 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-07-24 02:35 . 2008-07-24 08:36 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-11-19 04:10 . 2011-11-19 04:10 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2011-11-19 04:10 . 2011-11-30 17:34 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-08-18 10:36 . 2009-08-18 10:36 55808 c:\windows\system32\BrUsi09c.dll
+ 2011-02-23 00:17 . 2010-01-06 09:51 61440 c:\windows\system32\brprtink.dll
+ 2010-08-02 15:52 . 2007-12-14 03:16 73728 c:\windows\system32\BrDctF2.dll
+ 2011-02-23 00:17 . 2006-07-07 17:40 73728 c:\windows\system32\BRCrypt.dll
+ 2011-01-03 19:49 . 2010-05-05 18:21 25280 c:\windows\system32\bmfaxprn.drv
- 2005-09-21 14:24 . 2005-09-21 14:24 86016 c:\windows\SOUNDMAN.EXE
+ 2005-09-21 14:24 . 2006-07-22 06:14 86016 c:\windows\SoundMan.exe
+ 2011-08-17 16:13 . 2011-08-17 16:13 19968 c:\windows\Installer\45bd00cc.msi
+ 2011-10-15 23:46 . 2011-10-15 23:46 22016 c:\windows\Installer\23e56445.msi
+ 2011-10-08 05:06 . 2011-10-08 05:06 22528 c:\windows\Installer\1f93262.msi
+ 2011-10-08 05:06 . 2011-10-08 05:06 28160 c:\windows\Installer\1f93257.msi
+ 2011-04-14 05:16 . 2011-04-14 05:16 45056 c:\windows\Installer\{FCDB1C92-03C6-4C76-8625-371224256091}\PdockShortcut4.exe
+ 2011-04-09 02:17 . 2011-04-09 02:17 14534 c:\windows\Installer\{E13890DC-1654-47A7-9F28-1A397AA1CE2F}\SystemFolder_msiexec.exe
+ 2011-04-09 02:17 . 2011-04-09 02:17 25214 c:\windows\Installer\{E13890DC-1654-47A7-9F28-1A397AA1CE2F}\StudioTax.exe
+ 2011-04-09 02:17 . 2011-04-09 02:17 26950 c:\windows\Installer\{E13890DC-1654-47A7-9F28-1A397AA1CE2F}\Overview.exe
+ 2011-04-09 02:17 . 2011-04-09 02:17 26694 c:\windows\Installer\{E13890DC-1654-47A7-9F28-1A397AA1CE2F}\help_en.exe
+ 2011-04-09 02:17 . 2011-04-09 02:17 25214 c:\windows\Installer\{E13890DC-1654-47A7-9F28-1A397AA1CE2F}\controlPanelIcon.exe
+ 2011-12-09 01:39 . 2011-12-09 01:39 25214 c:\windows\Installer\{D647F06F-2908-487E-9CDA-DE52148CBF49}\_4ae13d6c.exe
+ 2011-12-09 01:39 . 2011-12-09 01:39 25214 c:\windows\Installer\{D647F06F-2908-487E-9CDA-DE52148CBF49}\_2cd672ae.exe
+ 2011-12-09 01:39 . 2011-12-09 01:39 25214 c:\windows\Installer\{D647F06F-2908-487E-9CDA-DE52148CBF49}\_294823.exe
+ 2011-12-09 01:39 . 2011-12-09 01:39 25214 c:\windows\Installer\{D647F06F-2908-487E-9CDA-DE52148CBF49}\_18be6784.exe
+ 2011-10-15 23:49 . 2011-10-15 23:49 65536 c:\windows\Installer\{CFCD2A80-EC16-11E0-A273-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-11-27 05:57 . 2010-11-27 05:57 11264 c:\windows\Installer\{98613C99-1399-416C-A07C-1EE1C585D872}\Icon98613C992.exe
+ 2011-12-21 08:32 . 2011-12-21 08:32 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2010-11-10 00:15 . 2010-11-10 00:15 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ARPPRODUCTICON.exe
+ 2011-04-14 05:13 . 2011-04-14 05:13 92854 c:\windows\Installer\{42938595-0D83-404D-9F73-F8177FDD531A}\EasyShareStartupShortcut10.exe
+ 2011-04-14 05:13 . 2011-04-14 05:13 92854 c:\windows\Installer\{42938595-0D83-404D-9F73-F8177FDD531A}\EasyShareStartMenu10_1.exe
+ 2011-04-14 05:13 . 2011-04-14 05:13 92854 c:\windows\Installer\{42938595-0D83-404D-9F73-F8177FDD531A}\EasyShareDesktopShortcut10.exe
+ 2010-09-23 08:47 . 2010-09-23 08:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\reader_sl.exe
+ 2010-09-23 07:03 . 2010-09-23 07:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\eula.exe
+ 2010-09-21 03:07 . 2010-09-21 03:07 70584 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\adobeextractfiles.dll
+ 2010-09-23 06:52 . 2010-09-23 06:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\acrotextextractor.exe
+ 2010-09-22 22:12 . 2010-09-22 22:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\AcroRd32Info.exe
+ 2011-12-21 04:10 . 2011-08-22 23:48 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 12800 c:\windows\ie8updates\KB2586448-IE8\xpshims.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 66560 c:\windows\ie8updates\KB2586448-IE8\mshtmled.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 55296 c:\windows\ie8updates\KB2586448-IE8\msfeedsbs.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 43520 c:\windows\ie8updates\KB2586448-IE8\licmgr10.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 25600 c:\windows\ie8updates\KB2586448-IE8\jsproxy.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 12800 c:\windows\ie8updates\KB2530548-IE8\xpshims.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 66560 c:\windows\ie8updates\KB2530548-IE8\mshtmled.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 55296 c:\windows\ie8updates\KB2530548-IE8\msfeedsbs.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 43520 c:\windows\ie8updates\KB2530548-IE8\licmgr10.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 25600 c:\windows\ie8updates\KB2530548-IE8\jsproxy.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 12800 c:\windows\ie8updates\KB2497640-IE8\xpshims.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 66560 c:\windows\ie8updates\KB2497640-IE8\mshtmled.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 55296 c:\windows\ie8updates\KB2497640-IE8\msfeedsbs.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 43520 c:\windows\ie8updates\KB2497640-IE8\licmgr10.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 25600 c:\windows\ie8updates\KB2497640-IE8\jsproxy.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 12800 c:\windows\ie8updates\KB2416400-IE8\xpshims.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 66560 c:\windows\ie8updates\KB2416400-IE8\mshtmled.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 55296 c:\windows\ie8updates\KB2416400-IE8\msfeedsbs.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 43520 c:\windows\ie8updates\KB2416400-IE8\licmgr10.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 25600 c:\windows\ie8updates\KB2416400-IE8\jsproxy.dll
+ 2011-04-14 05:12 . 2008-05-02 10:49 62976 c:\windows\Driver Cache\i386\cdrom.sys
+ 2011-12-05 22:05 . 2011-12-05 22:05 49152 c:\windows\Downloaded Program Files\WebEx\932\wbxtrace.dll
+ 2011-12-05 22:06 . 2011-12-05 22:06 70144 c:\windows\Downloaded Program Files\WebEx\932\wbxscutil.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 65536 c:\windows\Downloaded Program Files\WebEx\932\wbxcrypt.dll
+ 2011-12-05 22:06 . 2011-12-05 22:06 79160 c:\windows\Downloaded Program Files\WebEx\932\safereboot.exe
+ 2011-12-05 22:06 . 2011-12-05 22:06 27448 c:\windows\Downloaded Program Files\WebEx\932\atscjoin.exe
+ 2011-12-05 22:06 . 2011-12-05 22:06 48201 c:\windows\Downloaded Program Files\WebEx\932\atpack.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 24576 c:\windows\Downloaded Program Files\WebEx\932\atmemmgr.dll
+ 2011-12-05 22:06 . 2011-12-05 22:06 81408 c:\windows\Downloaded Program Files\WebEx\932\atjpeg60.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 53248 c:\windows\Downloaded Program Files\WebEx\932\atcarmcl.dll
+ 2011-12-05 22:06 . 2011-12-05 22:06 32648 c:\windows\Downloaded Program Files\WebEx\932\atasanot.exe
+ 2011-12-05 22:06 . 2011-12-05 22:06 95822 c:\windows\Downloaded Program Files\WebEx\932\atas32_lite.dll
+ 2011-12-05 22:06 . 2011-12-05 22:06 11576 c:\windows\Downloaded Program Files\WebEx\932\advlimit.exe
+ 2010-01-23 07:04 . 2010-01-23 07:04 99208 c:\windows\Downloaded Program Files\ieatgpc.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 28472 c:\windows\Downloaded Program Files\atgpcdec.dll
+ 2011-07-07 05:35 . 2011-07-07 05:35 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c3 0d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683 674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4 d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll
+ 2011-07-07 05:35 . 2011-07-07 05:35 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a 555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
+ 2011-07-07 05:34 . 2011-07-07 05:34 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7 562286406a\dfsvc.ni.exe
+ 2011-10-15 22:08 . 2011-10-15 22:08 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e 3c1ee88ece\dfsvc.ni.exe
+ 2011-07-07 05:33 . 2011-07-07 05:33 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd 75fd92a4d12ffac8af\Accessibility.ni.dll
+ 2011-10-15 22:07 . 2011-10-15 22:07 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90f f12d0df9d7726f3ece\Accessibility.ni.dll
+ 2011-04-14 05:13 . 2011-04-14 05:13 86016 c:\windows\assembly\GAC_MSIL\VirtualCollectionBase-Defs-PlatReq\1.0.7323.4563__b0cfd8589c27b05f\VirtualCollectionBase-Defs-PlatReq.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7 f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7 f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3 a\System.Drawing.Design.dll
- 2010-10-04 16:40 . 2010-10-04 16:40 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3 a\System.Drawing.Design.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f 11d50a3a\System.Configuration.Install.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f 11d50a3a\System.Configuration.Install.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Micros oft.Vsa.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Micros oft.Vsa.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03 f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03 f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d 50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d 50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d 50a3a\Microsoft.Build.Utilities.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d 50a3a\Microsoft.Build.Utilities.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d 50a3a\Microsoft.Build.Framework.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d 50a3a\Microsoft.Build.Framework.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd. dll
- 2010-10-04 16:41 . 2010-10-04 16:41 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd. dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Access ibility.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Access ibility.dll
+ 2011-04-14 05:13 . 2011-04-14 05:13 38400 c:\windows\assembly\GAC_32\PeopleRecognition-Defs-PlatReq\1.1.7323.4563__b0cfd8589c27b05f\PeopleRecognition-Defs-PlatReq.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrappe r.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrappe r.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\Custo mMarshalers.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\Custo mMarshalers.dll
+ 2005-05-03 22:43 . 2005-05-04 08:43 69632 c:\windows\Alcmtr.exe
- 2005-05-03 22:43 . 2005-05-03 22:43 69632 c:\windows\ALCMTR.EXE
+ 2011-08-28 00:16 . 2010-11-03 13:12 46080 c:\windows\$NtUninstallKB2570791$\tzchange.exe
+ 2011-08-28 00:16 . 2011-07-09 00:32 16896 c:\windows\$NtUninstallKB2570791$\spuninst\tzchange.dll
+ 2011-08-28 00:08 . 2008-04-13 18:57 10112 c:\windows\$NtUninstallKB2566454$\ndistapi.sys
+ 2011-10-15 21:23 . 2006-02-28 12:00 16896 c:\windows\$NtUninstallKB2564958$\oleaccrc.dll
+ 2011-04-01 19:50 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2011-04-01 19:50 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2011-11-15 23:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2641690\update\spcustom.dll
+ 2011-11-15 23:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2641690\spmsg.dll
+ 2011-09-16 06:46 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2616676\update\spcustom.dll
+ 2011-09-16 06:46 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2616676\spmsg.dll
+ 2011-09-07 14:54 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2607712\update\spcustom.dll
+ 2011-09-07 14:54 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2607712\spmsg.dll
+ 2011-10-15 21:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2592799\update\spcustom.dll
+ 2011-10-15 21:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2592799\spmsg.dll
+ 2011-10-15 21:16 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2586448-IE8\update\spcustom.dll
+ 2011-10-15 21:16 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2586448-IE8\spmsg.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 12800 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\xpshims.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 66560 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtmled.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 55296 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\msfeedsbs.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 43520 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\licmgr10.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 25600 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\jsproxy.dll
+ 2011-09-16 06:41 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570947\update\spcustom.dll
+ 2011-09-16 06:41 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570947\spmsg.dll
+ 2011-08-28 00:13 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570222\update\spcustom.dll
+ 2011-08-28 00:13 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570222\spmsg.dll
+ 2011-08-28 00:14 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2567680\update\spcustom.dll
+ 2011-08-28 00:14 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2567680\spmsg.dll
+ 2011-10-15 21:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2567053\update\spcustom.dll
+ 2011-10-15 21:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2567053\spmsg.dll
+ 2011-08-28 00:08 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2566454\update\spcustom.dll
+ 2011-08-28 00:08 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2566454\spmsg.dll
+ 2011-08-28 00:02 . 2011-07-08 13:51 10496 c:\windows\$hf_mig$\KB2566454\SP3QFE\ndistapi.sys
+ 2011-08-28 00:07 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2562937\update\spcustom.dll
+ 2011-08-28 00:07 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2562937\spmsg.dll
+ 2011-08-28 00:09 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2559049-IE8\update\spcustom.dll
+ 2011-08-28 00:09 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2559049-IE8\spmsg.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 12800 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\xpshims.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 66560 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtmled.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 55296 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeedsbs.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 43520 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\licmgr10.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 25600 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\jsproxy.dll
+ 2011-07-19 02:42 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2555917\update\spcustom.dll
+ 2011-07-19 02:42 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2555917\spmsg.dll
+ 2011-06-16 16:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893\update\spcustom.dll
+ 2011-06-16 16:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893\spmsg.dll
+ 2011-11-15 23:20 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893-v2\update\spcustom.dll
+ 2011-11-15 23:20 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893-v2\spmsg.dll
+ 2011-06-16 16:45 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544521-IE8\update\spcustom.dll
+ 2011-06-16 16:45 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544521-IE8\spmsg.dll
+ 2011-07-07 04:26 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2541763\update\spcustom.dll
+ 2011-07-07 04:26 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2541763\spmsg.dll
+ 2011-06-16 16:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276\update\spcustom.dll
+ 2011-06-16 16:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276\spmsg.dll
+ 2011-08-28 00:13 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276-v2\update\spcustom.dll
+ 2011-08-28 00:13 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276-v2\spmsg.dll
+ 2011-06-16 16:51 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2535512\update\spcustom.dll
+ 2011-06-16 16:51 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2535512\spmsg.dll
+ 2011-06-16 16:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2530548-IE8\update\spcustom.dll
+ 2011-06-16 16:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2530548-IE8\spmsg.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 12800 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\xpshims.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 66560 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtmled.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 55296 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeedsbs.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 43520 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\licmgr10.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 25600 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\jsproxy.dll
+ 2011-03-30 19:27 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2524375\update\spcustom.dll
+ 2011-03-30 19:27 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2524375\spmsg.dll
+ 2011-04-28 00:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2511455\update\spcustom.dll
+ 2011-04-28 00:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2511455\spmsg.dll
