Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: Computer booting slowly & suspicious behavior


(!)

eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
18-Jul-2012, 02:45 PM #16
Looks okay

Now, there was something you had, and I just want to triple check its gone. Can you run this, but you may have to attach it if its too big. Again, its via SystemLook:

Code:
:dir
C:\WINDOWS\System32
If you want to upload, do it as follows:

Click on the Go Advanced button for the uploading options at the bottom of this page (in the picture below )[/list]

  • In there, at the bottom, click on the button Manage Attachments (in the picture below .
  • A window will appear, and then Browse to SystemLook.txt on your Desktop.
  • Click Upload, and when uploaded click Close this Window
  • Then, in the previous window, click on Add Reply

__________________
Just go with the flow, like a twig on the shoulders of a mighty stream

MVP in Consumer Security
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
19-Jul-2012, 12:58 AM #17
SystemLook 30.07.11 by jpshortstuff
Log created at 11:26 on 19/07/2012 by sachin
Administrator - Elevation successful

========== dir ==========

C:\WINDOWS\System32 - Parameters: "(none)"

---Files---
$winnt$.inf --a---- 843 bytes [10:43 12/09/2009] [08:59 12/09/2009]
12520437.cpx --a---- 2151 bytes [12:00 14/04/2008] [12:00 14/04/2008]
12520850.cpx --a---- 2233 bytes [12:00 14/04/2008] [12:00 14/04/2008]
6to4svc.dll --a---- 100864 bytes [12:00 14/04/2008] [04:33 12/02/2010]
aaaamon.dll --a---- 25600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
aaclient.dll --a---- 136192 bytes [08:50 12/09/2009] [12:00 14/04/2008]
access.cpl --a---- 68608 bytes [08:50 12/09/2009] [12:00 14/04/2008]
acctres.dll --a---- 64512 bytes [08:53 12/09/2009] [12:00 14/04/2008]
accwiz.exe --a---- 184320 bytes [08:50 12/09/2009] [12:00 14/04/2008]
acelpdec.ax --a---- 61952 bytes [12:00 14/04/2008] [12:00 14/04/2008]
acledit.dll --a---- 129536 bytes [12:00 14/04/2008] [12:00 14/04/2008]
aclui.dll --a---- 115712 bytes [12:00 14/04/2008] [12:00 14/04/2008]
activeds.dll --a---- 193536 bytes [12:00 14/04/2008] [12:00 14/04/2008]
activeds.tlb --a---- 111104 bytes [12:00 14/04/2008] [12:00 14/04/2008]
actmovie.exe --a---- 4096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
actxprxy.dll --a---- 98304 bytes [12:00 14/04/2008] [12:00 14/04/2008]
admparse.dll --a---- 72704 bytes [12:00 14/04/2008] [23:02 07/03/2009]
adptif.dll --a---- 26112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
adsldp.dll --a---- 175616 bytes [12:00 14/04/2008] [12:00 14/04/2008]
adsldpc.dll --a---- 143360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
adsmsext.dll --a---- 68096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
adsnds.dll --a---- 161792 bytes [12:00 14/04/2008] [12:00 14/04/2008]
adsnt.dll --a---- 263680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
adsnw.dll --a---- 123392 bytes [12:00 14/04/2008] [12:00 14/04/2008]
advapi32.dll --a---- 617472 bytes [19:32 09/06/2009] [19:32 09/06/2009]
advpack.dll --a---- 128512 bytes [12:00 14/04/2008] [23:02 07/03/2009]
advpack.dll.mui ------- 10240 bytes [08:51 08/03/2009] [08:51 08/03/2009]
ahui.exe --a---- 98304 bytes [12:00 14/04/2008] [12:00 14/04/2008]
alg.exe --a---- 44544 bytes [12:00 14/04/2008] [12:00 14/04/2008]
alrsvc.dll --a---- 17408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ALSNDMGR.CPL --a---- 285288 bytes [14:41 12/09/2009] [12:29 14/09/2010]
amcompat.tlb --a---- 16832 bytes [08:55 12/09/2009] [11:26 04/08/2010]
amstream.dll --a---- 70656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ansi.sys --a---- 9029 bytes [12:00 14/04/2008] [12:00 14/04/2008]
apcups.dll --a---- 102912 bytes [12:00 14/04/2008] [12:00 14/04/2008]
append.exe --a---- 12498 bytes [12:00 14/04/2008] [12:00 14/04/2008]
apphelp.dll --a---- 125952 bytes [12:00 14/04/2008] [12:00 14/04/2008]
appmgmts.dll --a---- 167936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
appmgr.dll --a---- 295936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
appwiz.cpl --a---- 549888 bytes [12:00 14/04/2008] [12:00 14/04/2008]
arp.exe --a---- 19456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
asctrls.ocx --a---- 114688 bytes [12:00 14/04/2008] [12:00 14/04/2008]
asferror.dll --a---- 7168 bytes [12:00 14/04/2008] [16:17 18/10/2006]
asr_fmt.exe --a---- 30208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
asr_ldm.exe --a---- 32256 bytes [12:00 14/04/2008] [12:00 14/04/2008]
asr_pfu.exe --a---- 32768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
aswBoot.exe --a---- 227648 bytes [17:37 02/07/2012] [16:21 03/07/2012]
asycfilt.dll --a---- 65536 bytes [12:00 14/04/2008] [14:37 05/03/2010]
at.exe --a---- 25088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ati2cqag.dll --a---- 233472 bytes [04:42 31/08/2005] [04:42 31/08/2005]
ati2dvag.dll --a---- 238592 bytes [05:42 31/08/2005] [05:42 31/08/2005]
ati2edxx.dll --a---- 39936 bytes [05:37 31/08/2005] [05:37 31/08/2005]
ati2evxx.dll --a---- 46080 bytes [05:37 31/08/2005] [05:37 31/08/2005]
ati2evxx.exe --a---- 376832 bytes [05:36 31/08/2005] [05:36 31/08/2005]
Ati2mdxx.exe --a---- 25088 bytes [05:37 31/08/2005] [05:37 31/08/2005]
ati2sgag.exe ------- 516096 bytes [09:57 12/09/2009] [15:35 30/08/2005]
ati3duag.dll --a---- 2429824 bytes [05:28 31/08/2005] [05:28 31/08/2005]
ati64hl2.stb --a---- 22 bytes [04:26 19/10/2011] [04:26 19/10/2011]
ati64hlp.stb --a---- 22 bytes [04:48 19/10/2011] [04:48 19/10/2011]
ATIDDC.DLL --a---- 53248 bytes [05:35 31/08/2005] [05:35 31/08/2005]
ATIDEMGR.dll --a---- 258048 bytes [07:33 31/08/2005] [07:33 31/08/2005]
atifglpf.xml -ra---- 5496 bytes [09:57 12/09/2009] [04:54 02/07/2005]
atiicdxx.dat -ra---- 104373 bytes [09:57 12/09/2009] [17:54 26/08/2005]
atiiiexx.dll -ra---- 307200 bytes [09:57 12/09/2009] [08:08 31/08/2005]
atikvmag.dll --a---- 147456 bytes [05:10 31/08/2005] [05:10 31/08/2005]
atioglx1.dll --a---- 6684672 bytes [06:57 31/08/2005] [06:57 31/08/2005]
atioglxx.dll --a---- 4718592 bytes [05:57 31/08/2005] [05:57 31/08/2005]
atipdlxx.dll --a---- 106496 bytes [05:37 31/08/2005] [05:37 31/08/2005]
atitvo32.dll --a---- 17408 bytes [04:47 31/08/2005] [04:47 31/08/2005]
ativcoxx.dll --a---- 24064 bytes [18:01 09/11/2001] [18:01 09/11/2001]
ativvaxx.dll --a---- 600672 bytes [05:23 31/08/2005] [05:23 31/08/2005]
atkctrs.dll --a---- 13312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
atl.dll --a---- 58880 bytes [12:00 14/04/2008] [19:01 17/07/2009]
atmadm.exe --a---- 11264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
atmfd.dll --a---- 290432 bytes [12:00 14/04/2008] [12:56 15/02/2011]
atmlib.dll --a---- 30208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
atmpvcno.dll --a---- 34816 bytes [12:00 14/04/2008] [12:00 14/04/2008]
atrace.dll --a---- 11264 bytes [08:53 12/09/2009] [12:00 14/04/2008]
attrib.exe --a---- 12288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
audiodev.dll ------- 276992 bytes [16:17 18/10/2006] [16:17 18/10/2006]
audiosrv.dll --a---- 42496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
auditusr.exe --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
authz.dll --a---- 62464 bytes [12:00 14/04/2008] [12:00 14/04/2008]
autochk.exe --a---- 588800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
autoconv.exe --a---- 602624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
autodisc.dll --a---- 80384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
AUTOEXEC.NT --a---- 1688 bytes [10:45 12/09/2009] [12:00 14/04/2008]
autofmt.exe --a---- 580608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
autolfn.exe --a---- 11264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
avicap.dll --a---- 69584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
avicap32.dll --a---- 64000 bytes [12:00 14/04/2008] [12:00 14/04/2008]
avifil32.dll --a---- 84992 bytes [12:00 14/04/2008] [16:07 27/11/2009]
avifile.dll --a---- 109456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
avmeter.dll --a---- 16384 bytes [08:51 12/09/2009] [12:00 14/04/2008]
avtapi.dll --a---- 227840 bytes [08:51 12/09/2009] [12:00 14/04/2008]
avwav.dll --a---- 73216 bytes [08:51 12/09/2009] [12:00 14/04/2008]
axaltocm.dll ------- 133120 bytes [18:19 28/10/2005] [18:19 28/10/2005]
azroles.dll --a---- 233472 bytes [12:00 14/04/2008] [12:00 14/04/2008]
basecsp.dll ------- 96792 bytes [11:10 28/10/2005] [11:10 28/10/2005]
basesrv.dll --a---- 52736 bytes [12:00 14/04/2008] [12:00 14/04/2008]
batmeter.dll --a---- 29184 bytes [12:00 14/04/2008] [12:00 14/04/2008]
batt.dll --a---- 8704 bytes [10:45 12/09/2009] [12:00 14/04/2008]
bcsprsrc.dll ------- 25600 bytes [18:19 28/10/2005] [18:19 28/10/2005]
bidispl.dll --a---- 17408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bios1.rom --a---- 28420 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bios4.rom --a---- 8191 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bitsprx2.dll --a---- 8192 bytes [08:53 12/09/2009] [12:00 14/04/2008]
bitsprx3.dll --a---- 7168 bytes [08:53 12/09/2009] [12:00 14/04/2008]
bitsprx4.dll --a---- 7168 bytes [08:53 12/09/2009] [12:00 14/04/2008]
blackbox.dll --a---- 542720 bytes [12:00 14/04/2008] [16:17 18/10/2006]
blastcln.exe --a---- 71680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bootcfg.exe --a---- 142848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bootdelete.exe --a---- 12872 bytes [13:06 01/10/2011] [13:06 01/10/2011]
bootok.exe --a---- 4608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bootvid.dll --a---- 12288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bootvrfy.exe --a---- 5120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bopomofo.uce --a---- 22984 bytes [08:51 12/09/2009] [12:00 14/04/2008]
browselc.dll --a---- 63488 bytes [12:00 14/04/2008] [12:00 14/04/2008]
browser.dll --a---- 77824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
browseui.dll --a---- 1025024 bytes [12:00 14/04/2008] [12:00 14/04/2008]
browsewm.dll --a---- 78336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bthci.dll --a---- 20992 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bthprops.cpl --a---- 110592 bytes [12:00 14/04/2008] [12:00 14/04/2008]
bthserv.dll --a---- 30208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
btpanui.dll --a---- 50688 bytes [12:00 14/04/2008] [12:00 14/04/2008]
BuzzingBee.wav --a---- 146650 bytes [10:03 12/09/2009] [10:03 12/09/2009]
cabinet.dll --a---- 60416 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cabview.dll --a---- 86016 bytes [12:00 14/04/2008] [14:01 13/01/2010]
cacls.exe --a---- 19968 bytes [12:00 14/04/2008] [12:00 14/04/2008]
calc.exe --a---- 114688 bytes [08:51 12/09/2009] [12:00 14/04/2008]
camocx.dll --a---- 50688 bytes [12:00 14/04/2008] [12:00 14/04/2008]
capesnpn.dll --a---- 150016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cards.dll --a---- 359936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
catsrv.dll --a---- 226304 bytes [08:50 12/09/2009] [12:00 14/04/2008]
catsrvps.dll --a---- 85504 bytes [08:50 12/09/2009] [12:00 14/04/2008]
catsrvut.dll --a---- 625664 bytes [08:50 12/09/2009] [12:00 14/04/2008]
ccfgnt.dll --a---- 27648 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cdfview.dll --a---- 151040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cdm.dll --a---- 97304 bytes [20:20 09/11/2008] [09:49 02/06/2012]
cdmodem.dll --a---- 15872 bytes [08:51 12/09/2009] [12:00 14/04/2008]
cdosys.dll --a---- 2091520 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cdplayer.exe.manifest -rah--- 749 bytes [08:54 12/09/2009] [08:54 12/09/2009]
certcli.dll --a---- 194560 bytes [12:00 14/04/2008] [12:00 14/04/2008]
certmgr.dll --a---- 457728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
certmgr.msc --a---- 42339 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cewmdm.dll --a---- 229376 bytes [12:00 14/04/2008] [16:17 18/10/2006]
cfgbkend.dll --a---- 38912 bytes [08:50 12/09/2009] [12:00 14/04/2008]
cfgmgr32.dll --a---- 16896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
charmap.exe --a---- 80384 bytes [08:51 12/09/2009] [12:00 14/04/2008]
ChCfg.exe -r----- 40960 bytes [14:41 12/09/2009] [00:48 16/07/2005]
chcp.com --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
chkdsk.exe --a---- 11776 bytes [12:00 14/04/2008] [12:00 14/04/2008]
chkntfs.exe --a---- 11264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ciadmin.dll --a---- 163328 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ciadv.msc --a---- 41762 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cic.dll --a---- 148480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cidaemon.exe --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ciodm.dll --a---- 69120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cipher.exe --a---- 56832 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cisvc.exe --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ckcnv.exe --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
clb.dll --a---- 10752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
clbcatex.dll --a---- 110592 bytes [08:50 12/09/2009] [12:00 14/04/2008]
clbcatq.dll --a---- 498688 bytes [08:50 12/09/2009] [12:00 14/04/2008]
cleanmgr.exe --a---- 64000 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cliconf.chm --a---- 71859 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cliconfg.dll --a---- 77824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cliconfg.exe --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cliconfg.rll --a---- 24576 bytes [12:00 14/04/2008] [12:00 14/04/2008]
clipbrd.exe --a---- 102912 bytes [08:50 12/09/2009] [12:00 14/04/2008]
clipsrv.exe --a---- 33280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
clusapi.dll --a---- 58368 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmcfg32.dll --a---- 15872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmd.exe --a---- 389120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmdial32.dll --a---- 344064 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmdl32.exe --a---- 25600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmdlib.wsc --a---- 40505 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmmgr32.hlp --a---- 61172 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmmon32.exe --a---- 39936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmos.ram --a---- 64 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmpbk32.dll --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmprops.dll --a---- 185344 bytes [08:50 12/09/2009] [12:00 14/04/2008]
cmsetACL.dll --a---- 13312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmstp.exe --a---- 63488 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cmutil.dll --a---- 39424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cnbjmon.dll --a---- 47104 bytes [03:41 14/04/2008] [19:43 09/06/2009]
cnetcfg.dll --a---- 32768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cnvfat.dll --a---- 26624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
colbact.dll --a---- 60416 bytes [08:50 12/09/2009] [12:00 14/04/2008]
comaddin.dll --a---- 28160 bytes [08:50 12/09/2009] [12:00 14/04/2008]
comcat.dll --a---- 3584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
comctl32.dll --a---- 617472 bytes [12:00 14/04/2008] [16:12 23/08/2010]
comdlg32.dll --a---- 276992 bytes [12:00 14/04/2008] [12:00 14/04/2008]
comm.drv --a---- 10544 bytes [12:00 14/04/2008] [12:00 14/04/2008]
command.com --a---- 50620 bytes [12:00 14/04/2008] [12:00 14/04/2008]
commdlg.dll --a---- 32816 bytes [12:00 14/04/2008] [12:00 14/04/2008]
comp.exe --a---- 15872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
compact.exe --a---- 17408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
compatUI.dll --a---- 252928 bytes [12:00 14/04/2008] [12:00 14/04/2008]
compmgmt.msc --a---- 38302 bytes [12:00 14/04/2008] [12:00 14/04/2008]
compobj.dll --a---- 30160 bytes [12:00 14/04/2008] [12:00 14/04/2008]
compstui.dll --a---- 229376 bytes [12:00 14/04/2008] [12:00 14/04/2008]
comrepl.dll --a---- 97792 bytes [08:50 12/09/2009] [12:00 14/04/2008]
comres.dll --a---- 792064 bytes [12:00 14/04/2008] [12:00 14/04/2008]
comsnap.dll --a---- 167424 bytes [08:50 12/09/2009] [12:00 14/04/2008]
comsvcs.dll --a---- 1267200 bytes [08:50 12/09/2009] [12:00 14/04/2008]
comuid.dll --a---- 539648 bytes [08:50 12/09/2009] [12:00 14/04/2008]
CONFIG.NT --a---- 2625 bytes [08:55 12/09/2009] [04:07 06/07/2012]
confmsp.dll --a---- 357888 bytes [12:00 14/04/2008] [12:00 14/04/2008]
conime.exe --a---- 27648 bytes [12:00 14/04/2008] [12:00 14/04/2008]
console.dll --a---- 66560 bytes [12:00 14/04/2008] [12:00 14/04/2008]
control.exe --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
convert.exe --a---- 13824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
corpol.dll --a---- 18944 bytes [12:00 14/04/2008] [23:03 07/03/2009]
country.sys --a---- 27097 bytes [12:00 14/04/2008] [12:00 14/04/2008]
credssp.dll --a---- 12800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
credui.dll --a---- 163840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
crtdll.dll --a---- 149019 bytes [12:00 14/04/2008] [12:00 14/04/2008]
crypt32.dll --a---- 599040 bytes [12:00 14/04/2008] [13:22 31/05/2012]
cryptdlg.dll --a---- 74752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cryptdll.dll --a---- 33280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cryptext.dll --a---- 53760 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cryptnet.dll --a---- 64512 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cryptsvc.dll --a---- 62464 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cryptui.dll --a---- 512512 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cscdll.dll --a---- 101888 bytes [12:00 14/04/2008] [12:00 14/04/2008]
cscript.exe --a---- 135168 bytes [19:30 09/06/2009] [19:30 09/06/2009]
cscui.dll --a---- 326656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
csrsrv.dll --a---- 33280 bytes [12:00 14/04/2008] [05:31 28/10/2011]
csrss.exe --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
csseqchk.dll --a---- 73728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ctfmon.exe --a---- 15360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ctl3d32.dll --a---- 27136 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ctl3dv2.dll -ra---- 27200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ctype.nls --a---- 8386 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_037.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_10000.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_10006.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_10007.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_10010.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_10017.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_10029.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_10079.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_10081.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_10082.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_1026.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_1250.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_1251.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_1252.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_1253.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_1254.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_1255.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_1256.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_1257.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_1258.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_20127.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_20261.nls --a---- 139810 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_20866.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_20905.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_21866.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_28591.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_28592.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_28593.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
C_28594.NLS --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
C_28595.NLS --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
C_28597.NLS --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_28598.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_28599.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_28603.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_28605.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_437.nls --a---- 66594 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_500.nls --a---- 66082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_737.nls --a---- 66594 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_775.nls --a---- 66594 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_850.nls --a---- 66594 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_852.nls --a---- 66594 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_855.nls --a---- 66594 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_857.nls --a---- 66594 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_860.nls --a---- 66594 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_861.nls --a---- 66594 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_863.nls --a---- 66594 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_865.nls --a---- 66594 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_866.nls --a---- 66594 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_869.nls --a---- 66594 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_874.nls --a---- 66594 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_875.nls --a---- 66082 bytes [10:45 12/09/2009] [12:00 14/04/2008]
c_932.nls --a---- 162850 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_936.nls --a---- 196642 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_949.nls --a---- 196642 bytes [12:00 14/04/2008] [12:00 14/04/2008]
c_950.nls --a---- 196642 bytes [12:00 14/04/2008] [12:00 14/04/2008]
d3d8.dll --a---- 1179648 bytes [12:00 14/04/2008] [12:00 14/04/2008]
d3d8thk.dll --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
d3d9.dll --a---- 1689088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
d3dim.dll --a---- 436224 bytes [12:00 14/04/2008] [12:00 14/04/2008]
d3dim700.dll --a---- 824320 bytes [12:00 14/04/2008] [12:00 14/04/2008]
d3dpmesh.dll --a---- 34816 bytes [12:00 14/04/2008] [12:00 14/04/2008]
d3dramp.dll --a---- 590336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
d3drm.dll --a---- 350208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
d3dx9_30.dll --a---- 2388176 bytes [14:08 13/06/2010] [07:10 31/03/2006]
d3dxof.dll --a---- 47616 bytes [12:00 14/04/2008] [12:00 14/04/2008]
danim.dll --a---- 1054208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dataclen.dll --a---- 54272 bytes [12:00 14/04/2008] [12:00 14/04/2008]
datime.dll --a---- 165376 bytes [12:00 14/04/2008] [12:00 14/04/2008]
davclnt.dll --a---- 25088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
daxctle.ocx --a---- 153088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dbgeng.dll --a---- 847872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dbghelp.dll --a---- 640000 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dbghelp.dll.old --a---- 640000 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dbmsrpcn.dll --a---- 24576 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dbnetlib.dll --a---- 110592 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dbnmpntw.dll --a---- 28672 bytes [12:00 14/04/2008] [12:00 14/04/2008]
Dcache.bin --a---- 1804 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dciman32.dll --a---- 8704 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dcomcnfg.exe --a---- 6144 bytes [08:50 12/09/2009] [12:00 14/04/2008]
ddeml.dll --a---- 39424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ddeshare.exe --a---- 30208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ddraw.dll --a---- 279552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ddrawex.dll --a---- 27136 bytes [12:00 14/04/2008] [12:00 14/04/2008]
debug.exe --a---- 20634 bytes [12:00 14/04/2008] [12:00 14/04/2008]
defrag.exe --a---- 25088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
deployJava1.dll --a---- 687600 bytes [10:06 09/09/2011] [15:36 04/07/2012]
desk.cpl --a---- 135168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
deskadp.dll --a---- 16384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
deskmon.dll --a---- 16896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
deskperf.dll --a---- 18432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
desktop.ini --a---- 2 bytes [08:53 12/09/2009] [12:00 14/04/2008]
devenum.dll --a---- 59904 bytes [12:00 14/04/2008] [12:00 14/04/2008]
devmgmt.msc --a---- 33079 bytes [12:00 14/04/2008] [12:00 14/04/2008]
devmgr.dll --a---- 282624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dfrg.msc --a---- 41397 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dfrgfat.exe --a---- 82944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dfrgntfs.exe --a---- 105472 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dfrgres.dll --a---- 51200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dfrgsnap.dll --a---- 39424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dfrgui.dll --a---- 124416 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dfshim.dll --a---- 1130824 bytes [19:36 06/11/2009] [19:36 06/11/2009]
dfsshlex.dll --a---- 28672 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dgnet.dll --a---- 111104 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dgrpsetu.dll --a---- 176157 bytes [10:45 12/09/2009] [12:00 14/04/2008]
dgsetup.dll --a---- 85020 bytes [10:45 12/09/2009] [12:00 14/04/2008]
dhcpcsvc.dll --a---- 126976 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dhcpmon.dll --a---- 379904 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dhcpqec.dll --a---- 48640 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dhcpsapi.dll --a---- 74240 bytes [12:00 14/04/2008] [12:00 14/04/2008]
diactfrm.dll --a---- 394240 bytes [12:00 14/04/2008] [12:00 14/04/2008]
diantz.exe --a---- 87040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
digest.dll --a---- 68608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dimap.dll --a---- 44032 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dimsntfy.dll --a---- 19456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dimsroam.dll --a---- 39936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dinput.dll --a---- 158720 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dinput8.dll --a---- 181760 bytes [12:00 14/04/2008] [12:00 14/04/2008]
diskcomp.com --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
diskcopy.com --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
diskcopy.dll --a---- 1504256 bytes [12:00 14/04/2008] [12:00 14/04/2008]
diskmgmt.msc --a---- 33673 bytes [12:00 14/04/2008] [12:00 14/04/2008]
diskpart.exe --a---- 163840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
diskperf.exe --a---- 17920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dispex.dll --a---- 32768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dllhost.exe --a---- 5120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dllhst3g.exe --a---- 4608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmadmin.exe --a---- 224768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmband.dll --a---- 28672 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmcompos.dll --a---- 61440 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmconfig.dll --a---- 330752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmdlgs.dll --a---- 285184 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmdskmgr.dll --a---- 200704 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmdskres.dll --a---- 118784 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmime.dll --a---- 181248 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmintf.dll --a---- 18432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmloader.dll --a---- 35840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmocx.dll --a---- 19456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmremote.exe --a---- 15872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmscript.dll --a---- 82432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmserver.dll --a---- 23552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmstyle.dll --a---- 105984 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmsynth.dll --a---- 103424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmusic.dll --a---- 104448 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dmutil.dll --a---- 52224 bytes [03:41 14/04/2008] [19:43 09/06/2009]
dmview.ocx --a---- 61440 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dnsapi.dll --a---- 149504 bytes [19:30 09/06/2009] [06:55 03/03/2011]
dnsrslvr.dll --a---- 45568 bytes [12:00 14/04/2008] [17:17 20/04/2009]
docprop.dll --a---- 46080 bytes [12:00 14/04/2008] [12:00 14/04/2008]
docprop2.dll --a---- 48128 bytes [12:00 14/04/2008] [12:00 14/04/2008]
doskey.exe --a---- 10752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dosx.exe --a---- 53840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dot3api.dll --a---- 26112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dot3cfg.dll --a---- 57856 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dot3dlg.dll --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dot3gpclnt.dll --a---- 39936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dot3msm.dll --a---- 56320 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dot3svc.dll --a---- 132096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dot3ui.dll --a---- 650752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpcdll.dll --a---- 102912 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dplay.dll --a---- 33040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dplaysvr.exe --a---- 29696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dplayx.dll --a---- 229888 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpmodemx.dll --a---- 23552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpnaddr.dll --a---- 3072 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpnet.dll --a---- 375296 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpnhpast.dll --a---- 35328 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpnhupnp.dll --a---- 60928 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpnlobby.dll --a---- 3072 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpnmodem.dll --a---- 62464 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpnsvr.exe --a---- 17920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpnwsock.dll --a---- 61952 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpserial.dll --a---- 53520 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpvacm.dll --a---- 21504 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpvoice.dll --a---- 212480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpvsetup.exe --a---- 83456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpvvox.dll --a---- 116736 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpwsock.dll --a---- 42768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dpwsockx.dll --a---- 57344 bytes [12:00 14/04/2008] [12:00 14/04/2008]
driverquery.exe --a---- 62976 bytes [12:00 14/04/2008] [12:00 14/04/2008]
drmclien.dll --a---- 299520 bytes [12:00 14/04/2008] [12:00 14/04/2008]
drmstor.dll --a---- 87040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
drmupgds.exe ------- 249856 bytes [14:30 18/10/2006] [14:30 18/10/2006]
drmv2clt.dll --a---- 991744 bytes [12:00 14/04/2008] [16:17 18/10/2006]
drprov.dll --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
drwatson.exe --a---- 28112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
drwtsn32.exe --a---- 45568 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ds16gt.dLL --a---- 4656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ds32gt.dll --a---- 16384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dsauth.dll --a---- 62976 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dsdmo.dll --a---- 181248 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dsdmoprp.dll --a---- 71680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dskquota.dll --a---- 92672 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dskquoui.dll --a---- 155648 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dsound.dll --a---- 367616 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dsound.vxd --a---- 81 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dsound3d.dll --a---- 1293824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dsprop.dll --a---- 142848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dsprpres.dll --a---- 4096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dsquery.dll --a---- 239104 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dssec.dat --a---- 218003 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dssec.dll --a---- 51200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dssenh.dll --a---- 138752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dsuiext.dll --a---- 113152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dswave.dll --a---- 19456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dumprep.exe --a---- 10752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
duser.dll --a---- 304128 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dvdplay.exe --a---- 55296 bytes [20:36 17/08/2001] [19:42 09/06/2009]
dvdupgrd.exe --a---- 17920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dwwin.exe --a---- 180224 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dx7vb.dll --a---- 619008 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dx8vb.dll --a---- 1227264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dxdiag.exe --a---- 1298432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dxdiagn.dll --a---- 2113536 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dxmasf.dll --a---- 498742 bytes [12:00 14/04/2008] [12:00 14/04/2008]
dxtmsft.dll --a---- 348160 bytes [12:00 14/04/2008] [23:01 07/03/2009]
dxtrans.dll --a---- 216064 bytes [12:00 14/04/2008] [23:01 07/03/2009]
dxva2.dll --a---- 70472 bytes [07:46 18/03/2010] [07:46 18/03/2010]
eapolqec.dll --a---- 30720 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eapp3hst.dll --a---- 184832 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eappcfg.dll --a---- 126976 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eappgnui.dll --a---- 94208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eapphost.dll --a---- 180224 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eappprxy.dll --a---- 40960 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eapqec.dll --a---- 59392 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eapsvc.dll --a---- 33792 bytes [12:00 14/04/2008] [12:00 14/04/2008]
edit.com --a---- 69886 bytes [12:00 14/04/2008] [12:00 14/04/2008]
edit.hlp --a---- 10790 bytes [12:00 14/04/2008] [12:00 14/04/2008]
edlin.exe --a---- 12642 bytes [12:00 14/04/2008] [12:00 14/04/2008]
efsadu.dll --a---- 26624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ega.cpi --a---- 127213 bytes [12:00 14/04/2008] [12:00 14/04/2008]
els.dll --a---- 183296 bytes [12:00 14/04/2008] [12:00 14/04/2008]
emptyregdb.dat --a---- 21640 bytes [08:52 12/09/2009] [08:52 12/09/2009]
encapi.dll --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
encdec.dll --a---- 186880 bytes [12:00 14/04/2008] [11:13 18/10/2011]
EqnClass.Dll --a---- 103424 bytes [10:45 12/09/2009] [12:00 14/04/2008]
ersvc.dll --a---- 23040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
es.dll --a---- 253952 bytes [19:30 09/06/2009] [19:30 09/06/2009]
esent.dll --a---- 1082368 bytes [12:00 14/04/2008] [12:00 14/04/2008]
esent97.dll --a---- 1114896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
esentprf.dll --a---- 17408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
esentprf.hxx --a---- 6708 bytes [12:00 14/04/2008] [12:00 14/04/2008]
esentprf.ini --a---- 1015477 bytes [12:00 14/04/2008] [12:00 14/04/2008]
esentutl.exe --a---- 39424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eudcedit.exe --a---- 193024 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eula.txt --a---- 41543 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eventcls.dll --a---- 33280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eventcreate.exe --a---- 50688 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eventlog.dll --a---- 56320 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eventquery.vbs --a---- 97965 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eventtriggers.exe --a---- 82944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eventvwr.exe --a---- 8704 bytes [12:00 14/04/2008] [12:00 14/04/2008]
eventvwr.msc --a---- 56678 bytes [12:00 14/04/2008] [12:00 14/04/2008]
evr.dll --a---- 486216 bytes [07:46 18/03/2010] [07:46 18/03/2010]
exe2bin.exe --a---- 8424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
expand.exe --a---- 15872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
expsrv.dll --a---- 380445 bytes [12:00 14/04/2008] [12:00 14/04/2008]
extmgr.dll --a---- 55808 bytes [12:00 14/04/2008] [12:00 14/04/2008]
extrac32.exe --a---- 24064 bytes [12:00 14/04/2008] [12:00 14/04/2008]
exts.dll --a---- 125952 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ezsidmv.dat --ah--- 56 bytes [17:21 14/11/2009] [17:21 14/11/2009]
fastopen.exe --a---- 882 bytes [12:00 14/04/2008] [12:00 14/04/2008]
faultrep.dll --a---- 80384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
fc.exe --a---- 14848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
fde.dll --a---- 124928 bytes [12:00 14/04/2008] [12:00 14/04/2008]
fdeploy.dll --a---- 73728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
feclient.dll --a---- 21504 bytes [12:00 14/04/2008] [12:00 14/04/2008]
filemgmt.dll --a---- 337920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
find.exe --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
findstr.exe --a---- 27136 bytes [12:00 14/04/2008] [12:00 14/04/2008]
finger.exe --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
firewall.cpl --a---- 80896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
fixmapi.exe --a---- 3072 bytes [12:00 14/04/2008] [12:00 14/04/2008]
FlashPlayerApp.exe --a---- 426184 bytes [04:02 13/05/2012] [18:09 13/07/2012]
FlashPlayerCPLApp.cpl --a---- 70344 bytes [10:31 27/11/2011] [18:09 13/07/2012]
fldrclnr.dll --a---- 87552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
fltlib.dll --a---- 16896 bytes [08:52 12/09/2009] [12:00 14/04/2008]
fltMc.exe --a---- 23040 bytes [08:52 12/09/2009] [12:00 14/04/2008]
FM20.DLL --a---- 1193320 bytes [01:28 07/07/2011] [01:28 07/07/2011]
FM20ENU.DLL --a---- 33088 bytes [12:10 26/10/2006] [12:10 26/10/2006]
fmifs.dll --a---- 16384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
FNTCACHE.DAT --a---- 267008 bytes [10:44 12/09/2009] [07:08 11/07/2012]
fontext.dll --a---- 382976 bytes [12:00 14/04/2008] [12:00 14/04/2008]
fontsub.dll --a---- 81920 bytes [12:00 14/04/2008] [16:28 15/10/2009]
fontview.exe --a---- 20992 bytes [12:00 14/04/2008] [12:00 14/04/2008]
forcedos.exe --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
format.com --a---- 29696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
framebuf.dll --a---- 9344 bytes [12:00 14/04/2008] [12:00 14/04/2008]
frapsvid.dll --a---- 86016 bytes [06:00 31/03/2010] [06:00 31/03/2010]
freecell.exe --a---- 55296 bytes [08:51 12/09/2009] [12:00 14/04/2008]
fsmgmt.msc --a---- 32760 bytes [12:00 14/04/2008] [12:00 14/04/2008]
fsquirt.exe --a---- 193024 bytes [12:00 14/04/2008] [12:00 14/04/2008]
fsusd.dll --a---- 81408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
fsutil.exe --a---- 56320 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ftp.exe --a---- 42496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ftsrch.dll --a---- 176128 bytes [12:00 14/04/2008] [12:00 14/04/2008]
fwcfg.dll --a---- 60416 bytes [12:00 14/04/2008] [12:00 14/04/2008]
g711codc.ax --a---- 41472 bytes [12:00 14/04/2008] [12:00 14/04/2008]
gb2312.uce --a---- 24006 bytes [08:51 12/09/2009] [12:00 14/04/2008]
gcdef.dll --a---- 76800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
gdi.exe --a---- 24576 bytes [12:00 14/04/2008] [12:00 14/04/2008]
gdi32.dll --a---- 286720 bytes [19:30 09/06/2009] [19:30 09/06/2009]
geo.nls --a---- 24772 bytes [12:00 14/04/2008] [12:00 14/04/2008]
getmac.exe --a---- 59904 bytes [12:00 14/04/2008] [12:00 14/04/2008]
getuname.dll --a---- 605696 bytes [08:51 12/09/2009] [12:00 14/04/2008]
giveio.sys --a---- 5248 bytes [19:33 03/04/1996] [19:33 03/04/1996]
glmf32.dll --a---- 285184 bytes [12:00 14/04/2008] [12:00 14/04/2008]
glu32.dll --a---- 122880 bytes [12:00 14/04/2008] [12:00 14/04/2008]
glut32.dll --a---- 237568 bytes [10:06 27/05/2010] [20:57 07/11/2001]
gpedit.dll --a---- 566784 bytes [12:00 14/04/2008] [12:00 14/04/2008]
gpedit.msc --a---- 34871 bytes [12:00 14/04/2008] [12:00 14/04/2008]
gpkcsp.dll --a---- 101888 bytes [12:00 14/04/2008] [12:00 14/04/2008]
gpkrsrc.dll --a---- 9728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
gpresult.exe --a---- 120832 bytes [12:00 14/04/2008] [12:00 14/04/2008]
gptext.dll --a---- 199680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
gpupdate.exe --a---- 57344 bytes [12:00 14/04/2008] [12:00 14/04/2008]
graftabl.com --a---- 26112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
graphics.com --a---- 19694 bytes [12:00 14/04/2008] [12:00 14/04/2008]
graphics.pro --a---- 21232 bytes [12:00 14/04/2008] [12:00 14/04/2008]
grpconv.exe --a---- 39424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
guard32.dll --a---- 285256 bytes [04:07 30/06/2011] [04:07 30/06/2011]
h323.tsp --a---- 265728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
h323log.txt --a---- 0 bytes [10:49 12/09/2009] [10:49 12/09/2009]
h323msp.dll --a---- 614912 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hal.dll --a---- 134400 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hccoin.dll --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hdwwiz.cpl --a---- 155136 bytes [12:00 14/04/2008] [12:00 14/04/2008]
help.exe --a---- 15872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hhctrl.ocx --a---- 545280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hhsetup.dll --a---- 41472 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hid.dll --a---- 20992 bytes [03:41 14/04/2008] [19:43 09/06/2009]
hidphone.tsp --a---- 29696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
himem.sys --a---- 4768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hlink.dll --a---- 72704 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hnetcfg.dll --a---- 344064 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hnetmon.dll --a---- 14848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hnetwiz.dll --a---- 330752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
homepage.inf --a---- 929 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hostname.exe --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hotplug.dll --a---- 144896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hticons.dll --a---- 44544 bytes [08:51 12/09/2009] [12:00 14/04/2008]
html.iec --a---- 385024 bytes [19:33 09/06/2009] [11:38 11/05/2012]
httpapi.dll --a---- 25088 bytes [12:00 14/04/2008] [05:38 21/10/2009]
htui.dll --a---- 41984 bytes [12:00 14/04/2008] [12:00 14/04/2008]
hypertrm.dll --a---- 347136 bytes [08:50 12/09/2009] [12:00 14/04/2008]
iac25_32.ax --a---- 199680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iacenc.dll ------- 3072 bytes [17:59 16/02/2012] [19:06 11/01/2012]
iasacct.dll --a---- 23552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iasads.dll --a---- 41472 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iashlpr.dll --a---- 32256 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iasnap.dll --a---- 62464 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iaspolcy.dll --a---- 17920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iasrad.dll --a---- 119808 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iasrecst.dll --a---- 141312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iassam.dll --a---- 86528 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iassdo.dll --a---- 247808 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iassvcs.dll --a---- 59392 bytes [12:00 14/04/2008] [12:00 14/04/2008]
icaapi.dll --a---- 11264 bytes [08:50 12/09/2009] [12:00 14/04/2008]
icardagt.exe --a---- 622080 bytes [13:54 29/07/2008] [13:54 29/07/2008]
icardie.dll ------- 59904 bytes [23:01 07/03/2009] [23:01 07/03/2009]
icardres.dll --a---- 11264 bytes [13:54 29/07/2008] [13:54 29/07/2008]
icardres.dll.mui --a---- 586240 bytes [00:19 29/07/2008] [00:19 29/07/2008]
iccvid.dll --a---- 80384 bytes [12:00 14/04/2008] [14:03 17/06/2010]
icfgnt5.dll --a---- 16384 bytes [08:53 12/09/2009] [12:00 14/04/2008]
icm32.dll --a---- 254976 bytes [12:00 14/04/2008] [12:00 14/04/2008]
icmp.dll --a---- 3584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
icmui.dll --a---- 54784 bytes [12:00 14/04/2008] [12:00 14/04/2008]
icrav03.rat --a---- 8798 bytes [12:50 07/01/2009] [12:50 07/01/2009]
icwdial.dll --a---- 73728 bytes [08:52 12/09/2009] [12:00 14/04/2008]
icwphbk.dll --a---- 65536 bytes [08:52 12/09/2009] [12:00 14/04/2008]
ideograf.uce --a---- 60458 bytes [08:51 12/09/2009] [12:00 14/04/2008]
idndl.dll --a---- 26112 bytes [12:50 07/01/2009] [12:50 07/01/2009]
idq.dll --a---- 120832 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ie4uinit.exe ------- 174080 bytes [12:00 14/04/2008] [11:38 11/05/2012]
ie4uinit.exe.mui ------- 4096 bytes [08:51 08/03/2009] [08:51 08/03/2009]
IE8Eula.rtf ------- 5630 bytes [16:50 12/02/2009] [16:50 12/02/2009]
ieakeng.dll --a---- 125952 bytes [12:00 14/04/2008] [23:03 07/03/2009]
ieaksie.dll --a---- 229376 bytes [12:00 14/04/2008] [23:03 07/03/2009]
ieakui.dll --a---- 163840 bytes [12:00 14/04/2008] [23:02 07/03/2009]
ieapfltr.dat ------- 3698584 bytes [15:37 06/02/2009] [15:37 06/02/2009]
ieapfltr.dll ------- 445952 bytes [22:41 07/03/2009] [22:41 07/03/2009]
iedkcs32.dll ------- 387584 bytes [12:00 14/04/2008] [14:42 11/05/2012]
iedkcs32.dll.mui ------- 81920 bytes [08:50 08/03/2009] [08:50 08/03/2009]
ieframe.dll --a---- 11111424 bytes [23:09 07/03/2009] [14:42 11/05/2012]
ieframe.dll.mui ------- 1241088 bytes [08:52 08/03/2009] [08:52 08/03/2009]
iepeers.dll --a---- 184320 bytes [12:00 14/04/2008] [14:42 11/05/2012]
iernonce.dll --a---- 55808 bytes [12:00 14/04/2008] [23:02 07/03/2009]
iertutil.dll --a---- 2000384 bytes [23:02 07/03/2009] [14:42 11/05/2012]
iesetup.dll --a---- 71680 bytes [12:00 14/04/2008] [23:02 07/03/2009]
ieudinit.exe --a---- 36864 bytes [23:02 07/03/2009] [23:02 07/03/2009]
ieui.dll ------- 164352 bytes [22:52 07/03/2009] [22:52 07/03/2009]
ieuinit.inf --a---- 57667 bytes [12:00 14/04/2008] [08:40 29/06/2009]
iexpress.exe --a---- 114688 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ifmon.dll --a---- 135680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ifsutil.dll --a---- 70656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ifxcardm.dll ------- 151552 bytes [18:19 28/10/2005] [18:19 28/10/2005]
igmpagnt.dll --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iissuba.dll --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ils.dll --a---- 81920 bytes [08:52 12/09/2009] [12:00 14/04/2008]
imaadp32.acm --a---- 16384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
imagehlp.dll --a---- 148480 bytes [12:00 14/04/2008] [14:10 29/02/2012]
ImagX7.dll ------- 1568768 bytes [10:10 12/09/2009] [15:16 26/07/2004]
ImagXpr7.dll ------- 476320 bytes [10:10 12/09/2009] [15:16 26/07/2004]
ImagXR7.dll ------- 262144 bytes [10:10 12/09/2009] [15:16 26/07/2004]
ImagXRA7.dll ------- 471040 bytes [10:10 12/09/2009] [15:16 26/07/2004]
imapi.exe --a---- 150528 bytes [12:00 14/04/2008] [12:00 14/04/2008]
imeshare.dll --a---- 36921 bytes [12:00 14/04/2008] [12:00 14/04/2008]
imgutil.dll --a---- 34816 bytes [12:00 14/04/2008] [23:01 07/03/2009]
imm32.dll --a---- 110080 bytes [12:00 14/04/2008] [12:00 14/04/2008]
inetcfg.dll --a---- 274432 bytes [08:52 12/09/2009] [12:00 14/04/2008]
inetcomm.dll --a---- 692736 bytes [08:52 12/09/2009] [14:22 10/10/2011]
inetcpl.cpl ------- 1469440 bytes [12:00 14/04/2008] [14:42 11/05/2012]
inetcplc.dll --a---- 110592 bytes [12:00 14/04/2008] [12:00 14/04/2008]
inetmib1.dll --a---- 32768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
inetpp.dll --a---- 75264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
inetppui.dll --a---- 15872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
inetres.dll --a---- 48128 bytes [08:52 12/09/2009] [12:00 14/04/2008]
infocardapi.dll --a---- 97800 bytes [13:54 29/07/2008] [13:54 29/07/2008]
infocardcpl.cpl --a---- 37384 bytes [13:54 29/07/2008] [13:54 29/07/2008]
infosoft.dll --a---- 450560 bytes [12:00 14/04/2008] [12:00 14/04/2008]
initdebug.nfo --a---- 45 bytes [16:38 02/11/2010] [16:38 02/11/2010]
initpki.dll --a---- 147456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
INKED.DLL --a---- 207360 bytes [11:45 26/10/2006] [11:45 26/10/2006]
input.dll --a---- 123392 bytes [12:00 14/04/2008] [12:00 14/04/2008]
inseng.dll --a---- 94720 bytes [12:00 14/04/2008] [23:02 07/03/2009]
instcat.sql --a---- 956990 bytes [12:00 14/04/2008] [12:00 14/04/2008]
intl.cpl --a---- 129536 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iologmsg.dll --a---- 30720 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipconf.tsp --a---- 17408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipconfig.exe --a---- 55808 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iphlpapi.dll --a---- 94720 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipmontr.dll --a---- 161280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipnathlp.dll --a---- 331264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ippromon.dll --a---- 330752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iprop.dll --a---- 3584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iprtprio.dll --a---- 4096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iprtrmgr.dll --a---- 177152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipsec6.exe --a---- 44032 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipsecsnp.dll --a---- 349696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipsecsvc.dll --a---- 183808 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipsmsnap.dll --a---- 384000 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipv6.exe --a---- 53248 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipv6mon.dll --a---- 59904 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipxmontr.dll --a---- 83968 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipxpromn.dll --a---- 69120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipxrip.dll --a---- 21504 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipxroute.exe --a---- 23552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipxrtmgr.dll --a---- 39936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipxsap.dll --a---- 66560 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ipxwan.dll --a---- 22016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ir32_32.dll --a---- 199168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ir41_32.ax --a---- 848384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ir41_qc.dll --a---- 120320 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ir41_qcx.dll --a---- 338432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ir50_32.dll --a---- 755200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ir50_qc.dll --a---- 200192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ir50_qcx.dll --a---- 183808 bytes [12:00 14/04/2008] [12:00 14/04/2008]
