1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

My computer is slowly dying

Discussion in 'Virus & Other Malware Removal' started by ep2002, Dec 21, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    Actually I don't know about slowly anymore.

    Note before I start. Yes this is my business computer, but I'm a very very small business. My company barely makes enough to support me & I have no money to hire someone even if I could find someone qualified which most people online are not qualified as you know. So PLEASE help me. I don't care what gets deleted, I can barely work & I end up blaming others when the issue in the end is my computer - how embarrassing.

    I work 100% on my desktop, the only time I use my laptop is when I'm away out of town which is rare or for personal things. It looks like my laptop is infected too, but probably not as bad as the desktop. It's a brand new laptop too, less than a year old.

    Desktop - XP Proff
    laptop - 7 b/c I have no choice.

    Here are my stats for the desktop - http://speccy.piriform.com/results/xOeMISiTtcD3VF08kzRVGSZ

    These problems have been going on for months.

    I'm a very very careful user, but I am online all the time & so who knows what is sent to me either by accident or on purpose.

    At one point I thought I was hacked, but people said I wasn't. I recently got a new router & it's locked down just like the old one was when I learned how to do it.

    If I listed every problem we'd be here all day.

    I'll go thru the strangest of them:

    1. Screensaver & lockdown (p/w required to get onto the computer) works intermittently. Same issue with the laptop.

    2. I only use Firefox (Fx) & Thunderbird (TB). I also use Last Pass (LP). While LP isn't 100% the greatest piece of software, I have yet to find anyone who has the problems I have. It has to be something with the computer that is causing this.

    a) sometimes the site doesn't remember the login or inserts the wrong info. Those are even my Word Press (WP) blogs. I know LP doesn't work well with poorly coded sites, but for WP, it should be no problem.
    b) my Fx crashes all the time now. Ever since 6 or 7.0 I think. It won't stop crashing, sometimes 2 or more times a day. It's nuts. Different sites so it's not any one particular site.
    c) in July suddenly the the site for my hosting company (HD, the ticket site, not the CPanel) became HUGE (fonts, graphics) on my screen. This wasn't happening with any other site & they claim they didn't change anything & it didn't look like that as I sent them a SS.
    d) ever since I upgraded from Fx 5, whenever Fx restores previous pages or crashes & restores, some of the pages don't have the URL in the address bar. It's just missing. It's gotten slightly better, but it never happened before.
    d) When I forward an e-mail from my sent & maybe other folders within TB, it doesn't forward using the default e-mail account or the e-mail that it was using before. No one has been able to solve this problem.
    e) lots of problems with TB.

    i) Folders being created (not by me) with a string of numbers/letters.
    ii) Can't delete a folder I want to.
    iii) Mail missing from folders I need.
    iv) sometimes I go into a specific account & when I click on "write" it doesn't use the account's e-mail addy, it uses the default one.
    v) I keep getting this script error. It's also intermittent. I thought it was one of the add-ons, but even after I uninstalled that add-on it started happening again.
    vi) ever since the time change last month I've been having problems with the e-mail time in TB. At first it was hard to get the computer to manually set to the time I wanted it set to. I think I had daylight savings time set & where I am not there is no daylight savings time, so that screwed up the time. I finally got it to stick on the computer, but ever since then, any mail that comes in shows 1 hour behind the actual time it came in.

    I just tested it after unchecking the synch checkmark & I got the current time, but that was ONLY when I sent mail to myself from 2 different gmail accounts (one from the desktop, one from the laptop) When mail from others came thru, again, 1 hour behind.
    vii) the laptop has had a time issue as well. It keeps showing 1 hour behind no matter how many times I set it. I've now taking off the synchronization checkmark to see if that helps (someone recommended that)
    viii) back in June e-mail that I normally always got from my gateway stopped coming through. HD claimed it was coming into my TB, yet I wasn't getting it. Eventually that problem stopped, but boy was that scary.

    3. Starting back in Dec./Jan. of this year, I switched hosting companies & was introduced to CPanel. I used the Spam Assasin (SA) religiously wasting a lot of time b/c every few weeks all the entries I submitted would disappear.

    After wasting more time dealing with host dime (the hosting company), they blamed it on my computer saying it was deleting the entries. Yes I had ghosts.

    After someone helped to logically think things thru & he actually saw it happen while he was in my computer remotely, he figured out it was a conflict between Fx & SA & the timeout or reboot function.

    What I don't understand is why it wasn't reported online. I can't be the ONLY person using Fx with SA. When I switched to Chrome just to use the Cpanel, the problem stopped, but I eventually stopped using SA b/c it was a waste of time blocking good mail that I put on the white list.

    My point is, I still think it had something to do with my computer.

    4. Files keep disappearing from my computer. I know they were there, just gone & this must have happened a while ago b/c I have everything backed up through Crash Plan & I couldn't find them there either.


    5. Shortcuts in the start menu disappeared. All but Fx & TB.

    6. Junk files in the “The Car” folder. Can't delete them, warning says some are part of the system file. AlbumArt_{0A0B70F4-AA3C-48FF-B440-70925C53A4A0}_Large.jpg - this file has music in it. I don't save or keep art.