+ 2011-04-28 00:46 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2510531-IE8\update\spcustom.dll
+ 2011-04-28 00:46 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2510531-IE8\spmsg.dll
+ 2011-04-28 00:47 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2509553\update\spcustom.dll
+ 2011-04-28 00:47 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2509553\spmsg.dll
+ 2009-04-20 17:06 . 2009-04-20 17:06 45568 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsrslvr.dll
+ 2011-04-28 00:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2508429\update\spcustom.dll
+ 2011-04-28 00:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2508429\spmsg.dll
+ 2011-04-28 00:50 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2508272\update\spcustom.dll
+ 2011-04-28 00:50 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2508272\spmsg.dll
+ 2011-07-19 02:47 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll
+ 2011-07-19 02:47 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507938\spmsg.dll
+ 2011-04-26 11:02 . 2011-04-26 11:02 33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll
+ 2011-04-28 00:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507618\update\spcustom.dll
+ 2011-04-28 00:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507618\spmsg.dll
+ 2011-04-28 00:54 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2506223\update\spcustom.dll
+ 2011-04-28 00:54 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2506223\spmsg.dll
+ 2011-04-28 00:47 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2506212\update\spcustom.dll
+ 2011-04-28 00:47 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2506212\spmsg.dll
+ 2011-06-16 16:53 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2503665\update\spcustom.dll
+ 2011-06-16 16:53 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2503665\spmsg.dll
+ 2011-04-28 00:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2503658\update\spcustom.dll
+ 2011-04-28 00:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2503658\spmsg.dll
+ 2011-04-28 00:54 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2497640-IE8\update\spcustom.dll
+ 2011-04-28 00:54 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2497640-IE8\spmsg.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 12800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\xpshims.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 66560 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtmled.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 55296 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeedsbs.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 43520 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\licmgr10.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 25600 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\jsproxy.dll
+ 2011-04-28 00:55 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485663\update\spcustom.dll
+ 2011-04-28 00:55 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485663\spmsg.dll
+ 2011-02-09 08:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485376\update\spcustom.dll
+ 2011-02-09 08:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485376\spmsg.dll
+ 2011-02-09 08:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2483185\update\spcustom.dll
+ 2011-02-09 08:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2483185\spmsg.dll
+ 2011-02-09 08:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2482017-IE8\update\spcustom.dll
+ 2011-02-09 08:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2482017-IE8\spmsg.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 12800 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\xpshims.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 66560 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtmled.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 55296 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeedsbs.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 43520 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\licmgr10.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 25600 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\jsproxy.dll
+ 2011-03-11 04:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
+ 2011-03-11 04:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2481109\spmsg.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
+ 2011-03-11 04:51 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-11 04:51 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2011-02-09 08:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479628\update\spcustom.dll
+ 2011-02-09 08:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479628\spmsg.dll
+ 2011-02-09 08:07 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478971\update\spcustom.dll
+ 2011-02-09 08:07 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478971\spmsg.dll
+ 2011-02-09 08:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478960\update\spcustom.dll
+ 2011-02-09 08:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478960\spmsg.dll
+ 2011-02-09 08:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476687\update\spcustom.dll
+ 2011-02-09 08:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476687\spmsg.dll
+ 2010-12-09 14:29 . 2010-12-09 14:29 33280 c:\windows\$hf_mig$\KB2476687\SP3QFE\csrsrv.dll
+ 2011-06-16 16:54 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll
+ 2011-06-16 16:54 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476490\spmsg.dll
+ 2010-12-15 08:04 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2467659\update\spcustom.dll
+ 2010-12-15 08:04 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2467659\spmsg.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2443105\update\spcustom.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2443105\spmsg.dll
+ 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\$hf_mig$\KB2443105\SP3QFE\isign32.dll
+ 2010-12-15 08:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2440591\update\spcustom.dll
+ 2010-12-15 08:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2440591\spmsg.dll
+ 2010-12-15 07:31 . 2010-11-03 05:55 40960 c:\windows\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys
+ 2010-12-15 08:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2436673\update\spcustom.dll
+ 2010-12-15 08:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2436673\spmsg.dll
+ 2010-12-15 08:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2423089\update\spcustom.dll
+ 2010-12-15 08:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2423089\spmsg.dll
+ 2010-12-15 07:30 . 2010-10-11 14:55 45568 c:\windows\$hf_mig$\KB2423089\SP3QFE\wab.exe
+ 2011-01-12 08:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2419632\update\spcustom.dll
+ 2011-01-12 08:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2419632\spmsg.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2416400-IE8\update\spcustom.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2416400-IE8\spmsg.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 12800 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\xpshims.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 66560 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtmled.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 55296 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\msfeedsbs.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 43520 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\licmgr10.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 25600 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\jsproxy.dll
+ 2011-02-09 08:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2393802\update\spcustom.dll
+ 2011-02-09 01:57 . 2010-12-09 15:15 16896 c:\windows\$hf_mig$\KB2393802\update\mpsyschk.dll
+ 2011-02-09 08:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2393802\spmsg.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2296199\update\spcustom.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2296199\spmsg.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-04-26 20:35 . 2011-02-17 12:32 5120 c:\windows\system32\xpsp4res.dll
- 2009-04-26 20:35 . 2010-08-26 12:52 5120 c:\windows\system32\xpsp4res.dll
+ 2011-01-03 19:47 . 2010-05-05 18:22 8704 c:\windows\system32\ws2thk.dll
+ 2011-02-23 00:18 . 2008-07-23 16:00 7168 c:\windows\system32\spool\drivers\w32x86\brotherpc_fax_v_2_1f116\Brlfx05B.d ll
+ 2011-02-23 00:18 . 2008-07-23 16:00 7168 c:\windows\system32\spool\drivers\w32x86\3\Brlfx05B.dll
+ 2011-12-22 21:25 . 2008-04-14 00:11 4096 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\ksuser.dll
+ 2011-02-23 00:17 . 2009-08-18 10:34 7586 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\BrSti09c.dll
+ 2010-08-02 15:52 . 2010-01-22 20:34 3072 c:\windows\system32\BrDctF2S.dll
+ 2010-08-02 15:52 . 2007-12-14 03:16 5120 c:\windows\system32\BrDctF2L.dll
+ 2011-04-09 02:17 . 2011-04-09 02:17 4608 c:\windows\Installer\c1a34e.msi
+ 2008-07-24 04:52 . 2011-12-21 04:05 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2011-10-04 20:41 . 2011-10-04 20:41 4286 c:\windows\Installer\{425C644F-3F69-429B-8B47-A7FD76BE4E21}\CrashPlanTray.exe
+ 2011-12-05 22:05 . 2011-12-05 22:05 5706 c:\windows\Downloaded Program Files\WebEx\932\atkbctl.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Micr osoft_VsaVb.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Micr osoft_VsaVb.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Mi crosoft.VisualC.Dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Mi crosoft.VisualC.Dll
- 2010-10-04 16:41 . 2010-10-04 16:41 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecR emote.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecR emote.dll
+ 2011-04-14 05:14 . 2011-04-14 05:14 3072 c:\windows\assembly\GAC_32\policy.2.0.EastmanKodakCompany.EasyShare\2.0.600 5.7527__e736f44e197b3380\policy.2.0.EastmanKodakCompany.EasyShare.dll
+ 2011-04-14 05:14 . 2011-04-14 05:14 3072 c:\windows\assembly\GAC_32\policy.1.0.EastmanKodakCompany.EasyShare\1.0.0.2 __e736f44e197b3380\policy.1.0.EastmanKodakCompany.EasyShare.dll
+ 2011-02-17 12:32 . 2011-02-17 12:32 5120 c:\windows\$hf_mig$\KB2508429\SP3QFE\xpsp4res.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 652608 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_e1702eb6\msvcr90.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 565584 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_e1702eb6\msvcp90.dll
+ 2009-07-12 03:54 . 2009-07-12 03:54 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_e1702eb6\msvcm90.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_42101c2a\atl90.dll
+ 2011-05-14 06:17 . 2011-05-14 06:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 06:12 . 2011-05-14 06:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 06:11 . 2011-05-14 06:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
+ 2009-08-20 03:51 . 2009-08-20 03:51 106496 c:\windows\twain_32\BrSc09c\Lang\BrTwdLng.dll
+ 2009-08-20 02:50 . 2009-08-20 02:50 155648 c:\windows\twain_32\BrSc09c\Common\BrTwdsUi.dll
+ 2009-08-20 02:49 . 2009-08-20 02:49 172032 c:\windows\twain_32\BrSc09c\Common\BrTwds.dll
+ 2006-02-28 12:00 . 2011-06-20 17:44 293376 c:\windows\system32\winsrv.dll
- 2006-02-28 12:00 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
+ 2006-02-28 12:00 . 2011-03-04 06:37 420864 c:\windows\system32\vbscript.dll
- 2006-02-28 12:00 . 2009-03-08 08:34 105984 c:\windows\system32\url.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 105984 c:\windows\system32\url.dll
+ 2011-01-03 19:49 . 2010-05-05 18:21 193696 c:\windows\system32\UNIDRV.dll
+ 2008-07-30 00:59 . 2011-09-26 16:41 611328 c:\windows\system32\uiautomationcore.dll
+ 2011-02-23 00:18 . 2008-07-23 16:00 165755 c:\windows\system32\spool\drivers\w32x86\brotherpc_fax_v_2_1f116\BRUFX05B.D LL
+ 2011-02-23 00:18 . 2008-07-23 16:00 177147 c:\windows\system32\spool\drivers\w32x86\brotherpc_fax_v_2_1f116\BROFX05B.D LL
+ 2010-07-10 00:22 . 2010-10-11 21:39 107776 c:\windows\system32\spool\drivers\w32x86\3\RCImaging.DLL
+ 2011-02-23 00:18 . 2008-07-23 16:00 165755 c:\windows\system32\spool\drivers\w32x86\3\BRUFX05B.DLL
+ 2011-02-23 00:18 . 2008-07-23 16:00 177147 c:\windows\system32\spool\drivers\w32x86\3\BROFX05B.DLL
+ 2009-02-13 03:29 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\1\UNIRES.DLL
+ 2009-02-13 03:29 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\1\UNIDRVUI.DLL
+ 2009-02-13 03:29 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\1\UNIDRV.DLL
+ 2010-07-10 00:22 . 2010-10-11 21:39 107776 c:\windows\system32\spool\drivers\w32x86\1\RCImaging.DLL
+ 2006-02-28 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 135168 c:\windows\system32\shsvcs.dll
+ 2006-02-28 12:00 . 2011-01-21 14:44 439296 c:\windows\system32\shimgvw.dll
+ 2006-02-28 12:00 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 270848 c:\windows\system32\sbe.dll
+ 2006-02-28 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\sbe.dll
+ 2005-09-16 18:14 . 2006-07-22 21:40 143360 c:\windows\system32\RTCOM\RtlCPAPI.dll
+ 2005-09-23 22:24 . 2006-08-18 04:03 270336 c:\windows\system32\RTCOM\RTCOMDLL.dll
+ 2011-12-22 21:26 . 2005-09-21 20:29 356352 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RtlUpd.exe
+ 2011-12-22 21:26 . 2005-09-16 18:14 157184 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RTLCPAPI.dll
+ 2011-12-22 21:26 . 2005-09-23 22:24 249856 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RTCOMDLL.dll
+ 2011-12-22 21:25 . 2008-04-13 19:19 146048 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\portcls.sys
+ 2011-12-22 21:25 . 2008-04-13 19:16 141056 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\ks.sys
+ 2011-01-03 19:49 . 2010-05-05 18:21 166704 c:\windows\system32\R0tiff.dll
+ 2008-07-24 08:22 . 2008-05-28 07:13 425472 c:\windows\system32\photometadatahandler.dll
+ 2006-02-28 12:00 . 2011-11-07 16:52 436002 c:\windows\system32\perfh009.dat
+ 2006-02-28 12:00 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll
+ 2006-02-28 12:00 . 2011-09-26 16:41 220160 c:\windows\system32\oleacc.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 249856 c:\windows\system32\odbc32.dll
+ 2006-02-28 12:00 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 206848 c:\windows\system32\occache.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 206848 c:\windows\system32\occache.dll
+ 2006-02-28 12:00 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll
+ 2010-08-02 15:51 . 2010-02-09 22:11 217088 c:\windows\system32\NSSearch.dll
+ 2006-02-28 12:00 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
- 2006-02-28 12:00 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 773968 c:\windows\system32\msvcr100.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 421200 c:\windows\system32\msvcp100.dll
- 2008-07-24 02:28 . 2008-04-14 00:12 677888 c:\windows\system32\mstsc.exe
+ 2008-07-24 02:28 . 2011-01-27 11:57 677888 c:\windows\system32\mstsc.exe
- 2006-02-28 12:00 . 2010-09-10 05:58 611840 c:\windows\system32\mstime.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 611840 c:\windows\system32\mstime.dll
+ 2007-08-13 22:54 . 2011-11-04 19:20 602112 c:\windows\system32\msfeeds.dll
- 2007-08-13 22:54 . 2010-09-10 05:58 602112 c:\windows\system32\msfeeds.dll
+ 2006-02-28 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\mfc42u.dll
- 2006-02-28 12:00 . 2010-09-18 16:23 974848 c:\windows\system32\mfc42u.dll
+ 2006-02-28 12:00 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll
+ 2011-11-15 01:21 . 2011-11-15 01:21 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe
+ 2011-10-16 18:17 . 2011-10-16 18:17 247968 c:\windows\system32\Macromed\Flash\FlashUtil11c_Plugin.exe
+ 2011-01-03 17:50 . 2010-10-11 21:39 521552 c:\windows\system32\ltkrnu.dll
- 2010-07-10 00:22 . 2009-03-11 16:28 453120 c:\windows\system32\ltkrn13n.dll
+ 2010-07-10 00:22 . 2009-03-11 17:28 453120 c:\windows\system32\ltkrn13n.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 226640 c:\windows\system32\Ltjp2u.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 157088 c:\windows\system32\ltimgutlu.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 193872 c:\windows\system32\ltimgefxu.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 411040 c:\windows\system32\ltimgcoru.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 218528 c:\windows\system32\ltimgclru.dll
- 2010-07-10 00:22 . 2009-03-11 16:28 445440 c:\windows\system32\ltimg13n.dll
+ 2010-07-10 00:22 . 2009-03-11 17:28 445440 c:\windows\system32\ltimg13n.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 193872 c:\windows\system32\ltfilu.DLL
- 2010-07-10 00:22 . 2009-03-11 16:28 154112 c:\windows\system32\ltfil13n.DLL
+ 2010-07-10 00:22 . 2009-03-11 17:28 154112 c:\windows\system32\ltfil13n.DLL
+ 2011-01-03 17:50 . 2010-10-11 21:39 259408 c:\windows\system32\ltefxu.dll
- 2010-07-10 00:22 . 2009-03-11 16:28 206848 c:\windows\system32\ltefx13n.dll
+ 2010-07-10 00:22 . 2009-03-11 17:28 206848 c:\windows\system32\ltefx13n.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 271776 c:\windows\system32\ltdisu.dll
+ 2010-07-10 00:22 . 2009-03-11 17:28 265216 c:\windows\system32\LTDIS13n.dll
- 2010-07-10 00:22 . 2009-03-11 16:28 265216 c:\windows\system32\LTDIS13n.dll