irclass.dll --a---- 13312 bytes [10:45 12/09/2009] [12:00 14/04/2008]
irprops.cpl --a---- 380416 bytes [12:00 14/04/2008] [12:00 14/04/2008]
isign32.dll --a---- 81920 bytes [08:52 12/09/2009] [18:12 18/11/2010]
isrdbg32.dll --a---- 32768 bytes [08:52 12/09/2009] [12:00 14/04/2008]
ISUSPM.cpl --a---- 61440 bytes [08:51 13/09/2011] [05:54 16/04/2004]
itircl.dll --a---- 155136 bytes [12:00 14/04/2008] [12:00 14/04/2008]
itss.dll --a---- 138240 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iuengine.dll --a---- 191488 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ivfsrc.ax --a---- 154624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ixsso.dll --a---- 54272 bytes [12:00 14/04/2008] [12:00 14/04/2008]
iyuv_32.dll --a---- 48128 bytes [03:41 14/04/2008] [16:07 27/11/2009]
java.exe --a---- 174064 bytes [15:37 04/07/2012] [15:36 04/07/2012]
javacpl.cpl --a---- 143872 bytes [15:37 04/07/2012] [15:36 04/07/2012]
javaw.exe --a---- 174064 bytes [15:37 04/07/2012] [15:36 04/07/2012]
javaws.exe --a---- 227824 bytes [15:37 04/07/2012] [15:36 04/07/2012]
jet500.dll --a---- 362496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
jgaw400.dll --a---- 44544 bytes [12:00 14/04/2008] [12:00 14/04/2008]
jgdw400.dll --a---- 163840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
jgmd400.dll --a---- 35840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
jgpl400.dll --a---- 27648 bytes [12:00 14/04/2008] [12:00 14/04/2008]
jgsd400.dll --a---- 45568 bytes [12:00 14/04/2008] [12:00 14/04/2008]
jgsh400.dll --a---- 65536 bytes [12:00 14/04/2008] [12:00 14/04/2008]
jobexec.dll --a---- 47952 bytes [12:00 14/04/2008] [12:00 14/04/2008]
joy.cpl --a---- 68608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
jscript.dll --a---- 726528 bytes [19:30 09/06/2009] [06:37 04/03/2011]
jsproxy.dll --a---- 25600 bytes [12:00 14/04/2008] [14:42 11/05/2012]
jupdate-1.6.0_17-b04.log --a---- 3414 bytes [11:12 08/11/2009] [11:13 08/11/2009]
jupdate-1.6.0_18-b07.log --a---- 4002 bytes [17:33 20/01/2010] [17:34 20/01/2010]
jupdate-1.6.0_27-b07.log --a---- 6263 bytes [10:05 09/09/2011] [10:06 09/09/2011]
jupdate-1.6.0_29-b11.log --a---- 2984 bytes [06:10 22/10/2011] [06:11 22/10/2011]
kanji_1.uce --a---- 6948 bytes [08:51 12/09/2009] [12:00 14/04/2008]
kanji_2.uce --a---- 8484 bytes [08:51 12/09/2009] [12:00 14/04/2008]
kb16.com --a---- 14710 bytes [12:00 14/04/2008] [12:00 14/04/2008]
KBDAL.DLL -ra---- 6656 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdaze.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdazel.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdbe.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdbene.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdbhc.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdblr.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdbr.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdbu.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdca.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdcan.dll --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdcr.dll -ra---- 6656 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdcz.dll -ra---- 7168 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdcz1.dll -ra---- 6656 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdcz2.dll -ra---- 6656 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdda.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbddv.dll --a---- 5120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdes.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdest.dll -ra---- 6144 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdfc.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdfi.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdfi1.dll --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdfo.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdfr.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdgae.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdgkl.dll -ra---- 6144 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdgr.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdgr1.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdhe.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdhe220.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdhe319.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdhela2.dll -ra---- 6144 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdhela3.dll -ra---- 6656 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdhept.dll -ra---- 8192 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdhu.dll -ra---- 6656 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdhu1.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdic.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdinbe1.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdinben.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdinmal.dll --a---- 6656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdir.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdit.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdit142.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdiultn.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdkaz.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdkyr.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdla.dll --a---- 6656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdlt.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdlt1.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdlv.dll -ra---- 6144 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdlv1.dll -ra---- 6144 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdmac.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdmaori.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdmlt47.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdmlt48.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdmon.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdne.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdnec.dll --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdnepr.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdno.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdno1.dll --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdpash.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdpl.dll -ra---- 6656 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdpl1.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdpo.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdro.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdru.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdru1.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdsf.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdsg.dll --a---- 6656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdsl.dll -ra---- 6656 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdsl1.dll -ra---- 6656 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdsmsfi.dll --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdsmsno.dll --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdsp.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdsw.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdtat.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdtuf.dll -ra---- 6144 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdtuq.dll -ra---- 6144 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbduk.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdukx.dll --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdur.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdus.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdusl.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdusr.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbdusx.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kbduzb.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdycc.dll -ra---- 5632 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kbdycl.dll -ra---- 6656 bytes [10:45 12/09/2009] [12:00 14/04/2008]
kd1394.dll --a---- 7424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kdcom.dll --a---- 7040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kerberos.dll --a---- 301568 bytes [12:00 14/04/2008] [12:32 22/12/2010]
kernel32.dll --a---- 991744 bytes [19:32 09/06/2009] [19:32 09/06/2009]
key01.sys --a---- 42809 bytes [12:00 14/04/2008] [12:00 14/04/2008]
keyboard.drv --a---- 2000 bytes [12:00 14/04/2008] [12:00 14/04/2008]
keyboard.sys --a---- 42537 bytes [12:00 14/04/2008] [12:00 14/04/2008]
keymgr.dll --a---- 150528 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kmddsp.tsp --a---- 33280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
kmsvc.dll --a---- 61440 bytes [12:00 14/04/2008] [12:00 14/04/2008]
korean.uce --a---- 12876 bytes [08:51 12/09/2009] [12:00 14/04/2008]
krnl386.exe --a---- 92224 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ksproxy.ax --a---- 129536 bytes [10:00 12/09/2009] [22:12 13/04/2008]
ksuser.dll --a---- 4096 bytes [10:00 12/09/2009] [22:11 13/04/2008]
l2gpstore.dll --a---- 37376 bytes [12:00 14/04/2008] [12:00 14/04/2008]
l3codeca.acm --a---- 307260 bytes [12:00 14/04/2008] [14:43 29/01/2010]
l3codecp.acm ------- 232448 bytes [14:35 18/10/2006] [14:35 18/10/2006]
l3codecx.ax --a---- 143422 bytes [12:00 14/04/2008] [16:17 15/06/2010]
label.exe --a---- 9728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
langwrbk.dll --a---- 89600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lanman.drv --a---- 221600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
LAPRXY.dll --a---- 11264 bytes [12:00 14/04/2008] [16:17 18/10/2006]
LegitCheckControl.DLL --a---- 1481728 bytes [12:00 14/04/2008] [20:18 10/03/2009]
licdll.dll --a---- 423936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
licmgr10.dll --a---- 43520 bytes [12:00 14/04/2008] [14:42 11/05/2012]
licwmi.dll --a---- 58880 bytes [08:50 12/09/2009] [12:00 14/04/2008]
lights.exe --a---- 29696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
linkinfo.dll --a---- 19968 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lmhsvc.dll --a---- 13824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lmrt.dll --a---- 399872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lnkstub.exe --a---- 25088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
loadfix.com --a---- 1131 bytes [12:00 14/04/2008] [12:00 14/04/2008]
loadperf.dll --a---- 97280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
locale.nls --a---- 265948 bytes [12:00 14/04/2008] [12:00 14/04/2008]
localsec.dll --a---- 221696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
localspl.dll --a---- 346112 bytes [19:33 09/06/2009] [19:33 09/06/2009]
localui.dll --a---- 11776 bytes [12:00 14/04/2008] [12:00 14/04/2008]
locator.exe --a---- 75264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lodctr.exe --a---- 5120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
logagent.exe --a---- 100864 bytes [19:30 09/06/2009] [19:39 17/06/2008]
loghours.dll --a---- 50176 bytes [12:00 14/04/2008] [12:00 14/04/2008]
login.cmd --a---- 487 bytes [12:00 14/04/2008] [12:00 14/04/2008]
logman.exe --a---- 59392 bytes [12:00 14/04/2008] [12:00 14/04/2008]
logoff.exe --a---- 15360 bytes [08:51 12/09/2009] [12:00 14/04/2008]
logon.scr --a---- 220672 bytes [12:00 14/04/2008] [12:00 14/04/2008]
logonui.exe --a---- 514560 bytes [12:00 14/04/2008] [12:00 14/04/2008]
logonui.exe.manifest -rah--- 488 bytes [08:54 12/09/2009] [08:54 12/09/2009]
LoopyMusic.wav --a---- 940794 bytes [10:03 12/09/2009] [10:03 12/09/2009]
lpk.dll --a---- 22016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lpq.exe --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lpr.exe --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lprhelp.dll --a---- 10240 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lprmonui.dll --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lsasrv.dll --a---- 730112 bytes [19:32 09/06/2009] [17:24 20/12/2010]
lsass.exe --a---- 13312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lusrmgr.msc --a---- 42166 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lz32.dll --a---- 2560 bytes [12:00 14/04/2008] [12:00 14/04/2008]
lzexpand.dll --a---- 9936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
l_except.nls --a---- 168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
l_intl.nls --a---- 7046 bytes [12:00 14/04/2008] [12:00 14/04/2008]
magnify.exe --a---- 72704 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mag_hook.dll --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
main.cpl --a---- 187904 bytes [12:00 14/04/2008] [12:00 14/04/2008]
makecab.exe --a---- 57344 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mapi32.dll --a---- 112128 bytes [08:55 12/09/2009] [12:00 14/04/2008]
mapistub.dll --a---- 112128 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mcastmib.dll --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mcd32.dll --a---- 10240 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mcdsrv32.dll --a---- 10496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mchgrcoi.dll --a---- 4608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mciavi.drv --a---- 73376 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mciavi32.dll --a---- 84480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mcicda.dll --a---- 17408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mciole16.dll --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mciole32.dll --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mciqtz32.dll --a---- 35328 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mciseq.dll --a---- 23040 bytes [12:00 14/04/2008] [14:47 14/10/2011]
mciseq.drv --a---- 25264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mciwave.dll --a---- 23552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mciwave.drv --a---- 28160 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mdhcp.dll --a---- 50176 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mdminst.dll --a---- 118272 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mdwmdmsp.dll --a---- 147968 bytes [20:36 17/08/2001] [19:42 09/06/2009]
mem.exe --a---- 39274 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mf3216.dll --a---- 40960 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mfc40.dll --a---- 954368 bytes [12:00 14/04/2008] [06:53 18/09/2010]
mfc40u.dll --a---- 953856 bytes [12:00 14/04/2008] [06:53 18/09/2010]
mfc42.dll --a---- 978944 bytes [12:00 14/04/2008] [13:33 08/02/2011]
mfc42u.dll --a---- 974848 bytes [12:00 14/04/2008] [13:33 08/02/2011]
mfcsubs.dll --a---- 22528 bytes [12:00 14/04/2008] [12:00 14/04/2008]
MFPLAT.dll ------- 212992 bytes [16:17 18/10/2006] [16:17 18/10/2006]
mgmtapi.dll --a---- 14848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mib.bin --a---- 46258 bytes [12:00 14/04/2008] [12:00 14/04/2008]
microsoft.managementconsole.dll --a---- 184320 bytes [12:00 14/04/2008] [12:00 14/04/2008]
midimap.dll --a---- 18944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
miglibnt.dll --a---- 60928 bytes [12:00 14/04/2008] [12:00 14/04/2008]
migpwd.exe --a---- 51712 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mimefilt.dll --a---- 29696 bytes [12:00 14/04/2008] [17:02 07/03/2008]
mlang.dat --a---- 673088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mlang.dll --a---- 586240 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mll_hp.dll --a---- 3584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mll_mtf.dll --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mll_qic.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmc.exe --a---- 1414656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmcbase.dll --a---- 163328 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmcex.dll --a---- 397312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmcfxcommon.dll --a---- 106496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmcndmgr.dll --a---- 1872896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmcperf.exe --a---- 33792 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmcshext.dll --a---- 61440 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmdriver.inf --a---- 1492 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmdrv.dll --a---- 12288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmf.sys --ahs-- 833 bytes [19:33 09/07/2012] [05:48 19/07/2012]
mmfutil.dll --a---- 17408 bytes [08:50 12/09/2009] [12:00 14/04/2008]
mmsys.cpl --a---- 618496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmsystem.dll --a---- 68768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmtask.tsk --a---- 1152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mmutilse.dll --a---- 119808 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mnmdd.dll --a---- 34560 bytes [08:52 12/09/2009] [12:00 14/04/2008]
mnmsrvc.exe --a---- 32768 bytes [08:52 12/09/2009] [12:00 14/04/2008]
mobsync.dll --a---- 207360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mobsync.exe --a---- 143360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mode.com --a---- 19456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
modemui.dll --a---- 153600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
modex.dll --a---- 10112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
more.com --a---- 16896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
moricons.dll --a---- 216064 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mountvol.exe --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mouse.drv --a---- 2032 bytes [12:00 14/04/2008] [12:00 14/04/2008]
MP43DECD.dll ------- 259072 bytes [16:17 18/10/2006] [16:17 18/10/2006]
MP43DMOD.dll --a---- 4096 bytes [12:00 14/04/2008] [16:17 18/10/2006]
mp4sdecd.dll ------- 317440 bytes [16:17 18/10/2006] [06:54 30/03/2010]
MP4SDMOD.dll --a---- 4096 bytes [12:00 14/04/2008] [16:17 18/10/2006]
mpeg2data.ax --a---- 118272 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mpg2splt.ax --a---- 148992 bytes [12:00 14/04/2008] [12:00 14/04/2008]
MPG4DECD.dll ------- 259072 bytes [16:17 18/10/2006] [16:17 18/10/2006]
MPG4DMOD.dll --a---- 4096 bytes [12:00 14/04/2008] [16:17 18/10/2006]
mpg4ds32.ax --a---- 262416 bytes [12:00 14/04/2008] [19:22 29/03/2010]
mplay32.exe --a---- 123392 bytes [08:50 12/09/2009] [12:00 14/04/2008]
mpnotify.exe --a---- 22016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mpr.dll --a---- 59904 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mprapi.dll --a---- 87040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mprddm.dll --a---- 69120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mprdim.dll --a---- 53248 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mprmsg.dll --a---- 99840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mprui.dll --a---- 47104 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqad.dll --a---- 138240 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqbkup.exe --a---- 19968 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqcertui.dll --a---- 10752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqdscli.dll --a---- 47616 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqgentr.dll --a---- 60928 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqise.dll --a---- 16896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqlogmgr.dll --a---- 89088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqoa.dll --a---- 225280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqoa.tlb --a---- 81408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqoa10.tlb --a---- 36864 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqoa20.tlb --a---- 55296 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqperf.dll --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqperf.ini --a---- 10110 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqprfsym.h --a---- 2755 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqqm.dll --a---- 663040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqrt.dll --a---- 177152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqrtdep.dll --a---- 123904 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqsec.dll --a---- 95744 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqsnap.dll --a---- 517632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqsvc.exe --a---- 4608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqtgsvc.exe --a---- 117248 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqtrig.dll --a---- 187392 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqupgrd.dll --a---- 49152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mqutil.dll --a---- 471552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mrinfo.exe --a---- 12800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
MRT.exe --a---- 57442464 bytes [07:13 15/09/2009] [20:24 10/07/2012]
msaatext.dll --a---- 102912 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msacm.dll --a---- 61168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msacm32.dll --a---- 71680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msacm32.drv --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msadds32.ax --a---- 221184 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msadp32.acm --a---- 14848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msafd.dll --a---- 3584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msapsspc.dll --a---- 86016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msasn1.dll --a---- 58880 bytes [12:00 14/04/2008] [21:03 04/09/2009]
msaud32.acm --a---- 282654 bytes [12:00 14/04/2008] [14:46 01/09/2009]
msaud32_divx.acm --a---- 186368 bytes [06:01 03/02/2003] [06:01 03/02/2003]
msaudite.dll --a---- 65024 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mscat32.dll --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mscdexnt.exe --a---- 817 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mscms.dll --a---- 74240 bytes [19:30 09/06/2009] [19:30 09/06/2009]
MSCOMCTL.OCX --a---- 1070352 bytes [05:32 07/02/2012] [05:32 07/02/2012]
msconf.dll --a---- 69632 bytes [08:52 12/09/2009] [12:00 14/04/2008]
mscoree.dll --a---- 297808 bytes [19:37 06/11/2009] [19:37 06/11/2009]
mscorier.dll --a---- 156488 bytes [19:00 23/09/2009] [19:00 23/09/2009]
mscories.dll --a---- 83968 bytes [05:46 25/07/2008] [05:46 25/07/2008]
mscpx32r.dLL --a---- 12288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mscpxl32.dLL --a---- 36864 bytes [12:00 14/04/2008] [12:00 14/04/2008]
MSCTF.dll --a---- 297984 bytes [12:00 14/04/2008] [12:00 14/04/2008]
MSCTFIME.IME --a---- 177152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
MSCTFP.dll --a---- 68608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msdadiag.dll --a---- 118784 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msdart.dll --a---- 151552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msdatsrc.tlb --a---- 12288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msdbg2.dll --a---- 265720 bytes [12:50 07/01/2009] [12:50 07/01/2009]
msdelta.dll ------- 312128 bytes [09:58 02/10/2006] [09:58 02/10/2006]
msdmo.dll --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msdtc.exe --a---- 6144 bytes [08:50 12/09/2009] [12:00 14/04/2008]
msdtclog.dll --a---- 58880 bytes [08:50 12/09/2009] [19:32 09/06/2009]
msdtcprf.h --a---- 768 bytes [08:51 12/09/2009] [12:00 14/04/2008]
msdtcprf.ini --a---- 1931 bytes [08:51 12/09/2009] [12:00 14/04/2008]
msdtcprx.dll --a---- 428032 bytes [08:50 12/09/2009] [19:32 09/06/2009]
msdtctm.dll --a---- 956928 bytes [08:50 12/09/2009] [19:32 09/06/2009]
msdtcuiu.dll --a---- 161792 bytes [08:50 12/09/2009] [19:32 09/06/2009]
msdxm.ocx --a---- 844314 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msdxmlc.dll --a---- 4126 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msencode.dll --a---- 94282 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msexch40.dll --a---- 518944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msexcl40.dll --a---- 326432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msfeeds.dll --a---- 629760 bytes [23:02 07/03/2009] [14:42 11/05/2012]
msfeedsbs.dll --a---- 55296 bytes [23:01 07/03/2009] [14:42 11/05/2012]
msfeedssync.exe ------- 13312 bytes [23:01 07/03/2009] [23:01 07/03/2009]
msftedit.dll --a---- 539136 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msg.exe --a---- 20992 bytes [08:51 12/09/2009] [12:00 14/04/2008]
msg711.acm --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msg723.acm --a---- 118784 bytes [08:53 12/09/2009] [12:00 14/04/2008]
msgina.dll --a---- 997376 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msgsm32.acm --a---- 19968 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msgsvc.dll --a---- 33792 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msh261.drv --a---- 188416 bytes [08:52 12/09/2009] [12:00 14/04/2008]
msh263.drv --a---- 294912 bytes [03:42 14/04/2008] [19:43 09/06/2009]
mshearts.exe --a---- 126976 bytes [08:51 12/09/2009] [12:00 14/04/2008]
mshta.exe --a---- 45568 bytes [12:00 14/04/2008] [23:01 07/03/2009]
mshta.exe.mui ------- 2560 bytes [08:52 08/03/2009] [08:52 08/03/2009]
mshtml.dll --a---- 6007808 bytes [19:33 09/06/2009] [14:42 11/05/2012]
mshtml.tlb --a---- 1638912 bytes [12:00 14/04/2008] [23:01 07/03/2009]
mshtmled.dll --a---- 67072 bytes [12:00 14/04/2008] [14:42 11/05/2012]
mshtmler.dll --a---- 48128 bytes [12:00 14/04/2008] [23:01 07/03/2009]
msi.dll --a---- 2843136 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msident.dll --a---- 51712 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msidle.dll --a---- 6656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msidntld.dll --a---- 14848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msieftp.dll --a---- 248832 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msiexec.exe --a---- 78848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msihnd.dll --a---- 271360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msimg32.dll --a---- 4608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msimsg.dll --a---- 884736 bytes [12:00 14/04/2008] [12:00 14/04/2008]
MSIMTF.dll --a---- 159232 bytes [12:00 14/04/2008] [12:00 14/04/2008]
MSINET.OCX --a---- 115920 bytes [18:30 21/05/2000] [18:30 21/05/2000]
msisip.dll --a---- 15360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msjet40.dll --a---- 1516568 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msjetoledb40.dll --a---- 355112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msjint40.dll --a---- 151583 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msjter40.dll --a---- 60192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msjtes40.dll --a---- 248608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mslbui.dll --a---- 25088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msls31.dll --a---- 156160 bytes [12:00 14/04/2008] [22:52 07/03/2009]
msltus40.dll --a---- 219936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msnetobj.dll --a---- 179712 bytes [12:00 14/04/2008] [16:17 18/10/2006]
msnsspc.dll --a---- 290816 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msobjs.dll --a---- 33280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msoeacct.dll --a---- 252928 bytes [08:52 12/09/2009] [12:00 14/04/2008]
msoert2.dll --a---- 105984 bytes [08:52 12/09/2009] [12:00 14/04/2008]
msonpmon.dll --a---- 31640 bytes [09:49 12/09/2009] [02:42 27/02/2009]
msorc32r.dll --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msorcl32.dll --a---- 143360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mspaint.exe --a---- 343040 bytes [08:50 12/09/2009] [18:43 16/12/2009]
mspatcha.dll --a---- 29696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mspbde40.dll --a---- 355104 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mspmsnsv.dll --a---- 27136 bytes [12:00 14/04/2008] [16:17 18/10/2006]
mspmsp.dll --a---- 175616 bytes [12:00 14/04/2008] [16:17 18/10/2006]
msports.dll --a---- 41984 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msprivs.dll --a---- 48128 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msr2c.dll --a---- 69632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msr2cenu.dll --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msratelc.dll --a---- 60416 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msrating.dll --a---- 193536 bytes [12:00 14/04/2008] [23:04 07/03/2009]
msrating.dll.mui ------- 49152 bytes [08:52 08/03/2009] [08:52 08/03/2009]
msrclr40.dll --a---- 73802 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msrd2x40.dll --a---- 432928 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msrd3x40.dll --a---- 322336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msrecr40.dll --a---- 28746 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msrepl40.dll --a---- 559904 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msrle32.dll --a---- 11264 bytes [12:00 14/04/2008] [16:07 27/11/2009]
mssap.dll --a---- 134656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msscds32.ax --a---- 69632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msscp.dll --a---- 414720 bytes [12:00 14/04/2008] [10:51 04/12/2006]
msscript.ocx --a---- 110592 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mssha.dll --a---- 155136 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msshavmsg.dll --a---- 76800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mssign32.dll --a---- 35840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mssip32.dll --a---- 4608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
MSSTDFMT.DLL --a---- 125744 bytes [08:50 24/07/2006] [08:50 24/07/2006]
msswch.dll --a---- 13312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msswchx.exe --a---- 6656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mstask.dll --a---- 274944 bytes [08:52 12/09/2009] [12:00 14/04/2008]
mstext40.dll --a---- 264992 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mstime.dll --a---- 611840 bytes [12:00 14/04/2008] [14:42 11/05/2012]
mstinit.exe --a---- 12288 bytes [08:52 12/09/2009] [12:00 14/04/2008]
mstlsapi.dll --a---- 116224 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mstsc.exe --a---- 677888 bytes [08:50 12/09/2009] [11:57 27/01/2011]
mstscax.dll --a---- 2067456 bytes [08:50 12/09/2009] [07:58 02/02/2011]
msutb.dll --a---- 195072 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msv1_0.dll --a---- 136704 bytes [12:00 14/04/2008] [14:13 11/09/2009]
msvbvm50.dll --a---- 1355776 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msvbvm60.dll --a---- 1384479 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msvci70.dll --a---- 54784 bytes [10:06 27/05/2010] [09:29 15/05/2002]
msvci70d.dll --a---- 94208 bytes [10:06 27/05/2010] [05:25 07/06/2001]
msvcirt.dll --a---- 57344 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msvcp50.dll --a---- 565760 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msvcp60.dll --a---- 413696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msvcp71.dll --a---- 499712 bytes [08:58 25/08/2011] [03:14 19/03/2003]
msvcr100_clr0400.dll --a---- 771424 bytes [07:46 18/03/2010] [07:46 18/03/2010]
msvcr70d.dll --a---- 536576 bytes [10:06 27/05/2010] [05:24 07/06/2001]
msvcr71.dll --a---- 348160 bytes [10:01 19/04/2006] [10:01 19/04/2006]
msvcrt.dll --a---- 343040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msvcrt20.dll --a---- 253952 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msvcrt40.dll --a---- 61440 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msvfw32.dll --a---- 121344 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msvidc32.dll --a---- 28672 bytes [12:00 14/04/2008] [16:07 27/11/2009]
msvidctl.dll --a---- 1428992 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msvideo.dll --a---- 126912 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msw3prt.dll --a---- 72704 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mswdat10.dll --a---- 838432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mswebdvd.dll --a---- 204800 bytes [12:00 14/04/2008] [09:01 05/08/2009]
mswmdm.dll --a---- 321536 bytes [12:00 14/04/2008] [16:17 18/10/2006]
mswsock.dll --a---- 245248 bytes [19:30 09/06/2009] [16:02 20/06/2008]
mswstr10.dll --a---- 621344 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msxbde40.dll --a---- 355104 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msxml.dll --a---- 506368 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msxml2.dll --a---- 701440 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msxml2r.dll --a---- 37916 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msxml3.dll --a---- 1172480 bytes [19:30 09/06/2009] [15:50 05/06/2012]
msxml3a.dll --a---- 25088 bytes [15:57 05/08/2009] [21:33 28/07/2009]
msxml3r.dll --a---- 44032 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msxml4.dll --a---- 1348432 bytes [18:35 20/07/2009] [18:35 20/07/2009]
msxml4r.dll --a---- 82432 bytes [14:29 18/04/2003] [14:29 18/04/2003]
msxml6.dll --a---- 1372672 bytes [19:30 09/06/2009] [15:50 05/06/2012]
msxml6r.dll --a---- 79872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msxmlr.dll --a---- 26624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
msyuv.dll --a---- 17920 bytes [03:42 14/04/2008] [17:23 27/11/2009]
mtxclu.dll --a---- 66560 bytes [19:32 09/06/2009] [19:32 09/06/2009]
mtxdm.dll --a---- 30720 bytes [08:50 12/09/2009] [12:00 14/04/2008]
mtxex.dll --a---- 4096 bytes [08:50 12/09/2009] [12:00 14/04/2008]
mtxlegih.dll --a---- 34304 bytes [08:50 12/09/2009] [12:00 14/04/2008]
mtxoci.dll --a---- 91648 bytes [08:50 12/09/2009] [19:32 09/06/2009]
mucltui.dll --a---- 275696 bytes [15:45 25/11/2010] [09:48 02/06/2012]
mucltui.dll.mui --a---- 17136 bytes [15:45 25/11/2010] [09:48 02/06/2012]
muweb.dll --a---- 214256 bytes [12:14 06/12/2008] [09:48 02/06/2012]
mycomput.dll --a---- 90112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
mydocs.dll --a---- 90624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
napipsec.dll --a---- 30208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
napmontr.dll --a---- 193024 bytes [12:00 14/04/2008] [12:00 14/04/2008]
napstat.exe --a---- 176640 bytes [12:00 14/04/2008] [12:00 14/04/2008]
narrator.exe --a---- 53760 bytes [12:00 14/04/2008] [12:00 14/04/2008]
narrhook.dll --a---- 35840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nbtstat.exe --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ncobjapi.dll --a---- 36352 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ncpa.cpl --a---- 35840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ncpa.cpl.manifest -rah--- 749 bytes [08:54 12/09/2009] [08:54 12/09/2009]
ncxpnt.dll --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nddeapi.dll --a---- 17920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nddeapir.exe --a---- 4096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nddenb32.dll --a---- 18944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ndptsp.tsp --a---- 56832 bytes [12:00 14/04/2008] [12:00 14/04/2008]
NeroCheck.exe --a---- 155648 bytes [10:10 12/09/2009] [09:50 09/07/2001]
net.exe --a---- 42496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
net.hlp --a---- 102446 bytes [12:00 14/04/2008] [12:00 14/04/2008]
net1.exe --a---- 124928 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netapi.dll --a---- 108464 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netapi32.dll --a---- 337408 bytes [19:31 09/06/2009] [19:31 09/06/2009]
netcfgx.dll --a---- 622592 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netdde.exe --a---- 111104 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netevent.dll --a---- 214016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netfxperf.dll --a---- 49488 bytes [19:37 06/11/2009] [19:37 06/11/2009]
neth.dll --a---- 253952 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netid.dll --a---- 139264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netlogon.dll --a---- 407040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netman.dll --a---- 198144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netmsg.dll --a---- 171008 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netplwiz.dll --a---- 875008 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netrap.dll --a---- 11776 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netsetup.cpl --a---- 25600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netsetup.exe --a---- 329728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netsh.exe --a---- 86016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netshell.dll --a---- 1703936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netstat.exe --a---- 36864 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netui0.dll --a---- 80896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netui1.dll --a---- 245760 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netui2.dll --a---- 308224 bytes [12:00 14/04/2008] [12:00 14/04/2008]
netware.drv --a---- 2656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
newdev.dll --a---- 247808 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nlhtml.dll --a---- 98304 bytes [12:00 14/04/2008] [17:02 07/03/2008]
nlsdl.dll --a---- 24576 bytes [12:50 07/01/2009] [12:50 07/01/2009]
nlsfunc.exe --a---- 7052 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nmevtmsg.dll --a---- 12288 bytes [08:53 12/09/2009] [12:00 14/04/2008]
nmmkcert.dll --a---- 28672 bytes [08:52 12/09/2009] [12:00 14/04/2008]
noise.chs --a---- 1696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.cht --a---- 1696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.dat --a---- 741 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.deu --a---- 149848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.eng --a---- 751 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.enu --a---- 751 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.esn --a---- 19684 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.fra --a---- 49196 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.ita --a---- 19618 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.nld --a---- 13256 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.sve --a---- 13730 bytes [12:00 14/04/2008] [12:00 14/04/2008]
noise.tha --a---- 697 bytes [12:00 14/04/2008] [12:00 14/04/2008]
normaliz.dll --a---- 23552 bytes [12:50 07/01/2009] [12:50 07/01/2009]
normidna.nls --a---- 59342 bytes [12:50 07/01/2009] [12:50 07/01/2009]
normnfc.nls --a---- 45794 bytes [12:50 07/01/2009] [12:50 07/01/2009]
normnfd.nls --a---- 39284 bytes [12:50 07/01/2009] [12:50 07/01/2009]
normnfkc.nls --a---- 66384 bytes [12:50 07/01/2009] [12:50 07/01/2009]
normnfkd.nls --a---- 60294 bytes [12:50 07/01/2009] [12:50 07/01/2009]
notepad.exe --a---- 69120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
npDeployJava1.dll --a---- 772592 bytes [15:37 04/07/2012] [15:36 04/07/2012]
npptools.dll --a---- 54784 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nscompat.tlb --a---- 23392 bytes [08:55 12/09/2009] [11:26 04/08/2010]
nslookup.exe --a---- 76800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntbackup.exe --a---- 1200640 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntdll.dll --a---- 718336 bytes [10:56 09/02/2009] [15:15 09/12/2010]
ntdos.sys --a---- 27866 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntdos404.sys --a---- 29146 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntdos411.sys --a---- 29370 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntdos412.sys --a---- 29274 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntdos804.sys --a---- 29146 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntdsapi.dll --a---- 67072 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntdsbcli.dll --a---- 26112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntimage.gif --a---- 48794 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntio.sys --a---- 33840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntio404.sys --a---- 34560 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntio411.sys --a---- 35648 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntio412.sys --a---- 35424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntio804.sys --a---- 34560 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntkrnlpa.exe --a---- 2026496 bytes [10:30 06/02/2009] [12:41 04/05/2012]
ntlanman.dll --a---- 44032 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntlanui.dll --a---- 57856 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntlanui2.dll --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntlsapi.dll --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntmarta.dll --a---- 118784 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntmsapi.dll --a---- 40960 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntmsdba.dll --a---- 179200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntmsevt.dll --a---- 36864 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntmsmgr.dll --a---- 488448 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntmsmgr.msc --a---- 26209 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntmsoprq.msc --a---- 32968 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntmssvc.dll --a---- 435200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntoskrnl.exe --a---- 2148352 bytes [19:32 09/06/2009] [13:24 04/05/2012]
ntprint.dll --a---- 91136 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntsd.exe --a---- 31744 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntsdexts.dll --a---- 36864 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntshrui.dll --a---- 143360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntvdm.exe --a---- 420864 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ntvdmd.dll --a---- 15360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nusrmgr.cpl --a---- 257024 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nvscnrpt.log --a---- 451 bytes [06:00 13/09/2009] [09:55 13/09/2010]
nw16.exe --a---- 3252 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nwapi16.dll --a---- 17408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nwapi32.dll --a---- 64000 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nwc.cpl --a---- 36864 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nwc.cpl.manifest -rah--- 749 bytes [08:54 12/09/2009] [08:54 12/09/2009]
nwcfg.dll --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nwevent.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nwprovau.dll --a---- 142336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nwscript.exe --a---- 126464 bytes [12:00 14/04/2008] [12:00 14/04/2008]
nwwks.dll --a---- 65536 bytes [12:00 14/04/2008] [12:00 14/04/2008]
oakley.dll --a---- 270336 bytes [12:00 14/04/2008] [10:30 13/10/2009]
objsel.dll --a---- 286208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
occache.dll ------- 206848 bytes [12:00 14/04/2008] [14:42 11/05/2012]
ocmanage.dll --a---- 67584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbc16gt.dll --a---- 26224 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbc32.dll --a---- 249856 bytes [12:00 14/04/2008] [14:52 09/11/2010]
odbc32gt.dll --a---- 16384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbcad32.exe --a---- 32768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbcbcp.dll --a---- 24576 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbcconf.dll --a---- 135168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbcconf.exe --a---- 69632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbcconf.rsp --a---- 4310 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbccp32.cpl --a---- 32768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbccp32.dll --a---- 106496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbccr32.dll --a---- 65536 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbccu32.dll --a---- 65536 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbcint.dll --a---- 94208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbcji32.dll --a---- 53279 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbcjt32.dll --a---- 278559 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbcp32r.dll --a---- 12288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odbctrac.dll --a---- 147456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
oddbse32.dll --a---- 20511 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odexl32.dll --a---- 20510 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odfox32.dll --a---- 20510 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odpdx32.dll --a---- 20510 bytes [12:00 14/04/2008] [12:00 14/04/2008]
odtext32.dll --a---- 20511 bytes [12:00 14/04/2008] [12:00 14/04/2008]
oembios.bin --a---- 13107200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
oembios.dat --a---- 4463 bytes [12:00 14/04/2008] [12:00 14/04/2008]
oembios.sig --a---- 6761 bytes [12:00 14/04/2008] [12:00 14/04/2008]
Oemdspif.dll --a---- 73728 bytes [05:37 31/08/2005] [05:37 31/08/2005]
offfilt.dll --a---- 192000 bytes [12:00 14/04/2008] [17:02 07/03/2008]
OGAAddin.dll --a---- 322928 bytes [09:37 03/08/2009] [09:37 03/08/2009]
OGACheckControl.dll --a---- 403816 bytes [09:37 03/08/2009] [09:37 03/08/2009]
OGAEXEC.exe --a---- 230768 bytes [09:37 03/08/2009] [09:37 03/08/2009]
ole2.dll --a---- 39744 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ole2disp.dll --a---- 169520 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ole2nls.dll --a---- 153008 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ole32.dll --a---- 1289216 bytes [12:00 14/04/2008] [16:05 01/11/2011]
oleacc.dll --a---- 220160 bytes [12:00 14/04/2008] [06:11 26/09/2011]
oleaccrc.dll --a---- 20480 bytes [12:00 14/04/2008] [06:11 26/09/2011]
oleaut32.dll --a---- 551936 bytes [12:00 14/04/2008] [17:32 20/12/2010]
olecli.dll --a---- 82944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
olecli32.dll --a---- 74752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
olecnv32.dll --a---- 37376 bytes [12:00 14/04/2008] [12:00 14/04/2008]
oledlg.dll --a---- 122880 bytes [12:00 14/04/2008] [12:00 14/04/2008]
oleprn.dll --a---- 107008 bytes [12:00 14/04/2008] [12:00 14/04/2008]
olepro32.dll --a---- 84992 bytes [12:00 14/04/2008] [12:00 14/04/2008]
olesvr.dll --a---- 24064 bytes [12:00 14/04/2008] [12:00 14/04/2008]
olesvr32.dll --a---- 22016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
olethk32.dll --a---- 69120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
onex.dll --a---- 144384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
openfiles.exe --a---- 67584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
opengl32.dll --a---- 713728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
osk.exe --a---- 215552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
osuninst.dll --a---- 67584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
osuninst.exe --a---- 40448 bytes [12:00 14/04/2008] [12:00 14/04/2008]
p2p.dll --a---- 153600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
p2pgasvc.dll --a---- 105472 bytes [12:00 14/04/2008] [12:00 14/04/2008]
p2pgraph.dll --a---- 313856 bytes [12:00 14/04/2008] [12:00 14/04/2008]
p2pnetsh.dll --a---- 115712 bytes [12:00 14/04/2008] [12:00 14/04/2008]
p2psvc.dll --a---- 554496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
packager.exe --a---- 60416 bytes [12:00 14/04/2008] [12:35 18/11/2011]
pagefileconfig.vbs --a---- 167219 bytes [12:00 14/04/2008] [12:00 14/04/2008]
panmap.dll --a---- 10240 bytes [12:00 14/04/2008] [12:00 14/04/2008]
paqsp.dll --a---- 157696 bytes [20:36 17/08/2001] [19:42 09/06/2009]
pathping.exe --a---- 21504 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pautoenr.dll --a---- 67584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pcl.sep --a---- 114 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pdh.dll --a---- 284160 bytes [19:32 09/06/2009] [19:32 09/06/2009]
pentnt.exe --a---- 15360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfc009.dat --a---- 139666 bytes [12:00 14/04/2008] [15:00 30/06/2012]
perfci.h --a---- 427 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfci.ini --a---- 2891 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfctrs.dll --a---- 39936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfd009.dat --a---- 28626 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfdisk.dll --a---- 26624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perffilt.h --a---- 140 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perffilt.ini --a---- 1152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfh009.dat --a---- 664602 bytes [12:00 14/04/2008] [15:00 30/06/2012]
perfi009.dat --a---- 272128 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfmon.exe --a---- 15872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfmon.msc -r----- 58273 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfnet.dll --a---- 17920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfnw.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfos.dll --a---- 25088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfproc.dll --a---- 34816 bytes [12:00 14/04/2008] [12:00 14/04/2008]
PerfStringBackup.INI --a---- 798850 bytes [10:45 12/09/2009] [15:00 30/06/2012]
perfts.dll --a---- 12288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfwci.h --a---- 435 bytes [12:00 14/04/2008] [12:00 14/04/2008]
perfwci.ini --a---- 2732 bytes [12:00 14/04/2008] [12:00 14/04/2008]
photometadatahandler.dll --a---- 412160 bytes [12:00 14/04/2008] [12:00 14/04/2008]
photowiz.dll --a---- 176128 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pid.dll --a---- 35328 bytes [03:42 14/04/2008] [19:43 09/06/2009]
pid.inf --a---- 974 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pid.PNF --a---- 4444 bytes [10:45 12/09/2009] [10:45 12/09/2009]
pidgen.dll --a---- 24064 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pifmgr.dll --a---- 35328 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ping.exe --a---- 17920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ping6.exe --a---- 33280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pintool.exe ------- 84480 bytes [18:19 28/10/2005] [18:19 28/10/2005]
pjlmon.dll --a---- 15360 bytes [03:42 14/04/2008] [19:43 09/06/2009]
plustab.dll --a---- 30720 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pmspl.dll --a---- 46592 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pncrt.dll --a---- 278528 bytes [08:58 25/08/2011] [18:00 15/02/2010]
pndx5016.dll --a---- 6656 bytes [08:58 25/08/2011] [18:00 15/02/2010]
pndx5032.dll --a---- 5632 bytes [08:58 25/08/2011] [18:00 15/02/2010]
pngfilt.dll --a---- 46592 bytes [12:00 14/04/2008] [23:01 07/03/2009]
PnkBstrA.exe --a---- 75136 bytes [15:01 21/11/2009] [06:09 09/01/2011]
PnkBstrB.ex0 --a---- 268952 bytes [15:02 21/11/2009] [16:51 12/02/2011]
PnkBstrB.exe --a---- 268952 bytes [15:02 21/11/2009] [18:05 12/02/2011]
PnkBstrB.xtr --a---- 268952 bytes [15:02 21/11/2009] [18:05 12/02/2011]
pnrpnsp.dll --a---- 58880 bytes [12:00 14/04/2008] [12:00 14/04/2008]
polstore.dll --a---- 105472 bytes [12:00 14/04/2008] [12:00 14/04/2008]
PortableDeviceApi.dll ------- 284160 bytes [16:17 18/10/2006] [16:17 18/10/2006]
PortableDeviceClassExtension.dll ------- 101888 bytes [16:17 18/10/2006] [16:17 18/10/2006]
PortableDeviceTypes.dll ------- 166912 bytes [16:17 18/10/2006] [16:17 18/10/2006]
PortableDeviceWiaCompat.dll ------- 132096 bytes [16:17 18/10/2006] [16:17 18/10/2006]
PortableDeviceWMDRM.dll ------- 199168 bytes [16:17 18/10/2006] [16:17 18/10/2006]