    7. On my E drive (used for e-mails & other backup type stuff) this folder is there. I didn't create it. fe19a24640db537895a48aa9e4d1fd

    8. Same here, not sure what this is – SMRTNTKY

    9. When I tried to listen to VM greetings from RC & my extension 100, they wouldn’t play on Windows Media Player. It kept telling me it didn’t recognize the file type even though it’s an mp3 file. Default intro greeting & default VM greeting

    10. In my router had 2 ports opened called RC1 & RC2 ports 5060 to 5090 & 8000 to 8200 (This isn’t a problem that needs to be fixed, but it’s very suspicious, as I have no idea why this was there) I deleted them while on the phone with Linksys.

    11. 12-18-11 - Speakers won’t play on the computer. Speakers are fine as they played in the cell phone, drivers are there as someone walked me thru confirming that, nothing will play. : (

    12. I use Track Changes in Word religiously. I recently hired a new biz consultant who isn’t tech savvy & he changed the font to some weird font. On my computer it shows up as ALL CAPS, but on his it has both lower & upper case. I forwarded it to someone else also using Word 2003, & they see what he sees. I sent it to my laptop, although it looks blotchy & faint, I can see the lower case.

    So as you can see, really strange things.

    I'll paste the log files below.

    Thank you. I hope some sharp cookie can help :)


    Michelle
     
  2. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    I didn't DL the beta version...

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:32:37 PM, on 12/21/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\CrashPlan\CrashPlanService.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe
    D:\Notes\LogMeIn\x86\LogMeInSystray.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\Browny02\Brother\BrStMonW.exe
    C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
    D:\Notes\LogMeIn\x86\RaMaint.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    D:\Notes\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe
    C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
    C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
    C:\WINDOWS\system32\NLSSRV32.EXE
    C:\Program Files\CrashPlan\CrashPlanTray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Browny02\BrYNSvc.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Speccy\Speccy.exe
    C:\WINDOWS\System32\vssvc.exe
    D:\Downloads\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\ChitChat Toolbar\tbhelper.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\ChitChat Toolbar\tbcore3.dll
    O3 - Toolbar: ChitChat Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\ChitChat Toolbar\tbcore3.dll
    O4 - HKLM\..\Run: [rmtemp] cmd /c c:\dostools\rmtemp.bat
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LogMeIn GUI] "D:\Notes\LogMeIn\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
    O4 - HKLM\..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Personal Assistant] C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RCUI] "C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe"
    O4 - HKCU\..\Run: [RCHotKey] "C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Chit Chat for Facebook] C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
    O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
    O4 - Global Startup: CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O8 - Extra context menu item: Add to &Evernote - res://C:\Program Files\Evernote\Evernote3.5\enbar.dll/2000
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll
    O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Billeo - {97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) -
    O16 - DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} (RingCentral Message Player Control) - http://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://linksyssupport.webex.com/client/T27L10NSP11EP13-5395-linksyssupport/support/ieatgpc.cab
    O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
    O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: Avira Upgrade Service (AviraUpgradeService) - Unknown owner - C:\WINDOWS\TEMP\AVSETUP_4eac0d84\avupgsvc.exe (file missing)
    O23 - Service: Bomgar Support Customer Client [1291058205] (bomgar-scc-1291058205) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-4CF3FC1D\bomgar-scc.exe (file missing)
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
    O23 - Service: CrashPlan Backup Service (CrashPlanService) - CrashPlan - C:\Program Files\CrashPlan\CrashPlanService.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - D:\Notes\LogMeIn\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - D:\Notes\LogMeIn\x86\LogMeIn.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
    O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    --
    End of file - 13208 bytes
     
  3. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    Re: HJT, programs that are on my computer by choice in case you are wondering:

    1. personal assistant
    2. Chat Chat for FB


    Michelle
     
  4. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
    Run by Michelle at 19:37:30 on 2011-12-21
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.1131 [GMT -6:00]
    .
    AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    .
    ============== Running Processes ===============
    .
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\system32\Ati2evxx.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\CrashPlan\CrashPlanService.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe
    D:\Notes\LogMeIn\x86\LogMeInSystray.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\Browny02\Brother\BrStMonW.exe
    C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
    D:\Notes\LogMeIn\x86\RaMaint.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    D:\Notes\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe
    C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
    C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
    C:\WINDOWS\system32\NLSSRV32.EXE
    C:\Program Files\CrashPlan\CrashPlanTray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Browny02\BrYNSvc.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Speccy\Speccy.exe
    C:\WINDOWS\System32\vssvc.exe
    D:\Downloads\HijackThis.exe
    C:\WINDOWS\system32\mspaint.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\chitchat toolbar\tbhelper.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\chitchat toolbar\tbcore3.dll
    TB: ChitChat Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\chitchat toolbar\tbcore3.dll
    uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
    uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
    uRun: [Personal Assistant] c:\program files\shelltoys\personal assistant\assistant.exe
    uRun: [Google Update] "c:\documents and settings\michelle\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [RCUI] "c:\program files\ringcentral\ringcentral call controller\RCUI.exe"
    uRun: [RCHotKey] "c:\program files\ringcentral\ringcentral call controller\RCHotKey.exe"
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
    uRun: [Chit Chat for Facebook] c:\program files\chit chat for facebook\CCFFacebook.exe
    mRun: [rmtemp] cmd /c c:\dostools\rmtemp.bat
    mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
    mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [LogMeIn GUI] "d:\notes\logmein\x86\LogMeInSystray.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [BrStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN
    mRun: [KodakShareButtonApp] c:\program files\kodak\kodak share button app\Listener.exe
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    StartupFolder: c:\docume~1\michelle\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\crashp~1.lnk - c:\program files\crashplan\CrashPlanTray.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
    IE: Add to &Evernote - c:\program files\evernote\evernote3.5\enbar.dll/2000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6\ICQ.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - c:\program files\evernote\evernote3.5\enbar.dll
    Trusted Zone: exoticpublishing.com
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} - hxxp://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://linksyssupport.webex.com/client/T27L10NSP11EP13-5395-linksyssupport/support/ieatgpc.cab
    DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
    TCP: DhcpNameServer = 200.75.200.3 200.75.200.2
    TCP: Interfaces\{23E4F7C4-7DC6-489A-9574-0FF705F312F3} : DhcpNameServer = 200.75.200.3 200.75.200.2
    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
    Handler: intu-res - {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - c:\program files\common files\intuit\intu-res.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    Notify: GoToAssist - c:\program files\citrix\gotoassist\570\G2AWinLogon.dll
    Notify: LMIinit - LMIinit.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\michelle\application data\mozilla\firefox\profiles\vc1po946.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.exoticpublishing.com/adminDB/freelancers_maintenance.php|http://exoticpublishing.hyperoffice...p://www.odesk.com|http://66.7.214.224/cpanel/
    FF - prefs.js: network.proxy.http - http://proxy.uconn.edu:3000/proxy.pac
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\documents and settings\michelle\application data\mozilla\firefox\profiles\vc1po946.default\extensions\[email protected]\platform\winnt_x86-msvc\components\lpxpcom.dll
    FF - plugin: c:\documents and settings\michelle\application data\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\documents and settings\michelle\application data\mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: c:\documents and settings\michelle\application data\mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: c:\documents and settings\michelle\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\NPCltInst11.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-29 36000]
    R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-29 86224]
    R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2011-10-29 110032]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-29 74640]
    R2 CrashPlanService;CrashPlan Backup Service;c:\program files\crashplan\CrashPlanService.exe [2011-6-29 152576]
    R2 LMIGuardianSvc;LMIGuardianSvc;d:\notes\logmein\x86\LMIGuardianSvc.exe [2010-9-16 374152]
    R2 LMIInfo;LogMeIn Kernel Information Provider;d:\notes\logmein\x86\rainfo.sys [2010-5-31 12856]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-9-24 47640]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-11-27 366152]
    R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2011-3-21 196928]
    R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-3-21 68928]
    R3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2011-2-22 245760]
    R3 cpuz135;cpuz135;\??\c:\docume~1\michelle\locals~1\temp\cpuz135\cpuz135_x32.sys --> c:\docume~1\michelle\locals~1\temp\cpuz135\cpuz135_x32.sys [?]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-27 22216]
    R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\drivers\stdriver32.sys [2010-7-25 49208]
    R4 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
    S2 AviraUpgradeService;Avira Upgrade Service;"c:\windows\temp\avsetup_4eac0d84\avupgsvc.exe" /tempstart:""c:\windows\temp\avsetup_4eac0d84\setup.exe" /notempcleanup /crossupgrade" --> c:\windows\temp\avsetup_4eac0d84\avupgsvc.exe [?]
    S2 bomgar-scc-1291058205;Bomgar Support Customer Client [1291058205];"c:\documents and settings\all users\application data\bomgar-scc-4cf3fc1d\bomgar-scc.exe" -service:run --> c:\documents and settings\all users\application data\bomgar-scc-4cf3fc1d\bomgar-scc.exe [?]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-10-15 136176]
    S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
    S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2011-2-22 71424]
    S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [2011-2-22 11520]
    S3 cpuz129;cpuz129;\??\c:\docume~1\michelle\locals~1\temp\cpuz_x32.sys --> c:\docume~1\michelle\locals~1\temp\cpuz_x32.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-10-15 136176]
    S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-12-10 27064]
    S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys --> c:\windows\system32\drivers\RT2860.sys [?]
    S4 LMIRfsClientNP;LMIRfsClientNP; [x]
    .
    =============== Created Last 30 ================
    .
    2011-12-11 19:39:48 -------- dc----w- c:\documents and settings\michelle\application data\Domain Name Analyzer v4.1
    2011-12-11 19:39:40 -------- dc----w- c:\program files\Softnik Technologies
    2011-12-10 15:38:09 -------- d-sh--w- C:\found.001
    2011-12-09 04:28:11 -------- dc----w- C:\EVENTDB
    2011-12-09 04:28:01 -------- dc----w- C:\REPORTS
    2011-12-09 04:28:01 -------- dc----w- C:\LOGFILES
    2011-12-09 04:28:01 -------- dc----w- C:\INFECTED
    2011-12-09 01:39:48 -------- dc----w- c:\program files\OverDrive Media Console
    2011-12-05 23:43:04 -------- dc----w- c:\program files\Cisco Systems
    2011-12-05 23:13:32 -------- dc----w- c:\documents and settings\all users\application data\Cisco Systems
    2011-11-25 02:38:28 -------- dc----w- c:\program files\Chit Chat For Facebook
    2011-11-25 02:38:28 -------- dc----w- c:\documents and settings\all users\application data\Chit Chat For Facebook
    .
    ==================== Find3M ====================
    .
    2011-12-15 19:24:26 83360 -c--a-w- c:\windows\system32\LMIRfsClientNP.dll
    2011-12-15 19:24:25 52096 -c--a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
    2011-12-15 19:24:24 87424 -c--a-w- c:\windows\system32\LMIinit.dll
    2011-12-15 19:24:24 30592 -c--a-w- c:\windows\system32\LMIport.dll
    2011-11-23 13:25:32 1859584 -c--a-w- c:\windows\system32\win32k.sys
    2011-11-15 01:21:32 414368 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-07 16:52:52 4734 -c--a-w- c:\windows\system32\PerfStringBackup.TMP
    2011-11-04 19:20:51 916992 -c--a-w- c:\windows\system32\wininet.dll
    2011-11-04 19:20:51 43520 -c--a-w- c:\windows\system32\licmgr10.dll
    2011-11-04 19:20:51 1469440 -c----w- c:\windows\system32\inetcpl.cpl
    2011-11-04 11:23:59 385024 -c--a-w- c:\windows\system32\html.iec
    2011-11-01 16:07:10 1288704 -c--a-w- c:\windows\system32\ole32.dll
    2011-10-28 05:31:48 33280 -c--a-w- c:\windows\system32\csrsrv.dll
    2011-10-25 13:37:08 2148864 -c----w- c:\windows\system32\ntoskrnl.exe
    2011-10-25 12:52:02 2027008 -c----w- c:\windows\system32\ntkrnlpa.exe
    2011-10-19 21:56:50 74640 -c--a-w- c:\windows\system32\drivers\avgntflt.sys
    2011-10-19 21:56:50 36000 -c--a-w- c:\windows\system32\drivers\avkmgr.sys
    2011-10-18 11:13:22 186880 -c--a-w- c:\windows\system32\encdec.dll
    2011-10-10 14:22:41 692736 -c--a-w- c:\windows\system32\inetcomm.dll
    2011-10-07 14:37:30 83360 -c--a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
    2011-10-07 14:37:27 87424 -c--a-w- c:\windows\system32\LMIinit.dll.000.bak
    2011-10-03 11:06:03 472808 -c--a-w- c:\windows\system32\deployJava1.dll
    2011-10-03 08:37:52 73728 -c--a-w- c:\windows\system32\javacpl.cpl
    2011-09-28 07:06:50 599040 -c--a-w- c:\windows\system32\crypt32.dll
    2011-09-26 16:41:20 611328 -c--a-w- c:\windows\system32\uiautomationcore.dll
    2011-09-26 16:41:20 220160 -c--a-w- c:\windows\system32\oleacc.dll
    2011-09-26 16:41:14 20480 -c--a-w- c:\windows\system32\oleaccrc.dll
    .
    =================== ROOTKIT ====================
    .
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
    Windows 5.1.2600
    .
    CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
    device: opened successfully
    user: error reading MBR
    .
    Disk trace:
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
    c:\windows\system32\drivers\nvata.sys NVIDIA Corporation NVIDIA nForce(TM) IDE Driver
    1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8B120AB8]
    3 CLASSPNP[0xBA108FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000072[0x8B121AC0]
    5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000071[0x8B120030]
    kernel: MBR read successfully
    _asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
    user != kernel MBR !!!
    .
    ============= FINISH: 19:38:24.71 ===============
     