+ 2006-02-28 12:00 . 2010-12-20 17:26 730112 c:\windows\system32\lsasrv.dll
- 2006-02-28 12:00 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 165280 c:\windows\system32\lftifu.dll
- 2010-07-10 00:22 . 2009-03-11 16:28 142848 c:\windows\system32\lftif13n.dll
+ 2010-07-10 00:22 . 2009-03-11 17:28 142848 c:\windows\system32\lftif13n.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 128416 c:\windows\system32\lfpngu.dll
+ 2010-07-10 00:22 . 2009-03-11 17:28 182784 c:\windows\system32\Lfpng13n.dll
- 2010-07-10 00:22 . 2009-03-11 16:28 182784 c:\windows\system32\Lfpng13n.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 251296 c:\windows\system32\lfj2ku.dll
+ 2010-07-10 00:22 . 2009-03-11 17:28 246272 c:\windows\system32\LFJ2K13n.dll
- 2010-07-10 00:22 . 2009-03-11 16:28 246272 c:\windows\system32\LFJ2K13n.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 107936 c:\windows\system32\lffaxu.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 435616 c:\windows\system32\lfcmpu.DLL
+ 2010-07-10 00:22 . 2009-03-11 17:28 388608 c:\windows\system32\LFCMP13n.DLL
- 2010-07-10 00:22 . 2009-03-11 16:28 388608 c:\windows\system32\LFCMP13n.DLL
+ 2007-06-06 13:18 . 2007-06-06 13:18 196608 c:\windows\system32\KPDRES.DLL
+ 2007-06-06 13:38 . 2007-06-06 13:38 237568 c:\windows\system32\KPDPMUI.dll
+ 2007-06-06 13:38 . 2007-06-06 13:38 344064 c:\windows\system32\KPDPM.dll
- 2006-02-28 12:00 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
+ 2006-02-28 12:00 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll
+ 2006-02-28 12:00 . 2011-03-04 06:37 726528 c:\windows\system32\jscript.dll
- 2006-02-28 12:00 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll
+ 2012-01-02 19:46 . 2011-11-10 11:54 157472 c:\windows\system32\javaws.exe
+ 2012-01-02 19:46 . 2011-11-10 11:54 149280 c:\windows\system32\javaw.exe
+ 2012-01-02 19:46 . 2011-11-10 11:54 149280 c:\windows\system32\java.exe
+ 2011-04-14 05:12 . 2008-05-02 13:25 465920 c:\windows\system32\imapi2fs.dll
+ 2011-04-14 05:12 . 2008-05-02 13:25 317952 c:\windows\system32\imapi2.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 184320 c:\windows\system32\iepeers.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 184320 c:\windows\system32\iepeers.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 387584 c:\windows\system32\iedkcs32.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 387584 c:\windows\system32\iedkcs32.dll
+ 2006-02-28 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
+ 2009-09-16 23:27 . 2009-09-16 23:27 508224 c:\windows\system32\ICCProfiles.dll
+ 2008-07-23 22:02 . 2011-12-21 08:27 741424 c:\windows\system32\FNTCACHE.DAT
- 2008-07-23 22:02 . 2010-10-14 00:35 741424 c:\windows\system32\FNTCACHE.DAT
+ 2011-04-14 05:16 . 2007-06-06 13:46 229376 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\K PDVS.dll
+ 2011-04-14 05:16 . 2007-06-06 13:37 278528 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\K PDUI.dll
+ 2011-04-14 05:16 . 2007-06-06 13:18 196608 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\K PDRES.dll
+ 2011-04-14 05:16 . 2007-06-06 13:37 258048 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\K PDGDI.dll
+ 2011-02-23 00:17 . 2010-01-08 04:43 693715 c:\windows\system32\DRVSTORE\brpri10b_6EDA772B2903AB2A7EC33EFF6A4672C19A725 5E8\briu10b.dll
+ 2006-02-28 12:00 . 2011-02-17 13:18 357888 c:\windows\system32\drivers\srv.sys
+ 2008-07-24 02:28 . 2011-06-24 14:10 139656 c:\windows\system32\drivers\rdpwd.sys
- 2008-07-24 02:28 . 2008-04-14 00:13 139656 c:\windows\system32\drivers\rdpwd.sys
- 2008-07-24 08:38 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2008-07-24 08:38 . 2008-04-13 21:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2006-02-28 12:00 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
+ 2006-02-28 12:00 . 2011-07-15 13:29 456320 c:\windows\system32\drivers\mrxsmb.sys
- 2004-08-03 23:15 . 2008-04-13 19:16 141056 c:\windows\system32\drivers\ks.sys
+ 2004-08-03 23:15 . 2008-04-13 21:16 141056 c:\windows\system32\drivers\ks.sys
+ 2006-02-28 12:00 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys
- 2006-02-28 12:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2006-02-28 12:00 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
- 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2010-06-18 17:45 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 916992 c:\windows\system32\dllcache\wininet.dll
+ 2008-07-24 02:29 . 2011-04-30 03:01 758784 c:\windows\system32\dllcache\vgx.dll
+ 2006-02-28 12:00 . 2011-03-04 06:37 420864 c:\windows\system32\dllcache\vbscript.dll
- 2006-02-28 12:00 . 2009-03-08 08:34 105984 c:\windows\system32\dllcache\url.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 105984 c:\windows\system32\dllcache\url.dll
+ 2006-02-28 12:00 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2011-01-21 14:44 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
+ 2008-12-05 06:54 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll
+ 2006-02-28 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 270848 c:\windows\system32\dllcache\sbe.dll
+ 2008-07-24 02:28 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys
- 2008-07-24 02:28 . 2008-04-14 00:13 139656 c:\windows\system32\dllcache\rdpwd.sys
+ 2008-07-24 08:38 . 2008-04-13 21:19 146048 c:\windows\system32\dllcache\portcls.sys
- 2008-07-24 08:38 . 2008-04-13 19:19 146048 c:\windows\system32\dllcache\portcls.sys
+ 2010-12-20 17:32 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2006-02-28 12:00 . 2011-09-26 16:41 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 206848 c:\windows\system32\dllcache\occache.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-04-26 20:37 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
+ 2006-02-28 12:00 . 2011-04-21 13:37 105472 c:\windows\system32\dllcache\mup.sys
- 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 611840 c:\windows\system32\dllcache\mstime.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 611840 c:\windows\system32\dllcache\mstime.dll
+ 2008-07-24 02:29 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
- 2008-07-24 02:29 . 2008-04-14 00:12 102400 c:\windows\system32\dllcache\msjro.dll
+ 2008-07-24 04:59 . 2011-11-04 19:20 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2008-07-24 04:59 . 2010-09-10 05:58 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-07-24 02:29 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
- 2008-07-24 02:29 . 2008-04-14 00:11 200704 c:\windows\system32\dllcache\msadox.dll
- 2008-07-24 02:29 . 2008-04-14 00:11 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2008-07-24 02:29 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
- 2008-07-24 02:29 . 2008-04-14 00:11 536576 c:\windows\system32\dllcache\msado15.dll
+ 2008-07-24 02:29 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2008-07-24 02:29 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
- 2008-07-24 02:29 . 2008-04-14 00:11 143360 c:\windows\system32\dllcache\msadco.dll
+ 2006-02-28 12:00 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2006-02-28 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
- 2006-02-28 12:00 . 2010-09-18 16:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2010-10-13 23:27 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2009-04-26 20:37 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
- 2009-04-26 20:37 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2008-07-24 02:28 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
- 2008-07-24 02:28 . 2008-04-14 00:12 677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2004-08-03 23:15 . 2008-04-13 21:16 141056 c:\windows\system32\dllcache\ks.sys
- 2004-08-03 23:15 . 2008-04-13 19:16 141056 c:\windows\system32\dllcache\ks.sys
- 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2009-06-25 08:25 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-05-09 10:53 . 2011-03-04 06:37 726528 c:\windows\system32\dllcache\jscript.dll
- 2008-05-09 10:53 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-08-19 04:08 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2008-08-19 04:08 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2011-04-14 05:12 . 2008-05-02 13:25 465920 c:\windows\system32\dllcache\imapi2fs.dll
+ 2011-04-14 05:12 . 2008-05-02 13:25 317952 c:\windows\system32\dllcache\imapi2.dll
- 2009-06-12 18:56 . 2010-09-10 05:58 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-06-12 18:56 . 2011-11-04 19:20 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 184320 c:\windows\system32\dllcache\iepeers.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-06-14 03:30 . 2010-09-10 05:58 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-14 03:30 . 2011-11-04 19:20 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2006-02-28 12:00 . 2010-09-10 05:58 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2006-02-28 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2006-02-28 12:00 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
- 2006-02-28 12:00 . 2008-04-14 00:11 186880 c:\windows\system32\dllcache\encdec.dll
+ 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
- 2006-02-28 12:00 . 2008-04-14 00:11 599040 c:\windows\system32\dllcache\crypt32.dll
+ 2006-02-28 12:00 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
+ 2010-04-20 05:30 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
- 2006-02-28 12:00 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2006-02-28 12:00 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
+ 2006-02-28 12:00 . 2011-09-28 07:06 599040 c:\windows\system32\crypt32.dll
- 2006-02-28 12:00 . 2008-04-14 00:11 599040 c:\windows\system32\crypt32.dll
+ 2010-08-02 15:52 . 2010-02-05 16:42 180224 c:\windows\system32\BroSNMP.dll
+ 2010-08-02 15:51 . 2009-10-13 21:59 180224 c:\windows\system32\BrMuSNMP.dll
+ 2011-02-23 00:16 . 2008-08-24 00:17 118784 c:\windows\system32\BrMfNt.dll
+ 2011-02-23 00:16 . 2008-10-18 01:02 126976 c:\windows\system32\BrfxD05b.dll
+ 2006-02-28 12:00 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 138056 c:\windows\system32\atl100.dll
+ 2011-07-07 10:18 . 2011-07-07 10:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-03-25 11:15 . 2011-03-25 11:15 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-07-07 10:18 . 2011-07-07 10:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-12-09 01:39 . 2011-12-09 01:39 493056 c:\windows\Installer\f40771a.msi
+ 2010-11-12 16:08 . 2010-11-12 16:08 889344 c:\windows\Installer\b89d6d7.msp
+ 2011-11-23 22:24 . 2011-11-23 22:25 333824 c:\windows\Installer\af51078.msi
+ 2011-06-16 16:54 . 2011-06-16 16:54 223744 c:\windows\Installer\65584ab1.msi
+ 2011-06-16 16:48 . 2011-06-16 16:48 467456 c:\windows\Installer\65584a43.msi
+ 2010-11-27 05:57 . 2010-11-27 05:57 454656 c:\windows\Installer\2108b86.msi
+ 2011-10-27 10:49 . 2011-10-27 10:49 160768 c:\windows\Installer\1c5d6f.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 295936 c:\windows\Installer\1b212fc3.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 370688 c:\windows\Installer\1b212fbc.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 404480 c:\windows\Installer\1b212fb5.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 213504 c:\windows\Installer\1b212fad.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 186368 c:\windows\Installer\1b212fa5.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 180736 c:\windows\Installer\1b212f9e.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 181248 c:\windows\Installer\1b212f97.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 475136 c:\windows\Installer\1b212f90.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 548352 c:\windows\Installer\1b212f89.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 291840 c:\windows\Installer\1b212f82.msi
+ 2011-04-14 05:13 . 2011-04-14 05:13 357376 c:\windows\Installer\1b212f7b.msi
+ 2011-04-14 05:13 . 2011-04-14 05:13 291840 c:\windows\Installer\1b212f74.msi
+ 2011-04-14 05:13 . 2011-04-14 05:13 182784 c:\windows\Installer\1b212f6d.msi
+ 2011-04-14 05:13 . 2011-04-14 05:13 288768 c:\windows\Installer\1b212f66.msi
+ 2011-04-14 05:13 . 2011-04-14 05:13 294912 c:\windows\Installer\1b212f5f.msi
+ 2011-04-14 04:54 . 2011-04-14 04:54 218624 c:\windows\Installer\1b116437.msi
+ 2011-11-11 02:43 . 2011-11-11 02:43 203776 c:\windows\Installer\11190a23.msi
+ 2011-04-14 05:16 . 2011-04-14 05:16 135168 c:\windows\Installer\{FCDB1C92-03C6-4C76-8625-371224256091}\PdockShortcut5.exe
+ 2011-10-16 02:42 . 2011-10-16 02:42 371272 c:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
+ 2011-04-14 04:56 . 2011-04-14 04:56 370070 c:\windows\Installer\{9A5909B3-8CF3-4E06-92A8-F3CB7C97EF20}\ARPPRODUCTICON.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-07-24 04:52 . 2011-12-21 04:05 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-07-24 04:52 . 2010-11-10 00:14 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2011-10-04 20:41 . 2011-10-04 20:41 355574 c:\windows\Installer\{425C644F-3F69-429B-8B47-A7FD76BE4E21}\controlPanelIcon.exe
+ 2010-09-21 03:07 . 2010-09-21 03:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\readerupdater.exe
+ 2010-09-10 22:17 . 2010-09-10 22:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\JP2KLib.dll
+ 2010-09-23 00:41 . 2010-09-23 00:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\AdobeCollabSync.exe
+ 2010-09-21 03:07 . 2010-09-21 03:07 932288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\adobearm.exe
+ 2010-09-23 08:47 . 2010-09-23 08:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\AcroRd32.exe
+ 2010-09-22 22:04 . 2010-09-22 22:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\AcroPDF.dll
+ 2010-09-22 23:39 . 2010-09-22 23:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\acrobroker.exe
+ 2010-09-21 03:07 . 2010-09-21 03:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\acrobatupdater.exe
+ 2010-09-22 22:50 . 2010-09-22 22:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\a3dutility.exe
+ 2011-01-14 12:10 . 2011-01-14 12:10 155520 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\ 14.0.5130\GKWORD6.DLL
+ 2011-01-14 12:10 . 2011-01-14 12:10 140160 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\ 14.0.5130\GKEXCEL2.DLL
+ 2011-12-21 04:10 . 2011-08-22 23:48 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2011-12-21 04:10 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2011-12-21 04:10 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2011-12-21 04:10 . 2011-08-22 23:48 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2011-12-21 04:10 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2011-10-15 21:16 . 2011-06-23 18:36 916480 c:\windows\ie8updates\KB2586448-IE8\wininet.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 105984 c:\windows\ie8updates\KB2586448-IE8\url.dll
+ 2011-10-15 21:16 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll
+ 2011-10-15 21:16 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe
+ 2011-10-15 21:16 . 2011-06-23 18:36 206848 c:\windows\ie8updates\KB2586448-IE8\occache.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 611840 c:\windows\ie8updates\KB2586448-IE8\mstime.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 602112 c:\windows\ie8updates\KB2586448-IE8\msfeeds.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 247808 c:\windows\ie8updates\KB2586448-IE8\ieproxy.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 184320 c:\windows\ie8updates\KB2586448-IE8\iepeers.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 743424 c:\windows\ie8updates\KB2586448-IE8\iedvtool.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 387584 c:\windows\ie8updates\KB2586448-IE8\iedkcs32.dll
+ 2011-10-15 21:16 . 2011-06-23 12:05 173568 c:\windows\ie8updates\KB2586448-IE8\ie4uinit.exe
+ 2011-08-28 00:09 . 2011-04-25 16:11 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll
+ 2011-08-28 00:09 . 2009-03-08 08:34 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll
+ 2011-08-28 00:09 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
+ 2011-08-28 00:09 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
+ 2011-08-28 00:09 . 2011-04-25 16:11 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
+ 2011-08-28 00:09 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
+ 2011-06-16 16:45 . 2009-03-08 08:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
+ 2011-06-16 16:45 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2011-06-16 16:45 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2011-06-16 16:48 . 2011-02-22 23:06 916480 c:\windows\ie8updates\KB2530548-IE8\wininet.dll
+ 2011-06-16 16:48 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2530548-IE8\spuninst\updspapi.dll
+ 2011-06-16 16:48 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2530548-IE8\spuninst\spuninst.exe
+ 2011-06-16 16:48 . 2011-02-22 23:06 206848 c:\windows\ie8updates\KB2530548-IE8\occache.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 611840 c:\windows\ie8updates\KB2530548-IE8\mstime.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 602112 c:\windows\ie8updates\KB2530548-IE8\msfeeds.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 247808 c:\windows\ie8updates\KB2530548-IE8\ieproxy.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 184320 c:\windows\ie8updates\KB2530548-IE8\iepeers.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 743424 c:\windows\ie8updates\KB2530548-IE8\iedvtool.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 387584 c:\windows\ie8updates\KB2530548-IE8\iedkcs32.dll