powercfg.cpl --a---- 114688 bytes [12:00 14/04/2008] [12:00 14/04/2008]
powercfg.exe --a---- 49152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
powrprof.dll --a---- 17408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
PresentationCFFRasterizerNative_v0300.dll --a---- 105016 bytes [14:29 29/07/2008] [14:29 29/07/2008]
PresentationHost.exe --a---- 295264 bytes [18:40 30/03/2010] [18:40 30/03/2010]
PresentationHostProxy.dll --a---- 99176 bytes [18:46 30/03/2010] [18:46 30/03/2010]
PresentationNative_v0300.dll --a---- 781344 bytes [14:29 29/07/2008] [14:29 29/07/2008]
prflbmsg.dll --a---- 16384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
print.exe --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
printui.dll --a---- 560640 bytes [12:00 14/04/2008] [12:00 14/04/2008]
prncnfg.vbs --a---- 35755 bytes [12:00 14/04/2008] [12:00 14/04/2008]
prndrvr.vbs --a---- 25415 bytes [12:00 14/04/2008] [12:00 14/04/2008]
prnjobs.vbs --a---- 21527 bytes [12:00 14/04/2008] [12:00 14/04/2008]
prnmngr.vbs --a---- 32546 bytes [12:00 14/04/2008] [12:00 14/04/2008]
prnport.vbs --a---- 29454 bytes [12:00 14/04/2008] [12:00 14/04/2008]
prnqctl.vbs --a---- 15860 bytes [12:00 14/04/2008] [12:00 14/04/2008]
prntvpt.dll ------- 117760 bytes [11:36 04/08/2010] [12:06 06/07/2008]
proctexe.ocx --a---- 81920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
prodspec.ini --a---- 343 bytes [12:00 14/04/2008] [12:00 14/04/2008]
profmap.dll --a---- 27648 bytes [12:00 14/04/2008] [12:00 14/04/2008]
progman.exe --a---- 109568 bytes [12:00 14/04/2008] [12:00 14/04/2008]
proquota.exe --a---- 50176 bytes [12:00 14/04/2008] [12:00 14/04/2008]
proxycfg.exe --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
psapi.dll --a---- 23040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
psbase.dll --a---- 96768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pschdcnt.h --a---- 3010 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pschdprf.dll --a---- 10752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pschdprf.ini --a---- 6877 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pscript.sep --a---- 51 bytes [12:00 14/04/2008] [12:00 14/04/2008]
psnppagn.dll --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pstorec.dll --a---- 43520 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pstorsvc.dll --a---- 34304 bytes [12:00 14/04/2008] [12:00 14/04/2008]
pubprn.vbs --a---- 3708 bytes [12:00 14/04/2008] [12:00 14/04/2008]
px.dll ------- 698864 bytes [07:38 12/09/2009] [18:36 12/07/2010]
pxafs.dll ------- 133616 bytes [07:38 12/09/2009] [18:36 12/07/2010]
pxcpya64.exe ------- 68080 bytes [07:38 12/09/2009] [18:36 12/07/2010]
pxcpyi64.exe ------- 123888 bytes [08:34 25/11/2009] [18:36 12/07/2010]
pxdrv.dll ------- 567792 bytes [07:38 12/09/2009] [18:36 12/07/2010]
pxhpinst.exe ------- 72176 bytes [07:38 12/09/2009] [18:36 12/07/2010]
pxinsa64.exe ------- 68592 bytes [07:38 12/09/2009] [18:36 12/07/2010]
pxinsi64.exe ------- 126448 bytes [08:34 25/11/2009] [18:36 12/07/2010]
pxmas.dll ------- 219632 bytes [07:38 12/09/2009] [18:36 12/07/2010]
pxsfs.dll ------- 2120176 bytes [07:38 12/09/2009] [18:36 12/07/2010]
pxwave.dll ------- 440816 bytes [07:38 12/09/2009] [18:36 12/07/2010]
qagent.dll --a---- 150528 bytes [12:00 14/04/2008] [12:00 14/04/2008]
qagentrt.dll --a---- 291328 bytes [12:00 14/04/2008] [12:00 14/04/2008]
qappsrv.exe --a---- 16896 bytes [08:51 12/09/2009] [12:00 14/04/2008]
qasf.dll --a---- 211456 bytes [12:00 14/04/2008] [16:17 18/10/2006]
qcap.dll --a---- 192512 bytes [12:00 14/04/2008] [12:00 14/04/2008]
qcliprov.dll --a---- 62464 bytes [12:00 14/04/2008] [12:00 14/04/2008]
qdv.dll --a---- 279040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
qdvd.dll --a---- 386048 bytes [12:00 14/04/2008] [15:27 03/11/2011]
qedit.dll --a---- 562176 bytes [12:00 14/04/2008] [12:00 14/04/2008]
qedwipes.dll --a---- 733696 bytes [12:00 14/04/2008] [12:00 14/04/2008]
qmgr.dll --a---- 409088 bytes [08:53 12/09/2009] [12:00 14/04/2008]
qmgrprxy.dll --a---- 18944 bytes [08:53 12/09/2009] [12:00 14/04/2008]
qosname.dll --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
qprocess.exe --a---- 19968 bytes [08:50 12/09/2009] [12:00 14/04/2008]
quartz.dll --a---- 1292288 bytes [19:33 09/06/2009] [15:27 03/11/2011]
query.dll --a---- 1435648 bytes [12:00 14/04/2008] [16:22 17/07/2009]
QuickTime.qts --a---- 69632 bytes [20:24 04/09/2009] [20:24 04/09/2009]
QuickTimeVR.qtx --a---- 94208 bytes [20:24 04/09/2009] [20:24 04/09/2009]
qutil.dll --a---- 76800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
qwinsta.exe --a---- 22016 bytes [08:51 12/09/2009] [12:00 14/04/2008]
racpldlg.dll --a---- 43520 bytes [08:52 12/09/2009] [12:00 14/04/2008]
rasadhlp.dll --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasapi32.dll --a---- 237056 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasauto.dll --a---- 88576 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasautou.exe --a---- 11776 bytes [12:00 14/04/2008] [12:00 14/04/2008]
raschap.dll --a---- 79872 bytes [12:00 14/04/2008] [13:38 12/10/2009]
rasctrnm.h --a---- 1818 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasctrs.dll --a---- 11776 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasctrs.ini --a---- 3458 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasdial.exe --a---- 11264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasdlg.dll --a---- 658432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasman.dll --a---- 61440 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasmans.dll --a---- 186368 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasmontr.dll --a---- 143360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasmxs.dll --a---- 22528 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasphone.exe --a---- 56832 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasppp.dll --a---- 210944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasqec.dll --a---- 61952 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasrad.dll --a---- 23552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rassapi.dll --a---- 16384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rasser.dll --a---- 12800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rastapi.dll --a---- 58368 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rastls.dll --a---- 149504 bytes [12:00 14/04/2008] [13:38 12/10/2009]
rcbdyctl.dll --a---- 102400 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rcimlby.exe --a---- 35840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rcp.exe --a---- 21504 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rdchost.dll --a---- 147968 bytes [08:50 12/09/2009] [12:00 14/04/2008]
rdpcfgex.dll --a---- 4096 bytes [08:51 12/09/2009] [12:00 14/04/2008]
rdpclip.exe --a---- 62976 bytes [08:50 12/09/2009] [12:00 14/04/2008]
rdpdd.dll --a---- 92424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rdpsnd.dll --a---- 19968 bytes [08:50 12/09/2009] [12:00 14/04/2008]
rdpwsx.dll --a---- 87176 bytes [08:50 12/09/2009] [12:00 14/04/2008]
rdsaddin.exe --a---- 13824 bytes [08:50 12/09/2009] [12:00 14/04/2008]
rdshost.exe --a---- 67072 bytes [08:50 12/09/2009] [12:00 14/04/2008]
recover.exe --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
redir.exe --a---- 3338 bytes [12:00 14/04/2008] [12:00 14/04/2008]
reg.exe --a---- 50176 bytes [12:00 14/04/2008] [12:00 14/04/2008]
regapi.dll --a---- 49664 bytes [12:00 14/04/2008] [12:00 14/04/2008]
regedt32.exe --a---- 3584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
regini.exe --a---- 33792 bytes [08:51 12/09/2009] [12:00 14/04/2008]
regsvc.dll --a---- 59904 bytes [12:00 14/04/2008] [12:00 14/04/2008]
regsvr32.exe --a---- 11776 bytes [12:00 14/04/2008] [12:00 14/04/2008]
regwiz.exe --a---- 4608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
regwizc.dll --a---- 397824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
relog.exe --a---- 32768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
remotepg.dll --a---- 60416 bytes [08:50 12/09/2009] [12:00 14/04/2008]
remotesp.tsp --a---- 76800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rend.dll --a---- 107520 bytes [12:00 14/04/2008] [12:00 14/04/2008]
replace.exe --a---- 12800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
reset.exe --a---- 9728 bytes [08:51 12/09/2009] [12:00 14/04/2008]
resutils.dll --a---- 58880 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rexec.exe --a---- 13824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rgb9rast_2.dll --a---- 150808 bytes [10:45 24/08/2006] [10:45 24/08/2006]
rhttpaa.dll --a---- 290304 bytes [08:50 12/09/2009] [12:00 14/04/2008]
riched20.dll --a---- 433664 bytes [12:00 14/04/2008] [12:00 14/04/2008]
riched32.dll --a---- 3584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
RICHTX32.OCX --a---- 203976 bytes [23:28 21/05/2000] [23:28 21/05/2000]
rmoc3260.dll --a---- 185920 bytes [08:58 25/08/2011] [18:00 15/02/2010]
rnr20.dll --a---- 3072 bytes [12:00 14/04/2008] [12:00 14/04/2008]
route.exe --a---- 19968 bytes [12:00 14/04/2008] [12:00 14/04/2008]
routemon.exe --a---- 25600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
routetab.dll --a---- 6656 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rpcns4.dll --a---- 22016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rpcrt4.dll --a---- 590848 bytes [19:34 09/06/2009] [08:43 16/08/2010]
rpcss.dll --a---- 401408 bytes [19:32 09/06/2009] [19:32 09/06/2009]
rsaci.rat --a---- 3167 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsaenh.dll --a---- 208384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsfsaps.dll --a---- 28672 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsh.exe --a---- 14848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rshx32.dll --a---- 39936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsm.exe --a---- 49152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsmps.dll --a---- 18944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsmsink.exe --a---- 24576 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsmui.exe --a---- 49152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsnotify.exe --a---- 107520 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsop.msc -r----- 44451 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsopprov.exe --a---- 62976 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsvp.exe --a---- 132608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsvp.ini --a---- 12082 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsvpcnts.h --a---- 3178 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsvpmsg.dll --a---- 23552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsvpperf.dll --a---- 9728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rsvpsp.dll --a---- 92672 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rtcshare.exe --a---- 77312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rtipxmib.dll --a---- 31744 bytes [12:00 14/04/2008] [12:00 14/04/2008]
RtkCoInstXP.dll --a---- 54888 bytes [15:57 29/11/2011] [12:30 14/09/2010]
rtm.dll --a---- 98304 bytes [12:00 14/04/2008] [12:00 14/04/2008]
RtNicProp32.dll --a---- 73728 bytes [06:48 03/03/2009] [06:48 03/03/2009]
RTSndMgr.CPL --a---- 891496 bytes [14:41 12/09/2009] [12:30 14/09/2010]
rtutils.dll --a---- 44032 bytes [12:00 14/04/2008] [12:00 14/04/2008]
runas.exe --a---- 16384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rundll32.exe --a---- 33280 bytes [12:00 14/04/2008] [12:00 14/04/2008]
runonce.exe --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
rwinsta.exe --a---- 15872 bytes [08:51 12/09/2009] [12:00 14/04/2008]
safrcdlg.dll --a---- 43520 bytes [08:52 12/09/2009] [12:00 14/04/2008]
safrdm.dll --a---- 29696 bytes [08:52 12/09/2009] [12:00 14/04/2008]
safrslv.dll --a---- 45568 bytes [08:52 12/09/2009] [12:00 14/04/2008]
samlib.dll --a---- 64000 bytes [12:00 14/04/2008] [12:00 14/04/2008]
samsrv.dll --a---- 415744 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sapi.cpl.manifest -rah--- 749 bytes [08:54 12/09/2009] [08:54 12/09/2009]
savedump.exe --a---- 13312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sbe.dll --a---- 270848 bytes [12:00 14/04/2008] [13:53 09/02/2011]
sbeio.dll --a---- 159232 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sc.exe --a---- 35328 bytes [19:32 09/06/2009] [19:32 09/06/2009]
scarddlg.dll --a---- 69632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
scardssp.dll --a---- 118784 bytes [12:00 14/04/2008] [12:00 14/04/2008]
scardsvr.exe --a---- 95744 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sccbase.dll --a---- 169984 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sccsccp.dll --a---- 171008 bytes [12:00 14/04/2008] [12:00 14/04/2008]
scecli.dll --a---- 181248 bytes [12:00 14/04/2008] [12:00 14/04/2008]
scesrv.dll --a---- 314880 bytes [12:00 14/04/2008] [12:00 14/04/2008]
schannel.dll --a---- 153088 bytes [19:31 09/06/2009] [04:31 04/06/2012]
schedsvc.dll --a---- 192512 bytes [08:52 12/09/2009] [12:00 14/04/2008]
schtasks.exe --a---- 121856 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sclgntfy.dll --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
SCP32.DLL --a---- 39728 bytes [08:50 24/07/2006] [08:50 24/07/2006]
scredir.dll --a---- 26624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
scriptpw.dll --a---- 10240 bytes [12:00 14/04/2008] [12:00 14/04/2008]
scrnsave.scr --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
scrobj.dll --a---- 180224 bytes [19:31 09/06/2009] [19:31 09/06/2009]
scrrun.dll --a---- 172032 bytes [19:31 09/06/2009] [19:31 09/06/2009]
scvhost --a---- 106 bytes [08:28 27/05/2010] [08:29 27/05/2010]
sdbinst.exe --a---- 77312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sdhcinst.dll --a---- 29184 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sdpblb.dll --a---- 130048 bytes [12:00 14/04/2008] [12:00 14/04/2008]
secedit.exe --a---- 18944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
seclogon.dll --a---- 18944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
secpol.msc --a---- 36364 bytes [12:00 14/04/2008] [12:00 14/04/2008]
secupd.dat --a---- 4569 bytes [12:00 14/04/2008] [12:00 14/04/2008]
secupd.sig --a---- 7208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
secur32.dll --a---- 56832 bytes [19:32 09/06/2009] [08:41 25/06/2009]
security.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sendcmsg.dll --a---- 29184 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sendmail.dll --a---- 54784 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sens.dll --a---- 39424 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sensapi.dll --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
senscfg.dll --a---- 13824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
serialui.dll --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
servdeps.dll --a---- 56320 bytes [08:50 12/09/2009] [12:00 14/04/2008]
services.exe --a---- 110592 bytes [19:32 09/06/2009] [19:32 09/06/2009]
services.msc --a---- 33464 bytes [12:00 14/04/2008] [12:00 14/04/2008]
serwvdrv.dll --a---- 14848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sessmgr.exe --a---- 141312 bytes [08:50 12/09/2009] [12:00 14/04/2008]
sethc.exe --a---- 31232 bytes [12:00 14/04/2008] [12:00 14/04/2008]
setup.bmp --a---- 240120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
setup.exe --a---- 23040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
setupapi.dll --a---- 985088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
setupdll.dll --a---- 414208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
setupn.exe --a---- 32768 bytes [12:00 14/04/2008] [12:00 14/04/2008]
setver.exe --a---- 11753 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sfc.dll --a---- 5120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sfc.exe --a---- 9728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sfcfiles.dll --a---- 1614848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sfc_os.dll --a---- 140288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sfmapi.dll --a---- 23552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shadow.exe --a---- 14848 bytes [08:51 12/09/2009] [12:00 14/04/2008]
share.exe --a---- 882 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shdoclc.dll --a---- 549376 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shdocvw.dll --a---- 1509888 bytes [19:33 09/06/2009] [15:31 18/07/2009]
shell.dll --a---- 5120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shell32.dll --a---- 8462848 bytes [19:31 09/06/2009] [14:26 08/06/2012]
shellextlib.tlb --a---- 216416 bytes [11:23 01/01/2003] [11:23 01/01/2003]
shellstyle.dll --a---- 435712 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shfolder.dll --a---- 25088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shgina.dll --a---- 68096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shiftjis.uce --a---- 16740 bytes [08:51 12/09/2009] [12:00 14/04/2008]
shimeng.dll --a---- 65024 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shimgvw.dll --a---- 439296 bytes [12:00 14/04/2008] [14:44 21/01/2011]
shlwapi.dll --a---- 474112 bytes [12:00 14/04/2008] [09:23 08/12/2009]
shmedia.dll --a---- 152064 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shmgrate.exe --a---- 45056 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shrpubw.exe --a---- 77824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shscrap.dll --a---- 27648 bytes [12:00 14/04/2008] [12:00 14/04/2008]
shsvcs.dll --a---- 135168 bytes [12:00 14/04/2008] [23:17 27/07/2009]
shutdown.exe --a---- 19456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sigtab.dll --a---- 13312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sigverif.exe --a---- 70144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
simpdata.tlb --a---- 16384 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sisbkup.dll --a---- 13824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
skdll.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
skeys.exe --a---- 26112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
slayerxp.dll --a---- 25088 bytes [12:00 14/04/2008] [12:00 14/04/2008]
slbcsp.dll --a---- 306176 bytes [12:00 14/04/2008] [12:00 14/04/2008]
slbiop.dll --a---- 98304 bytes [12:00 14/04/2008] [12:00 14/04/2008]
slbrccsp.dll --a---- 14848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sl_anet.acm --a---- 86016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
smbinst.exe --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
smlogcfg.dll --a---- 362496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
smlogsvc.exe --a---- 89600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
smss.exe --a---- 50688 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sndrec32.exe --a---- 131584 bytes [08:50 12/09/2009] [12:00 14/04/2008]
sndvol32.exe --a---- 138752 bytes [08:51 12/09/2009] [12:00 14/04/2008]
snmpapi.dll --a---- 18944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
snmpsnap.dll --a---- 182272 bytes [12:00 14/04/2008] [12:00 14/04/2008]
softpub.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sol.exe --a---- 56832 bytes [08:51 12/09/2009] [12:00 14/04/2008]
sort.exe --a---- 24576 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sortkey.nls --a---- 262148 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sorttbls.nls --a---- 23044 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sound.drv --a---- 1744 bytes [12:00 14/04/2008] [12:00 14/04/2008]
speedfan.sys --a---- 5248 bytes [13:28 24/09/2006] [13:28 24/09/2006]
spider.exe --a---- 538624 bytes [08:50 12/09/2009] [12:00 14/04/2008]
spiisupd.exe --a---- 12800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
spmsg.dll ------- 17272 bytes [11:26 04/08/2010] [13:15 05/07/2010]
spmsgXP_2k3.dll ------- 14640 bytes [05:02 01/10/2011] [08:27 21/03/2008]
spnike.dll --a---- 69632 bytes [20:36 17/08/2001] [19:42 09/06/2009]
spnpinst.exe --a---- 11264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
spoolss.dll --a---- 75264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
spoolsv.exe --a---- 58880 bytes [12:00 14/04/2008] [13:17 17/08/2010]
sprestrt.exe --a---- 9728 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sprio600.dll --a---- 70656 bytes [20:36 17/08/2001] [19:42 09/06/2009]
sprio800.dll --a---- 72192 bytes [20:36 17/08/2001] [19:42 09/06/2009]
spupdsvc.exe --a---- 26144 bytes [07:11 15/09/2009] [12:51 07/01/2009]
spxcoins.dll --a---- 24661 bytes [10:45 12/09/2009] [12:00 14/04/2008]
sqlsodbc.chm --a---- 46133 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sqlsrv32.dll --a---- 442368 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sqlsrv32.rll --a---- 90112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sqlunirl.dll --a---- 180800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sqlwid.dll --a---- 24603 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sqlwoa.dll --a---- 49179 bytes [12:00 14/04/2008] [12:00 14/04/2008]
srclient.dll --a---- 67584 bytes [08:52 12/09/2009] [12:00 14/04/2008]
srrstr.dll --a---- 239104 bytes [08:52 12/09/2009] [12:00 14/04/2008]
srsvc.dll --a---- 171008 bytes [08:52 12/09/2009] [12:00 14/04/2008]
srvsvc.dll --a---- 99840 bytes [12:00 14/04/2008] [05:57 27/08/2010]
ss3dfo.scr --a---- 704512 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ssbezier.scr --a---- 19968 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ssdpapi.dll --a---- 34816 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ssdpsrv.dll --a---- 71680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ssflwbox.scr --a---- 393216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ssmarque.scr --a---- 20992 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ssmypics.scr --a---- 47104 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ssmyst.scr --a---- 18944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sspipes.scr --a---- 610304 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ssstars.scr --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sstext3d.scr --a---- 679936 bytes [12:00 14/04/2008] [12:00 14/04/2008]
stclient.dll --a---- 59392 bytes [08:50 12/09/2009] [12:00 14/04/2008]
stdole2.tlb --a---- 16896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
stdole32.tlb --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sti.dll --a---- 68096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
stimon.exe --a---- 14848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sti_ci.dll --a---- 136704 bytes [12:00 14/04/2008] [12:00 14/04/2008]
stobject.dll --a---- 121856 bytes [12:00 14/04/2008] [12:00 14/04/2008]
storage.dll --a---- 4208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
storprop.dll --a---- 74752 bytes [10:45 12/09/2009] [03:42 14/04/2008]
streamci.dll --a---- 8192 bytes [20:36 17/08/2001] [19:42 09/06/2009]
strmdll.dll --a---- 247326 bytes [19:31 09/06/2009] [08:00 26/08/2009]
strmfilt.dll --a---- 75776 bytes [12:00 14/04/2008] [05:38 21/10/2009]
subrange.uce --a---- 93702 bytes [08:51 12/09/2009] [12:00 14/04/2008]
subst.exe --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
svchost.exe --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
svcpack.dll --a---- 6144 bytes [12:00 14/04/2008] [12:00 14/04/2008]
swprv.dll --a---- 138752 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sxs.dll --a---- 713216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
syncapp.exe --a---- 51200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
synceng.dll --a---- 57856 bytes [12:00 14/04/2008] [12:00 14/04/2008]
syncui.dll --a---- 191488 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sysdm.cpl --a---- 300544 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sysedit.exe --a---- 18896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sysinv.dll --a---- 15872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
syskey.exe --a---- 36864 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sysmon.ocx --a---- 218624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sysocmgr.exe --a---- 106496 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sysprint.sep --a---- 3214 bytes [12:00 14/04/2008] [12:00 14/04/2008]
sysprtj.sep --a---- 3577 bytes [12:00 14/04/2008] [12:00 14/04/2008]
syssetup.dll --a---- 990208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
system.drv --a---- 3360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
systeminfo.exe --a---- 71680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
systray.exe --a---- 3072 bytes [12:00 14/04/2008] [12:00 14/04/2008]
t2embed.dll --a---- 119808 bytes [12:00 14/04/2008] [08:02 27/08/2010]
tapi.dll --a---- 19200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tapi3.dll --a---- 858624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tapi32.dll --a---- 181760 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tapiperf.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tapisrv.dll --a---- 249856 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tapiui.dll --a---- 78848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
taskkill.exe --a---- 76288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tasklist.exe --a---- 77824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
taskman.exe --a---- 15360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
taskmgr.exe --a---- 135680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tcmsetup.exe --a---- 12288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tcpmib.dll --a---- 14848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tcpmon.dll --a---- 45568 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tcpmon.ini --a---- 53478 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tcpmonui.dll --a---- 45568 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tcpsvcs.exe --a---- 19456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tdc.ocx --a---- 66560 bytes [12:00 14/04/2008] [23:00 07/03/2009]
telephon.cpl --a---- 28160 bytes [12:00 14/04/2008] [12:00 14/04/2008]
telnet.exe --a---- 76288 bytes [12:00 14/04/2008] [12:31 12/06/2009]
temp.txt --a---- 26591 bytes [09:18 02/07/2012] [09:52 02/07/2012]
termcap --a---- 862 bytes [12:00 14/04/2008] [12:00 14/04/2008]
termmgr.dll --a---- 358400 bytes [12:00 14/04/2008] [12:00 14/04/2008]
termsrv.dll --a---- 295424 bytes [08:50 12/09/2009] [12:00 14/04/2008]
tftp.exe --a---- 16896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
themeui.dll --a---- 385536 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ticrf.rat ------- 1988 bytes [12:50 07/01/2009] [12:50 07/01/2009]
timedate.cpl --a---- 94208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
timer.drv --a---- 4048 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tlntadmn.exe --a---- 61440 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tlntsess.exe --a---- 80896 bytes [12:00 14/04/2008] [12:31 12/06/2009]
tlntsvr.exe --a---- 73216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tlntsvrp.dll --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
toolhelp.dll --a---- 13888 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tourstart.exe --a---- 347136 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tracerpt.exe --a---- 259584 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tracert.exe --a---- 12288 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tracert6.exe --a---- 31744 bytes [12:00 14/04/2008] [12:00 14/04/2008]
traffic.dll --a---- 31232 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tree.com --a---- 12800 bytes [12:00 14/04/2008] [12:00 14/04/2008]
trkwks.dll --a---- 90112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tsappcmp.dll --a---- 52224 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tsbyuv.dll --a---- 8704 bytes [20:36 17/08/2001] [16:07 27/11/2009]
tsccvid.dll --a---- 102400 bytes [05:33 29/01/2011] [21:30 14/06/2005]
tscfgwmi.dll --a---- 93696 bytes [08:50 12/09/2009] [12:00 14/04/2008]
tscon.exe --a---- 14848 bytes [08:51 12/09/2009] [12:00 14/04/2008]
tsd32.dll --a---- 15360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tsddd.dll --a---- 12168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tsdiscon.exe --a---- 14848 bytes [08:51 12/09/2009] [12:00 14/04/2008]
tsgqec.dll --a---- 53248 bytes [08:50 12/09/2009] [12:00 14/04/2008]
tskill.exe --a---- 16384 bytes [08:51 12/09/2009] [12:00 14/04/2008]
tslabels.h --a---- 3286 bytes [08:51 12/09/2009] [12:00 14/04/2008]
tslabels.ini --a---- 13223 bytes [08:51 12/09/2009] [12:00 14/04/2008]
tspkg.dll --a---- 50688 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tsshutdn.exe --a---- 16896 bytes [08:51 12/09/2009] [12:00 14/04/2008]
tssoft32.acm --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
TsWpfWrp.exe --a---- 26112 bytes [15:40 29/07/2008] [15:40 29/07/2008]
twext.dll --a---- 57856 bytes [12:00 14/04/2008] [12:00 14/04/2008]
TwnLib20.dll --a---- 106496 bytes [10:10 12/09/2009] [09:45 26/06/2000]
txflog.dll --a---- 101376 bytes [12:00 14/04/2008] [12:00 14/04/2008]
typelib.dll --a---- 177856 bytes [12:00 14/04/2008] [12:00 14/04/2008]
typeperf.exe --a---- 36352 bytes [12:00 14/04/2008] [12:00 14/04/2008]
tzchange.exe --a---- 46080 bytes [12:00 14/04/2008] [13:46 08/11/2011]
TZLog.log --a---- 242648 bytes [08:56 12/09/2009] [13:44 14/12/2011]
udhisapi.dll --a---- 26624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ufat.dll --a---- 82432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
uiautomationcore.dll --a---- 611328 bytes [14:29 29/07/2008] [06:11 26/09/2011]
ulib.dll --a---- 275456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
umandlg.dll --a---- 35840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
umdmxfrm.dll --a---- 13312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
umpnpmgr.dll --a---- 123392 bytes [12:00 14/04/2008] [12:00 14/04/2008]
unicode.nls --a---- 89588 bytes [12:00 14/04/2008] [12:00 14/04/2008]
unimdm.tsp --a---- 206848 bytes [12:00 14/04/2008] [12:00 14/04/2008]
unimdmat.dll --a---- 74240 bytes [12:00 14/04/2008] [12:00 14/04/2008]
uniplat.dll --a---- 13824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
unlodctr.exe --a---- 4096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
untfs.dll --a---- 316416 bytes [12:00 14/04/2008] [12:00 14/04/2008]
upnp.dll --a---- 133632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
upnpcont.exe --a---- 16896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
upnphost.dll --a---- 185856 bytes [12:00 14/04/2008] [12:00 14/04/2008]
upnpui.dll --a---- 239616 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ups.exe --a---- 18432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ureg.dll --a---- 17920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
url(3).dll --a---- 105984 bytes [12:00 14/04/2008] [11:01 01/03/2012]
url.dll --a---- 105984 bytes [12:00 14/04/2008] [14:42 11/05/2012]
urlmon(3).dll --a---- 1212416 bytes [19:33 09/06/2009] [11:01 01/03/2012]
urlmon.dll --a---- 1212416 bytes [19:33 09/06/2009] [14:42 11/05/2012]
usbmon.dll --a---- 16896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
usbui.dll --a---- 74240 bytes [10:47 12/09/2009] [03:42 14/04/2008]
user.exe --a---- 47872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
user32.dll --a---- 578560 bytes [12:00 14/04/2008] [12:00 14/04/2008]
userenv.dll --a---- 727040 bytes [12:00 14/04/2008] [12:00 14/04/2008]
userinit.exe --a---- 26112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
usp10.dll --a---- 406016 bytes [12:00 14/04/2008] [15:36 16/04/2010]
usrcntra.dll --a---- 61500 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrcoina.dll --a---- 69699 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrdpa.dll --a---- 77890 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrdtea.dll --a---- 323641 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrfaxa.dll --a---- 86073 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrlbva.dll --a---- 53305 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrlogon.cmd --a---- 1161 bytes [08:51 12/09/2009] [12:00 14/04/2008]
usrmlnka.exe --a---- 77891 bytes [20:37 17/08/2001] [19:42 09/06/2009]
usrprbda.exe --a---- 61508 bytes [20:37 17/08/2001] [19:42 09/06/2009]
usrrtosa.dll --a---- 77883 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrsdpia.dll --a---- 49211 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrshuta.exe --a---- 69700 bytes [20:37 17/08/2001] [19:42 09/06/2009]
usrsvpia.dll --a---- 41019 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrv42a.dll --a---- 102457 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrv80a.dll --a---- 49209 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrvoica.dll --a---- 45116 bytes [20:36 17/08/2001] [19:42 09/06/2009]
usrvpa.dll --a---- 49211 bytes [20:36 17/08/2001] [19:42 09/06/2009]
utildll.dll --a---- 25600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
utilman.exe --a---- 50176 bytes [12:00 14/04/2008] [12:00 14/04/2008]
uwdf.exe ------- 8704 bytes [16:28 18/10/2006] [16:28 18/10/2006]
uxtheme.dll --a---- 218624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
v7vga.rom --a---- 18832 bytes [12:00 14/04/2008] [12:00 14/04/2008]
VBAEN32.OLB --a---- 24848 bytes [11:44 24/03/1998] [11:44 24/03/1998]
VBAEND32.OLB --a---- 24848 bytes [11:44 24/03/1998] [11:44 24/03/1998]
vbajet32.dll --a---- 30749 bytes [12:00 14/04/2008] [12:00 14/04/2008]
VBAME.DLL --a---- 47920 bytes [08:50 24/07/2006] [08:50 24/07/2006]
vbicodec.ax --a---- 53248 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vbisurf.ax --a---- 30208 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vbscript.dll --a---- 420864 bytes [19:31 09/06/2009] [06:37 04/03/2011]
vbshell.tlb --a---- 64388 bytes [18:35 19/03/2000] [18:35 19/03/2000]
vcdex.dll --a---- 7680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vdmdbg.dll --a---- 26112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vdmredir.dll --a---- 51712 bytes [12:00 14/04/2008] [12:00 14/04/2008]
VEN2232.OLB --a---- 37376 bytes [12:50 03/12/1996] [12:50 03/12/1996]
ver.dll --a---- 9008 bytes [12:00 14/04/2008] [12:00 14/04/2008]
verclsid.exe --a---- 28672 bytes [12:00 14/04/2008] [12:00 14/04/2008]
verifier.dll --a---- 26624 bytes [12:00 14/04/2008] [12:00 14/04/2008]
verifier.exe --a---- 98304 bytes [12:00 14/04/2008] [12:00 14/04/2008]
version.dll --a---- 18944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vfpodbc.dll --a---- 20535 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vga.dll --a---- 9344 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vga.drv --a---- 2176 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vga256.dll --a---- 51456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vga64k.dll --a---- 18176 bytes [12:00 14/04/2008] [12:00 14/04/2008]
View Channels.scf --a---- 75 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vjoy.dll --a---- 4608 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vssadmin.exe --a---- 33792 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vssapi.dll --a---- 430592 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vssvc.exe --a---- 289792 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vss_ps.dll --a---- 16896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vwipxspx.dll --a---- 19456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vwipxspx.exe --a---- 1129 bytes [12:00 14/04/2008] [12:00 14/04/2008]
vxblock.dll ------- 100848 bytes [07:38 12/09/2009] [18:36 12/07/2010]
w32time.dll --a---- 175104 bytes [12:00 14/04/2008] [12:00 14/04/2008]
w32tm.exe --a---- 49664 bytes [12:00 14/04/2008] [12:00 14/04/2008]
w32topl.dll --a---- 22016 bytes [12:00 14/04/2008] [12:00 14/04/2008]
w3ssl.dll --a---- 15872 bytes [12:00 14/04/2008] [12:00 14/04/2008]
watchdog.sys --a---- 17664 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wavemsp.dll --a---- 215552 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbcache.deu --a---- 65489 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbcache.enu --a---- 65489 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbcache.esn --a---- 65489 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbcache.fra --a---- 65489 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbcache.ita --a---- 65489 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbcache.nld --a---- 65489 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbcache.sve --a---- 65489 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbdbase.deu --a---- 1309184 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbdbase.enu --a---- 957440 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbdbase.esn --a---- 750080 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbdbase.fra --a---- 786944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbdbase.ita --a---- 867840 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbdbase.nld --a---- 1095680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wbdbase.sve --a---- 937984 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wdfapi.dll ------- 4096 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wdfmgr.exe ------- 8704 bytes [16:28 18/10/2006] [16:28 18/10/2006]
wdigest.dll --a---- 54272 bytes [12:00 14/04/2008] [08:41 25/06/2009]
wdl.trm --a---- 4096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wdmaud.drv --a---- 23552 bytes [03:42 14/04/2008] [22:12 13/04/2008]
webcheck.dll --a---- 236544 bytes [12:00 14/04/2008] [23:04 07/03/2009]
webclnt.dll --a---- 68096 bytes [12:00 14/04/2008] [12:00 14/04/2008]
webfldrs.msi --a---- 1326080 bytes [12:00 14/04/2008] [12:00 14/04/2008]
webhits.dll --a---- 40448 bytes [12:00 14/04/2008] [12:00 14/04/2008]
webvw.dll --a---- 135680 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wextract.exe --a---- 65024 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wfwnet.drv --a---- 13600 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wgalogon.dll --a---- 190464 bytes [20:18 10/03/2009] [20:18 10/03/2009]
wgatray.exe --a---- 323072 bytes [20:18 10/03/2009] [20:18 10/03/2009]
wiaacmgr.exe --a---- 433664 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wiadefui.dll --a---- 463360 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wiadss.dll --a---- 124416 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wiascr.dll --a---- 75776 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wiaservc.dll --a---- 333824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wiasf.ax --a---- 40448 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wiashext.dll --a---- 589312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wiavideo.dll --a---- 111104 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wiavusd.dll --a---- 145408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wifeman.dll --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
win.com --a---- 18432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
win32k.sys --a---- 1875072 bytes [19:33 09/06/2009] [13:29 13/06/2012]
win32spl.dll --a---- 102400 bytes [12:00 14/04/2008] [12:00 14/04/2008]
win87em.dll --a---- 13312 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winbrand.dll --a---- 1647616 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winchat.exe --a---- 35328 bytes [08:51 12/09/2009] [12:00 14/04/2008]
windowscodecs.dll --a---- 712704 bytes [12:00 14/04/2008] [12:00 14/04/2008]
windowscodecsext.dll --a---- 346112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
WindowsLogon.manifest -rah--- 488 bytes [08:54 12/09/2009] [08:54 12/09/2009]
winfax.dll --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
WinFXDocObj.exe ------- 208384 bytes [23:04 07/03/2009] [23:04 07/03/2009]
winhelp.hlp --a---- 32674 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winhlp32.exe --a---- 8192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winhttp.dll --a---- 354816 bytes [19:32 09/06/2009] [14:20 16/11/2011]
wininet(3).dll --a---- 916992 bytes [19:33 09/06/2009] [11:01 01/03/2012]
wininet.dll --a---- 916992 bytes [19:33 09/06/2009] [15:08 16/05/2012]
winipsec.dll --a---- 32256 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winlogon.exe --a---- 507904 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winmine.exe --a---- 119808 bytes [08:51 12/09/2009] [12:00 14/04/2008]
winmm.dll --a---- 176128 bytes [12:00 14/04/2008] [14:47 14/10/2011]
winmsd.exe --a---- 11776 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winnls.dll --a---- 5120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winntbbu.dll --a---- 756224 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winoldap.mod --a---- 2080 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winrnr.dll --a---- 16896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winscard.dll --a---- 99328 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winshfhc.dll --a---- 17408 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winsock.dll --a---- 2864 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winspool.drv --a---- 146432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winspool.exe --a---- 2112 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winsrv.dll --a---- 293376 bytes [12:00 14/04/2008] [21:57 25/11/2011]
winsta.dll --a---- 53760 bytes [12:00 14/04/2008] [12:00 14/04/2008]
winstrm.dll --a---- 18944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wintrust.dll --a---- 177664 bytes [12:00 14/04/2008] [14:10 29/02/2012]
winver.exe --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
WISPTIS.EXE --a---- 293376 bytes [11:45 26/10/2006] [11:45 26/10/2006]
wkssvc.dll --a---- 132096 bytes [12:00 14/04/2008] [06:14 10/06/2009]
wlanapi.dll --a---- 69120 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wldap32.dll --a---- 172032 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wlnotify.dll --a---- 92672 bytes [12:00 14/04/2008] [12:00 14/04/2008]
WMADMOD.dll --a---- 757248 bytes [12:00 14/04/2008] [16:17 18/10/2006]
WMADMOE.dll --a---- 1117696 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmasf.dll --a---- 222720 bytes [12:00 14/04/2008] [12:10 27/10/2007]
wmdmlog.dll --a---- 33792 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmdmps.dll --a---- 37376 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmdrmdev.dll ------- 429056 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wmdrmnet.dll ------- 348672 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wmdrmsdk.dll ------- 535040 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wmerrenu.dll --a---- 51200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wmerror.dll --a---- 227328 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmi.dll --a---- 5632 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wmidx.dll --a---- 157184 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmimgmt.msc --a---- 63488 bytes [08:51 12/09/2009] [12:00 14/04/2008]
wmiprop.dll --a---- 18944 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wmiscmgr.dll --a---- 55808 bytes [12:00 14/04/2008] [12:00 14/04/2008]
WMNetmgr.dll --a---- 938496 bytes [19:31 09/06/2009] [23:33 17/06/2008]
wmp.dll --a---- 10841088 bytes [12:00 14/04/2008] [18:06 25/08/2010]
wmp.ocx --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wmpasf.dll --a---- 242688 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmpcd.dll --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wmpcore.dll --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wmpdxm.dll --a---- 286208 bytes [12:00 14/04/2008] [18:13 13/07/2009]
wmpeffects.dll ------- 295936 bytes [16:17 18/10/2006] [12:42 24/06/2008]
wmpencen.dll ------- 1661440 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wmphoto.dll --a---- 276992 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wmploc.dll --a---- 8231936 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmpmde.dll ------- 613376 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wmpns.dll --a---- 221184 bytes [15:21 22/04/2010] [12:00 14/04/2008]
wmpps.dll ------- 130048 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wmpshell.dll --a---- 99840 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmpsrcwp.dll ------- 204288 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wmpui.dll --a---- 20480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wmsdmod.dll --a---- 4096 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmsdmoe.dll --a---- 115200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wmsdmoe2.dll --a---- 4096 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmspdmod.dll --a---- 604160 bytes [12:00 14/04/2008] [17:32 01/04/2009]
WMSPDMOE.dll --a---- 1329152 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmstream.dll --a---- 303616 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wmv8ds32.ax --a---- 278559 bytes [12:00 14/04/2008] [12:00 14/04/2008]
WMVADVD.dll ------- 4096 bytes [16:17 18/10/2006] [16:17 18/10/2006]
WMVADVE.DLL ------- 4096 bytes [16:17 18/10/2006] [16:17 18/10/2006]
WMVCore.dll --a---- 2462720 bytes [19:31 09/06/2009] [23:22 05/04/2010]
WMVDECOD.dll ------- 1543680 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wmvdmod.dll --a---- 4096 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmvdmoe2.dll --a---- 4096 bytes [12:00 14/04/2008] [16:17 18/10/2006]
wmvds32.ax --a---- 258048 bytes [12:00 14/04/2008] [12:00 14/04/2008]
WMVENCOD.dll ------- 1574912 bytes [16:17 18/10/2006] [16:17 18/10/2006]
WMVSDECD.dll ------- 1382912 bytes [16:17 18/10/2006] [16:17 18/10/2006]
WMVSENCD.dll ------- 767488 bytes [16:17 18/10/2006] [16:17 18/10/2006]
WMVXENCD.dll ------- 656896 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wow32.dll --a---- 264192 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wowdeb.exe --a---- 2736 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wowexec.exe --a---- 10368 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wowfax.dll --a---- 3200 bytes [20:36 17/08/2001] [19:42 09/06/2009]
wowfaxui.dll --a---- 13824 bytes [20:36 17/08/2001] [19:42 09/06/2009]
wpa.dbl --a---- 2206 bytes [12:00 14/04/2008] [05:48 19/07/2012]
wpabaln.exe --a---- 32256 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wpdconns.dll ------- 35840 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wpdmtp.dll ------- 154624 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wpdmtpus.dll ------- 63488 bytes [16:17 18/10/2006] [16:17 18/10/2006]
WpdShext.dll ------- 2603008 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wpdshextautoplay.exe ------- 17408 bytes [14:30 18/10/2006] [14:30 18/10/2006]
wpdshextres.dll ------- 38400 bytes [16:17 18/10/2006] [16:17 18/10/2006]
WPDShServiceObj.dll ------- 133632 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wpdsp.dll ------- 356352 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wpd_ci.dll ------- 629760 bytes [16:17 18/10/2006] [16:17 18/10/2006]
wpnpinst.exe --a---- 11264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
write.exe --a---- 5632 bytes [08:51 12/09/2009] [12:00 14/04/2008]
ws2help.dll --a---- 19968 bytes [12:00 14/04/2008] [12:00 14/04/2008]
ws2_32.dll --a---- 82432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wscntfy.exe --a---- 13824 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wscript.exe --a---- 155648 bytes [19:31 09/06/2009] [19:31 09/06/2009]
wscsvc.dll --a---- 80896 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wscui.cpl --a---- 148480 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wsecedit.dll --a---- 604160 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wshatm.dll --a---- 9216 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wshbth.dll --a---- 108032 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wshcon.dll --a---- 36864 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wshext.dll --a---- 90112 bytes [19:31 09/06/2009] [19:31 09/06/2009]
wship6.dll --a---- 14336 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wshisn.dll --a---- 11776 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wshnetbs.dll --a---- 7168 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wshom.ocx --a---- 135168 bytes [19:31 09/06/2009] [19:31 09/06/2009]
WshRm.dll --a---- 11264 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wshtcpip.dll --a---- 19456 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wsnmp32.dll --a---- 41984 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wsock32.dll --a---- 22528 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wstdecod.dll --a---- 50688 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wstpager.ax --a---- 164352 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wstrenderer.ax --a---- 239616 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wtsapi32.dll --a---- 18432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wuapi.dll --a---- 577048 bytes [08:53 12/09/2009] [09:49 02/06/2012]
wuapi.dll.mui --a---- 15384 bytes [08:30 17/11/2009] [09:49 02/06/2012]
wuauclt.exe --a---- 53784 bytes [08:53 12/09/2009] [09:49 02/06/2012]
wuauclt1.exe --a---- 165888 bytes [08:53 12/09/2009] [12:00 14/04/2008]
wuaucpl.cpl --a---- 219160 bytes [08:53 12/09/2009] [09:49 02/06/2012]
wuaucpl.cpl.manifest -rah--- 749 bytes [08:54 12/09/2009] [08:54 12/09/2009]
wuaucpl.cpl.mui --a---- 15384 bytes [12:00 14/04/2008] [09:49 02/06/2012]
wuaueng.dll --a---- 1933848 bytes [08:53 12/09/2009] [09:49 02/06/2012]
wuaueng.dll.mui --a---- 17944 bytes [12:00 14/04/2008] [09:49 02/06/2012]
wuaueng1.dll --a---- 183296 bytes [08:53 12/09/2009] [12:00 14/04/2008]
wuauserv.dll --a---- 6656 bytes [08:53 12/09/2009] [12:00 14/04/2008]
wucltui.dll --a---- 329240 bytes [08:53 12/09/2009] [09:49 02/06/2012]
wucltui.dll.mui --a---- 22040 bytes [12:00 14/04/2008] [09:49 02/06/2012]
WUDFCoinstaller.dll ------- 95344 bytes [14:43 28/09/2006] [14:43 28/09/2006]
WudfHost.exe ------- 146432 bytes [13:26 28/09/2006] [13:26 28/09/2006]
WudfPlatform.dll ------- 165376 bytes [13:26 28/09/2006] [13:26 28/09/2006]
WudfSvc.dll ------- 55808 bytes [13:26 28/09/2006] [13:26 28/09/2006]
WUDFx.dll ------- 316416 bytes [13:26 28/09/2006] [13:26 28/09/2006]
wupdmgr.exe --a---- 32256 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wups.dll --a---- 35864 bytes [08:53 12/09/2009] [09:49 02/06/2012]
wups2.dll --a---- 45080 bytes [20:20 09/11/2008] [09:49 02/06/2012]
wuweb.dll --a---- 210968 bytes [08:53 12/09/2009] [09:49 02/06/2012]
wzcdlg.dll --a---- 383488 bytes [12:00 14/04/2008] [12:00 14/04/2008]
wzcsapi.dll --a---- 52736 bytes [03:42 14/04/2008] [19:43 09/06/2009]
wzcsvc.dll --a---- 483840 bytes [03:42 14/04/2008] [19:43 09/06/2009]
xactsrv.dll --a---- 91648 bytes [12:00 14/04/2008] [12:00 14/04/2008]
xcopy.exe --a---- 30720 bytes [12:00 14/04/2008] [12:00 14/04/2008]
xenroll.dll --a---- 174200 bytes [12:00 14/04/2008] [12:00 14/04/2008]
xmllite.dll --a---- 121856 bytes [12:00 14/04/2008] [12:51 07/01/2009]
xmlprov.dll --a---- 129024 bytes [12:00 14/04/2008] [12:00 14/04/2008]
xmlprovi.dll --a---- 50176 bytes [12:00 14/04/2008] [12:00 14/04/2008]
xolehlp.dll --a---- 11776 bytes [08:50 12/09/2009] [12:00 14/04/2008]
xpob2res.dll --a---- 438784 bytes [12:00 14/04/2008] [12:00 14/04/2008]
xpsp1res.dll --a---- 187392 bytes [12:00 14/04/2008] [12:00 14/04/2008]
xpsp2res.dll --a---- 2897920 bytes [12:00 14/04/2008] [12:00 14/04/2008]
xpsp3res.dll --a---- 689152 bytes [12:00 14/04/2008] [12:00 14/04/2008]
xpsp4res.dll --a---- 5120 bytes [19:32 09/06/2009] [12:32 17/02/2011]
xpsshhdr.dll ------- 575488 bytes [11:36 04/08/2010] [12:06 06/07/2008]
xpssvcs.dll ------- 1676288 bytes [11:36 04/08/2010] [12:06 06/07/2008]
xvid.ax --a---- 153088 bytes [14:09 14/05/2012] [09:52 23/05/2011]
xvidcore.dll --a---- 645632 bytes [14:09 14/05/2012] [07:46 23/05/2011]
xvidvfw.dll --a---- 240640 bytes [14:09 14/05/2012] [13:42 30/05/2011]
zipfldr.dll --a---- 338432 bytes [12:00 14/04/2008] [12:00 14/04/2008]
󘉚 --a---- 36 bytes [07:59 06/11/2010] [07:59 06/11/2010]