  5. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    Here is the attach file
     

    Attached Files:

  6. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    Ok, first the GMER software hung the computer so I had to reboot.

    The 2nd time it worked, BUT it took around 1.5 hours give or take, to run thru C drive. Is that normal?

    Thanks everyone & have a lovely night :)


    Michelle

    ----------------------------------
    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-12-21 21:59:03
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\00000073 ST3500418AS rev.CC38
    Running: 8f0c5e3u.exe; Driver: C:\DOCUME~1\Michelle\LOCALS~1\Temp\awndyfow.sys


    ---- System - GMER 1.0.15 ----

    SSDT BA7EE8B4 ZwClose
    SSDT BA7EE86E ZwCreateKey
    SSDT BA7EE8BE ZwCreateSection
    SSDT BA7EE864 ZwCreateThread
    SSDT BA7EE873 ZwDeleteKey
    SSDT BA7EE87D ZwDeleteValueKey
    SSDT BA7EE8AF ZwDuplicateObject
    SSDT BA7EE882 ZwLoadKey
    SSDT BA7EE850 ZwOpenProcess
    SSDT BA7EE855 ZwOpenThread
    SSDT BA7EE8D7 ZwQueryValueKey
    SSDT BA7EE88C ZwReplaceKey
    SSDT BA7EE8C8 ZwRequestWaitReplyPort
    SSDT BA7EE887 ZwRestoreKey
    SSDT BA7EE8C3 ZwSetContextThread
    SSDT BA7EE8CD ZwSetSecurityObject
    SSDT BA7EE878 ZwSetValueKey
    SSDT BA7EE8D2 ZwSystemDebugControl
    SSDT BA7EE85F ZwTerminateProcess

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwCallbackReturn + 2C48 805044E4 4 Bytes CALL D1CEFF67
    .text ntkrnlpa.exe!ZwCallbackReturn + 2C88 80504524 4 Bytes [6E, E8, 7E, BA]
    .text ntkrnlpa.exe!ZwCallbackReturn + 2CAC 80504548 4 Bytes CALL D09EFFCB
    .text ntkrnlpa.exe!ZwCallbackReturn + 2CB8 80504554 4 Bytes CALL EFBEFFD7
    .text ntkrnlpa.exe!ZwCallbackReturn + 2CE0 8050457C 4 Bytes CALL D2DAFFFF
    .text ...
    .text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB85B6000, 0x1C5DC8, 0xE8000020]

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Program Files\Mozilla Thunderbird\thunderbird.exe[4296] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 0040142F C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Thunderbird/Mozilla Messaging)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----
     
  7. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    Ok, update...