+ 2011-06-16 16:48 . 2011-02-18 11:49 173568 c:\windows\ie8updates\KB2530548-IE8\ie4uinit.exe
+ 2011-04-28 00:46 . 2010-03-10 06:15 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2011-04-28 00:46 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2011-04-28 00:46 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
+ 2011-04-28 00:46 . 2009-12-09 05:53 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 916480 c:\windows\ie8updates\KB2497640-IE8\wininet.dll
+ 2011-04-28 00:54 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2497640-IE8\spuninst\updspapi.dll
+ 2011-04-28 00:54 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2497640-IE8\spuninst\spuninst.exe
+ 2011-04-28 00:54 . 2010-12-20 23:59 206848 c:\windows\ie8updates\KB2497640-IE8\occache.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 611840 c:\windows\ie8updates\KB2497640-IE8\mstime.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 602112 c:\windows\ie8updates\KB2497640-IE8\msfeeds.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 247808 c:\windows\ie8updates\KB2497640-IE8\ieproxy.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 184320 c:\windows\ie8updates\KB2497640-IE8\iepeers.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 743424 c:\windows\ie8updates\KB2497640-IE8\iedvtool.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 387584 c:\windows\ie8updates\KB2497640-IE8\iedkcs32.dll
+ 2011-04-28 00:54 . 2010-12-20 12:55 173568 c:\windows\ie8updates\KB2497640-IE8\ie4uinit.exe
+ 2011-02-09 08:01 . 2010-11-06 00:26 916480 c:\windows\ie8updates\KB2482017-IE8\wininet.dll
+ 2011-02-09 08:01 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll
+ 2011-02-09 08:01 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe
+ 2011-02-09 08:01 . 2010-11-06 00:26 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll
+ 2011-02-09 08:01 . 2010-11-03 12:26 173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe
+ 2010-12-15 08:05 . 2010-09-10 05:58 916480 c:\windows\ie8updates\KB2416400-IE8\wininet.dll
+ 2010-12-15 08:05 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2416400-IE8\spuninst\updspapi.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23 231288 c:\windows\ie8updates\KB2416400-IE8\spuninst\spuninst.exe
+ 2010-12-15 08:05 . 2010-09-10 05:58 206848 c:\windows\ie8updates\KB2416400-IE8\occache.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 611840 c:\windows\ie8updates\KB2416400-IE8\mstime.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 602112 c:\windows\ie8updates\KB2416400-IE8\msfeeds.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 247808 c:\windows\ie8updates\KB2416400-IE8\ieproxy.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 184320 c:\windows\ie8updates\KB2416400-IE8\iepeers.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 743424 c:\windows\ie8updates\KB2416400-IE8\iedvtool.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 387584 c:\windows\ie8updates\KB2416400-IE8\iedkcs32.dll
+ 2010-12-15 08:05 . 2010-08-26 12:22 173056 c:\windows\ie8updates\KB2416400-IE8\ie4uinit.exe
+ 2011-09-29 15:03 . 2011-09-29 15:03 274432 c:\windows\ERDNT\AutoBackup\9-29-2011\Users\00000002\UsrClass.dat
+ 2011-09-29 15:03 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\9-29-2011\ERDNT.EXE
+ 2011-12-10 04:09 . 2011-12-10 04:09 282624 c:\windows\ERDNT\AutoBackup\12-9-2011\Users\00000002\UsrClass.dat
+ 2011-12-10 04:09 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-9-2011\ERDNT.EXE
+ 2011-12-05 23:36 . 2011-12-05 23:36 282624 c:\windows\ERDNT\AutoBackup\12-5-2011\Users\00000002\UsrClass.dat
+ 2011-12-05 23:36 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-5-2011\ERDNT.EXE
+ 2011-12-30 17:15 . 2011-12-30 17:15 282624 c:\windows\ERDNT\AutoBackup\12-30-2011\Users\00000002\UsrClass.dat
+ 2011-12-30 17:15 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-30-2011\ERDNT.EXE
+ 2011-12-25 03:21 . 2011-12-25 03:21 282624 c:\windows\ERDNT\AutoBackup\12-24-2011\Users\00000002\UsrClass.dat
+ 2011-12-25 03:21 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-24-2011\ERDNT.EXE
+ 2011-12-23 08:24 . 2011-12-23 08:24 282624 c:\windows\ERDNT\AutoBackup\12-23-2011\Users\00000002\UsrClass.dat
+ 2011-12-23 08:24 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-23-2011\ERDNT.EXE
+ 2011-12-22 18:01 . 2011-12-22 18:01 282624 c:\windows\ERDNT\AutoBackup\12-22-2011\Users\00000002\UsrClass.dat
+ 2011-12-22 18:01 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-22-2011\ERDNT.EXE
+ 2011-12-21 08:28 . 2011-12-21 08:28 282624 c:\windows\ERDNT\AutoBackup\12-21-2011\Users\00000002\UsrClass.dat
+ 2011-12-21 08:28 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-21-2011\ERDNT.EXE
+ 2011-12-20 14:40 . 2011-12-20 14:40 282624 c:\windows\ERDNT\AutoBackup\12-20-2011\Users\00000002\UsrClass.dat
+ 2011-12-20 14:40 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-20-2011\ERDNT.EXE
+ 2011-12-14 17:39 . 2011-12-14 17:39 282624 c:\windows\ERDNT\AutoBackup\12-14-2011\Users\00000002\UsrClass.dat
+ 2011-12-14 17:39 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-14-2011\ERDNT.EXE
+ 2011-12-10 15:49 . 2011-12-10 15:49 282624 c:\windows\ERDNT\AutoBackup\12-10-2011\Users\00000002\UsrClass.dat
+ 2011-12-10 15:49 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-10-2011\ERDNT.EXE
+ 2011-12-01 19:25 . 2011-12-01 19:25 282624 c:\windows\ERDNT\AutoBackup\12-1-2011\Users\00000002\UsrClass.dat
+ 2011-12-01 19:25 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-1-2011\ERDNT.EXE
+ 2011-11-07 16:51 . 2011-11-07 16:51 278528 c:\windows\ERDNT\AutoBackup\11-7-2011\Users\00000002\UsrClass.dat
+ 2011-11-07 16:51 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-7-2011\ERDNT.EXE
+ 2011-11-06 00:05 . 2011-11-06 00:05 278528 c:\windows\ERDNT\AutoBackup\11-5-2011\Users\00000002\UsrClass.dat
+ 2011-11-06 00:05 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-5-2011\ERDNT.EXE
+ 2011-11-30 17:34 . 2011-11-30 17:34 282624 c:\windows\ERDNT\AutoBackup\11-30-2011\Users\00000002\UsrClass.dat
+ 2011-11-30 17:34 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-30-2011\ERDNT.EXE
+ 2011-11-27 03:39 . 2011-11-27 03:39 282624 c:\windows\ERDNT\AutoBackup\11-26-2011\Users\00000002\UsrClass.dat
+ 2011-11-27 03:39 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-26-2011\ERDNT.EXE
+ 2011-11-25 19:10 . 2011-11-25 19:10 282624 c:\windows\ERDNT\AutoBackup\11-25-2011\Users\00000002\UsrClass.dat
+ 2011-11-25 19:10 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-25-2011\ERDNT.EXE
+ 2011-11-25 02:33 . 2011-11-25 02:33 282624 c:\windows\ERDNT\AutoBackup\11-24-2011\Users\00000002\UsrClass.dat
+ 2011-11-25 02:33 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-24-2011\ERDNT.EXE
+ 2011-11-21 19:21 . 2011-11-21 19:21 282624 c:\windows\ERDNT\AutoBackup\11-21-2011\Users\00000002\UsrClass.dat
+ 2011-11-21 19:21 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-21-2011\ERDNT.EXE
+ 2011-11-19 20:22 . 2011-11-19 20:22 282624 c:\windows\ERDNT\AutoBackup\11-19-2011\Users\00000002\UsrClass.dat
+ 2011-11-19 20:22 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-19-2011\ERDNT.EXE
+ 2011-11-15 07:06 . 2011-11-15 07:06 282624 c:\windows\ERDNT\AutoBackup\11-15-2011\Users\00000002\UsrClass.dat
+ 2011-11-15 07:06 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-15-2011\ERDNT.EXE
+ 2011-11-15 01:20 . 2011-11-15 01:20 282624 c:\windows\ERDNT\AutoBackup\11-14-2011\Users\00000002\UsrClass.dat
+ 2011-11-15 01:20 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-14-2011\ERDNT.EXE
+ 2011-10-09 00:29 . 2011-10-09 00:29 274432 c:\windows\ERDNT\AutoBackup\10-8-2011\Users\00000002\UsrClass.dat
+ 2011-10-09 00:29 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-8-2011\ERDNT.EXE
+ 2011-10-07 19:56 . 2011-10-07 19:56 274432 c:\windows\ERDNT\AutoBackup\10-7-2011\Users\00000002\UsrClass.dat
+ 2011-10-07 19:56 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-7-2011\ERDNT.EXE
+ 2011-10-31 16:42 . 2011-10-31 16:42 278528 c:\windows\ERDNT\AutoBackup\10-31-2011\Users\00000002\UsrClass.dat
+ 2011-10-31 16:42 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-31-2011\ERDNT.EXE
+ 2011-10-29 14:17 . 2011-10-29 14:17 278528 c:\windows\ERDNT\AutoBackup\10-29-2011\Users\00000002\UsrClass.dat
+ 2011-10-29 14:17 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-29-2011\ERDNT.EXE
+ 2011-10-27 10:24 . 2011-10-27 10:24 278528 c:\windows\ERDNT\AutoBackup\10-27-2011\Users\00000002\UsrClass.dat
+ 2011-10-27 10:24 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-27-2011\ERDNT.EXE
+ 2011-10-19 20:09 . 2011-10-19 20:09 278528 c:\windows\ERDNT\AutoBackup\10-19-2011\Users\00000002\UsrClass.dat
+ 2011-10-19 20:09 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-19-2011\ERDNT.EXE
+ 2011-10-16 18:16 . 2011-10-16 18:16 274432 c:\windows\ERDNT\AutoBackup\10-16-2011\Users\00000002\UsrClass.dat
+ 2011-10-16 18:16 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-16-2011\ERDNT.EXE
+ 2012-01-02 05:14 . 2012-01-02 05:14 282624 c:\windows\ERDNT\AutoBackup\1-1-2012\Users\00000002\UsrClass.dat
+ 2012-01-02 05:14 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\1-1-2012\ERDNT.EXE
+ 2011-04-03 07:47 . 2011-04-03 07:47 245760 c:\windows\ERDNT\4-3-2011\Users\00000002\UsrClass.dat
+ 2011-04-03 07:47 . 2005-10-20 16:02 163328 c:\windows\ERDNT\4-3-2011\ERDNT.EXE
+ 2011-03-30 04:57 . 2011-03-30 04:57 241664 c:\windows\ERDNT\3-30-2011\Users\00000002\UsrClass.dat
+ 2011-03-30 04:57 . 2005-10-20 16:02 163328 c:\windows\ERDNT\3-30-2011\ERDNT.EXE
+ 2011-03-27 16:58 . 2011-03-27 16:58 241664 c:\windows\ERDNT\3-27-2011\Users\00000002\UsrClass.dat
+ 2011-03-27 16:58 . 2005-10-20 16:02 163328 c:\windows\ERDNT\3-27-2011\ERDNT.EXE
+ 2008-12-04 19:18 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2011-12-05 22:05 . 2011-12-05 22:05 165176 c:\windows\Downloaded Program Files\WebEx\932\wbxreport.exe
+ 2011-12-05 22:05 . 2011-12-05 22:05 163840 c:\windows\Downloaded Program Files\WebEx\932\uilibres.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 217088 c:\windows\Downloaded Program Files\WebEx\932\scwbxui7.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 356352 c:\windows\Downloaded Program Files\WebEx\932\sccustres.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 278528 c:\windows\Downloaded Program Files\WebEx\932\attp.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 744760 c:\windows\Downloaded Program Files\WebEx\932\atsccust.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 221184 c:\windows\Downloaded Program Files\WebEx\932\atres_lite.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 311296 c:\windows\Downloaded Program Files\WebEx\932\atlchat.dll
+ 2011-12-05 22:06 . 2011-12-05 22:06 150091 c:\windows\Downloaded Program Files\WebEx\932\atdl2006.dll
+ 2011-12-05 22:06 . 2011-12-05 22:06 114764 c:\windows\Downloaded Program Files\WebEx\932\atasuicom.dll
+ 2011-12-05 22:06 . 2011-12-05 22:06 101256 c:\windows\Downloaded Program Files\WebEx\932\atasnt40.dll
+ 2011-12-05 22:06 . 2011-12-05 22:06 354192 c:\windows\Downloaded Program Files\WebEx\932\atasctrl_lite.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 364544 c:\windows\Downloaded Program Files\WebEx\932\atarm.dll
+ 2011-12-05 22:05 . 2011-12-05 22:05 185224 c:\windows\Downloaded Program Files\atgpcext.dll
+ 2011-12-05 22:06 . 2011-12-05 22:06 324920 c:\windows\Downloaded Program Files\atcliun.exe
+ 2011-08-28 00:21 . 2011-08-28 00:21 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edb a1db26fd5e421ac\WsatConfig.ni.exe
+ 2011-10-15 22:08 . 2011-10-15 22:08 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722 d8e0f05c57fef6b\WsatConfig.ni.exe
+ 2011-08-28 00:34 . 2011-08-28 00:34 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148 c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
+ 2011-10-15 22:21 . 2011-10-15 22:21 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e4 8c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll
+ 2011-10-15 22:09 . 2011-10-15 22:09 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0e a87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll
+ 2011-08-28 00:22 . 2011-08-28 00:22 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b 47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633 af87989355382b5039f1b7df\System.Transactions.ni.dll
+ 2011-08-28 00:22 . 2011-08-28 00:22 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505 f97805f00999ee26aec9bf75\System.Transactions.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f 2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
+ 2011-08-28 00:22 . 2011-08-28 00:22 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400 affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24 bcf8a0316756e766721f\System.Security.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee 81e9c99acb72b09d77ac\System.Security.ni.dll
+ 2011-08-28 00:20 . 2011-08-28 00:20 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f 76e0b37dc8467b4696\System.IO.Log.ni.dll
+ 2011-10-15 22:07 . 2011-10-15 22:07 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee1236 2d303fb2574fcd5a24\System.IO.Log.ni.dll
+ 2011-08-28 00:20 . 2011-08-28 00:20 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5 a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
+ 2011-10-15 22:07 . 2011-10-15 22:07 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2f cffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f4522 79422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f4522 79422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792be f8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792be f8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
+ 2011-08-28 00:18 . 2011-08-28 00:18 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d0 7c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
+ 2011-10-15 21:26 . 2011-10-15 21:26 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca0 6e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c 368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911 e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720 436dc6cb76006377f295ea365\System.Configuration.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd 21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e03800 8b0bbbfed1213c\SMSvcHost.ni.exe
+ 2011-10-15 22:08 . 2011-10-15 22:08 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe8 14ea7e52f62a78\SMSvcHost.ni.exe
+ 2011-08-28 00:21 . 2011-08-28 00:21 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1 290d2340d682574a24\SMDiagnostics.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687 bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301 bfe7e1d52b86c8394217\ServiceModelReg.ni.exe
+ 2011-08-28 00:21 . 2011-08-28 00:21 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575 a6beb3a416bd480b98a7\ServiceModelReg.ni.exe
+ 2011-08-28 00:21 . 2011-08-28 00:21 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d 5b6f3b931012\MSBuild.ni.exe
+ 2011-10-15 22:08 . 2011-10-15 22:08 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b3 49648ba23e62\MSBuild.ni.exe
+ 2011-10-15 22:08 . 2011-10-15 22:08 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed 9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d17 2f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d489 2775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3 ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5 757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a467217 9aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
+ 2011-07-07 05:35 . 2011-07-07 05:35 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd1738877 8c90f301746ad88700758\CustomMarshalers.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191 ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
+ 2011-08-28 00:20 . 2011-08-28 00:20 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74 697bb42b9d1fdea5b\ComSvcConfig.ni.exe
+ 2011-10-15 22:08 . 2011-10-15 22:08 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197f f72c75f1c3c24b949\ComSvcConfig.ni.exe
+ 2011-08-28 00:20 . 2011-08-28 00:20 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd 47ae74b0b911fece1\AspNetMMCExt.ni.dll