---Folders---
1025 d------ [10:37 12/09/2009]
1028 d------ [10:37 12/09/2009]
1031 d------ [10:37 12/09/2009]
1033 d------ [10:37 12/09/2009]
1037 d------ [10:37 12/09/2009]
1041 d------ [10:37 12/09/2009]
1042 d------ [10:37 12/09/2009]
1054 d------ [10:37 12/09/2009]
2052 d------ [10:37 12/09/2009]
3076 d------ [10:37 12/09/2009]
3com_dmi d------ [10:37 12/09/2009]
Adobe d------ [10:03 12/09/2009]
appmgmt d------ [15:24 28/03/2010]
ar-SA d------ [07:11 15/09/2009]
CatRoot d------ [10:44 12/09/2009]
CatRoot2 d------ [10:44 12/09/2009]
Com d------ [08:50 12/09/2009]
config d------ [10:37 12/09/2009]
da-DK d------ [07:11 15/09/2009]
de-DE d------ [07:11 15/09/2009]
dhcp d------ [10:37 12/09/2009]
DirectX d------ [08:53 12/09/2009]
dllcache dr-hsc- [10:37 12/09/2009]
drivers d------ [10:37 12/09/2009]
DRVSTORE d----c- [05:01 01/10/2011]
dumps d------ [06:00 26/11/2010]
el-GR d------ [07:11 15/09/2009]
en d------ [10:37 12/09/2009]
en-US d------ [08:50 12/09/2009]
es-ES d------ [07:11 15/09/2009]
export d------ [10:37 12/09/2009]
fi-FI d------ [07:11 15/09/2009]
fr-FR d------ [07:11 15/09/2009]
GroupPolicy d------ [11:28 04/08/2010]
he-IL d------ [07:11 15/09/2009]
ias d------ [10:37 12/09/2009]
icsxml d------ [10:37 12/09/2009]
IME d------ [10:37 12/09/2009]
inetsrv d------ [10:37 12/09/2009]
it-IT d------ [07:11 15/09/2009]
ko-KR d------ [07:11 15/09/2009]
Lang d------ [10:03 12/09/2009]
LogFiles d------ [15:02 21/11/2009]
Macromed d------ [10:37 12/09/2009]
Microsoft d---s-- [09:00 12/09/2009]
MsDtc d------ [08:50 12/09/2009]
mui d------ [10:37 12/09/2009]
nb-NO d------ [07:11 15/09/2009]
nl-NL d------ [07:11 15/09/2009]
npp d------ [10:37 12/09/2009]
oobe d------ [10:37 12/09/2009]
PreInstall d------ [10:37 12/09/2009]
pt-BR d------ [07:11 15/09/2009]
ras d------ [10:37 12/09/2009]
ReinstallBackups d------ [09:54 12/09/2009]
Restore d------ [08:52 12/09/2009]
RTCOM d------ [10:00 12/09/2009]
scripting d------ [10:37 12/09/2009]
Setup d------ [10:37 12/09/2009]
ShellExt d------ [10:37 12/09/2009]
SoftwareDistribution d------ [08:30 17/11/2009]
spool d------ [10:37 12/09/2009]
sv-SE d------ [07:11 15/09/2009]
tr-TR d------ [07:11 15/09/2009]
URTTemp d------ [11:20 04/08/2010]
usmt d------ [10:37 12/09/2009]
wbem d------ [10:37 12/09/2009]
wins d------ [10:37 12/09/2009]
xircom d------ [08:56 12/09/2009]
XPSViewer d------ [11:37 04/08/2010]
zh-HK d------ [07:11 15/09/2009]
zh-TW d------ [07:11 15/09/2009]