    Someone who is a software person more than a hardware person came over today to install the new video card.

    It wouldn't work :( I got those 3 beeps that were causing problems a month or two ago.

    He took out the stupid wireless card that never worked, so that's good, but I just paid $50 for that video card & it won't work in my computer (HELP).

    He thinks it's the MB <sigh> I can't afford a new MB right now & I don't even have anyone I can trust to put it in even if I could afford it.

    He tried to redo the drivers for the sound card (realteck), but that didn't solve the speaker issue.

    Oh gawd, I'm really getting scared now. We almost couldn't get the computer back once he put the old video card back in. I had to pray to my baby that she stay with me.


    Michelle
     
  8. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    I know it's the holidays so I'm waiting patiently.

    Pls. help.

    The speakers are suddenly working thank gawd.

    Everything else is the same.

    Thank you

    Michelle
     
  9. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,770
    Hiya

    Please download Malwarebytes' Anti-Malware from Here or Here

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Full Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.






    Download and scan with SUPERAntiSpyware Free for Home Users
    • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    • An icon will be created on your desktop. Double-click that icon to launch the program.
    • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
    • Under "Configuration and Preferences", click the Preferences button.
    • Click the Scanning Control tab.
    • Under Scanner Options make sure the following are checked (leave all others unchecked):
      • Close browsers before scanning.
      • Scan for tracking cookies.
      • Terminate memory threats before quarantining.
    • Click the "Close" button to leave the control center screen.
    • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan.
    • Click "Next" to start the scan. Please be patient while it scans your computer.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes".
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.
      • Click Preferences, then click the Statistics/Logs tab.
      • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
      • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
      • Please copy and paste the Scan Log results in your next reply.
    • Click Close to exit the program.

    Please include the MBAM log and, SUPERAntiSpyware Scan Log and a fresh HijackThis log in your next reply

    eddie
     
  10. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    Umm, I already have the paid version of MBAM on my computer, so I'm not sure why you awnat to me to add it again.

    As for Super Anti spyware, I had the paid version for the longest time & it recently experienced. I was told not to h ave both on my computer, so I am not renewing it.



    Michelle
     
  11. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,770
    Okay, as you have the paid version of MBAM, can you update it and run a full system scan :)

    Also, can you do the following:

    Download OTL to your Desktop
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

    eddie
     
  12. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    Hi,

    Not sure what happened, but no "extra" notepad opened, so all I have is the other one.

    OTL logfile created on: 1/1/2012 7:10:40 PM - Run 3
    OTL by OldTimer - Version 3.2.31.0 Folder = D:\Downloads
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.50 Gb Total Physical Memory | 2.65 Gb Available Physical Memory | 75.65% Memory free
    6.34 Gb Paging File | 5.35 Gb Available in Paging File | 84.35% Paging File free
    Paging file location(s): C:\pagefile.sys 3072 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 147.72 Gb Total Space | 114.70 Gb Free Space | 77.65% Space Free | Partition Type: NTFS
    Drive D: | 142.83 Gb Total Space | 130.83 Gb Free Space | 91.60% Space Free | Partition Type: NTFS
    Drive E: | 175.22 Gb Total Space | 147.80 Gb Free Space | 84.36% Space Free | Partition Type: NTFS

    Computer Name: EXOTIC-3C629299 | User Name: Michelle | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/01/01 18:50:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL(1).exe
    PRC - [2011/12/15 13:24:36 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\ramaint.exe
    PRC - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe
    PRC - [2011/11/21 23:33:42 | 003,788,288 | ---- | M] (Athena IT Limited) -- C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
    PRC - [2011/11/14 16:24:33 | 000,399,512 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    PRC - [2011/10/19 15:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    PRC - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2011/10/19 15:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2011/08/31 16:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) -- C:\Program Files\CrashPlan\CrashPlanService.exe
    PRC - [2011/06/29 03:21:40 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Program Files\CrashPlan\CrashPlanTray.exe
    PRC - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
    PRC - [2011/03/21 10:17:44 | 000,196,928 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
    PRC - [2011/03/07 10:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
    PRC - [2011/02/23 15:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    PRC - [2011/02/02 17:37:22 | 000,500,992 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe
    PRC - [2011/02/02 17:37:18 | 000,038,144 | ---- | M] (RingCentral, Inc.) -- C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe
    PRC - [2010/11/08 11:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LogMeIn.exe
    PRC - [2010/10/27 17:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    PRC - [2010/05/31 09:31:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- D:\Notes\LogMeIn\x86\LogMeInSystray.exe
    PRC - [2010/03/18 09:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2010/02/09 15:43:16 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe
    PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
    PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2008/01/31 12:01:38 | 000,159,744 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
    PRC - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
    PRC - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe


    ========== Modules (No Company Name) ==========

    MOD - [2011/11/14 16:24:35 | 001,988,760 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
    MOD - [2011/11/14 16:24:35 | 000,161,944 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
    MOD - [2011/11/14 16:24:35 | 000,021,656 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
    MOD - [2011/10/19 15:56:38 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
    MOD - [2011/10/15 15:23:47 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
    MOD - [2011/04/13 23:19:48 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
    MOD - [2011/04/13 23:19:48 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
    MOD - [2011/04/13 23:19:48 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
    MOD - [2011/04/13 23:19:48 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
    MOD - [2011/04/13 23:19:48 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
    MOD - [2011/04/13 23:19:48 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
    MOD - [2011/04/13 23:19:48 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
    MOD - [2011/04/13 23:19:48 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
    MOD - [2011/04/13 23:19:48 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
    MOD - [2011/04/13 23:19:48 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
    MOD - [2011/04/13 23:19:48 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
    MOD - [2011/04/13 23:19:47 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
    MOD - [2011/04/13 23:19:47 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
    MOD - [2011/04/13 23:19:47 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
    MOD - [2011/04/13 23:19:46 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
    MOD - [2011/04/13 23:19:46 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
    MOD - [2011/04/13 23:19:46 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
    MOD - [2011/04/13 23:19:46 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
    MOD - [2011/04/13 23:19:46 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
    MOD - [2011/04/13 23:19:46 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
    MOD - [2011/04/13 23:19:45 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
    MOD - [2011/04/13 23:19:45 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
    MOD - [2011/04/13 23:19:45 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
    MOD - [2011/04/13 23:19:45 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
    MOD - [2011/04/13 23:19:45 | 000,234,496 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
    MOD - [2011/04/13 23:19:44 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
    MOD - [2011/04/13 23:19:44 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
    MOD - [2011/04/13 23:19:44 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
    MOD - [2011/04/13 23:19:44 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
    MOD - [2011/04/13 23:19:44 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
    MOD - [2011/04/13 23:19:43 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
    MOD - [2011/04/13 23:19:42 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
    MOD - [2011/04/13 23:19:42 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
    MOD - [2011/04/13 23:19:41 | 000,078,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
    MOD - [2011/02/02 17:38:46 | 001,049,856 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCTH.dll
    MOD - [2011/02/02 17:38:28 | 000,369,920 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\RCABEx.dll
    MOD - [2011/02/02 17:31:32 | 001,548,288 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\Characters\RCSPSkSPVista.dll
    MOD - [2010/05/05 10:21:58 | 000,126,976 | ---- | M] () -- C:\Program Files\RingCentral\RingCentral Call Controller\NetFixDll.dll
    MOD - [2010/02/16 12:57:38 | 000,301,568 | ---- | M] () -- C:\Program Files\ChitChat Toolbar\tbhelper.dll
    MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
    MOD - [2008/04/13 18:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2008/04/13 18:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
    MOD - [2006/02/28 06:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
    MOD - [2003/03/05 12:02:31 | 000,456,704 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\assistant.exe
    MOD - [2003/02/16 11:06:44 | 000,122,880 | ---- | M] () -- C:\Program Files\Shelltoys\Personal Assistant\tcdbtext.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [1291058205] [Auto | Stopped] -- -- (bomgar-scc-1291058205)
    SRV - File not found [Auto | Stopped] -- -- (AviraUpgradeService)
    SRV - [2011/12/15 13:24:36 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Notes\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
    SRV - [2011/12/15 13:24:24 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Notes\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
    SRV - [2011/10/19 15:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2011/10/19 15:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2011/06/29 03:22:06 | 000,152,576 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
    SRV - [2011/03/21 10:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
    SRV - [2011/03/21 10:17:44 | 000,196,928 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe -- (NitroDriverReadSpool)
    SRV - [2010/11/08 11:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Notes\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
    SRV - [2010/03/18 09:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
    SRV - [2009/08/26 12:40:16 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
    SRV - [2007/08/09 01:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
    SRV - [2004/07/20 12:15:20 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