+ 2011-10-15 22:07 . 2011-10-15 22:07 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d 560d577c0a99ea3bd\AspNetMMCExt.ni.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\ System.Web.Services.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\ System.Web.Services.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\Sy stem.Web.Mobile.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\Sy stem.Web.Mobile.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3 a\System.ServiceProcess.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3 a\System.ServiceProcess.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\Syst em.Security.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\Syst em.Security.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2 .0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2 .0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e 089\System.Runtime.Remoting.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e 089\System.Runtime.Remoting.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\Sys tem.Messaging.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\Sys tem.Messaging.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\Sy stem.Management.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\Sy stem.Management.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\Syste m.Drawing.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\Syste m.Drawing.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d5 0a3a\System.DirectoryServices.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d5 0a3a\System.DirectoryServices.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b0 3f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b0 3f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\Sy stem.Deployment.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\Sy stem.Deployment.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\S ystem.Data.SqlXml.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\S ystem.Data.SqlXml.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a \System.configuration.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a \System.configuration.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dl l
+ 2011-10-15 21:22 . 2011-10-15 21:22 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dl l
+ 2011-10-15 21:22 . 2011-10-15 21:22 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3 a\Microsoft.VisualBasic.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3 a\Microsoft.VisualBasic.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b 03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b 03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0 .0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0 .0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Mi crosoft.JScript.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Mi crosoft.JScript.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3 a\Microsoft.Build.Tasks.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3 a\Microsoft.Build.Tasks.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a 3a\Microsoft.Build.Engine.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a 3a\Microsoft.Build.Engine.dll
- 2010-10-04 16:40 . 2010-10-04 16:40 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetM MCExt.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetM MCExt.dll
+ 2011-04-14 05:13 . 2011-04-14 05:13 442368 c:\windows\assembly\GAC_32\WicFileFormat-PlatOpt\1.1.7323.4563__b0cfd8589c27b05f\WicFileFormat-PlatOpt.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\Sy stem.Transactions.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\Sy stem.Transactions.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50 a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50 a3a\System.EnterpriseServices.Wrapper.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50 a3a\System.EnterpriseServices.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50 a3a\System.EnterpriseServices.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e0 89\System.Data.OracleClient.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e0 89\System.Data.OracleClient.dll
+ 2011-04-14 05:14 . 2011-04-14 05:14 262144 c:\windows\assembly\GAC_32\EastmanKodakCompany.EasyShare\2.0.6005.7527__e73 6f44e197b3380\EastmanKodakCompany.EasyShare.dll
+ 2011-04-14 05:14 . 2011-04-14 05:14 282624 c:\windows\assembly\GAC_32\EastmanKodakCompany.EasyShare\1.0.2698.25402__e7 36f44e197b3380\EastmanKodakCompany.EasyShare.dll
+ 2011-11-15 23:17 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2641690$\spuninst\updspapi.dll
+ 2011-11-15 23:17 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2641690$\spuninst\spuninst.exe
+ 2011-11-15 23:17 . 2011-09-09 09:12 599040 c:\windows\$NtUninstallKB2641690$\crypt32.dll
+ 2011-09-16 06:46 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2616676$\spuninst\updspapi.dll
+ 2011-09-16 06:46 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2616676$\spuninst\spuninst.exe
+ 2011-09-16 06:46 . 2011-09-03 10:17 599040 c:\windows\$NtUninstallKB2616676$\crypt32.dll
+ 2011-09-07 14:54 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2607712$\spuninst\updspapi.dll
+ 2011-09-07 14:54 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2607712$\spuninst\spuninst.exe
+ 2011-09-07 14:54 . 2008-04-14 00:11 599040 c:\windows\$NtUninstallKB2607712$\crypt32.dll
+ 2011-10-15 21:17 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2592799$\spuninst\updspapi.dll
+ 2011-10-15 21:17 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2592799$\spuninst\spuninst.exe
+ 2011-10-15 21:17 . 2011-02-16 13:22 138496 c:\windows\$NtUninstallKB2592799$\afd.sys
+ 2011-09-16 06:41 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570947$\spuninst\updspapi.dll
+ 2011-09-16 06:41 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570947$\spuninst\spuninst.exe
+ 2011-08-28 00:16 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570791$\spuninst\updspapi.dll
+ 2011-08-28 00:16 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570791$\spuninst\spuninst.exe
+ 2011-08-28 00:13 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570222$\spuninst\updspapi.dll
+ 2011-08-28 00:13 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570222$\spuninst\spuninst.exe
+ 2011-08-28 00:13 . 2008-04-14 00:13 139656 c:\windows\$NtUninstallKB2570222$\rdpwd.sys
+ 2011-08-28 00:14 . 2011-04-26 11:07 293376 c:\windows\$NtUninstallKB2567680$\winsrv.dll
+ 2011-08-28 00:14 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2567680$\spuninst\updspapi.dll
+ 2011-08-28 00:14 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2567680$\spuninst\spuninst.exe
+ 2011-10-15 21:17 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2567053$\spuninst\updspapi.dll
+ 2011-10-15 21:17 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2567053$\spuninst\spuninst.exe
+ 2011-08-28 00:08 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2566454$\spuninst\updspapi.dll
+ 2011-08-28 00:08 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2566454$\spuninst\spuninst.exe
+ 2011-10-15 21:23 . 2008-07-30 00:59 161296 c:\windows\$NtUninstallKB2564958$\uiautomationcore.dll
+ 2011-10-15 21:23 . 2011-08-12 18:51 382840 c:\windows\$NtUninstallKB2564958$\spuninst\updspapi.dll
+ 2011-10-15 21:23 . 2011-08-12 18:51 231288 c:\windows\$NtUninstallKB2564958$\spuninst\spuninst.exe
+ 2011-10-15 21:23 . 2006-02-28 12:00 163328 c:\windows\$NtUninstallKB2564958$\oleacc.dll
+ 2011-08-28 00:07 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2562937$\spuninst\updspapi.dll
+ 2011-08-28 00:07 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2562937$\spuninst\spuninst.exe
+ 2011-11-15 23:20 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2544893-v2$\spuninst\updspapi.dll
+ 2011-11-15 23:20 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe
+ 2011-11-15 23:20 . 2011-05-02 15:31 692736 c:\windows\$NtUninstallKB2544893-v2$\inetcomm.dll
+ 2011-08-28 00:13 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2536276-v2$\spuninst\updspapi.dll
+ 2011-08-28 00:13 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe
+ 2011-08-28 00:13 . 2011-04-29 16:19 456320 c:\windows\$NtUninstallKB2536276-v2$\mrxsmb.sys
+ 2011-04-01 19:50 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-04-01 19:50 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-04-01 19:50 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2011-11-15 23:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2641690\update\updspapi.dll
+ 2011-11-15 23:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2641690\update\update.exe
+ 2011-11-15 23:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2641690\spuninst.exe
+ 2011-09-28 07:05 . 2011-09-28 07:05 599552 c:\windows\$hf_mig$\KB2641690\SP3QFE\crypt32.dll
+ 2011-09-16 06:46 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2616676\update\updspapi.dll
+ 2011-09-16 06:46 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2616676\update\update.exe
+ 2011-09-16 06:46 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2616676\spuninst.exe
+ 2011-09-09 09:11 . 2011-09-09 09:11 599552 c:\windows\$hf_mig$\KB2616676\SP3QFE\crypt32.dll
+ 2011-09-07 14:54 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2607712\update\updspapi.dll
+ 2011-09-07 14:54 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2607712\update\update.exe
+ 2011-09-07 14:54 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2607712\spuninst.exe
+ 2011-09-03 10:16 . 2011-09-03 10:16 599552 c:\windows\$hf_mig$\KB2607712\SP3QFE\crypt32.dll
+ 2011-10-15 21:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2592799\update\updspapi.dll
+ 2011-10-15 21:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2592799\update\update.exe
+ 2011-10-15 21:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2592799\spuninst.exe
+ 2011-10-13 16:11 . 2011-08-17 13:41 138496 c:\windows\$hf_mig$\KB2592799\SP3QFE\afd.sys
+ 2011-10-15 21:16 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2586448-IE8\update\updspapi.dll
+ 2011-10-15 21:16 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2586448-IE8\update\update.exe
+ 2011-10-15 21:16 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2586448-IE8\spuninst.exe
+ 2011-10-13 16:11 . 2011-08-22 23:47 919552 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 105984 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\url.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 206848 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\occache.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 611840 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mstime.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 602112 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\msfeeds.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 247808 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieproxy.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 184320 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iepeers.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 743424 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iedvtool.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 387584 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iedkcs32.dll
+ 2011-10-13 16:11 . 2011-08-22 11:52 174080 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ie4uinit.exe
+ 2011-09-16 06:41 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570947\update\updspapi.dll
+ 2011-09-16 06:41 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570947\update\update.exe
+ 2011-09-16 06:41 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570947\spuninst.exe
+ 2011-08-28 00:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570222\update\updspapi.dll
+ 2011-08-28 00:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570222\update\update.exe
+ 2011-08-28 00:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570222\spuninst.exe
+ 2011-08-28 00:04 . 2011-06-24 14:09 139656 c:\windows\$hf_mig$\KB2570222\SP3QFE\rdpwd.sys
+ 2011-08-28 00:14 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567680\update\updspapi.dll
+ 2011-08-28 00:14 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567680\update\update.exe
+ 2011-08-28 00:14 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567680\spuninst.exe
+ 2011-06-20 17:43 . 2011-06-20 17:43 293376 c:\windows\$hf_mig$\KB2567680\SP3QFE\winsrv.dll
+ 2011-10-15 21:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567053\update\updspapi.dll
+ 2011-10-15 21:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567053\update\update.exe
+ 2011-10-15 21:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567053\spuninst.exe
+ 2011-08-28 00:08 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2566454\update\updspapi.dll
+ 2011-08-28 00:08 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2566454\update\update.exe
+ 2011-08-28 00:08 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2566454\spuninst.exe
+ 2011-08-28 00:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2562937\update\updspapi.dll
+ 2011-08-28 00:07 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2562937\update\update.exe
+ 2011-08-28 00:07 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2562937\spuninst.exe
+ 2011-08-28 00:09 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2559049-IE8\update\updspapi.dll
+ 2011-08-28 00:09 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2559049-IE8\update\update.exe
+ 2011-08-28 00:09 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2559049-IE8\spuninst.exe
+ 2011-08-28 00:04 . 2011-06-23 18:33 919552 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 105984 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\url.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 206848 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\occache.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 611840 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mstime.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 602112 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeeds.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 247808 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieproxy.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 184320 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iepeers.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 743424 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedvtool.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 387584 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedkcs32.dll
+ 2011-08-28 00:04 . 2011-06-23 12:19 173568 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ie4uinit.exe
+ 2011-07-19 02:42 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll
+ 2011-07-19 02:42 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2555917\update\update.exe
+ 2011-07-19 02:42 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2555917\spuninst.exe
+ 2011-06-16 16:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893\update\updspapi.dll
+ 2011-06-16 16:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893\update\update.exe
+ 2011-06-16 16:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893\spuninst.exe
+ 2011-06-16 09:58 . 2011-05-02 15:30 692736 c:\windows\$hf_mig$\KB2544893\SP3QFE\inetcomm.dll
+ 2011-11-15 23:20 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893-v2\update\updspapi.dll
+ 2011-11-15 23:20 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893-v2\update\update.exe
+ 2011-11-15 23:20 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893-v2\spuninst.exe
+ 2011-10-10 14:21 . 2011-10-10 14:21 692736 c:\windows\$hf_mig$\KB2544893-v2\SP3QFE\inetcomm.dll
+ 2011-06-16 16:45 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544521-IE8\update\updspapi.dll
+ 2011-06-16 16:45 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544521-IE8\update\update.exe
+ 2011-06-16 16:45 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544521-IE8\spuninst.exe
+ 2011-06-16 09:58 . 2011-04-30 02:59 758784 c:\windows\$hf_mig$\KB2544521-IE8\SP3QFE\vgx.dll
+ 2011-07-07 04:26 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2541763\update\updspapi.dll
+ 2011-07-07 04:26 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2541763\update\update.exe
+ 2011-07-07 04:26 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2541763\spuninst.exe
+ 2011-04-29 17:23 . 2011-04-29 17:23 151552 c:\windows\$hf_mig$\KB2541763\SP3QFE\schannel.dll
+ 2011-06-16 16:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276\update\updspapi.dll
+ 2011-06-16 16:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276\update\update.exe
+ 2011-06-16 16:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276\spuninst.exe
+ 2011-06-16 09:59 . 2011-04-29 16:47 457856 c:\windows\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys
+ 2011-08-28 00:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276-v2\update\updspapi.dll
+ 2011-08-28 00:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276-v2\update\update.exe
+ 2011-08-28 00:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276-v2\spuninst.exe
+ 2011-08-28 00:05 . 2011-07-15 13:29 457856 c:\windows\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys
+ 2011-06-16 16:51 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2535512\update\updspapi.dll
+ 2011-06-16 16:51 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2535512\update\update.exe
+ 2011-06-16 16:51 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2535512\spuninst.exe
+ 2011-06-16 09:59 . 2011-04-21 13:52 105472 c:\windows\$hf_mig$\KB2535512\SP3QFE\mup.sys
+ 2011-06-16 16:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2530548-IE8\update\updspapi.dll
+ 2011-06-16 16:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2530548-IE8\update\update.exe
+ 2011-06-16 16:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2530548-IE8\spuninst.exe