-= EOF =-
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
23-Jul-2012, 02:58 PM #18
Encountered booting problems a couple of times again.
It was asking me to enter CD, as if OS couldn't be read from harddisk or something but after several restarts, it started working again..
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
23-Jul-2012, 04:50 PM #19
Sorry, was looking at an entry in the logs you posted.

Can you do this:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Quote:
    :OTL
    [2010/11/06 13:29:31 | 000,000,036 | ---- | M] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\�ɚ
    [2010/11/06 13:29:31 | 000,000,036 | ---- | C] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\�ɚ
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyjava]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Click OK.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot. Copy/Paste the report in your next reply.


-----------------------

As for the message you're getting on bootup, Can you post the full message it states?
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
24-Jul-2012, 03:19 AM #20
No worries, I just thought of giving an update on the situation because things seemed ok for a few days but not quite I guess.....

I have read that there's a virus that mocks the name of svchost & I am seeing this in the previous SystemLook log >>> scvhost --a---- 106 bytes [08:28 27/05/2010] [08:29 27/05/2010]
Is this thing safe?

Ok, so I ran OTL after shutting down all security apps, it asked for a reboot, after reboot (without any problems), OTL file popped up, I clicked Run & log popped up but it had been sandboxed by Avast & before I could think, it vanished & then all I could see is the wallpaper, no icons, no taskbar, nothing, I waited for a while but nothing happened so I hit restart, booted without any problem, found the log in C:\_OTL\MovedFiles



All processes killed
========== OTL ==========
File C:\WINDOWS\System32\�ɚ not found.
File C:\WINDOWS\System32\�ɚ not found.
File rity] not found.
File sethosts] not found.
File ptytemp] not found.
File ptyjava] not found.
File PTYFLASH] not found.
File EATERESTOREPOINT] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.53.1 log created on 07242012_131304
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
25-Jul-2012, 03:55 PM #21
Flaming typical, replied and the browser crashed

Okay, it looks like the fix wasn't added fully, as parts of it are missing. However, lets tripl-check

Also, we'll look at the svchost

------
  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    Code:
    /md5start
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Then click the Run Scan button at the top
  • When the scan completes, it will open only one notepad window, OTL.Txt. This is saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
26-Jul-2012, 12:46 AM #22
No worries Ok, so when I double-clicked on OTL to run it, the following log popped up; it's the last one with a couple of additional lines, significance of which I don't know, so I am posting it anyway.

All processes killed
========== OTL ==========
File C:\WINDOWS\System32\�ɚ not found.
File C:\WINDOWS\System32\�ɚ not found.
File rity] not found.
File sethosts] not found.
File ptytemp] not found.
File ptyjava] not found.
File PTYFLASH] not found.
File EATERESTOREPOINT] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.53.1 log created on 07242012_131304

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...






I ran OTL again & this is the log that popped up after it was done.