    ========== Driver Services (SafeList) ==========

    DRV - [2011/12/15 13:24:26 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
    DRV - [2011/12/09 04:58:16 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
    DRV - [2011/10/19 15:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2011/10/19 15:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
    DRV - [2011/08/31 16:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2010/07/25 02:56:58 | 000,049,208 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stdriver32.sys -- (stdriver)
    DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2010/05/31 09:31:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- D:\Notes\LogMeIn\x86\rainfo.sys -- (LMIInfo)
    DRV - [2010/05/31 09:31:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
    DRV - [2009/12/30 10:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
    DRV - [2009/11/02 21:06:12 | 000,011,520 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb) Brother Serial USB Driver(WDM)
    DRV - [2009/11/02 21:06:11 | 000,071,424 | R--- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb) Brother Serial Interface Driver(WDM)
    DRV - [2009/03/04 01:49:58 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2008/07/24 00:55:23 | 000,007,296 | --S- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.SYS -- (EIO)
    DRV - [2008/02/27 11:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
    DRV - [2008/01/23 15:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn)
    DRV - [2007/11/09 02:14:09 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
    DRV - [2006/11/15 22:34:40 | 004,225,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2006/04/24 15:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
    DRV - [2006/02/17 09:28:32 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
    DRV - [2006/02/17 09:28:30 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
    DRV - [2005/11/24 17:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
    DRV - [2004/07/20 12:19:16 | 000,020,096 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
    DRV - [2004/07/06 17:56:26 | 000,044,544 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D.sys -- (Video3D)
    DRV - [2003/11/30 20:54:20 | 000,043,136 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
    DRV - [2003/09/25 20:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 95 A5 63 2D 6B CB 01 [binary data]
    IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\ChitChat Toolbar\tbhelper.dll ()
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.exoticpublishing.com/adminDB/freelancers_maintenance.php|http://exoticpublishing.hyperoffice.com/|https://www.mcssl.com/Netcart/login/login.asp?pr=6|https://www.secure-ebook.com/login.jsp?myAction=login|http://www.mimeo.com/|http://www.fiverr.com/|http://www.odesk.com|http://66.7.214.224/cpanel/"
    FF - prefs.js..extensions.enabledItems: areadecoder@kevski:1.0.3
    FF - prefs.js..extensions.enabledItems: [email protected]:1.0
    FF - prefs.js..extensions.enabledItems: [email protected]:1.4.3
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: [email protected]:1.72.0
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..network.proxy.autoconfig_url: "http://proxy.uconn.edu:3000/proxy.pac"
    FF - prefs.js..network.proxy.http: "http://proxy.uconn.edu:3000/proxy.pac"
    FF - prefs.js..network.proxy.type: 0


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/09 14:28:31 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/03 22:30:13 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/08/16 23:36:57 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

    [2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions
    [2010/03/07 07:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
    [2011/12/30 02:00:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions
    [2011/08/24 19:36:44 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
    [2010/04/27 15:01:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/12/17 10:25:22 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
    [2011/09/05 11:16:07 | 000,000,000 | ---D | M] (FEBE) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
    [2010/05/28 14:52:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}-trash
    [2011/10/20 21:52:19 | 000,000,000 | ---D | M] (PRFrame) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{67119310-420c-11df-9879-0800200c9a66}
    [2009/12/17 16:02:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}-trash
    [2010/08/29 12:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}-trash
    [2011/10/04 01:33:43 | 000,000,000 | ---D | M] (Page Speed) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
    [2011/04/20 12:37:07 | 000,000,000 | ---D | M] (Multirow Bookmarks Toolbar) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
    [2011/01/12 22:30:07 | 000,000,000 | ---D | M] (Area deCoder) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\areadecoder@kevski
    [2010/09/11 17:43:40 | 000,000,000 | ---D | M] (NewsBasis) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\[email protected]
    [2011/01/12 22:30:07 | 000,000,000 | ---D | M] ("Show Parent Folder") -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\showParentFolder@alice
    [2011/11/17 22:45:06 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\[email protected]
    [2011/11/25 20:38:03 | 000,000,000 | ---D | M] (WASP) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\[email protected]
    [2010/05/28 14:52:59 | 000,000,000 | ---D | M] (Xsticky-Tool) -- C:\Documents and Settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\extensions\[email protected]
    [2011/11/10 20:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011/11/10 20:42:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{3474C305-9DAD-11D8-9207-00055D74C2E4}.XPI
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{B442F4C0-C292-4998-AABE-48608A73BA75}.XPI
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\[email protected]
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\[email protected]
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\MICHELLE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VC1PO946.DEFAULT\EXTENSIONS\[email protected]
    [2011/11/09 14:28:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2011/03/10 19:56:39 | 000,583,528 | ---- | M] (iLinc Communications, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInst11.dll
    [2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2011/09/30 10:01:44 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2011/11/09 14:28:30 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
    CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
    CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
    CHR - plugin: NPLastPass (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.75.9_0\nplastpass.dll
    CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgoogletalk.dll
    CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Michelle\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
    CHR - plugin: iLinc Communications Netscape/Mozilla Install Plugin v 11.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCltInst11.dll
    CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
    CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
    CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
    CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: YouTube = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
    CHR - Extension: Google Search = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
    CHR - Extension: LastPass = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.80.5_0\
    CHR - Extension: Gmail = C:\Documents and Settings\Michelle\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