+ 2011-06-16 09:59 . 2011-04-25 16:09 919552 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 206848 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\occache.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 611840 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mstime.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 602112 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeeds.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 247808 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieproxy.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 184320 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iepeers.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 743424 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedvtool.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 387584 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedkcs32.dll
+ 2011-06-16 09:59 . 2011-04-25 11:37 173568 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ie4uinit.exe
+ 2011-03-30 19:27 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2524375\update\updspapi.dll
+ 2011-03-30 19:27 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2524375\update\update.exe
+ 2011-03-30 19:27 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2524375\spuninst.exe
+ 2011-04-28 00:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2511455\update\updspapi.dll
+ 2011-04-28 00:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2511455\update\update.exe
+ 2011-04-28 00:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2511455\spuninst.exe
+ 2011-04-20 18:57 . 2011-02-17 13:19 457472 c:\windows\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys
+ 2011-04-28 00:46 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2510531-IE8\update\updspapi.dll
+ 2011-04-28 00:46 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2510531-IE8\update\update.exe
+ 2011-04-28 00:46 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2510531-IE8\spuninst.exe
+ 2011-04-20 18:57 . 2011-03-04 06:35 420864 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\vbscript.dll
+ 2011-04-20 18:57 . 2011-03-04 06:35 726528 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\jscript.dll
+ 2011-04-28 00:47 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2509553\update\updspapi.dll
+ 2011-04-28 00:47 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2509553\update\update.exe
+ 2011-04-28 00:47 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2509553\spuninst.exe
+ 2008-06-20 11:16 . 2008-06-20 11:16 225856 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys
+ 2008-06-20 11:59 . 2008-06-20 11:59 361600 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
+ 2008-06-20 17:43 . 2008-06-20 17:43 245248 c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
+ 2011-03-03 06:53 . 2011-03-03 06:53 149504 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsapi.dll
+ 2008-10-16 15:07 . 2008-10-16 15:07 138496 c:\windows\$hf_mig$\KB2509553\SP3QFE\afd.sys
+ 2011-04-28 00:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508429\update\updspapi.dll
+ 2011-04-28 00:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508429\update\update.exe
+ 2011-04-28 00:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508429\spuninst.exe
+ 2011-02-17 13:19 . 2011-02-17 13:19 357888 c:\windows\$hf_mig$\KB2508429\SP3QFE\srv.sys
+ 2011-04-28 00:50 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508272\update\updspapi.dll
+ 2011-04-28 00:50 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508272\update\update.exe
+ 2011-04-28 00:50 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508272\spuninst.exe
+ 2011-07-19 02:47 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll
+ 2011-07-19 02:47 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507938\update\update.exe
+ 2011-07-19 02:47 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507938\spuninst.exe
+ 2011-04-26 11:02 . 2011-04-26 11:02 293376 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
+ 2011-04-28 00:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507618\update\updspapi.dll
+ 2011-04-28 00:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507618\update\update.exe
+ 2011-04-28 00:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507618\spuninst.exe
+ 2011-02-15 13:05 . 2011-02-15 13:05 290432 c:\windows\$hf_mig$\KB2507618\SP3QFE\atmfd.dll
+ 2011-04-28 00:54 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506223\update\updspapi.dll
+ 2011-04-28 00:54 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506223\update\update.exe
+ 2011-04-28 00:54 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506223\spuninst.exe
+ 2011-04-28 00:47 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506212\update\updspapi.dll
+ 2011-04-28 00:47 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506212\update\update.exe
+ 2011-04-28 00:47 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506212\spuninst.exe
+ 2011-02-08 13:32 . 2011-02-08 13:32 974848 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42u.dll
+ 2011-02-08 13:32 . 2011-02-08 13:32 978944 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42.dll
+ 2011-06-16 16:53 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503665\update\updspapi.dll
+ 2011-06-16 16:53 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503665\update\update.exe
+ 2011-06-16 16:53 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503665\spuninst.exe
+ 2011-06-16 10:00 . 2011-02-16 13:25 138496 c:\windows\$hf_mig$\KB2503665\SP3QFE\afd.sys
+ 2011-04-28 00:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503658\update\updspapi.dll
+ 2011-04-28 00:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503658\update\update.exe
+ 2011-04-28 00:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503658\spuninst.exe
+ 2011-03-07 05:31 . 2011-03-07 05:31 692736 c:\windows\$hf_mig$\KB2503658\SP3QFE\inetcomm.dll
+ 2011-04-28 00:54 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2497640-IE8\update\updspapi.dll
+ 2011-04-28 00:54 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2497640-IE8\update\update.exe
+ 2011-04-28 00:54 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2497640-IE8\spuninst.exe
+ 2011-04-20 18:58 . 2011-02-22 23:27 919552 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 206848 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\occache.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 611840 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mstime.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 602112 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeeds.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 247808 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieproxy.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 184320 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iepeers.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 743424 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedvtool.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 387584 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedkcs32.dll
+ 2011-04-20 18:58 . 2011-02-22 12:08 173568 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ie4uinit.exe
+ 2011-04-28 00:55 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485663\update\updspapi.dll
+ 2011-04-28 00:55 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485663\update\update.exe
+ 2011-04-28 00:55 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485663\spuninst.exe
+ 2011-02-09 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485376\update\updspapi.dll
+ 2011-02-09 08:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485376\update\update.exe
+ 2011-02-09 08:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485376\spuninst.exe
+ 2011-01-07 14:09 . 2011-01-07 14:09 290048 c:\windows\$hf_mig$\KB2485376\SP3QFE\atmfd.dll
+ 2011-02-09 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2483185\update\updspapi.dll
+ 2011-02-09 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2483185\update\update.exe
+ 2011-02-09 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2483185\spuninst.exe
+ 2011-01-21 14:42 . 2011-01-21 14:42 439808 c:\windows\$hf_mig$\KB2483185\SP3QFE\shimgvw.dll
+ 2011-02-09 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2482017-IE8\update\updspapi.dll
+ 2011-02-09 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2482017-IE8\update\update.exe
+ 2011-02-09 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2482017-IE8\spuninst.exe
+ 2011-02-09 01:57 . 2010-12-20 23:58 919552 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 206848 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\occache.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 611840 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mstime.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 602112 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeeds.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 247808 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieproxy.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 184320 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iepeers.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 743424 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iedvtool.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 387584 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iedkcs32.dll
+ 2011-02-09 01:57 . 2010-12-20 12:48 173568 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ie4uinit.exe
+ 2011-03-11 04:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-03-11 04:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-03-11 04:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-03-11 04:51 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-11 04:51 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-11 04:51 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-02-09 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479628\update\updspapi.dll
+ 2011-02-09 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479628\update\update.exe
+ 2011-02-09 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479628\spuninst.exe
+ 2011-02-09 08:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478971\update\updspapi.dll
+ 2011-02-09 08:07 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478971\update\update.exe
+ 2011-02-09 08:07 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478971\spuninst.exe
+ 2010-12-22 12:32 . 2010-12-22 12:32 301568 c:\windows\$hf_mig$\KB2478971\SP3QFE\kerberos.dll
+ 2011-02-09 08:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478960\update\updspapi.dll
+ 2011-02-09 08:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478960\update\update.exe
+ 2011-02-09 08:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478960\spuninst.exe
+ 2010-12-20 17:24 . 2010-12-20 17:24 730112 c:\windows\$hf_mig$\KB2478960\SP3QFE\lsasrv.dll
+ 2011-02-09 08:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476687\update\updspapi.dll
+ 2011-02-09 08:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476687\update\update.exe
+ 2011-02-09 08:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476687\spuninst.exe
+ 2011-06-16 16:54 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
+ 2011-06-16 16:54 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
+ 2011-06-16 16:54 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
+ 2010-12-20 17:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
+ 2010-12-15 08:04 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2467659\update\updspapi.dll
+ 2010-12-15 08:04 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2467659\update\update.exe
+ 2010-12-15 08:04 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2467659\spuninst.exe
+ 2010-12-15 08:05 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2443105\update\updspapi.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2443105\update\update.exe
+ 2010-12-15 08:05 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2443105\spuninst.exe
+ 2010-12-15 08:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2440591\update\updspapi.dll
+ 2010-12-15 08:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2440591\update\update.exe
+ 2010-12-15 08:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2440591\spuninst.exe
+ 2010-12-15 08:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2436673\update\updspapi.dll
+ 2010-12-15 08:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2436673\update\update.exe
+ 2010-12-15 08:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2436673\spuninst.exe
+ 2010-12-15 08:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2423089\update\updspapi.dll
+ 2010-12-15 08:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2423089\update\update.exe
+ 2010-12-15 08:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2423089\spuninst.exe
+ 2011-01-12 08:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2419632\update\updspapi.dll
+ 2011-01-12 08:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2419632\update\update.exe
+ 2011-01-12 08:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2419632\spuninst.exe
+ 2010-11-09 14:50 . 2010-11-09 14:50 253952 c:\windows\$hf_mig$\KB2419632\SP3QFE\odbc32.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 102400 c:\windows\$hf_mig$\KB2419632\SP3QFE\msjro.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 200704 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadox.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 180224 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadomd.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 565248 c:\windows\$hf_mig$\KB2419632\SP3QFE\msado15.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 143360 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadco.dll
+ 2010-12-15 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2416400-IE8\update\updspapi.dll
+ 2010-12-15 08:05 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2416400-IE8\update\update.exe
+ 2010-12-15 08:05 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2416400-IE8\spuninst.exe
+ 2010-12-15 07:31 . 2010-11-06 00:27 919552 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 206848 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\occache.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 611840 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mstime.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 602112 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\msfeeds.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 247808 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ieproxy.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 184320 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iepeers.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 743424 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iedvtool.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 387584 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iedkcs32.dll
+ 2010-12-15 07:31 . 2010-11-03 12:01 173568 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ie4uinit.exe
+ 2011-02-09 08:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2393802\update\updspapi.dll
+ 2011-02-09 08:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2393802\update\update.exe
+ 2011-02-09 08:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2393802\spuninst.exe
+ 2011-02-09 01:57 . 2010-12-09 15:15 718336 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2296199\update\updspapi.dll
+ 2010-12-15 08:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2296199\update\update.exe
+ 2010-12-15 08:05 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2296199\spuninst.exe
+ 2010-10-28 13:08 . 2010-10-28 13:08 290048 c:\windows\$hf_mig$\KB2296199\SP3QFE\atmfd.dll
+ 2011-04-20 18:58 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.2 2509_x-ww_c7dad023\GdiPlus.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
+ 2011-04-19 03:51 . 2011-04-19 03:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 1159488 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_b256a1bb\mfc90u.dll
+ 2009-07-12 03:51 . 2009-07-12 03:51 1153352 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_b256a1bb\mfc90.dll
+ 2011-05-14 01:04 . 2011-05-14 01:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
+ 2011-05-14 01:04 . 2011-05-14 01:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
+ 2011-04-14 05:12 . 2011-04-14 05:12 1233920 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
+ 2009-08-20 02:51 . 2009-08-20 02:51 1478656 c:\windows\twain_32\BrSc09c\Common\BrTwdScn.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 1212416 c:\windows\system32\urlmon.dll
+ 2011-02-23 00:17 . 2010-01-08 04:43 1884160 c:\windows\system32\spool\drivers\w32x86\brothermfc_j615w89be\briu10b.dll
+ 2011-02-23 00:17 . 2010-01-08 04:43 1710080 c:\windows\system32\spool\drivers\w32x86\brothermfc_j615w89be\brio10b.dll
+ 2011-02-23 00:17 . 2010-01-08 04:43 1884160 c:\windows\system32\spool\drivers\w32x86\3\briu10b.dll
+ 2011-02-23 00:17 . 2010-01-08 04:43 1710080 c:\windows\system32\spool\drivers\w32x86\3\brio10b.dll
- 2006-02-28 12:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
+ 2006-02-28 12:00 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
+ 2011-12-22 21:25 . 2005-09-21 19:23 9710592 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RTLCPL.EXE
+ 2011-12-22 21:25 . 2005-09-23 22:56 3966976 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RtkHDAud.sys