OTL logfile created on: 7/26/2012 10:39:51 AM - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\sachin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 584.25 Mb Available Physical Memory | 60.96% Memory free
1.51 Gb Paging File | 1.22 Gb Available in Paging File | 80.95% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 5.30 Gb Free Space | 27.14% Space Free | Partition Type: NTFS
Drive D: | 25.72 Gb Total Space | 14.18 Gb Free Space | 55.14% Space Free | Partition Type: NTFS
Drive E: | 29.29 Gb Total Space | 19.66 Gb Free Space | 67.11% Space Free | Partition Type: NTFS

Computer Name: CHANGEME | User Name: sachin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/06 15:32:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sachin\Desktop\OTL.exe
PRC - [2012/07/04 21:06:48 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/07/03 21:51:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/17 13:21:58 | 000,466,704 | ---- | M] (SANDBOXIE L.T.D) -- D:\Soft\Sandboxie\New Folder\SbieCtrl.exe
PRC - [2012/06/17 13:21:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) -- D:\Soft\Sandboxie\New Folder\SbieSvc.exe
PRC - [2011/08/12 05:08:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- D:\Soft\SuperAntiSpyware Free\New Folder\SASCore.exe
PRC - [2011/06/30 09:37:28 | 001,793,712 | ---- | M] (COMODO) -- D:\Soft\Comodo Firewall\New Folder\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/06/13 14:51:35 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
PRC - [2008/11/10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 17:30:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/26 03:16:58 | 001,789,440 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12072502\algo.dll
MOD - [2012/07/25 11:31:37 | 001,787,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12072500\algo.dll
MOD - [2010/06/13 14:51:46 | 000,126,976 | ---- | M] () -- C:\WINDOWS\lcmmfu.cpl
MOD - [2010/06/13 14:51:37 | 000,048,640 | ---- | M] () -- C:\WINDOWS\mmfs.dll
MOD - [2010/06/13 14:51:35 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
MOD - [2009/08/16 20:36:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2003/08/02 23:20:57 | 000,126,976 | R--- | M] () -- D:\Soft\SpywareGuard\New Folder\SpywareGuard\spywareguard.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/07/13 23:39:27 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/04 21:06:48 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/17 13:21:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- D:\Soft\Sandboxie\New Folder\SbieSvc.exe -- (SbieSvc)
SRV - [2012/06/15 03:50:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/08/12 05:08:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Soft\SuperAntiSpyware Free\New Folder\SASCore.exe -- (!SASCORE)
SRV - [2011/06/30 09:37:28 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- D:\Soft\Comodo Firewall\New Folder\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/06/13 14:51:35 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Runservice.exe -- (LicCtrlService)
SRV - [2008/11/10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2012/07/03 21:51:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 21:51:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 21:51:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 21:51:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 21:51:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/07/03 21:51:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 21:51:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/06/17 13:21:54 | 000,137,488 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- D:\Soft\Sandboxie\New Folder\SbieDrv.sys -- (SbieDrv)
DRV - [2012/03/27 03:15:14 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2011/09/14 19:28:10 | 000,225,592 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2011/07/22 21:57:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Soft\SuperAntiSpyware Free\New Folder\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/13 03:25:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Soft\SuperAntiSpyware Free\New Folder\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/06/30 09:38:16 | 000,097,504 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2011/06/30 09:38:14 | 000,242,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011/06/30 09:38:14 | 000,029,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010/09/14 18:00:32 | 006,143,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/12/18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/03/25 06:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/14 01:35:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2005/08/31 11:12:36 | 001,333,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\..\SearchScopes,DefaultScope = {741D0FA0-C629-4D31-94DB-70D17669409A}
IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\..\SearchScopes\{741D0FA0-C629-4D31-94DB-70D17669409A}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\..\SearchScopes\{89EE36E5-5532-4949-ACD7-E042B38ED4D1}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Soft\DivX 7\New Folder\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Soft\RealAlternative 2.2\New Folder\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Soft\RealAlternative 2.2\New Folder\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.9.9: D:\Soft\VLC\New Folder\VLC\npvlc.dll (the VideoLAN Team)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/06 09:37:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: D:\Soft\Firefox\New Folder\components [2012/07/04 20:29:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: D:\Soft\Firefox\New Folder\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@interne tdownloadmanager.com: C:\Documents and Settings\sachin\Application Data\IDM\idmmzcc3

[2012/07/04 20:38:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sachin\Application Data\Mozilla\Extensions
[2012/07/05 20:40:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sachin\Application Data\Mozilla\Firefox\Profiles\qoz4grox.default\extensions

O1 HOSTS File: ([2012/07/10 00:49:12 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - D:\Soft\KeyScrambler\New Folder\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Soft\SpywareGuard\New Folder\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] D:\Soft\Comodo Firewall\New Folder\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003..\Run: [SandboxieControl] D:\Soft\Sandboxie\New Folder\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Documents and Settings\sachin\Start Menu\Programs\Startup\SpywareGuard.lnk = D:\Soft\SpywareGuard\New Folder\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download with Mipony - D:\Soft\MP\New Folder\MiPony\Browser\IEContext.htm ()
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - D:\Soft\Paltalk\New Folder\paltalk.exe (AVM Software Inc.)
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - D:\Soft\KeyScrambler\New Folder\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/micr...?1265444050937 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1265444034125 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8B5D383-FAC6-4F31-A6EB-D5D28E835222}: NameServer = 156.154.70.22,156.154.71.22
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Soft\SuperAntiSpyware Free\New Folder\SASWINLO.DLL) - D:\Soft\SuperAntiSpyware Free\New Folder\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\sachin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\sachin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Soft\SuperAntiSpyware Free\New Folder\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - D:\Soft\SpywareGuard\New Folder\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/10 20:26:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/26 00:10:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\sachin\Recent
[2012/07/14 13:30:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/14 13:30:43 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/07/14 12:37:11 | 000,000,000 | R--D | C] -- C:\Sandbox
[2012/07/14 12:31:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
[2012/07/13 21:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/07/10 00:45:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/06 15:31:54 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\sachin\Desktop\OTL.exe
[2012/07/06 09:43:50 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/07/05 02:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/07/05 02:20:06 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/07/05 02:14:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/07/05 02:14:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/07/05 02:14:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/07/05 02:14:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/07/05 02:14:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/05 02:14:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/07/05 01:25:10 | 004,571,247 | R--- | C] (Swearware) -- C:\Documents and Settings\sachin\Desktop\username123.exe
[2012/07/04 23:51:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Local Settings\Application Data\Sun
[2012/07/04 23:46:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012/07/04 21:08:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/04 21:07:44 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/07/04 21:07:43 | 000,772,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/07/04 21:07:43 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/07/04 21:07:11 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/07/04 21:07:11 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/07/04 20:37:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Application Data\Mozilla
[2012/07/04 20:29:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/07/04 20:29:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/07/04 15:00:38 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\sachin\Desktop\tdsskiller.exe
[2012/07/04 11:59:10 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\sachin\Desktop\aswMBR.exe
[2012/07/02 23:09:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/07/02 23:09:23 | 000,353,688 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/07/02 23:09:23 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/07/02 23:09:20 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/07/02 23:09:19 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/07/02 23:09:18 | 000,721,000 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/07/02 23:09:18 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/07/02 23:09:18 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/07/02 23:09:17 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/07/02 23:07:32 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/07/02 23:07:30 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/07/02 23:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/07/02 23:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/07/02 17:19:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Local Settings\Application Data\panda2_0dn
[2012/07/02 17:08:54 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\sachin\Desktop\HijackThis.exe
[2012/07/02 16:52:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\sachin\Desktop\dds.scr
[2012/07/02 16:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2012/07/02 16:42:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Start Menu\Programs\Sophos
[2012/07/02 14:51:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Application Data\Panda Security
[2012/07/02 14:48:09 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2012/07/02 14:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2012/07/02 13:26:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2012/07/02 11:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Application Data\SUPERAntiSpyware.com
[2012/07/02 11:23:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/07/02 11:23:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2012/06/30 19:53:19 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/06/30 18:25:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012/06/30 13:49:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\Paltalk Messenger
[2012/06/30 13:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Start Menu\Programs\Paltalk Messenger

========== Files - Modified Within 30 Days ==========

[2012/07/26 10:36:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/26 10:25:21 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/26 10:25:20 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/26 10:22:43 | 000,000,833 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2012/07/26 10:21:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/26 10:21:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/26 00:05:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/25 14:12:27 | 000,014,631 | ---- | M] () -- C:\Documents and Settings\sachin\My Documents\TheGreedyPig ADR v6.mq4
[2012/07/25 10:49:12 | 000,001,390 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2012/07/23 21:00:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/07/16 11:17:04 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/07/16 11:17:03 | 000,138,752 | ---- | M] () -- C:\Documents and Settings\sachin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/14 13:30:47 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 12:31:29 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\sachin\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/07/14 11:58:38 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera 12.00 1467.lnk
[2012/07/13 23:39:19 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/07/13 23:39:19 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/07/11 12:48:53 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\SystemLook.exe
[2012/07/11 12:38:08 | 000,267,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/10 00:49:12 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/07/06 15:32:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sachin\Desktop\OTL.exe
[2012/07/06 09:37:08 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/07/05 02:20:11 | 000,000,331 | RHS- | M] () -- C:\boot.ini
[2012/07/05 01:42:25 | 000,002,405 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\Sophos Virus Removal Tool.lnk
[2012/07/05 01:26:20 | 004,571,247 | R--- | M] (Swearware) -- C:\Documents and Settings\sachin\Desktop\username123.exe
[2012/07/04 23:47:30 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\Shortcut to rkill.pif
[2012/07/04 21:06:45 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/07/04 21:06:45 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/07/04 21:06:45 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/07/04 21:06:45 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/07/04 21:06:43 | 000,772,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/07/04 21:06:43 | 000,687,600 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012/07/04 20:29:41 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/07/04 15:13:36 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\MBR.dat
[2012/07/04 15:03:31 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\sachin\Desktop\tdsskiller.exe
[2012/07/04 12:01:31 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\sachin\Desktop\aswMBR.exe
[2012/07/04 11:53:51 | 000,881,475 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\SecurityCheck.exe
[2012/07/03 21:51:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/07/03 21:51:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/07/03 21:51:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/07/03 21:51:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/07/03 21:51:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/07/03 21:51:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/07/03 21:51:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/07/03 21:51:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/07/03 21:51:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/07/03 21:51:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/07/02 23:09:24 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/07/02 17:09:33 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\7oqmz2h1.exe
[2012/07/02 17:09:01 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\sachin\Desktop\HijackThis.exe
[2012/07/02 16:53:53 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\sachin\Desktop\dds.scr
[2012/07/02 16:28:47 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/07/02 13:05:26 | 000,001,214 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2012/07/02 11:23:12 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/30 20:30:57 | 000,664,602 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/30 20:30:57 | 000,139,666 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/29 12:54:04 | 000,003,924 | ---- | M] () -- C:\Documents and Settings\sachin\My Documents\IND_Monitoring-Spread.ex4
[2012/06/29 12:41:46 | 000,002,777 | ---- | M] () -- C:\Documents and Settings\sachin\My Documents\IND_Monitoring-Spread.mq4

========== Files Created - No Company Name ==========

[2012/07/25 14:22:00 | 000,012,151 | ---- | C] () -- C:\Documents and Settings\sachin\My Documents\Average Daily Range.mq4
[2012/07/25 14:12:27 | 000,014,631 | ---- | C] () -- C:\Documents and Settings\sachin\My Documents\TheGreedyPig ADR v6.mq4
[2012/07/14 13:30:47 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 12:32:10 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\sachin\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/07/14 12:32:08 | 000,001,390 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012/07/14 11:58:38 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera 12.00 1467.lnk
[2012/07/14 11:58:38 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera 12.00 1467.lnk
[2012/07/11 12:48:49 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\SystemLook.exe
[2012/07/10 01:03:17 | 000,000,833 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys
[2012/07/08 12:54:15 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/05 02:20:11 | 000,000,215 | ---- | C] () -- C:\Boot.bak
[2012/07/05 02:20:08 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/07/05 02:14:37 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/07/05 02:14:37 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/07/05 02:14:37 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/07/05 02:14:37 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/07/05 02:14:37 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/07/04 23:47:30 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\Shortcut to rkill.pif
[2012/07/04 20:29:41 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/07/04 20:29:41 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/07/04 15:13:36 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\MBR.dat
[2012/07/04 11:51:41 | 000,881,475 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\SecurityCheck.exe
[2012/07/03 00:45:40 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/02 23:09:24 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/07/02 17:09:26 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\7oqmz2h1.exe
[2012/07/02 16:42:09 | 000,002,405 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\Sophos Virus Removal Tool.lnk
[2012/07/02 16:28:46 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/07/02 11:23:12 | 000,000,843 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/29 12:49:27 | 000,003,924 | ---- | C] () -- C:\Documents and Settings\sachin\My Documents\IND_Monitoring-Spread.ex4
[2012/06/29 12:41:46 | 000,002,777 | ---- | C] () -- C:\Documents and Settings\sachin\My Documents\IND_Monitoring-Spread.mq4
[2012/05/14 19:39:39 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/05/14 19:39:38 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/02/16 23:29:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/10/02 09:40:30 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\sachin\Local Settings\Application Data\WebpageIcons.db
[2011/10/01 18:18:13 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/09/29 22:28:29 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011/09/25 09:27:03 | 000,001,214 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/04/12 18:02:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/12 13:13:05 | 000,138,752 | ---- | C] () -- C:\Documents and Settings\sachin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Custom Scans ==========

< MD5 for: SVCHOST.EXE >
[2008/04/14 17:30:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008/04/14 17:30:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 17:30:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

========== Files - Unicode (All) ==========
[2010/11/06 13:29:31 | 000,000,036 | ---- | M] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\󘉚
[2010/11/06 13:29:31 | 000,000,036 | ---- | C] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\󘉚

========== Alternate Data Streams ==========

@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
26-Jul-2012, 03:41 PM #23
Hmm, still there

Okay, lets see if we can do it this way:

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right



Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan


Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information



On completion click the link to locate the zip file to upload and attach to your next post

ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
27-Jul-2012, 04:33 AM #24
Nothing was found, so there was no report under Detected Threats.

The zip file has been attached.
And following is the report found under Manual Disinfection Report. (Not sure if it's the same one that is in the zip so posting it anyway)



Gathering system information: completed 9 minutes ago (events: 325, time: 00:03:28)
7/27/2012 2:26:40 PM Task completed Gathering system information
7/27/2012 2:26:40 PM Main script of analysis
7/27/2012 2:26:40 PM Deleting service/driver: ujm3mtq3
7/27/2012 2:26:40 PM Delete file:C:\WINDOWS\system32\Drivers\utm3mtq3.sys
7/27/2012 2:26:40 PM [microprogram of healing]> registry key deleted HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\utm3mtq3
7/27/2012 2:26:40 PM Deleting service/driver: utm3mtq3
7/27/2012 2:26:40 PM System Analysis - complete
7/27/2012 2:24:42 PM System Analysis in progress
7/27/2012 2:24:40 PM >> Windows Explorer - show extensions of known file types
7/27/2012 2:24:40 PM >> Disable removable media autorun
7/27/2012 2:24:40 PM >> Disable CD/DVD autorun
7/27/2012 2:24:39 PM >> Disable autorun from network drives
7/27/2012 2:24:39 PM >> Disable HDD autorun
7/27/2012 2:24:35 PM >> Security: sending Remote Assistant queries is enabled
7/27/2012 2:24:35 PM >> Security: anonymous user access is enabled
7/27/2012 2:24:35 PM >> Security: administrative shares (C$, D$ ...) are enabled
7/27/2012 2:24:35 PM >> Security: disk drives' autorun is enabled
7/27/2012 2:24:35 PM > Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)!
7/27/2012 2:24:35 PM >> Services: potentially dangerous service allowed: RDSessMgr (Remote Desktop Help Session Manager)
7/27/2012 2:24:35 PM >> Services: potentially dangerous service allowed: mnmsrvc (NetMeeting Remote Desktop Sharing)
7/27/2012 2:24:35 PM >> Services: potentially dangerous service allowed: Schedule (Task Scheduler)
7/27/2012 2:24:35 PM >> Services: potentially dangerous service allowed: TlntSvr (Telnet)
7/27/2012 2:24:35 PM >> Services: potentially dangerous service allowed: SSDPSRV (SSDP Discovery Service)
7/27/2012 2:24:35 PM >> Services: potentially dangerous service allowed: TermService (Terminal Services)
7/27/2012 2:24:35 PM >> Services: potentially dangerous service allowed: RemoteRegistry (Remote Registry)
7/27/2012 2:24:02 PM Latent loading of libraries through AppInit_DLLs suspected: "C:\WINDOWS\system32\guard32.dll"
7/27/2012 2:23:41 PM Checking - complete
7/27/2012 2:23:41 PM Driver loaded successfully
7/27/2012 2:23:41 PM 1.5 Checking of IRP handlers
7/27/2012 2:23:41 PM Checking not performed: extended monitoring driver (AVZPM) is not installed
7/27/2012 2:23:41 PM 1.4 Searching for masking processes and drivers
7/27/2012 2:23:39 PM Checking IDT and SYSENTER - complete
7/27/2012 2:23:39 PM Disable callback OK
7/27/2012 2:23:39 PM CmpCallCallBacks = 00145524
7/27/2012 2:23:39 PM Analysis for CPU 2
7/27/2012 2:23:39 PM Analysis for CPU 1
7/27/2012 2:23:39 PM 1.3 Checking IDT and SYSENTER
7/27/2012 2:23:39 PM Functions checked: 284, intercepted: 80, restored: 86
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function IoIsOperationSynchronous (804EAFAE) - machine code modification Method of JmpTo. jmp ED9A63AC \SystemRoot\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function IoAllocateIrp (804EAF9D) - machine code modification Method not defined., embedding from byte 15
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function FsRtlCheckLockForReadAccess (804F4593) - machine code modification Method of JmpTo. jmp ED9A5FD0 \SystemRoot\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:38 PM >>> Hook code blocked
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function NtWriteVirtualMemory (115) intercepted (805875F7->ED9B3B52), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:38 PM >>> Hook code blocked
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function NtVdmControl (10C) intercepted (805B4026->F0DC56BC), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:38 PM >>> Hook code blocked
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function NtUnmapViewOfSection (10B) intercepted (8057A7B1->ED9B7552), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function NtTraceEvent (104) - machine code modification Method of JmpTo. jmp F7F3CC00
7/27/2012 2:23:38 PM >>> Hook code blocked
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function NtTerminateThread (102) intercepted (8058496E->ED9B39C8), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:38 PM >>> Hook code blocked
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function NtTerminateProcess (101) intercepted (8058E8B9->ED9B3A68), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:38 PM >>> Hook code blocked
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function NtSystemDebugControl (FF) intercepted (806519D5->ED9B6A3E), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:38 PM >>> Hook code blocked
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function NtSuspendThread (FE) intercepted (80637AEB->ED9B7A2A), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:38 PM >>> Hook code blocked
7/27/2012 2:23:38 PM >>> Function restored successfully !
7/27/2012 2:23:38 PM Function NtSuspendProcess (FD) intercepted (80637BCF->ED9B78F0), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtShutdownSystem (F9) intercepted (8064F1EF->F0DC53CC), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtSetValueKey (F7) intercepted (80580090->ED9B2816), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtSetSystemPowerState (F1) intercepted (806700E7->F0DC5426), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtSetSystemInformation (F0) intercepted (805B14E8->ED9B77FE), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtSetSecurityObject (ED) intercepted (8059DDD3->ED9B6DAA), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtSetInformationToken (E6) intercepted (805ACA94->ED9B6154), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtSetContextThread (D5) intercepted (806362F1->ED9B3E38), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtSetBootOptions (D4) intercepted (80650803->F0DC566E), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtSetBootEntryOrder (D3) intercepted (80650803->F0DC5620), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtSecureConnectPort (D2) intercepted (80587E12->ED9B4B0E), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtSaveKey (CF) intercepted (80656DA2->ED9B1EAE), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtResumeThread (CE) intercepted (805853B8->ED9B7BC8), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtRestoreKey (CC) intercepted (80656CA1->ED9B228E), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtRequestWaitReplyPort (C8) - machine code modification Method of JmpTo. jmp F7F3CD40
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtRequestWaitReplyPort (C8) intercepted (8057D143->ED9B68B4), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtRequestPort (C7) - machine code modification Method of JmpTo. jmp F7F3CCA0
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtReplyWaitReceivePort (C3) intercepted (80576821->ED9B56F2), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtReplyPort (C2) intercepted (80586300->ED9B582C), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtReplaceKey (C1) intercepted (8065710A->ED9B1F16), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtRenameKey (C0) intercepted (806567AE->ED9B2C2C), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtQueueApcThread (B4) intercepted (80599A92->ED9B6FA0), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtQueryValueKey (B1) intercepted (80572F19->ED9B299C), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtQuerySection (A7) intercepted (8058707B->ED9B76AE), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtQueryObject (A3) intercepted (8058A666->F0DC715E), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtQueryMultipleValueKey (A1) intercepted (8065632F->ED9B2D72), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtQueryKey (A0) intercepted (8057EC0A->ED9B313A), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtProtectVirtualMemory (89) intercepted (8057F573->F0E96A1E), hook C:\WINDOWS\System32\Drivers\aswSP.SYS, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenTimer (83) intercepted (80650D7B->F0DD0F26), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenThread (80) intercepted (805E4831->ED9B37BE), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenSemaphore (7E) intercepted (805DFE5E->ED9B54C8), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenSection (7D) intercepted (8057919E->ED9B710E), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenProcess (7A) intercepted (8057F942->ED9B38CC), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenMutant (78) intercepted (80584143->ED9B5288), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenKey (77) intercepted (80572BDF->ED9B26C0), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenIoCompletion (75) intercepted (8062152F->F0DD0F6C), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenFile (74) intercepted (8057A0A1->ED9B4016), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenEventPair (73) intercepted (80650F45->F0DD0DE8), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:37 PM >>> Hook code blocked
7/27/2012 2:23:37 PM >>> Function restored successfully !
7/27/2012 2:23:37 PM Function NtOpenEvent (72) intercepted (80589D69->ED9B53A8), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtNotifyChangeMultipleKeys (70) intercepted (805E4C8A->F0DC7292), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtNotifyChangeKey (6F) intercepted (805E4E78->ED9B31CE), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtModifyBootEntry (6D) intercepted (806507EF->F0DC55D2), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtMapViewOfSection (6C) intercepted (8057AC29->ED9B7374), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtLoadKey2 (63) intercepted (805D53AC->ED9B24EE), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtLoadKey (62) intercepted (805D524D->ED9B24DC), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtLoadDriver (61) intercepted (805AF8B6->ED9B6C0C), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtFsControlFile (54) intercepted (80582AFA->ED9B4500), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtFreeVirtualMemory (53) intercepted (805710BF->F0E9689E), hook C:\WINDOWS\System32\Drivers\aswSP.SYS, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtEnumerateValueKey (49) intercepted (8059023A->ED9B30A2), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtEnumerateKey (47) intercepted (8057F00A->ED9B300A), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtDuplicateObject (44) intercepted (8057F195->ED9B7D26), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtDeviceIoControlFile (42) intercepted (80588CBE->ED9B46F2), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtDeleteValueKey (41) intercepted (80598396->ED9B2EBE), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtDeleteKey (3F) intercepted (80599777->ED9B2B0A), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtDeleteBootEntry (3D) intercepted (806507EF->F0DC5584), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtDebugActiveProcess (39) intercepted (80663195->ED9B6B1A), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateWaitablePort (38) intercepted (805B0E72->ED9B5162), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateTimer (36) intercepted (805E8991->F0DD0F02), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateThread (35) intercepted (80584D41->ED9B3C1C), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateSemaphore (33) intercepted (8057FD0B->ED9B5432), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateSection (32) intercepted (8056DB66->ED9B3426), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreatePort (2E) intercepted (8059B150->ED9B50CC), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateNamedPipeFile (2C) intercepted (80588FC2->ED9B327E), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateMutant (2B) intercepted (80584095->ED9B51F8), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateKey (29) intercepted (80578ABE->ED9B2500), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateIoCompletion (26) intercepted (805E3971->F0DD0F48), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateFile (25) intercepted (80573DFB->ED9B4270), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateEventPair (24) intercepted (80650E54->F0DD0DC6), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtCreateEvent (23) intercepted (805744F6->ED9B5312), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtConnectPort (1F) intercepted (80590E5B->ED9B4DC8), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtClose (19) intercepted (8056F8D7->ED9B3F94), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtAssignProcessToJobObject (13) intercepted (805E0F91->F0DC5F52), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:36 PM >>> Hook code blocked
7/27/2012 2:23:36 PM >>> Function restored successfully !
7/27/2012 2:23:36 PM Function NtAllocateVirtualMemory (11) intercepted (80570BC5->F0E967BA), hook C:\WINDOWS\System32\Drivers\aswSP.SYS, driver recognized as trusted
7/27/2012 2:23:35 PM >>> Hook code blocked
7/27/2012 2:23:35 PM >>> Function restored successfully !
7/27/2012 2:23:35 PM Function NtAdjustPrivilegesToken (0B) intercepted (805965CD->ED9B3690), hook C:\WINDOWS\system32\DRIVERS\3559604drv.sys, driver recognized as trusted
7/27/2012 2:23:35 PM >>> Hook code blocked
7/27/2012 2:23:35 PM >>> Function restored successfully !
7/27/2012 2:23:35 PM Function NtAddBootEntry (09) intercepted (80650803->F0DC5536), hook C:\WINDOWS\System32\Drivers\aswSnx.SYS, driver recognized as trusted
7/27/2012 2:23:20 PM KiST = 804E48D0 (284)
7/27/2012 2:23:20 PM SDT = 80562520
7/27/2012 2:23:20 PM Kernel ntoskrnl.exe found in memory at address 804D7000
7/27/2012 2:23:20 PM SDT found (RVA=08B520)
7/27/2012 2:23:20 PM Driver loaded successfully
7/27/2012 2:23:20 PM 1.2 Searching for kernel-mode API hooks
7/27/2012 2:23:18 PM Analysis: netapi32.dll, export table found in section .text
7/27/2012 2:23:18 PM Analysis: urlmon.dll, export table found in section .text
7/27/2012 2:23:18 PM Analysis: rasapi32.dll, export table found in section .text
7/27/2012 2:23:18 PM Analysis: wininet.dll, export table found in section .text
7/27/2012 2:23:18 PM Analysis: ws2_32.dll, export table found in section .text
7/27/2012 2:23:18 PM Function advapi32.dll:CreateProcessAsUserW (99) intercepted, method APICodeHijack.JmpTo[10021216]
7/27/2012 2:23:18 PM Function advapi32.dll:CreateProcessAsUserA (97) intercepted, method APICodeHijack.JmpTo[10021B46]
7/27/2012 2:23:18 PM Analysis: advapi32.dll, export table found in section .text
7/27/2012 2:23:18 PM Function user32.dll:EndTask (202) intercepted, method APICodeHijack.JmpTo[1002DF86]
7/27/2012 2:23:18 PM Analysis: user32.dll, export table found in section .text
7/27/2012 2:23:17 PM Function ntdll.dll:ZwClose (922) intercepted, method APICodeHijack.JmpTo[1001CE36]
7/27/2012 2:23:17 PM Function ntdll.dll:NtClose (111) intercepted, method APICodeHijack.JmpTo[1001CE36]
7/27/2012 2:23:17 PM Function ntdll.dll:LdrUnloadDll (80) intercepted, method APICodeHijack.JmpTo[1001CF56]
7/27/2012 2:23:17 PM Function ntdll.dll:LdrLoadDll (70) intercepted, method APICodeHijack.JmpTo[10025676]
7/27/2012 2:23:17 PM Analysis: ntdll.dll, export table found in section .text
7/27/2012 2:23:17 PM IAT modification detected: GetProcAddress - 00BA0390<>7C80AE40
7/27/2012 2:23:17 PM IAT modification detected: LoadLibraryA - 00BA0320<>7C801D7B
7/27/2012 2:23:17 PM IAT modification detected: LoadLibraryW - 00BA02B0<>7C80AEEB
7/27/2012 2:23:17 PM IAT modification detected: CreateProcessW - 00BA01D0<>7C802336
7/27/2012 2:23:17 PM IAT modification detected: GetModuleFileNameW - 00BA0160<>7C80B475
7/27/2012 2:23:17 PM IAT modification detected: FreeLibrary - 00BA00F0<>7C80AC7E
7/27/2012 2:23:17 PM IAT modification detected: GetModuleFileNameA - 00BA0080<>7C80B56F
7/27/2012 2:23:17 PM IAT modification detected: CreateProcessA - 00BA0010<>7C80236B
7/27/2012 2:23:17 PM Analysis: kernel32.dll, export table found in section .text
7/27/2012 2:23:17 PM 1.1 Searching for user-mode API hooks
7/27/2012 2:23:15 PM System Restore: enabled
7/27/2012 2:23:15 PM Windows version: Microsoft Windows XP, Build=2600, SP="Service Pack 3"
7/27/2012 2:23:15 PM Main script of analysis
7/27/2012 2:23:12 PM Task started Gathering system information
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
28-Jul-2012, 12:46 PM #25
Its okay to post the log

Okay, the part I was interested in wasn't showing, but something else was, so lets sort that out now
  1. Re-run AVPTool
  2. Select the Manual Disinfection tab and press Script execution
  3. Where it states Insert text script in the following box copy the below script and press Run script
    Copy from Begin until End


    Code:
    begin
    SearchRootkit(true, true);
    SetAVZPMStatus(True);
    SetAVZGuardStatus(True);
     QuarantineFile('C:\WINDOWS\system32\MsSip3.dll','');
     QuarantineFile('C:\WINDOWS\system32\MsSip2.dll','');
     QuarantineFile('C:\WINDOWS\system32\MsSip1.dll','');
     DeleteFile('C:\WINDOWS\system32\MsSip1.dll');
     BC_DeleteFile('C:\WINDOWS\system32\MsSip1.dll');
     RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 1','$DLL');
     DeleteFile('C:\WINDOWS\system32\MsSip2.dll');
     BC_DeleteFile('C:\WINDOWS\system32\MsSip2.dll');
     RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 2','$DLL');
     DeleteFile('C:\WINDOWS\system32\MsSip3.dll');
     BC_DeleteFile('C:\WINDOWS\system32\MsSip3.dll');
     RegKeyParamDel('HKEY_LOCAL_MACHINE','SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 3','$DLL');
    BC_ImportDeletedList;
    ExecuteSysClean;
    BC_Activate;
    RebootWindows(true);
    end.
  4. Your system will reboot on completion, if it does not please do so yourself
  5. On completion please run another analysis scan and attach the zip file
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
29-Jul-2012, 10:51 AM #26
Ok, so script was run & it re-booted on its own & then ran the analysis. Zip has been attached.
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
30-Jul-2012, 01:35 PM #27
Thanks, that's removed the files I wanted to go, but we still have the problem about the file in the System32 folder.