+ 2011-12-22 21:25 . 2005-09-07 14:40 2142208 c:\windows\system32\ReinstallBackups\0006\DriverFiles\MicCal.exe
+ 2011-12-22 21:26 . 2005-09-21 19:32 2807808 c:\windows\system32\ReinstallBackups\0006\DriverFiles\ALCWZRD.EXE
+ 2008-07-24 02:28 . 2011-02-02 07:58 2067456 c:\windows\system32\mstscax.dll
+ 2006-02-28 12:00 . 2011-11-04 19:20 5978112 c:\windows\system32\mshtml.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 4422992 c:\windows\system32\mfc100u.dll
+ 2011-06-11 06:58 . 2011-06-11 06:58 4397384 c:\windows\system32\mfc100.dll
+ 2010-01-27 01:07 . 2011-11-15 01:21 8527008 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 2319776 c:\windows\system32\ltwvcu.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 1549728 c:\windows\system32\ltwvca.dll
+ 2011-01-03 17:50 . 2010-10-11 21:39 2315680 c:\windows\system32\ltwvc2u.dll
+ 2010-07-10 00:22 . 2009-03-11 17:28 1009664 c:\windows\system32\Ltwvc13n.dll
- 2010-07-10 00:22 . 2009-03-11 16:28 1009664 c:\windows\system32\Ltwvc13n.dll
+ 2007-08-13 22:34 . 2011-11-04 19:20 2000384 c:\windows\system32\iertutil.dll
+ 2011-04-14 05:16 . 2007-06-06 13:57 2363392 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\x erces-c_2_7.dll
+ 2011-02-23 00:17 . 2010-01-08 04:43 1062712 c:\windows\system32\DRVSTORE\brpri10b_6EDA772B2903AB2A7EC33EFF6A4672C19A725 5E8\brio10b.dll
+ 2011-02-23 00:17 . 2009-08-18 10:40 1602741 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\x86\BrWia09c.dll
+ 2011-02-23 00:17 . 2010-01-12 02:01 1604430 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\x86\BrWi209c.dll
+ 2011-02-23 00:17 . 2009-08-20 02:51 1288808 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E 1CA\BrTwdScn.dll
+ 2005-09-23 22:56 . 2006-11-16 04:34 4225920 c:\windows\system32\drivers\RtkHDAud.Sys
+ 2008-11-08 15:36 . 2011-11-23 13:25 1859584 c:\windows\system32\dllcache\win32k.sys
+ 2006-02-28 12:00 . 2011-11-04 19:20 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2010-07-16 12:05 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
+ 2008-11-08 15:36 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2004-08-03 22:59 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-11-08 15:36 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2006-02-28 12:00 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2006-02-28 12:00 . 2011-11-04 19:20 5978112 c:\windows\system32\dllcache\mshtml.dll
+ 2008-07-24 02:28 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2008-07-24 04:59 . 2011-11-04 19:20 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2009-08-18 10:40 . 2009-08-18 10:40 1535488 c:\windows\system32\BrWia09c.dll
+ 2005-09-21 20:29 . 2006-11-14 03:07 1183744 c:\windows\RtlUpd.exe
+ 2005-09-21 19:23 . 2006-05-05 06:35 9709568 c:\windows\RTLCPL.exe
+ 2011-03-25 11:15 . 2011-03-25 11:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2010-03-23 09:32 . 2010-03-23 09:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-04-29 02:50 . 2011-04-29 02:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-07-07 10:18 . 2011-07-07 10:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2010-05-11 10:40 . 2010-05-11 10:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-07-07 10:18 . 2011-07-07 10:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2005-09-07 14:40 . 2006-10-12 07:42 2157568 c:\windows\MicCal.exe
+ 2011-01-19 04:36 . 2011-01-19 04:36 2687488 c:\windows\Installer\f767c67.msp
+ 2011-09-07 23:36 . 2011-09-07 23:36 6069248 c:\windows\Installer\df9c9.msp
+ 2011-11-03 19:31 . 2011-11-03 19:31 5525504 c:\windows\Installer\babef.msp
+ 2010-10-22 20:45 . 2010-10-22 20:45 8444928 c:\windows\Installer\b89d6ef.msp
+ 2010-12-06 20:02 . 2010-12-06 20:02 5518848 c:\windows\Installer\b89d6bc.msp
+ 2010-10-02 02:53 . 2010-10-02 02:53 4147712 c:\windows\Installer\b89d6a5.msp
+ 2011-02-22 15:32 . 2011-02-22 15:32 5520384 c:\windows\Installer\b4687ec.msp
+ 2011-05-02 05:06 . 2011-05-02 05:06 2705920 c:\windows\Installer\a09c2.msp
+ 2011-07-26 18:50 . 2011-07-26 18:50 5522432 c:\windows\Installer\a09b9.msp
+ 2011-09-06 22:57 . 2011-09-06 22:57 1025024 c:\windows\Installer\6ae1a82.msi
+ 2011-04-29 17:28 . 2011-04-29 17:28 1995264 c:\windows\Installer\65584aba.msp
+ 2011-04-28 00:51 . 2011-04-28 00:51 6825472 c:\windows\Installer\65584aa8.msp
+ 2011-05-20 22:31 . 2011-05-20 22:31 5518848 c:\windows\Installer\65584a91.msp
+ 2011-05-17 23:28 . 2011-05-17 23:28 6862848 c:\windows\Installer\65584a7a.msp
+ 2011-04-29 17:33 . 2011-04-29 17:33 8173568 c:\windows\Installer\65584a63.msp
+ 2011-04-29 18:04 . 2011-04-29 18:04 5053440 c:\windows\Installer\65584a59.msp
+ 2011-04-29 17:30 . 2011-04-29 17:30 1197056 c:\windows\Installer\65584a30.msp
+ 2011-08-10 22:43 . 2011-08-10 22:43 3795968 c:\windows\Installer\64e524b.msp
+ 2011-07-26 13:17 . 2011-07-26 13:17 6824960 c:\windows\Installer\64e522a.msp
+ 2011-08-16 17:35 . 2011-08-16 17:35 5519872 c:\windows\Installer\64e5213.msp
+ 2011-07-21 17:34 . 2011-07-21 17:34 3456000 c:\windows\Installer\64e51fd.msp
+ 2011-09-07 02:48 . 2011-09-07 02:48 8181248 c:\windows\Installer\64e51f0.msp
+ 2011-07-27 12:39 . 2011-07-27 12:39 9892352 c:\windows\Installer\64e51e6.msp
+ 2011-01-27 18:49 . 2011-01-27 18:49 6825472 c:\windows\Installer\62497826.msp
+ 2011-04-05 16:52 . 2011-04-05 16:52 5519872 c:\windows\Installer\624977f8.msp
+ 2010-11-21 03:34 . 2010-11-21 03:34 1198080 c:\windows\Installer\624977d4.msp
+ 2011-03-18 00:01 . 2011-03-18 00:01 9563648 c:\windows\Installer\624977ca.msp
+ 2011-03-03 15:25 . 2011-03-03 15:25 5051904 c:\windows\Installer\624977c0.msp
+ 2011-01-11 21:50 . 2011-01-11 21:50 8177152 c:\windows\Installer\624977a9.msp
+ 2011-05-23 19:15 . 2011-05-23 19:15 3617792 c:\windows\Installer\34a4ce08.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 2531840 c:\windows\Installer\2fabd.msp
+ 2011-12-13 07:10 . 2011-12-13 07:10 4703232 c:\windows\Installer\2fab4.msp
+ 2011-11-01 19:34 . 2011-11-01 19:34 1552384 c:\windows\Installer\2e0c17f.msp
+ 2011-10-30 05:10 . 2011-10-30 05:10 6824960 c:\windows\Installer\2e0c175.msp
+ 2011-10-31 18:37 . 2011-10-31 18:37 4146688 c:\windows\Installer\2e0c15e.msp
+ 2011-11-17 16:55 . 2011-11-17 16:55 5522944 c:\windows\Installer\2e0c146.msp
+ 2011-10-16 02:42 . 2011-10-16 02:42 1527808 c:\windows\Installer\24858999.msi
+ 2011-09-20 20:36 . 2011-09-20 20:36 5521408 c:\windows\Installer\235a8d9c.msp
+ 2011-06-29 02:27 . 2011-06-29 02:27 4028928 c:\windows\Installer\212ded.msp
+ 2011-04-14 05:16 . 2011-04-14 05:16 1515008 c:\windows\Installer\1b212fd2.msi
+ 2011-04-14 05:14 . 2011-04-14 05:14 2035200 c:\windows\Installer\1b212fca.msi
+ 2011-04-14 05:13 . 2011-04-14 05:13 1100288 c:\windows\Installer\1b212f57.msi
+ 2011-04-14 04:55 . 2011-04-14 04:55 6465536 c:\windows\Installer\1b11643c.msi
+ 2011-10-04 20:41 . 2011-10-04 20:41 1317376 c:\windows\Installer\1b0af846.msi
+ 2011-01-17 21:06 . 2011-01-17 21:06 5518848 c:\windows\Installer\171b66fa.msp
+ 2011-11-17 16:55 . 2011-11-17 16:55 5522944 c:\windows\Installer\1657c719.msp
+ 2011-11-11 22:16 . 2011-11-11 22:16 8458240 c:\windows\Installer\1657c717.msp
+ 2011-11-19 04:14 . 2011-11-19 04:14 1435136 c:\windows\Installer\107c1596.msi
+ 2007-04-19 18:09 . 2007-04-19 18:09 1061720 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\ 11.0.8173\OMFC.DLL
+ 2010-09-22 22:05 . 2010-09-22 22:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\rt3d.dll
+ 2010-06-19 21:51 . 2010-06-19 21:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\AGM.dll
+ 2011-01-14 12:10 . 2011-01-14 12:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\ 14.0.5130\GKWORD.DLL
+ 2011-01-14 12:10 . 2011-01-14 12:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\ 14.0.5130\GKPOWERPOINT.DLL
+ 2011-01-14 12:10 . 2011-01-14 12:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\ 14.0.5130\GKEXCEL.DLL
+ 2011-07-27 09:44 . 2011-07-27 09:44 1791824 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\ 12.0.6612\PPCNV.DLL
+ 2011-12-21 04:10 . 2011-08-22 23:48 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2011-12-21 04:10 . 2011-10-03 08:35 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2011-12-21 04:10 . 2011-08-22 23:48 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 1212416 c:\windows\ie8updates\KB2586448-IE8\urlmon.dll
+ 2011-10-15 21:16 . 2011-07-25 15:17 5969920 c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 1991680 c:\windows\ie8updates\KB2586448-IE8\iertutil.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-08-28 00:09 . 2011-05-30 22:19 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
+ 2011-08-28 00:09 . 2011-04-25 16:11 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 1210880 c:\windows\ie8updates\KB2530548-IE8\urlmon.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 5962240 c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 1991680 c:\windows\ie8updates\KB2530548-IE8\iertutil.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 1210880 c:\windows\ie8updates\KB2497640-IE8\urlmon.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 5961216 c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
+ 2011-04-28 00:54 . 2010-12-20 23:59 1991680 c:\windows\ie8updates\KB2497640-IE8\iertutil.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 1210880 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 5959168 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 1991680 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 1210880 c:\windows\ie8updates\KB2416400-IE8\urlmon.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 5957120 c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 1986560 c:\windows\ie8updates\KB2416400-IE8\iertutil.dll
+ 2008-11-08 15:36 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-11-08 15:36 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-11-08 15:36 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-11-08 15:36 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-08-28 00:17 . 2011-08-28 00:17 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d0 41ef1b4c9a5f080b\WindowsBase.ni.dll
+ 2011-10-15 21:24 . 2011-10-15 21:24 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e 896a1402749ca495\WindowsBase.ni.dll
+ 2011-08-28 00:16 . 2011-08-28 00:16 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7 e5e439b5c54\System.ni.dll
+ 2011-10-15 21:24 . 2011-10-15 21:24 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9ba e319f2bfb13\System.ni.dll
+ 2011-10-15 21:26 . 2011-10-15 21:26 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6 037eda7a59a0aeb\System.Xml.ni.dll
+ 2011-08-28 00:18 . 2011-08-28 00:18 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226 af2fd4211460a4b\System.Xml.ni.dll
+ 2011-08-28 00:34 . 2011-08-28 00:34 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c99 5b1bb6b63079091259222357\System.Web.Services.ni.dll
+ 2011-10-15 22:21 . 2011-10-15 22:21 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256 d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll
+ 2011-10-15 22:21 . 2011-10-15 22:21 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a 1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll
+ 2011-08-28 00:34 . 2011-08-28 00:34 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b 8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll
+ 2011-10-15 22:21 . 2011-10-15 22:21 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ccaf6bd d256a9b5079fedadcc8993327\System.Web.Extensions.ni.dll
+ 2011-08-28 00:33 . 2011-08-28 00:33 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6a a3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll
+ 2011-08-28 00:20 . 2011-08-28 00:20 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01b d9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134 c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
+ 2011-10-15 22:07 . 2011-10-15 22:07 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065e de44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll
+ 2011-08-28 00:20 . 2011-08-28 00:20 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc 92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll
+ 2011-10-15 21:26 . 2011-10-15 21:26 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7e f654651141bf9419090\System.Drawing.ni.dll
+ 2011-08-28 00:18 . 2011-08-28 00:18 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a2 92eaee51e2e3bcaf784\System.Drawing.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a 803768151c6262853d3454ba7\System.DirectoryServices.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf4 80769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8a f2738e85cda5525fdd944f\System.Deployment.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40f c38e6ac8fba09e872d2878\System.Deployment.ni.dll
+ 2011-10-15 21:25 . 2011-10-15 21:25 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0 a45f67de685db90c\System.Data.ni.dll
+ 2011-08-28 00:18 . 2011-08-28 00:18 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592 a680ef4135e9fe9a\System.Data.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f 543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b1630577 3369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
+ 2011-08-28 00:22 . 2011-08-28 00:22 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e 34d8f2a8e7fdb450\System.Core.ni.dll
+ 2011-10-15 22:09 . 2011-10-15 22:09 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e4537 93ee5e01c07a5485\System.Core.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db 2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b7 19aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd6 02ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4 ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d 694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5e b58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc 8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll
+ 2011-08-28 00:21 . 2011-08-28 00:21 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e 1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XM L.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XM L.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089 \System.Windows.Forms.dll
- 2010-10-04 16:40 . 2010-10-04 16:40 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089 \System.Windows.Forms.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System .Design.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System .Design.dll
- 2010-10-04 16:40 . 2010-10-04 16:40 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web. dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web. dll
- 2010-10-04 16:41 . 2010-10-04 16:41 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Dat a.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Dat a.dll
- 2010-10-04 16:41 . 2010-10-04 16:41 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-10-15 21:22 . 2011-10-15 21:22 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2005-09-21 19:32 . 2006-05-05 06:26 2808832 c:\windows\alcwzrd.exe
+ 2011-10-15 21:17 . 2011-06-02 14:02 1858944 c:\windows\$NtUninstallKB2567053$\win32k.sys
+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 1214464 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\urlmon.dll
+ 2011-10-13 16:11 . 2011-10-03 08:34 5972992 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 2001408 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iertutil.dll
+ 2011-09-06 13:25 . 2011-09-06 13:25 1867904 c:\windows\$hf_mig$\KB2567053\SP3QFE\win32k.sys
+ 2011-08-28 00:04 . 2011-06-23 18:33 1214464 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\urlmon.dll
+ 2011-08-28 00:04 . 2011-07-25 15:15 5971456 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
+ 2011-08-28 00:04 . 2011-06-23 18:33 1992192 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iertutil.dll
+ 2011-06-02 14:07 . 2011-06-02 14:07 1867904 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys
+ 2011-06-16 09:59 . 2011-04-25 16:09 1213952 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\urlmon.dll
+ 2011-06-16 09:59 . 2011-05-30 22:17 5967360 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 1992192 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iertutil.dll
+ 2011-03-03 13:27 . 2011-03-03 13:27 1866880 c:\windows\$hf_mig$\KB2506223\SP3QFE\win32k.sys
+ 2011-04-20 18:58 . 2011-02-22 23:27 1212928 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\urlmon.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 5964800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
+ 2011-04-20 18:58 . 2011-02-22 23:27 1992192 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iertutil.dll
+ 2011-01-21 14:42 . 2011-01-21 14:42 8463360 c:\windows\$hf_mig$\KB2483185\SP3QFE\shell32.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 1211904 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\urlmon.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 5962240 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 1992192 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iertutil.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2010-12-31 13:14 . 2010-12-31 13:14 1864064 c:\windows\$hf_mig$\KB2479628\SP3QFE\win32k.sys
+ 2010-10-26 13:27 . 2010-10-26 13:27 1862272 c:\windows\$hf_mig$\KB2436673\SP3QFE\win32k.sys
+ 2010-12-15 07:31 . 2010-11-06 00:27 1211904 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\urlmon.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 5960704 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
+ 2010-12-15 07:31 . 2010-11-06 00:27 1992192 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iertutil.dll
+ 2011-02-09 01:57 . 2010-12-09 13:43 2192768 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
+ 2011-02-09 01:57 . 2010-12-09 13:09 2027008 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe
+ 2010-12-09 23:39 . 2010-12-09 23:39 2069376 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
+ 2011-02-09 01:57 . 2010-12-09 13:47 2148864 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe
+ 2011-12-22 21:25 . 2005-09-22 17:36 14854144 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RTHDCPL.EXE
+ 2008-07-24 05:00 . 2011-12-21 04:05 52988224 c:\windows\system32\MRT.exe
+ 2007-08-13 22:54 . 2011-11-04 19:20 11081728 c:\windows\system32\ieframe.dll
+ 2008-07-24 04:59 . 2011-11-04 19:20 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2005-09-22 17:36 . 2006-11-15 07:21 16270848 c:\windows\RTHDCPL.exe
+ 2011-03-28 08:27 . 2011-03-28 08:27 15456256 c:\windows\Installer\f767c75.msp
+ 2011-07-26 21:33 . 2011-07-26 21:33 10984448 c:\windows\Installer\64e5241.msp
+ 2011-06-08 04:39 . 2011-06-08 04:39 19798016 c:\windows\Installer\63ab6.msp
+ 2011-02-24 13:38 . 2011-02-24 13:38 10984448 c:\windows\Installer\6249780f.msp
+ 2011-02-12 00:47 . 2011-02-12 00:47 12028928 c:\windows\Installer\624977e1.msp
+ 2011-07-12 01:43 . 2011-07-12 01:43 11641344 c:\windows\Installer\235a8da8.msp
+ 2011-09-15 23:37 . 2011-09-15 23:37 38176256 c:\windows\Installer\2183a2.msp
+ 2011-04-14 05:12 . 2011-04-14 05:12 26428928 c:\windows\Installer\1b212f4f.msi
+ 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\1144de.msp
+ 2010-09-23 07:03 . 2010-09-23 07:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\ 9.4.0\AcroRd32.dll
+ 2011-08-30 13:40 . 2011-08-30 13:40 15145832 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\ 12.0.6612\XL12CNV.EXE
+ 2011-12-21 04:10 . 2011-08-23 22:48 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2011-10-15 21:16 . 2011-06-23 18:36 11081728 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll
+ 2011-08-28 00:09 . 2011-04-26 15:11 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-06-16 16:48 . 2011-02-22 23:06 11080704 c:\windows\ie8updates\KB2530548-IE8\ieframe.dll
+ 2011-04-28 00:54 . 2010-12-21 10:29 11080704 c:\windows\ie8updates\KB2497640-IE8\ieframe.dll
+ 2011-02-09 08:01 . 2010-11-06 00:26 11080704 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll
+ 2010-12-15 08:05 . 2010-09-10 05:58 11080192 c:\windows\ie8updates\KB2416400-IE8\ieframe.dll
+ 2011-09-29 15:03 . 2011-09-29 15:03 11608064 c:\windows\ERDNT\AutoBackup\9-29-2011\Users\00000001\ntuser.dat
+ 2011-12-10 04:09 . 2011-12-10 04:09 11763712 c:\windows\ERDNT\AutoBackup\12-9-2011\Users\00000001\ntuser.dat
+ 2011-12-05 23:36 . 2011-12-05 23:36 11743232 c:\windows\ERDNT\AutoBackup\12-5-2011\Users\00000001\ntuser.dat
+ 2011-12-30 17:15 . 2011-12-30 17:15 11788288 c:\windows\ERDNT\AutoBackup\12-30-2011\Users\00000001\ntuser.dat
+ 2011-12-25 03:21 . 2011-12-25 03:21 11788288 c:\windows\ERDNT\AutoBackup\12-24-2011\Users\00000001\ntuser.dat
+ 2011-12-23 08:24 . 2011-12-23 08:24 11788288 c:\windows\ERDNT\AutoBackup\12-23-2011\Users\00000001\ntuser.dat
+ 2011-12-22 18:01 . 2011-12-22 18:01 11788288 c:\windows\ERDNT\AutoBackup\12-22-2011\Users\00000001\ntuser.dat
+ 2011-12-21 08:28 . 2011-12-21 08:28 11788288 c:\windows\ERDNT\AutoBackup\12-21-2011\Users\00000001\ntuser.dat
+ 2011-12-20 14:40 . 2011-12-20 14:40 11788288 c:\windows\ERDNT\AutoBackup\12-20-2011\Users\00000001\ntuser.dat
+ 2011-12-14 17:39 . 2011-12-14 17:39 11771904 c:\windows\ERDNT\AutoBackup\12-14-2011\Users\00000001\ntuser.dat
+ 2011-12-10 15:49 . 2011-12-10 15:49 11763712 c:\windows\ERDNT\AutoBackup\12-10-2011\Users\00000001\ntuser.dat
+ 2011-12-01 19:25 . 2011-12-01 19:25 11743232 c:\windows\ERDNT\AutoBackup\12-1-2011\Users\00000001\ntuser.dat
+ 2011-11-07 16:51 . 2011-11-07 16:51 11694080 c:\windows\ERDNT\AutoBackup\11-7-2011\Users\00000001\ntuser.dat
+ 2011-11-06 00:05 . 2011-11-06 00:05 11694080 c:\windows\ERDNT\AutoBackup\11-5-2011\Users\00000001\ntuser.dat
+ 2011-11-30 17:34 . 2011-11-30 17:34 11735040 c:\windows\ERDNT\AutoBackup\11-30-2011\Users\00000001\ntuser.dat
+ 2011-11-27 03:39 . 2011-11-27 03:39 11735040 c:\windows\ERDNT\AutoBackup\11-26-2011\Users\00000001\ntuser.dat
+ 2011-11-25 19:10 . 2011-11-25 19:10 11743232 c:\windows\ERDNT\AutoBackup\11-25-2011\Users\00000001\ntuser.dat
+ 2011-11-25 02:33 . 2011-11-25 02:33 11739136 c:\windows\ERDNT\AutoBackup\11-24-2011\Users\00000001\ntuser.dat
+ 2011-11-21 19:21 . 2011-11-21 19:21 11735040 c:\windows\ERDNT\AutoBackup\11-21-2011\Users\00000001\ntuser.dat
+ 2011-11-19 20:22 . 2011-11-19 20:22 11730944 c:\windows\ERDNT\AutoBackup\11-19-2011\Users\00000001\ntuser.dat
+ 2011-11-15 07:06 . 2011-11-15 07:06 11714560 c:\windows\ERDNT\AutoBackup\11-15-2011\Users\00000001\ntuser.dat
+ 2011-11-15 01:20 . 2011-11-15 01:20 11714560 c:\windows\ERDNT\AutoBackup\11-14-2011\Users\00000001\ntuser.dat
+ 2011-10-09 00:29 . 2011-10-09 00:29 11620352 c:\windows\ERDNT\AutoBackup\10-8-2011\Users\00000001\ntuser.dat
+ 2011-10-07 19:56 . 2011-10-07 19:56 11616256 c:\windows\ERDNT\AutoBackup\10-7-2011\Users\00000001\ntuser.dat
+ 2011-10-31 16:42 . 2011-10-31 16:42 11694080 c:\windows\ERDNT\AutoBackup\10-31-2011\Users\00000001\ntuser.dat
+ 2011-10-29 14:17 . 2011-10-29 14:17 11694080 c:\windows\ERDNT\AutoBackup\10-29-2011\Users\00000001\ntuser.dat
+ 2011-10-27 10:24 . 2011-10-27 10:24 11694080 c:\windows\ERDNT\AutoBackup\10-27-2011\Users\00000001\ntuser.dat
+ 2011-10-19 20:09 . 2011-10-19 20:09 11694080 c:\windows\ERDNT\AutoBackup\10-19-2011\Users\00000001\ntuser.dat
+ 2011-10-16 18:16 . 2011-10-16 18:16 11677696 c:\windows\ERDNT\AutoBackup\10-16-2011\Users\00000001\ntuser.dat
+ 2012-01-02 05:14 . 2012-01-02 05:14 11792384 c:\windows\ERDNT\AutoBackup\1-1-2012\Users\00000001\ntuser.dat
+ 2011-04-03 07:47 . 2011-04-03 07:47 11128832 c:\windows\ERDNT\4-3-2011\Users\00000001\ntuser.dat
+ 2011-03-30 04:57 . 2011-03-30 04:57 11128832 c:\windows\ERDNT\3-30-2011\Users\00000001\ntuser.dat
+ 2011-03-27 16:58 . 2011-03-27 16:58 11128832 c:\windows\ERDNT\3-27-2011\Users\00000001\ntuser.dat
+ 2011-08-28 00:18 . 2011-08-28 00:18 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc38 7e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
+ 2011-10-15 21:26 . 2011-10-15 21:26 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9 ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
+ 2011-10-15 22:09 . 2011-10-15 22:09 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b894 5f836759b6abd34\System.Web.ni.dll
+ 2011-08-28 00:22 . 2011-08-28 00:22 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dc ce3e18630e45b23\System.Web.ni.dll
+ 2011-08-28 00:20 . 2011-08-28 00:20 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205a cab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll
+ 2011-10-15 22:08 . 2011-10-15 22:08 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b 3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll
+ 2011-10-15 21:26 . 2011-10-15 21:26 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b 7e3e46b32176f76558\System.Design.ni.dll
+ 2011-08-28 00:18 . 2011-08-28 00:18 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038 c8e2e41415657db8fc\System.Design.ni.dll
+ 2011-08-28 00:17 . 2011-08-28 00:17 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e 34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll
+ 2011-10-15 21:25 . 2011-10-15 21:25 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0544889 24fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll
+ 2011-10-15 21:24 . 2011-10-15 21:24 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713e ca304eaa9d86fc17edb96\PresentationCore.ni.dll
+ 2011-08-28 00:17 . 2011-08-28 00:17 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03 eca57419c4f0e884092ee\PresentationCore.ni.dll
+ 2011-10-15 21:23 . 2011-10-15 21:23 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839ab be7d4bc9c6721\mscorlib.ni.dll
+ 2011-07-07 04:33 . 2011-07-07 04:33 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9 cf14463ce69f9\mscorlib.ni.dll
+ 2011-10-13 16:11 . 2011-08-22 23:47 11084288 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieframe.dll
+ 2011-06-25 06:03 . 2011-06-25 06:03 11083776 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieframe.dll
+ 2011-06-16 09:59 . 2011-04-25 16:09 11083776 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll
+ 2011-02-23 08:57 . 2011-02-23 08:57 11082752 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieframe.dll
+ 2011-02-09 01:57 . 2010-12-20 23:58 11082752 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieframe.dll
+ 2010-11-06 10:57 . 2010-11-06 10:57 11082752 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-08-18 5137648]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"Personal Assistant"="c:\program files\Shelltoys\Personal Assistant\assistant.exe" [2003-03-05 456704]
"RCUI"="c:\program files\RingCentral\RingCentral Call Controller\RCUI.exe" [2011-02-02 500992]
"RCHotKey"="c:\program files\RingCentral\RingCentral Call Controller\RCHotKey.exe" [2011-02-02 38144]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 19550344]
"Chit Chat for Facebook"="c:\program files\Chit Chat For Facebook\CCFFacebook.exe" [2011-11-22 3788288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"rmtemp"="c:\dostools\rmtemp.bat" [2010-03-08 860]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-02-10 745472]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"LogMeIn GUI"="d:\notes\LogMeIn\x86\LogMeInSystray.exe" [2010-05-31 63048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-02-09 2621440]
"KodakShareButtonApp"="c:\program files\Kodak\KODAK Share Button App\Listener.exe" [2011-03-07 107008]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-19 258512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-15 16270848]
"SkyTel"="SkyTel.EXE" [2006-05-17 2879488]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\documents and settings\Michelle\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2011-6-29 217088]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2011-2-23 323584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-08-26 18:40 16680 ------w- c:\program files\Citrix\GoToAssist\570\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2011-12-15 19:24 87424 -c--a-w- c:\windows\system32\LMIinit.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Michelle^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk]
path=c:\documents and settings\Michelle\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
backup=c:\windows\pss\ERUNT AutoBackup.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 -c--a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
2010-11-02 23:09 1862456 -c--a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eFax 4.4]
2008-07-31 23:40 95744 ----a-w- c:\program files\eFax Messenger 4.4\J2GDllCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-10-30 08:07 133104 -c--atw- c:\documents and settings\Michelle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 -c--a-w- c:\program files\Google\Google Talk\googletalk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 17:39 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2008-09-01 15:08 173304 -c--a-w- c:\program files\ICQ6\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2011-12-24 23:50 981680 -c--a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfFactory Dispatcher v3]
2008-04-18 16:24 520192 -c--a-w- c:\windows\system32\spool\drivers\w32x86\3\fppdis3a.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Personal Assistant]
2003-03-05 18:02 456704 ----a-w- c:\program files\Shelltoys\Personal Assistant\assistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-11-15 07:21 16270848 -c--a-w- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-03-04 04:18 61440 -c--a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Documents and Settings\\Michelle\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\CrashPlan\\CrashPlanService.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Glob allyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [10/29/2011 9:05 AM 36000]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10/29/2011 9:05 AM 86224]
R2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [6/29/2011 3:22 AM 152576]
R2 LMIGuardianSvc;LMIGuardianSvc;d:\notes\LogMeIn\x86\LMIGuardianSvc.exe [9/16/2010 4:49 PM 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;d:\notes\LogMeIn\x86\rainfo.sys [5/31/2010 9:31 AM 12856]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/1/2012 11:25 PM 652872]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [3/21/2011 10:17 AM 196928]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [3/21/2011 10:17 AM 68928]
R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2/22/2011 6:17 PM 245760]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/1/2012 11:25 PM 20464]
R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\drivers\stdriver32.sys [7/25/2010 2:56 AM 49208]
S2 AviraUpgradeService;Avira Upgrade Service;"c:\windows\TEMP\AVSETUP_4eac0d84\avupgsvc.exe" /TEMPSTART:""c:\windows\TEMP\AVSETUP_4eac0d84\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE" --> c:\windows\TEMP\AVSETUP_4eac0d84\avupgsvc.exe [?]
S2 bomgar-scc-1291058205;Bomgar Support Customer Client [1291058205];"c:\documents and settings\All Users\Application Data\Bomgar-SCC-4CF3FC1D\bomgar-scc.exe" -service:run --> c:\documents and settings\All Users\Application Data\Bomgar-SCC-4CF3FC1D\bomgar-scc.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/15/2011 5:46 PM 136176]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2/22/2011 6:17 PM 71424]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [2/22/2011 6:17 PM 11520]
S3 cpuz129;cpuz129;\??\c:\docume~1\Michelle\LOCALS~1\Temp\cpuz_x32.sys --> c:\docume~1\Michelle\LOCALS~1\Temp\cpuz_x32.sys [?]
S3 cpuz135;cpuz135;\??\c:\docume~1\Michelle\LOCALS~1\Temp\cpuz135\cpuz135_x32. sys --> c:\docume~1\Michelle\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/15/2011 5:46 PM 136176]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [12/10/2010 5:17 PM 27064]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\DRIVERS\RT2860.sys --> c:\windows\system32\DRIVERS\RT2860.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
Contents of the 'Scheduled Tasks' folder
.
2010-08-04 c:\windows\Tasks\expressripShakeIcon.job
- c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2010-07-25 08:57]
.
2012-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-15 23:45]
.
2012-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-15 23:45]
.
2012-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003Core.job
- c:\documents and settings\Michelle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-30 08:07]
.
2012-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003UA.job
- c:\documents and settings\Michelle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-30 08:07]
.
2012-01-02 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2010-04-21 16:21]
.
2010-08-04 c:\windows\Tasks\soundtapShakeIcon.job
- c:\program files\NCH Swift Sound\SoundTap\soundtap.exe [2010-07-25 08:56]
.
2010-08-01 c:\windows\Tasks\switchShakeIcon.job
- c:\program files\NCH Swift Sound\Switch\switch.exe [2010-07-25 08:55]
.
2012-01-02 c:\windows\Tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]
.
2010-08-04 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2010-07-25 08:56]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to &Evernote - c:\program files\Evernote\Evernote3.5\enbar.dll/2000
Trusted Zone: exoticpublishing.com
TCP: DhcpNameServer = 8.15.12.5 8.5.244.6
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} - hxxp://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab
FF - ProfilePath - c:\documents and settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.exoticpublishing.com/adminDB/freelancers_maintenance.php|http://exoticpublishing.hyperoffice....14.224/cpanel/
FF - prefs.js: network.proxy.http - http://proxy.uconn.edu:3000/proxy.pac
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-Carbonite Backup - c:\program files\Carbonite\Carbonite Backup\CarboniteUI.exe
MSConfigStartUp-nTrayFw - c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-02 14:34
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bomgar-scc-1291058205]
"ImagePath"="\"c:\documents and settings\All Users\Application Data\Bomgar-SCC-4CF3FC1D\bomgar-scc.exe\" -service:run"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(784)
c:\windows\system32\Ati2evxx.dll
c:\program files\Citrix\GoToAssist\570\G2AWinLogon.dll
c:\windows\system32\LMIinit.dll
.
Completion time: 2012-01-02 14:37:28
ComboFix-quarantined-files.txt 2012-01-02 20:37
ComboFix2.txt 2010-11-19 06:51
ComboFix3.txt 2009-11-20 07:20
.
Pre-Run: 122,941,370,368 bytes free
Post-Run: 123,001,331,712 bytes free
.
- - End Of File - - 393E849891D23EBA1E5E7823185526B1

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

My computer is slowly dying

Find the solution to your computer problem!

Find the solution to your
computer problem!