Can you re-run OTL as you originally did, by pressing the Quick Scan button, and posting the contents of the one log that is produced.
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
31-Jul-2012, 04:47 AM #28
OTL logfile created on: 7/31/2012 3:12:25 PM - Run 3
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\sachin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 589.50 Mb Available Physical Memory | 61.50% Memory free
1.51 Gb Paging File | 1.24 Gb Available in Paging File | 81.86% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 5.14 Gb Free Space | 26.30% Space Free | Partition Type: NTFS
Drive D: | 25.72 Gb Total Space | 14.18 Gb Free Space | 55.12% Space Free | Partition Type: NTFS
Drive E: | 29.29 Gb Total Space | 19.66 Gb Free Space | 67.11% Space Free | Partition Type: NTFS

Computer Name: CHANGEME | User Name: sachin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/06 15:32:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sachin\Desktop\OTL.exe
PRC - [2012/07/04 21:06:48 | 000,161,776 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/07/03 21:51:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/17 13:21:58 | 000,466,704 | ---- | M] (SANDBOXIE L.T.D) -- D:\Soft\Sandboxie\New Folder\SbieCtrl.exe
PRC - [2012/06/17 13:21:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) -- D:\Soft\Sandboxie\New Folder\SbieSvc.exe
PRC - [2011/08/12 05:08:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- D:\Soft\SuperAntiSpyware Free\New Folder\SASCore.exe
PRC - [2011/06/30 09:37:28 | 001,793,712 | ---- | M] (COMODO) -- D:\Soft\Comodo Firewall\New Folder\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/06/13 14:51:35 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
PRC - [2008/11/10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 17:30:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/31 13:40:54 | 001,789,440 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12073101\algo.dll
MOD - [2012/07/31 04:28:43 | 001,789,440 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12073100\algo.dll
MOD - [2010/06/13 14:51:46 | 000,126,976 | ---- | M] () -- C:\WINDOWS\lcmmfu.cpl
MOD - [2010/06/13 14:51:37 | 000,048,640 | ---- | M] () -- C:\WINDOWS\mmfs.dll
MOD - [2010/06/13 14:51:35 | 000,002,560 | ---- | M] () -- C:\WINDOWS\Runservice.exe
MOD - [2009/08/16 20:36:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2003/08/02 23:20:57 | 000,126,976 | R--- | M] () -- D:\Soft\SpywareGuard\New Folder\SpywareGuard\spywareguard.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/07/29 11:44:24 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/04 21:06:48 | 000,161,776 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/03 21:51:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/17 13:21:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- D:\Soft\Sandboxie\New Folder\SbieSvc.exe -- (SbieSvc)
SRV - [2012/06/15 03:50:14 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/08/12 05:08:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Soft\SuperAntiSpyware Free\New Folder\SASCore.exe -- (!SASCORE)
SRV - [2011/06/30 09:37:28 | 001,793,712 | ---- | M] (COMODO) [Auto | Running] -- D:\Soft\Comodo Firewall\New Folder\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/06/13 14:51:35 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\WINDOWS\Runservice.exe -- (LicCtrlService)
SRV - [2008/11/10 02:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2012/07/29 21:08:59 | 000,011,264 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\uzm3mtq3.sys -- (uzm3mtq3)
DRV - [2012/07/03 21:51:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 21:51:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 21:51:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 21:51:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 21:51:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/07/03 21:51:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 21:51:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/06/17 13:21:54 | 000,137,488 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- D:\Soft\Sandboxie\New Folder\SbieDrv.sys -- (SbieDrv)
DRV - [2012/03/27 03:15:14 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2011/09/14 19:28:10 | 000,225,592 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2011/07/22 21:57:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Soft\SuperAntiSpyware Free\New Folder\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/13 03:25:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Soft\SuperAntiSpyware Free\New Folder\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/06/30 09:38:16 | 000,097,504 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2011/06/30 09:38:14 | 000,242,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011/06/30 09:38:14 | 000,029,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010/09/14 18:00:32 | 006,143,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/12/18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/03/25 06:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/14 01:35:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2005/08/31 11:12:36 | 001,333,760 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/
IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\..\SearchScopes,DefaultScope = {741D0FA0-C629-4D31-94DB-70D17669409A}
IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\..\SearchScopes\{741D0FA0-C629-4D31-94DB-70D17669409A}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\..\SearchScopes\{89EE36E5-5532-4949-ACD7-E042B38ED4D1}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Soft\DivX 7\New Folder\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Soft\RealAlternative 2.2\New Folder\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Soft\RealAlternative 2.2\New Folder\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.9.9: D:\Soft\VLC\New Folder\VLC\npvlc.dll (the VideoLAN Team)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/06 09:37:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: D:\Soft\Firefox\New Folder\components [2012/07/04 20:29:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: D:\Soft\Firefox\New Folder\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@interne tdownloadmanager.com: C:\Documents and Settings\sachin\Application Data\IDM\idmmzcc3

[2012/07/04 20:38:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sachin\Application Data\Mozilla\Extensions
[2012/07/05 20:40:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\sachin\Application Data\Mozilla\Firefox\Profiles\qoz4grox.default\extensions

O1 HOSTS File: ([2012/07/10 00:49:12 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - D:\Soft\KeyScrambler\New Folder\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Soft\SpywareGuard\New Folder\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] D:\Soft\Comodo Firewall\New Folder\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003..\Run: [SandboxieControl] D:\Soft\Sandboxie\New Folder\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Documents and Settings\sachin\Start Menu\Programs\Startup\SpywareGuard.lnk = D:\Soft\SpywareGuard\New Folder\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1644491937-1229272821-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download with Mipony - D:\Soft\MP\New Folder\MiPony\Browser\IEContext.htm ()
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - D:\Soft\Paltalk\New Folder\paltalk.exe (AVM Software Inc.)
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - D:\Soft\KeyScrambler\New Folder\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/micr...?1265444050937 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1265444034125 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8B5D383-FAC6-4F31-A6EB-D5D28E835222}: NameServer = 156.154.70.22,156.154.71.22
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Soft\SuperAntiSpyware Free\New Folder\SASWINLO.DLL) - D:\Soft\SuperAntiSpyware Free\New Folder\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\sachin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\sachin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Soft\SuperAntiSpyware Free\New Folder\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - D:\Soft\SpywareGuard\New Folder\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/10 20:26:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

MsConfig - StartUpFolder: C:^Documents and Settings^sachin^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: ATIPTA - hkey= - key= - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - D:\Soft\QuickTime\New Folder\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SandboxieControl - hkey= - key= - D:\Soft\Sandboxie\New Folder\SbieCtrl.exe (SANDBOXIE L.T.D)
MsConfig - StartUpReg: Xvid - hkey= - key= - D:\Soft\Xvid\New Folder\CheckUpdate.exe ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/31 14:34:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\sachin\Recent
[2012/07/14 13:30:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/14 13:30:43 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/07/14 12:37:11 | 000,000,000 | R--D | C] -- C:\Sandbox
[2012/07/14 12:31:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
[2012/07/13 21:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/07/10 00:45:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/06 15:31:54 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\sachin\Desktop\OTL.exe
[2012/07/06 09:43:50 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/07/05 02:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/07/05 02:20:06 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/07/05 02:14:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/07/05 02:14:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/07/05 02:14:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/07/05 02:14:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/07/05 02:14:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/05 02:14:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/07/05 01:25:10 | 004,571,247 | R--- | C] (Swearware) -- C:\Documents and Settings\sachin\Desktop\username123.exe
[2012/07/04 23:51:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Local Settings\Application Data\Sun
[2012/07/04 23:46:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012/07/04 21:08:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/04 20:37:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Application Data\Mozilla
[2012/07/04 20:29:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/07/04 20:29:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/07/04 15:00:38 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\sachin\Desktop\tdsskiller.exe
[2012/07/04 11:59:10 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\sachin\Desktop\aswMBR.exe
[2012/07/02 23:09:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/07/02 23:09:23 | 000,353,688 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/07/02 23:09:23 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/07/02 23:09:20 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/07/02 23:09:19 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/07/02 23:09:18 | 000,721,000 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/07/02 23:09:18 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/07/02 23:09:18 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/07/02 23:09:17 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/07/02 23:07:32 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/07/02 23:07:30 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/07/02 23:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/07/02 23:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/07/02 17:19:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Local Settings\Application Data\panda2_0dn
[2012/07/02 17:08:54 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\sachin\Desktop\HijackThis.exe
[2012/07/02 16:52:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\sachin\Desktop\dds.scr
[2012/07/02 16:42:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2012/07/02 16:42:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Start Menu\Programs\Sophos
[2012/07/02 14:51:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Application Data\Panda Security
[2012/07/02 14:48:09 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2012/07/02 14:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2012/07/02 13:26:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2012/07/02 11:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\sachin\Application Data\SUPERAntiSpyware.com
[2012/07/02 11:23:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2012/07/02 11:23:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

========== Files - Modified Within 30 Days ==========

[2012/07/31 15:05:43 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/31 15:05:08 | 000,000,833 | -HS- | M] () -- C:\WINDOWS\System32\mmf.sys
[2012/07/31 15:05:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/31 15:04:58 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/31 15:04:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/31 13:36:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/31 11:06:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/30 21:00:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/07/29 21:08:59 | 000,011,264 | ---- | M] () -- C:\WINDOWS\System32\drivers\uzm3mtq3.sys
[2012/07/27 10:56:52 | 141,477,368 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\setup_11.0.0.1245.x01_2012_07_27_07_02.exe
[2012/07/26 15:36:03 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/07/26 15:28:49 | 000,141,824 | ---- | M] () -- C:\Documents and Settings\sachin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/25 14:12:27 | 000,014,631 | ---- | M] () -- C:\Documents and Settings\sachin\My Documents\TheGreedyPig ADR v6.mq4
[2012/07/25 10:49:12 | 000,001,390 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2012/07/14 13:30:47 | 000,000,717 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 12:31:29 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\sachin\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/07/14 11:58:38 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera 12.00 1467.lnk
[2012/07/11 12:48:53 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\SystemLook.exe
[2012/07/11 12:38:08 | 000,267,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/10 00:49:12 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/07/06 15:32:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\sachin\Desktop\OTL.exe
[2012/07/06 09:37:08 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/07/05 02:20:11 | 000,000,331 | RHS- | M] () -- C:\boot.ini
[2012/07/05 01:42:25 | 000,002,405 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\Sophos Virus Removal Tool.lnk
[2012/07/05 01:26:20 | 004,571,247 | R--- | M] (Swearware) -- C:\Documents and Settings\sachin\Desktop\username123.exe
[2012/07/04 23:47:30 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\Shortcut to rkill.pif
[2012/07/04 20:29:41 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/07/04 15:13:36 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\MBR.dat
[2012/07/04 15:03:31 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\sachin\Desktop\tdsskiller.exe
[2012/07/04 12:01:31 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\sachin\Desktop\aswMBR.exe
[2012/07/04 11:53:51 | 000,881,475 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\SecurityCheck.exe
[2012/07/03 21:51:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/07/03 21:51:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/07/03 21:51:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/07/03 21:51:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/07/03 21:51:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/07/03 21:51:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/07/03 21:51:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/07/03 21:51:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/07/03 21:51:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/07/03 21:51:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/07/02 23:09:24 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/07/02 17:09:33 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\sachin\Desktop\7oqmz2h1.exe
[2012/07/02 17:09:01 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\sachin\Desktop\HijackThis.exe
[2012/07/02 16:53:53 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\sachin\Desktop\dds.scr
[2012/07/02 16:28:47 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/07/02 13:05:26 | 000,001,214 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2012/07/02 11:23:12 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk

========== Files Created - No Company Name ==========

[2012/07/29 21:08:59 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\uzm3mtq3.sys
[2012/07/27 10:15:09 | 141,477,368 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\setup_11.0.0.1245.x01_2012_07_27_07_02.exe
[2012/07/25 14:22:00 | 000,012,151 | ---- | C] () -- C:\Documents and Settings\sachin\My Documents\Average Daily Range.mq4
[2012/07/25 14:12:27 | 000,014,631 | ---- | C] () -- C:\Documents and Settings\sachin\My Documents\TheGreedyPig ADR v6.mq4
[2012/07/14 13:30:47 | 000,000,717 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 12:32:10 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\sachin\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/07/14 12:32:08 | 000,001,390 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012/07/14 11:58:38 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera 12.00 1467.lnk
[2012/07/14 11:58:38 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera 12.00 1467.lnk
[2012/07/11 12:48:49 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\SystemLook.exe
[2012/07/10 01:03:17 | 000,000,833 | -HS- | C] () -- C:\WINDOWS\System32\mmf.sys
[2012/07/08 12:54:15 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/05 02:20:11 | 000,000,215 | ---- | C] () -- C:\Boot.bak
[2012/07/05 02:20:08 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/07/05 02:14:37 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/07/05 02:14:37 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/07/05 02:14:37 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/07/05 02:14:37 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/07/05 02:14:37 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/07/04 23:47:30 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\Shortcut to rkill.pif
[2012/07/04 20:29:41 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/07/04 20:29:41 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/07/04 15:13:36 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\MBR.dat
[2012/07/04 11:51:41 | 000,881,475 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\SecurityCheck.exe
[2012/07/03 00:45:40 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/02 23:09:24 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/07/02 17:09:26 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\7oqmz2h1.exe
[2012/07/02 16:42:09 | 000,002,405 | ---- | C] () -- C:\Documents and Settings\sachin\Desktop\Sophos Virus Removal Tool.lnk
[2012/07/02 16:28:46 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/07/02 11:23:12 | 000,000,843 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/14 19:39:39 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/05/14 19:39:38 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/02/16 23:29:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/10/02 09:40:30 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\sachin\Local Settings\Application Data\WebpageIcons.db
[2011/10/01 18:18:13 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/09/29 22:28:29 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011/09/25 09:27:03 | 000,001,214 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/04/12 18:02:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/12 13:13:05 | 000,141,824 | ---- | C] () -- C:\Documents and Settings\sachin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2012/07/02 16:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Opera
[2011/11/30 15:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
[2012/07/02 23:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/11/26 11:12:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/04/02 16:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2011/10/01 18:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/10/27 17:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MetaQuotes
[2011/05/13 18:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2012/07/02 16:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2011/09/16 17:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QFX Software
[2012/07/02 16:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2012/07/31 15:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/12/02 13:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
[2009/09/13 10:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2010/06/13 14:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\Childish Things
[2011/09/02 18:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\DMCache
[2009/11/21 19:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\eSobi
[2011/10/27 15:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\FVDIEPlugin
[2011/11/27 17:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\LimeWire
[2012/04/09 19:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\MetaQuotes
[2011/07/24 19:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\Mipony
[2011/05/13 18:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\Nitro PDF
[2012/07/14 11:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\Opera
[2009/10/20 16:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\Paltalk
[2012/07/02 14:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\Panda Security
[2010/12/25 23:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\ProgSense
[2011/09/16 17:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\QFX Software
[2011/10/19 08:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\SystemRequirementsLab
[2009/12/22 22:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\TeamViewer
[2012/07/02 16:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\sachin\Application Data\uTorrent
[2012/07/31 15:05:43 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >
[2012/07/05 02:20:11 | 000,000,000 | RHSD | M] -- C:\cmdcons
[2012/07/11 01:59:52 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2012/07/02 16:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings
[2011/09/22 15:15:25 | 000,000,000 | ---D | M] -- C:\Downloads
[2009/09/17 00:10:02 | 000,000,000 | ---D | M] -- C:\Dů
[2012/07/02 11:40:52 | 000,000,000 | ---D | M] -- C:\Extracted
[2009/09/12 15:12:50 | 000,000,000 | R--D | M] -- C:\MSOCache
[2012/07/13 21:52:53 | 000,000,000 | R--D | M] -- C:\Program Files
[2012/07/05 02:33:02 | 000,000,000 | ---D | M] -- C:\Qoobox
[2012/07/06 09:43:50 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2012/07/14 12:37:11 | 000,000,000 | R--D | M] -- C:\Sandbox
[2012/07/27 11:01:32 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012/07/23 15:33:41 | 000,000,000 | ---D | M] -- C:\temp
[2011/10/30 19:38:02 | 000,000,000 | ---D | M] -- C:\TempEI4
[2012/07/30 11:04:52 | 000,000,000 | ---D | M] -- C:\WINDOWS
[2012/07/10 00:45:52 | 000,000,000 | ---D | M] -- C:\_OTL

< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA

< %windir%\Installer\*.* >
[2011/10/19 08:59:09 | 000,031,232 | ---- | M] () -- C:\WINDOWS\Installer\108b03.msi
[2011/03/29 13:52:01 | 000,005,120 | ---- | M] () -- C:\WINDOWS\Installer\1096378.ipi
[2011/01/11 17:53:56 | 001,763,328 | ---- | M] () -- C:\WINDOWS\Installer\10d65b2.msp
[2009/09/12 15:19:34 | 000,061,952 | ---- | M] () -- C:\WINDOWS\Installer\10d65b3.mst
[2011/02/16 13:54:08 | 004,992,000 | R--- | M] () -- C:\WINDOWS\Installer\10d65cd.msp
[2010/09/24 15:35:07 | 012,126,208 | ---- | M] () -- C:\WINDOWS\Installer\123efc0.msi
[2012/04/10 10:45:12 | 001,160,192 | ---- | M] () -- C:\WINDOWS\Installer\124051.msi
[2011/06/16 15:14:16 | 000,467,456 | ---- | M] () -- C:\WINDOWS\Installer\130d9ff.msi
[2011/04/29 12:33:30 | 008,173,568 | R--- | M] () -- C:\WINDOWS\Installer\130da16.msp
[2011/06/16 15:16:44 | 000,223,744 | ---- | M] () -- C:\WINDOWS\Installer\130da1f.msi
[2011/04/29 12:28:40 | 001,995,264 | R--- | M] () -- C:\WINDOWS\Installer\130da36.msp
[2011/04/29 12:31:46 | 009,006,080 | R--- | M] () -- C:\WINDOWS\Installer\130da4e.msp
[2011/03/17 20:03:50 | 000,308,736 | R--- | M] () -- C:\WINDOWS\Installer\130da65.msp
[2010/02/04 17:24:30 | 009,122,304 | R--- | M] () -- C:\WINDOWS\Installer\134e144.msp
[2010/02/21 01:00:02 | 008,480,768 | R--- | M] () -- C:\WINDOWS\Installer\134e15c.msp
[2010/03/22 16:03:14 | 011,732,992 | R--- | M] () -- C:\WINDOWS\Installer\134e174.msp
[2010/03/11 23:59:18 | 005,031,424 | R--- | M] () -- C:\WINDOWS\Installer\134e18c.msp
[2010/02/21 01:03:34 | 004,472,832 | R--- | M] () -- C:\WINDOWS\Installer\134e1aa.msp
[2010/02/21 01:02:24 | 004,195,840 | R--- | M] () -- C:\WINDOWS\Installer\134e1c2.msp
[2012/07/02 16:42:09 | 000,693,248 | ---- | M] () -- C:\WINDOWS\Installer\13cdb6.msi
[2010/12/28 18:27:43 | 001,572,352 | ---- | M] () -- C:\WINDOWS\Installer\161a4c6.msi
[2011/04/28 05:42:32 | 004,990,976 | R--- | M] () -- C:\WINDOWS\Installer\16beafd.msp
[2011/04/29 12:27:04 | 004,158,464 | R--- | M] () -- C:\WINDOWS\Installer\16beb15.msp
[2011/04/22 19:41:34 | 011,507,712 | R--- | M] () -- C:\WINDOWS\Installer\16beb31.msp
[2012/07/11 13:05:17 | 000,022,016 | ---- | M] () -- C:\WINDOWS\Installer\18f3b8.msi
[2010/12/21 13:06:38 | 011,570,688 | R--- | M] () -- C:\WINDOWS\Installer\195111.msp
[2010/12/17 00:17:02 | 003,362,304 | R--- | M] () -- C:\WINDOWS\Installer\195129.msp
[2011/03/10 17:53:31 | 001,615,360 | ---- | M] () -- C:\WINDOWS\Installer\1c5fafe.msi
[2010/08/04 16:51:39 | 003,443,712 | ---- | M] () -- C:\WINDOWS\Installer\1c9289d.msi
[2011/03/12 17:17:16 | 001,615,360 | ---- | M] () -- C:\WINDOWS\Installer\1cd8068.msi
[2010/08/04 17:05:15 | 000,088,576 | ---- | M] () -- C:\WINDOWS\Installer\1d33a56.msi
[2008/07/29 17:31:06 | 006,083,072 | R--- | M] () -- C:\WINDOWS\Installer\1d33a57.msp
[2008/07/29 17:37:12 | 000,911,360 | R--- | M] () -- C:\WINDOWS\Installer\1d33a58.msp
[2008/07/29 17:33:08 | 000,506,368 | R--- | M] () -- C:\WINDOWS\Installer\1d33a59.msp
[2008/07/29 17:43:22 | 001,013,248 | R--- | M] () -- C:\WINDOWS\Installer\1d33a5a.msp
[2008/07/29 17:35:10 | 000,553,472 | R--- | M] () -- C:\WINDOWS\Installer\1d33a5b.msp
[2008/07/29 17:39:14 | 003,403,264 | R--- | M] () -- C:\WINDOWS\Installer\1d33a5c.msp
[2008/07/29 17:41:16 | 006,487,040 | R--- | M] () -- C:\WINDOWS\Installer\1d33a5d.msp
[2008/07/29 17:29:04 | 002,926,080 | R--- | M] () -- C:\WINDOWS\Installer\1d33a5e.msp
[2008/07/29 17:45:28 | 002,543,616 | R--- | M] () -- C:\WINDOWS\Installer\1d33a5f.msp
[2010/07/24 18:27:30 | 000,228,352 | ---- | M] () -- C:\WINDOWS\Installer\1d35385.msi
[2010/08/04 17:08:13 | 000,137,728 | ---- | M] () -- C:\WINDOWS\Installer\1d882e4.msi
[2008/07/29 21:07:20 | 000,023,040 | R--- | M] () -- C:\WINDOWS\Installer\1d882e5.msp
[2008/07/29 19:18:48 | 003,376,640 | R--- | M] () -- C:\WINDOWS\Installer\1d882e6.msp
[2008/07/29 20:22:42 | 004,137,984 | R--- | M] () -- C:\WINDOWS\Installer\1d882e7.msp
[2008/07/29 19:34:28 | 001,448,448 | R--- | M] () -- C:\WINDOWS\Installer\1d882e8.msp
[2008/07/29 21:15:12 | 003,697,664 | R--- | M] () -- C:\WINDOWS\Installer\1d882e9.msp
[2008/07/29 19:40:38 | 000,291,840 | R--- | M] () -- C:\WINDOWS\Installer\1d882ea.msp
[2008/07/29 20:37:56 | 002,679,808 | R--- | M] () -- C:\WINDOWS\Installer\1d882eb.msp
[2008/07/29 21:28:10 | 000,278,016 | R--- | M] () -- C:\WINDOWS\Installer\1d882ec.msp
[2008/07/29 19:26:26 | 001,043,456 | R--- | M] () -- C:\WINDOWS\Installer\1d882ed.msp
[2008/07/29 21:23:12 | 000,250,880 | R--- | M] () -- C:\WINDOWS\Installer\1d882ee.msp
[2010/08/04 17:09:49 | 000,648,192 | ---- | M] () -- C:\WINDOWS\Installer\1da901f.msi
[2008/12/13 09:57:24 | 008,397,824 | R--- | M] () -- C:\WINDOWS\Installer\1da902f.msp
[2011/03/08 18:14:23 | 001,615,360 | ---- | M] () -- C:\WINDOWS\Installer\1e2ce05.msi
[2011/07/14 10:40:30 | 003,489,280 | ---- | M] () -- C:\WINDOWS\Installer\1e3235.msi
[2011/04/14 18:22:32 | 003,446,272 | ---- | M] () -- C:\WINDOWS\Installer\1f17527.msi
[2010/08/04 20:35:56 | 019,210,240 | R--- | M] () -- C:\WINDOWS\Installer\1f60a0.msp
[2009/03/20 11:48:56 | 000,183,808 | R--- | M] () -- C:\WINDOWS\Installer\1f60ab.msp
[2010/08/04 20:39:43 | 000,195,584 | ---- | M] () -- C:\WINDOWS\Installer\1f60b3.msi
[2009/08/14 20:32:40 | 011,110,912 | R--- | M] () -- C:\WINDOWS\Installer\1f60bd.msp
[2010/04/11 22:17:10 | 004,210,688 | R--- | M] () -- C:\WINDOWS\Installer\1f60ca.msp
[2010/04/11 22:17:08 | 002,607,104 | R--- | M] () -- C:\WINDOWS\Installer\1f60cb.msp
[2010/04/11 22:17:12 | 014,599,680 | R--- | M] () -- C:\WINDOWS\Installer\1f60db.msp
[2010/02/25 00:14:38 | 000,543,232 | R--- | M] () -- C:\WINDOWS\Installer\1f60e4.msp
[2010/05/20 19:58:28 | 012,114,432 | R--- | M] () -- C:\WINDOWS\Installer\1f6104.msp
[2010/06/11 11:03:22 | 005,021,184 | R--- | M] () -- C:\WINDOWS\Installer\1f611c.msp
[2010/05/20 19:57:12 | 005,907,456 | R--- | M] () -- C:\WINDOWS\Installer\1f613c.msp
[2010/05/20 19:57:18 | 004,989,952 | R--- | M] () -- C:\WINDOWS\Installer\1f613d.msp
[2009/11/09 00:25:26 | 001,935,360 | R--- | M] () -- C:\WINDOWS\Installer\1f615a.msp
[2010/03/31 01:23:04 | 015,638,528 | R--- | M] () -- C:\WINDOWS\Installer\1f6168.msp
[2011/03/11 18:41:29 | 001,615,360 | ---- | M] () -- C:\WINDOWS\Installer\2100641.msi
[2011/03/09 19:03:18 | 001,615,360 | ---- | M] () -- C:\WINDOWS\Installer\213e98e.msi
[2011/03/31 11:34:38 | 000,005,632 | ---- | M] () -- C:\WINDOWS\Installer\21a972.ipi
[2009/09/12 14:32:16 | 000,264,704 | ---- | M] () -- C:\WINDOWS\Installer\223ef.msi
[2011/11/11 16:16:20 | 008,458,240 | R--- | M] () -- C:\WINDOWS\Installer\22f0612.msp
[2011/11/11 16:15:00 | 001,795,584 | R--- | M] () -- C:\WINDOWS\Installer\22f062a.msp
[2011/11/01 13:34:30 | 002,531,840 | R--- | M] () -- C:\WINDOWS\Installer\22f0642.msp
[2011/11/01 13:34:58 | 004,225,536 | R--- | M] () -- C:\WINDOWS\Installer\22f065f.msp
[2011/11/11 16:14:40 | 009,096,192 | R--- | M] () -- C:\WINDOWS\Installer\22f0677.msp
[2011/11/01 13:34:28 | 002,247,168 | R--- | M] () -- C:\WINDOWS\Installer\22f068f.msp
[2011/11/01 13:34:56 | 004,250,112 | R--- | M] () -- C:\WINDOWS\Installer\22f06a7.msp
[2012/03/25 21:04:50 | 000,005,120 | ---- | M] () -- C:\WINDOWS\Installer\22f19e7.ipi
[2010/01/14 21:26:08 | 005,027,840 | R--- | M] () -- C:\WINDOWS\Installer\231171.msp
[2009/10/16 07:08:48 | 002,237,952 | R--- | M] () -- C:\WINDOWS\Installer\235e68.msp
[2010/05/18 23:35:24 | 005,023,744 | R--- | M] () -- C:\WINDOWS\Installer\235e80.msp
[2010/04/24 17:05:14 | 004,199,424 | R--- | M] () -- C:\WINDOWS\Installer\235e98.msp
[2010/04/24 17:07:58 | 004,667,392 | R--- | M] () -- C:\WINDOWS\Installer\235eb0.msp
[2010/03/24 18:54:54 | 002,516,992 | R--- | M] () -- C:\WINDOWS\Installer\235ecd.msp
[2010/03/24 18:54:48 | 003,126,272 | R--- | M] () -- C:\WINDOWS\Installer\235ece.msp
[2010/04/24 17:08:48 | 009,129,984 | R--- | M] () -- C:\WINDOWS\Installer\235ee7.msp
[2010/04/24 17:09:46 | 011,750,912 | R--- | M] () -- C:\WINDOWS\Installer\235eff.msp
[2010/04/24 17:07:04 | 010,118,144 | R--- | M] () -- C:\WINDOWS\Installer\235f18.msp
[2010/04/24 17:10:46 | 008,486,400 | R--- | M] () -- C:\WINDOWS\Installer\235f30.msp
[2010/11/26 10:57:41 | 000,219,648 | ---- | M] () -- C:\WINDOWS\Installer\238f2a.msi
[2011/07/27 07:39:50 | 009,892,352 | R--- | M] () -- C:\WINDOWS\Installer\25f1d2a.msp
[2011/07/27 07:37:28 | 011,592,192 | R--- | M] () -- C:\WINDOWS\Installer\25f1d49.msp
[2011/09/06 21:48:02 | 008,181,248 | R--- | M] () -- C:\WINDOWS\Installer\25f1d61.msp
[2011/07/21 12:34:34 | 003,456,000 | R--- | M] () -- C:\WINDOWS\Installer\25f1d6e.msp
[2011/08/10 17:42:04 | 007,070,208 | R--- | M] () -- C:\WINDOWS\Installer\25f1d85.msp
[2011/08/24 06:37:22 | 004,985,856 | R--- | M] () -- C:\WINDOWS\Installer\25f1d9d.msp
[2011/06/21 11:59:26 | 001,764,352 | R--- | M] () -- C:\WINDOWS\Installer\25f1db6.msp
[2011/09/06 21:46:22 | 009,006,080 | R--- | M] () -- C:\WINDOWS\Installer\25f1dce.msp
[2011/08/10 17:43:30 | 003,795,968 | R--- | M] () -- C:\WINDOWS\Installer\25f1de6.msp
[2012/02/17 08:45:24 | 002,299,392 | R--- | M] () -- C:\WINDOWS\Installer\2621175.msp
[2012/04/28 21:43:58 | 008,459,264 | R--- | M] () -- C:\WINDOWS\Installer\262118d.msp
[2012/03/15 02:24:28 | 001,795,584 | R--- | M] () -- C:\WINDOWS\Installer\26211a5.msp
[2011/12/15 13:40:40 | 023,374,336 | R--- | M] () -- C:\WINDOWS\Installer\26211bb.msp
[2012/04/06 03:13:32 | 016,527,872 | R--- | M] () -- C:\WINDOWS\Installer\26211c8.msp
[2012/04/04 22:38:16 | 003,620,864 | R--- | M] () -- C:\WINDOWS\Installer\26211e0.msp
[2012/04/30 14:38:28 | 005,011,456 | R--- | M] () -- C:\WINDOWS\Installer\26211f8.msp
[2012/04/28 21:44:02 | 009,586,176 | R--- | M] () -- C:\WINDOWS\Installer\2621211.msp
[2012/01/19 13:37:24 | 008,999,936 | R--- | M] () -- C:\WINDOWS\Installer\262121d.msp
[2012/01/04 02:25:14 | 017,751,552 | R--- | M] () -- C:\WINDOWS\Installer\262122b.msp
[2011/12/22 16:50:54 | 000,256,000 | R--- | M] () -- C:\WINDOWS\Installer\2621234.msp
[2012/04/06 02:12:34 | 015,709,696 | R--- | M] () -- C:\WINDOWS\Installer\262123d.msp
[2012/04/28 21:44:02 | 009,101,824 | R--- | M] () -- C:\WINDOWS\Installer\2621255.msp
[2012/04/04 22:38:44 | 002,831,360 | R--- | M] () -- C:\WINDOWS\Installer\262126d.msp
[2011/12/26 09:59:58 | 004,368,896 | R--- | M] () -- C:\WINDOWS\Installer\26f08dd.msp
[2011/12/26 09:02:58 | 019,677,184 | R--- | M] () -- C:\WINDOWS\Installer\26f08f8.msp
[2011/12/25 05:40:46 | 000,819,200 | R--- | M] () -- C:\WINDOWS\Installer\26f0900.msp
[2009/09/12 15:13:32 | 002,397,184 | ---- | M] () -- C:\WINDOWS\Installer\279ac1.msi
[2009/09/12 15:13:40 | 000,501,248 | ---- | M] () -- C:\WINDOWS\Installer\279ac8.msi
[2009/09/12 15:13:47 | 001,713,152 | ---- | M] () -- C:\WINDOWS\Installer\279acf.msi
[2009/09/12 15:13:55 | 002,022,912 | ---- | M] () -- C:\WINDOWS\Installer\279ad6.msi
[2009/09/12 15:14:20 | 001,640,960 | ---- | M] () -- C:\WINDOWS\Installer\279add.msi
[2009/09/12 15:14:28 | 000,048,128 | ---- | M] () -- C:\WINDOWS\Installer\279ae7.msi
[2009/09/12 15:14:35 | 001,647,616 | ---- | M] () -- C:\WINDOWS\Installer\279aee.msi
[2009/09/12 15:14:40 | 000,501,248 | ---- | M] () -- C:\WINDOWS\Installer\279af5.msi
[2009/09/12 15:14:48 | 002,319,872 | ---- | M] () -- C:\WINDOWS\Installer\279afc.msi
[2009/09/12 15:14:59 | 000,513,024 | ---- | M] () -- C:\WINDOWS\Installer\279b03.msi
[2009/09/12 15:15:13 | 000,516,608 | ---- | M] () -- C:\WINDOWS\Installer\279b0b.msi
[2009/09/12 15:16:13 | 000,506,880 | ---- | M] () -- C:\WINDOWS\Installer\279b13.msi
[2009/09/12 15:16:19 | 000,501,248 | ---- | M] () -- C:\WINDOWS\Installer\279b1a.msi
[2009/09/12 15:16:29 | 001,652,736 | ---- | M] () -- C:\WINDOWS\Installer\279b21.msi
[2009/09/12 15:16:37 | 001,652,736 | ---- | M] () -- C:\WINDOWS\Installer\279b28.msi
[2009/09/12 15:16:49 | 001,652,736 | ---- | M] () -- C:\WINDOWS\Installer\279b2f.msi
[2009/09/12 15:16:52 | 000,501,248 | ---- | M] () -- C:\WINDOWS\Installer\279b36.msi
[2009/09/12 15:16:58 | 001,640,960 | ---- | M] () -- C:\WINDOWS\Installer\279b3d.msi
[2009/09/12 15:19:31 | 018,181,632 | ---- | M] () -- C:\WINDOWS\Installer\279b4b.msi
[2007/04/12 20:41:48 | 004,582,912 | R--- | M] () -- C:\WINDOWS\Installer\279b4c.msp
[2009/09/12 15:22:16 | 000,390,656 | ---- | M] () -- C:\WINDOWS\Installer\279b54.msi
[2011/03/28 03:27:52 | 015,456,256 | R--- | M] () -- C:\WINDOWS\Installer\2803f0f.msp
[2011/05/11 09:56:05 | 003,484,160 | ---- | M] () -- C:\WINDOWS\Installer\282cc6.msi
[2012/02/03 15:13:48 | 004,988,928 | R--- | M] () -- C:\WINDOWS\Installer\2c0e891.msp
[2011/10/30 22:54:38 | 002,748,416 | R--- | M] () -- C:\WINDOWS\Installer\2c0e89a.msp
[2009/11/22 11:35:10 | 001,887,232 | ---- | M] () -- C:\WINDOWS\Installer\2cd4db.msi
[2011/11/18 15:49:29 | 001,435,136 | ---- | M] () -- C:\WINDOWS\Installer\2d6bd5.msi
[2009/02/25 19:08:18 | 008,311,808 | R--- | M] () -- C:\WINDOWS\Installer\2ed864.msp
[2011/10/01 14:02:07 | 000,062,464 | ---- | M] () -- C:\WINDOWS\Installer\2f81b.msi
[2012/01/22 10:09:26 | 001,700,352 | R--- | M] () -- C:\WINDOWS\Installer\2fb62f7.msp
[2011/11/01 13:34:26 | 001,169,920 | R--- | M] () -- C:\WINDOWS\Installer\2fb630e.msp
[2012/02/02 23:56:22 | 000,963,584 | R--- | M] () -- C:\WINDOWS\Installer\2fb6317.msp
[2012/01/30 20:46:22 | 007,069,184 | R--- | M] () -- C:\WINDOWS\Installer\2fb6321.msp
[2012/03/23 14:59:02 | 007,899,648 | R--- | M] () -- C:\WINDOWS\Installer\2fb6338.msp
[2012/03/27 00:28:54 | 005,009,920 | R--- | M] () -- C:\WINDOWS\Installer\2fb6350.msp
[2011/12/19 23:30:42 | 000,314,368 | ---- | M] () -- C:\WINDOWS\Installer\30aad9a.msi
[2012/03/20 23:57:14 | 006,188,544 | R--- | M] () -- C:\WINDOWS\Installer\3412270.msp
[2012/04/25 19:32:24 | 007,069,184 | R--- | M] () -- C:\WINDOWS\Installer\341227b.msp
[2012/04/22 22:37:42 | 001,182,720 | R--- | M] () -- C:\WINDOWS\Installer\3412283.msp
[2012/03/15 13:43:28 | 004,216,320 | R--- | M] () -- C:\WINDOWS\Installer\341228b.msp
[2012/04/21 21:55:38 | 000,980,480 | R--- | M] () -- C:\WINDOWS\Installer\3412293.msp
[2012/05/30 07:17:06 | 005,010,432 | R--- | M] () -- C:\WINDOWS\Installer\34122ab.msp
[2009/10/16 07:09:28 | 002,518,016 | R--- | M] () -- C:\WINDOWS\Installer\34ff49.msp
[2009/12/03 14:15:12 | 005,004,288 | R--- | M] () -- C:\WINDOWS\Installer\34ff61.msp
[2010/02/06 14:16:54 | 000,429,568 | ---- | M] () -- C:\WINDOWS\Installer\34ff6c.msi
[2009/04/24 12:28:00 | 004,450,816 | R--- | M] () -- C:\WINDOWS\Installer\3dabc0.msp
[2009/05/04 07:47:22 | 009,124,864 | R--- | M] () -- C:\WINDOWS\Installer\3dabd9.msp
[2009/05/04 07:49:40 | 010,955,776 | R--- | M] () -- C:\WINDOWS\Installer\3dac16.msp
[2009/04/24 12:29:02 | 009,013,760 | R--- | M] () -- C:\WINDOWS\Installer\3dac30.msp
[2009/05/26 18:53:56 | 000,579,072 | R--- | M] () -- C:\WINDOWS\Installer\3dac47.msp
[2009/05/04 07:46:14 | 008,299,008 | R--- | M] () -- C:\WINDOWS\Installer\3dac60.msp
[2009/05/26 18:54:44 | 004,192,768 | R--- | M] () -- C:\WINDOWS\Installer\3dac7d.msp
[2009/04/24 12:30:16 | 002,583,552 | R--- | M] () -- C:\WINDOWS\Installer\3dac97.msp
[2012/02/29 23:45:14 | 004,989,440 | R--- | M] () -- C:\WINDOWS\Installer\3e094.msp
[2011/03/28 03:27:52 | 015,456,256 | R--- | M] () -- C:\WINDOWS\Installer\3ed81e.msp
[2011/04/18 18:39:14 | 000,223,232 | ---- | M] () -- C:\WINDOWS\Installer\4ddde5.msi
[2011/09/21 16:18:24 | 004,985,856 | R--- | M] () -- C:\WINDOWS\Installer\587931.msp
[2011/04/27 10:05:34 | 003,446,272 | ---- | M] () -- C:\WINDOWS\Installer\5ce74d.msi
[2011/07/29 13:54:41 | 000,019,968 | ---- | M] () -- C:\WINDOWS\Installer\60e7f.msi
[2010/12/25 14:41:34 | 003,065,856 | ---- | M] () -- C:\WINDOWS\Installer\6587a.msi
[2011/06/21 12:01:14 | 004,991,488 | R--- | M] () -- C:\WINDOWS\Installer\68120.msp
[2011/01/11 17:53:56 | 001,763,328 | R--- | M] () -- C:\WINDOWS\Installer\69bdf.msp
[2009/08/18 13:08:34 | 001,373,696 | R--- | M] () -- C:\WINDOWS\Installer\6b9a59.msp
[2009/07/27 04:31:24 | 003,738,624 | R--- | M] () -- C:\WINDOWS\Installer\6b9a71.msp
[2009/08/18 12:50:38 | 012,022,272 | R--- | M] () -- C:\WINDOWS\Installer\6b9a95.msp
[2009/08/05 07:49:32 | 003,457,024 | R--- | M] () -- C:\WINDOWS\Installer\6b9aaf.msp
[2009/10/16 07:03:20 | 005,003,776 | R--- | M] () -- C:\WINDOWS\Installer\6b9ac7.msp
[2009/08/18 12:57:54 | 009,122,304 | R--- | M] () -- C:\WINDOWS\Installer\6b9adf.msp
[2009/08/18 12:58:56 | 008,301,056 | R--- | M] () -- C:\WINDOWS\Installer\6b9af7.msp
[2012/03/20 23:57:14 | 006,188,544 | R--- | M] () -- C:\WINDOWS\Installer\6c6617.msp
[2012/04/25 19:32:24 | 007,069,184 | R--- | M] () -- C:\WINDOWS\Installer\6c6621.msp
[2012/04/22 22:37:42 | 001,182,720 | R--- | M] () -- C:\WINDOWS\Installer\6c6629.msp
[2012/03/15 13:43:28 | 004,216,320 | R--- | M] () -- C:\WINDOWS\Installer\6c6631.msp
[2012/04/21 21:55:38 | 000,980,480 | R--- | M] () -- C:\WINDOWS\Installer\6c6639.msp
[2012/05/30 07:17:06 | 005,010,432 | R--- | M] () -- C:\WINDOWS\Installer\6c6650.msp
[2011/08/09 10:49:23 | 003,489,280 | ---- | M] () -- C:\WINDOWS\Installer\6d792.msi
[2010/12/28 20:47:55 | 003,144,704 | ---- | M] () -- C:\WINDOWS\Installer\71ce4f.msi
[2009/10/26 21:39:58 | 001,549,312 | ---- | M] () -- C:\WINDOWS\Installer\766133.msi
[2009/10/26 21:40:27 | 000,694,272 | ---- | M] () -- C:\WINDOWS\Installer\76613a.msi
[2009/10/26 21:41:51 | 009,013,760 | ---- | M] () -- C:\WINDOWS\Installer\76613e.msi
[2011/07/27 07:42:04 | 004,985,856 | R--- | M] () -- C:\WINDOWS\Installer\77c97.msp
[2011/05/02 00:06:16 | 002,705,920 | R--- | M] () -- C:\WINDOWS\Installer\77ca0.msp
[2011/03/31 09:12:49 | 001,615,360 | ---- | M] () -- C:\WINDOWS\Installer\7cbaa.msi
[2011/06/21 12:01:14 | 004,991,488 | R--- | M] () -- C:\WINDOWS\Installer\843fdb.msp
[2011/03/28 03:27:52 | 015,456,256 | R--- | M] () -- C:\WINDOWS\Installer\843fe9.msp
[2009/04/14 03:22:08 | 019,840,000 | R--- | M] () -- C:\WINDOWS\Installer\88b0b5.msp
[2009/04/14 03:20:06 | 009,573,376 | R--- | M] () -- C:\WINDOWS\Installer\88b0bf.msp
[2009/04/14 04:51:24 | 001,303,040 | R--- | M] () -- C:\WINDOWS\Installer\88b0c9.msp
[2009/04/14 04:49:26 | 001,922,560 | R--- | M] () -- C:\WINDOWS\Installer\88b0d2.msp
[2009/04/14 04:18:14 | 009,684,480 | R--- | M] () -- C:\WINDOWS\Installer\88b0dc.msp
[2009/04/14 04:50:22 | 005,191,680 | R--- | M] () -- C:\WINDOWS\Installer\88b0e6.msp
[2009/04/14 04:56:18 | 020,498,944 | R--- | M] () -- C:\WINDOWS\Installer\88b0f0.msp
[2009/05/07 09:04:06 | 018,341,376 | R--- | M] () -- C:\WINDOWS\Installer\88b0fa.msp
[2009/04/14 04:21:34 | 015,303,168 | R--- | M] () -- C:\WINDOWS\Installer\88b104.msp
[2009/04/14 03:46:12 | 015,438,848 | R--- | M] () -- C:\WINDOWS\Installer\88b10e.msp
[2011/01/11 17:52:58 | 003,360,768 | R--- | M] () -- C:\WINDOWS\Installer\9109c9.msp
[2011/02/24 15:15:46 | 011,551,232 | R--- | M] () -- C:\WINDOWS\Installer\93dbda.msp
[2010/11/20 23:33:46 | 001,980,928 | R--- | M] () -- C:\WINDOWS\Installer\93dbf2.msp
[2011/01/11 17:50:38 | 008,177,152 | R--- | M] () -- C:\WINDOWS\Installer\93dc0a.msp
[2011/03/17 20:01:58 | 009,563,648 | R--- | M] () -- C:\WINDOWS\Installer\93dc22.msp
[2011/02/11 20:47:00 | 012,028,928 | R--- | M] () -- C:\WINDOWS\Installer\93dc2f.msp
[2010/11/20 23:32:52 | 004,165,120 | R--- | M] () -- C:\WINDOWS\Installer\93dc48.msp
[2011/01/11 17:49:20 | 009,003,008 | R--- | M] () -- C:\WINDOWS\Installer\93dc60.msp
[2011/03/17 20:05:24 | 004,989,440 | R--- | M] () -- C:\WINDOWS\Installer\93dc78.msp
[2011/03/12 17:41:39 | 001,615,360 | ---- | M] () -- C:\WINDOWS\Installer\94d39.msi
[2011/06/24 13:28:59 | 003,489,280 | ---- | M] () -- C:\WINDOWS\Installer\969ca.msi
[2011/08/13 22:05:36 | 001,565,696 | ---- | M] () -- C:\WINDOWS\Installer\97e71.msi
[2011/08/05 11:45:29 | 003,489,280 | ---- | M] () -- C:\WINDOWS\Installer\9f81b.msi
[2011/03/30 09:19:09 | 001,615,360 | ---- | M] () -- C:\WINDOWS\Installer\a1aea.msi
[2011/10/02 15:12:01 | 008,761,856 | ---- | M] () -- C:\WINDOWS\Installer\ad246.msi
[2009/09/15 12:29:44 | 000,432,640 | ---- | M] () -- C:\WINDOWS\Installer\ad7b38.msi
[2009/04/04 10:14:58 | 001,094,656 | R--- | M] () -- C:\WINDOWS\Installer\ad7b44.msp
[2009/04/04 11:36:32 | 021,390,848 | R--- | M] () -- C:\WINDOWS\Installer\ad7b45.msp
[2009/04/04 17:09:34 | 015,190,016 | R--- | M] () -- C:\WINDOWS\Installer\ad7b66.msp
[2009/04/04 17:08:40 | 343,058,432 | R--- | M] () -- C:\WINDOWS\Installer\ad7d1a.msp
[2009/04/04 17:10:08 | 009,926,144 | R--- | M] () -- C:\WINDOWS\Installer\ad7d26.msp
[2009/04/04 17:10:16 | 007,888,384 | R--- | M] () -- C:\WINDOWS\Installer\ad7d31.msp
[2009/04/04 17:10:24 | 001,282,560 | R--- | M] () -- C:\WINDOWS\Installer\ad7d3a.msp
[2009/09/15 12:41:16 | 000,248,832 | ---- | M] () -- C:\WINDOWS\Installer\ad7d42.msi
[2009/09/15 12:41:55 | 000,119,296 | ---- | M] () -- C:\WINDOWS\Installer\ad7d49.msi
[2009/08/18 12:56:58 | 005,020,672 | R--- | M] () -- C:\WINDOWS\Installer\ad7d60.msp
[2011/01/18 23:36:00 | 002,687,488 | R--- | M] () -- C:\WINDOWS\Installer\af857f.msp
[2011/07/11 17:19:28 | 010,619,904 | R--- | M] () -- C:\WINDOWS\Installer\b038a8.msp
[2011/04/13 11:37:02 | 019,201,024 | R--- | M] () -- C:\WINDOWS\Installer\b038b1.msp
[2011/12/26 05:06:20 | 005,115,392 | R--- | M] () -- C:\WINDOWS\Installer\b038b9.msp
[2011/10/26 15:38:54 | 002,830,848 | R--- | M] () -- C:\WINDOWS\Installer\b038c1.msp
[2011/04/28 05:42:32 | 004,990,976 | R--- | M] () -- C:\WINDOWS\Installer\b33651.msp
[2011/04/29 12:27:04 | 004,158,464 | R--- | M] () -- C:\WINDOWS\Installer\b33669.msp
[2011/04/22 19:41:34 | 011,507,712 | R--- | M] () -- C:\WINDOWS\Installer\b33685.msp
[2012/04/04 22:37:36 | 003,149,824 | R--- | M] () -- C:\WINDOWS\Installer\b37b2e.msp
[2012/04/04 22:37:40 | 002,540,544 | R--- | M] () -- C:\WINDOWS\Installer\b37b46.msp
[2012/06/19 12:54:42 | 005,009,920 | R--- | M] () -- C:\WINDOWS\Installer\b37b5e.msp
[2012/06/19 12:54:40 | 002,239,488 | R--- | M] () -- C:\WINDOWS\Installer\b37b76.msp
[2012/05/30 07:18:24 | 001,739,264 | R--- | M] () -- C:\WINDOWS\Installer\b37b81.msp
[2012/05/30 07:18:08 | 011,885,056 | R--- | M] () -- C:\WINDOWS\Installer\b37bb2.msp
[2011/12/08 19:24:04 | 004,989,952 | R--- | M] () -- C:\WINDOWS\Installer\b4d2db.msp
[2008/12/13 10:21:36 | 010,473,472 | R--- | M] () -- C:\WINDOWS\Installer\b595f.msp
[2008/12/13 09:58:22 | 000,754,688 | R--- | M] () -- C:\WINDOWS\Installer\b596c.msp
[2012/07/04 21:06:41 | 000,863,744 | ---- | M] () -- C:\WINDOWS\Installer\b7a2ed.msi
[2012/07/04 21:08:14 | 000,176,128 | ---- | M] () -- C:\WINDOWS\Installer\b7a2f4.msi
[2011/06/03 11:51:55 | 003,485,696 | ---- | M] () -- C:\WINDOWS\Installer\b8ff1.msi
[2010/05/19 13:08:52 | 011,408,896 | R--- | M] () -- C:\WINDOWS\Installer\b9a5ac.msp
[2011/03/31 08:58:05 | 001,615,360 | ---- | M] () -- C:\WINDOWS\Installer\c61cc.msi
[2010/10/08 22:07:04 | 011,559,424 | R--- | M] () -- C:\WINDOWS\Installer\cc0629.msp
[2010/07/23 01:03:24 | 000,338,432 | R--- | M] () -- C:\WINDOWS\Installer\cc0641.msp
[2010/11/20 23:35:20 | 003,359,744 | R--- | M] () -- C:\WINDOWS\Installer\cc0659.msp
[2010/10/21 18:10:00 | 003,995,136 | R--- | M] () -- C:\WINDOWS\Installer\cc0675.msp
[2010/08/04 15:13:04 | 000,686,080 | R--- | M] () -- C:\WINDOWS\Installer\d6a3c7.msp
[2010/07/23 01:04:08 | 011,395,072 | R--- | M] () -- C:\WINDOWS\Installer\d6a3e4.msp
[2011/09/15 23:05:54 | 001,411,072 | R--- | M] () -- C:\WINDOWS\Installer\d9a98a.msp
[2011/09/15 23:07:52 | 034,428,416 | R--- | M] () -- C:\WINDOWS\Installer\d9a98b.msp
[2011/09/15 23:07:28 | 016,691,712 | R--- | M] () -- C:\WINDOWS\Installer\d9a9a7.msp
[2011/09/15 23:04:54 | 428,804,608 | R--- | M] () -- C:\WINDOWS\Installer\d9abd6.msp
[2011/09/15 23:08:04 | 010,838,528 | R--- | M] () -- C:\WINDOWS\Installer\d9abe2.msp
[2011/09/15 23:09:22 | 011,163,136 | R--- | M] () -- C:\WINDOWS\Installer\d9abef.msp
[2011/09/15 23:10:36 | 007,959,552 | R--- | M] () -- C:\WINDOWS\Installer\d9abfa.msp
[2011/07/12 15:50:24 | 017,555,968 | R--- | M] () -- C:\WINDOWS\Installer\df6108.msp
[2011/07/11 20:43:20 | 011,641,344 | R--- | M] () -- C:\WINDOWS\Installer\df6114.msp
[2010/12/28 11:37:06 | 001,572,352 | ---- | M] () -- C:\WINDOWS\Installer\e42a2.msi
[2010/08/13 18:01:28 | 008,993,280 | R--- | M] () -- C:\WINDOWS\Installer\e8a45c.msp
[2010/09/17 06:06:50 | 003,355,648 | R--- | M] () -- C:\WINDOWS\Installer\e8a474.msp
[2010/08/13 18:02:20 | 002,545,664 | R--- | M] () -- C:\WINDOWS\Installer\e8a48c.msp
[2010/08/13 17:59:46 | 008,182,272 | R--- | M] () -- C:\WINDOWS\Installer\e8a4a4.msp
[2010/08/13 18:00:36 | 009,404,928 | R--- | M] () -- C:\WINDOWS\Installer\e8a4bd.msp
[2010/09/23 07:39:44 | 004,265,472 | R--- | M] () -- C:\WINDOWS\Installer\e8a4c9.msp
[2010/09/23 21:02:28 | 000,798,208 | R--- | M] () -- C:\WINDOWS\Installer\e8a4d2.msp
[2010/09/24 07:08:50 | 017,518,080 | R--- | M] () -- C:\WINDOWS\Installer\e8a4ec.msp
[2010/10/07 18:43:04 | 001,980,416 | R--- | M] () -- C:\WINDOWS\Installer\f2f097.msp
[2010/10/21 18:12:42 | 003,359,744 | R--- | M] () -- C:\WINDOWS\Installer\f2f0af.msp
[2010/09/17 06:04:16 | 009,401,856 | R--- | M] () -- C:\WINDOWS\Installer\f2f0c7.msp
[2012/07/14 12:30:55 | 001,077,376 | ---- | M] (SANDBOXIE L.T.D) -- C:\WINDOWS\Installer\SandboxieInstall32.exe
[2012/06/30 20:27:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Installer\wix{3C3901C5-3455-3E0A-A214-0B093A5070A6}.SchedServiceConfig.rmi
[2010/08/04 17:08:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Installer\wix{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.SchedServiceConfig.rmi
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %windir%\system32\tasks\*.* >

< %systemroot%\Fonts\*.exe >

< %systemroot%\*. /mp /s >

< MD5 for: EXPLORER.EXE >
[2008/04/14 17:30:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008/04/14 17:30:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 17:30:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: REGEDIT.EXE >
[2008/04/14 17:30:00 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\erdnt\cache\regedit.exe
[2008/04/14 17:30:00 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\regedit.exe
[2008/04/14 17:30:00 | 000,146,432 | ---- | M] (Microsoft Corporation) MD5=058710B720282CA82B909912D3EF28DB -- C:\WINDOWS\system32\dllcache\regedit.exe

< MD5 for: RUNSERVICE.EXE >
[2010/06/13 14:51:35 | 000,002,560 | ---- | M] () MD5=29FAB5363138F6E322F4CD780ED9D337 -- C:\WINDOWS\Runservice.exe

< MD5 for: SVCHOST.EXE >
[2008/04/14 17:30:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008/04/14 17:30:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 17:30:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/04/14 17:30:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008/04/14 17:30:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 17:30:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008/04/14 17:30:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008/04/14 17:30:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 17:30:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 5.1.3565
Copyright (C) 1999-2003 Microsoft Corporation.
On computer: CHANGEME
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 F DVD-ROM 0 B
Volume 1 C NTFS Partition 20 GB Healthy System
Volume 2 D NTFS Partition 26 GB Healthy
Volume 3 E NTFS Partition 29 GB Healthy

========== Files - Unicode (All) ==========
[2010/11/06 13:29:31 | 000,000,036 | ---- | M] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\󘉚
[2010/11/06 13:29:31 | 000,000,036 | ---- | C] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\󘉚

========== Alternate Data Streams ==========

@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,447 posts.
 
Join Date: Mar 2001
Location: Bradford, England
01-Aug-2012, 04:20 PM #29
Looks like Firefox may be displaying things a bit different, as I'm in IE now, and its a bit different (for the file we're trying to remove).

So, lets try this again. I normally use Firefox, but in IE for this fix

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Quote:
    :OTL
    [2010/11/06 13:29:31 | 000,000,036 | ---- | M] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\��
    [2010/11/06 13:29:31 | 000,000,036 | ---- | C] ()(C:\WINDOWS\System32\??) -- C:\WINDOWS\System32\��
    @Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
    [6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
    [2009/09/17 00:10:02 | 000,000,000 | ---D | M] -- C:\Dů
    :Files
    ipconfig /flushdns /c
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyjava]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Click OK.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot. Copy/Paste the report in your next reply.
ryan41225's Avatar
ryan41225 ryan41225 is offline
Computer Specs
Member with 22 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
02-Aug-2012, 11:19 AM #30
All processes killed
========== OTL ==========
File C:\WINDOWS\System32\�� not found.
File C:\WINDOWS\System32\�� not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
C:\WINDOWS\Installer\MSI18C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1CA.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC3B.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC79.tmp deleted successfully.
C:\WINDOWS\Installer\MSIEBA.tmp deleted successfully.
C:\WINDOWS\Installer\MSIEF9.tmp deleted successfully.
C:\Dů\Local Settings\Temporary Internet Files folder moved successfully.
C:\Dů\Local Settings folder moved successfully.
C:\Dů\Application Data folder moved successfully.
C:\Dů folder moved successfully.
File rity] not found.
File sethosts] not found.
File ptytemp] not found.
File ptyjava] not found.
File PTYFLASH] not found.
File EATERESTOREPOINT] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.53.1 log created on 08022012_214412

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
boot, rootkit, slow, startup, virus

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑

Content Relevant URLs by vBSEO 3.3.2