    O1 HOSTS File: ([2010/11/19 00:50:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
    O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\ChitChat Toolbar\tbcore3.dll ()
    O3 - HKLM\..\Toolbar: (ChitChat Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\ChitChat Toolbar\tbcore3.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (ChitChat Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\ChitChat Toolbar\tbcore3.dll ()
    O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
    O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
    O4 - HKLM..\Run: [LogMeIn GUI] D:\Notes\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [rmtemp] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Chit Chat for Facebook] C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe (Athena IT Limited)
    O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
    O4 - HKCU..\Run: [Personal Assistant] C:\Program Files\Shelltoys\Personal Assistant\assistant.exe ()
    O4 - HKCU..\Run: [RCHotKey] C:\Program Files\RingCentral\RingCentral Call Controller\RCHotKey.exe (RingCentral, Inc.)
    O4 - HKCU..\Run: [RCUI] C:\Program Files\RingCentral\RingCentral Call Controller\RCUI.exe (RingCentral, Inc.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
    O4 - Startup: C:\Documents and Settings\Michelle\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Add to &Evernote - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
    O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
    O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
    O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
    O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe (ICQ, Inc.)
    O15 - HKCU\..Trusted Domains: exoticpublishing.com ([]https in Trusted sites)
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} http://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab (RingCentral Message Player Control)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://linksyssupport.webex.com/client/T27L10NSP11EP13-5395-linksyssupport/support/ieatgpc.cab (GpcContainer Class)
    O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll (PCPitstop Exam)
    O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.15.12.5 8.5.244.6
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E4F7C4-7DC6-489A-9574-0FF705F312F3}: DhcpNameServer = 8.15.12.5 8.5.244.6
    O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
    O18 - Protocol\Handler\intu-res {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - C:\Program Files\Common Files\Intuit\intu-res.dll ()
    O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
    O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008/07/23 20:31:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/12/22 15:25:42 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
    [2011/12/11 13:39:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle\Application Data\Domain Name Analyzer v4.1
    [2011/12/11 13:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Softnik Technologies
    [2011/12/11 13:39:40 | 000,000,000 | ---D | C] -- C:\Program Files\Softnik Technologies
    [2011/12/10 09:38:09 | 000,000,000 | -HSD | C] -- C:\found.001
    [2011/12/08 22:28:11 | 000,000,000 | ---D | C] -- C:\EVENTDB
    [2011/12/08 22:28:01 | 000,000,000 | ---D | C] -- C:\REPORTS
    [2011/12/08 22:28:01 | 000,000,000 | ---D | C] -- C:\LOGFILES
    [2011/12/08 22:28:01 | 000,000,000 | ---D | C] -- C:\INFECTED
    [2011/12/08 19:39:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OverDrive Media Console
    [2011/12/08 19:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\OverDrive Media Console
    [2011/12/05 17:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco Systems
    [2011/12/05 17:13:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
    [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/01/01 19:22:14 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003UA.job
    [2012/01/01 19:22:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job
    [2012/01/01 18:51:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2012/01/01 18:51:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2012/01/01 01:22:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003Core.job
    [2011/12/31 02:33:00 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\SDMsgUpdate (TE).job
    [2011/12/30 11:14:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2011/12/30 11:13:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011/12/27 11:52:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2011/12/21 02:30:32 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
    [2011/12/21 02:27:17 | 000,741,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011/12/20 22:10:38 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2011/12/16 11:52:43 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
    [2011/12/15 13:24:26 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
    [2011/12/15 13:24:24 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
    [2011/12/15 13:24:24 | 000,030,592 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
    [2011/12/11 13:39:41 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\Michelle\Desktop\Domain Name Analyzer v4.lnk
    [2011/12/09 04:58:16 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
    [2011/12/08 19:39:51 | 000,001,888 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OverDrive Media Console.lnk
    [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/12/22 15:26:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
    [2011/12/11 13:39:41 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\Michelle\Desktop\Domain Name Analyzer v4.lnk
    [2011/12/08 19:39:51 | 000,001,888 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OverDrive Media Console.lnk
    [2011/12/05 17:43:13 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Cisco Connect.lnk
    [2011/11/10 16:51:02 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\ccff.isl
    [2011/05/06 12:19:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys
    [2011/02/22 18:18:25 | 000,000,242 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
    [2011/02/22 18:18:25 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
    [2011/02/22 18:17:18 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF10B.DAT
    [2011/02/22 18:16:51 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
    [2011/02/22 18:16:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
    [2011/01/03 13:49:39 | 000,166,704 | ---- | C] () -- C:\WINDOWS\System32\R0tiff.dll
    [2010/09/25 19:43:50 | 000,364,128 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    [2010/08/02 10:12:21 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
    [2010/08/02 09:52:52 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\bd7030.dat
    [2010/08/02 09:52:31 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
    [2010/07/28 12:48:27 | 000,112,922 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
    [2010/07/28 12:48:27 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
    [2010/06/15 15:00:33 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat.temp
    [2009/12/25 09:24:58 | 000,000,036 | ---- | C] () -- C:\WINDOWS\AEBFONT.INI
    [2009/12/11 21:55:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2009/11/30 01:11:00 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
    [2009/11/24 23:23:36 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
    [2009/11/20 01:07:44 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2009/11/20 01:07:44 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2009/11/20 01:07:44 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2009/11/20 01:07:44 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2009/11/20 01:07:44 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2009/10/20 22:00:02 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
    [2009/10/20 22:00:00 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
    [2009/10/20 21:59:14 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
    [2009/09/16 17:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
    [2009/06/08 21:32:27 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Michelle\Application Data\$_hpcst$.hpc
    [2009/05/17 16:27:09 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
    [2009/03/03 22:58:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
    [2009/03/03 22:58:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
    [2009/01/26 12:55:36 | 000,182,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
    [2009/01/22 23:23:45 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\ssp1ml3.dll
    [2008/08/03 22:38:23 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Michelle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/07/25 14:36:29 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\Acrobat.dll
    [2008/07/24 14:51:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
    [2008/07/24 01:43:18 | 000,479,232 | ---- | C] () -- C:\WINDOWS\ssndii.exe
    [2008/07/24 01:16:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
    [2008/07/24 01:06:45 | 000,000,047 | ---- | C] () -- C:\WINDOWS\winhlp32.ini
    [2008/07/24 01:05:15 | 000,017,552 | ---- | C] () -- C:\WINDOWS\System32\TTYTWIN.DRV
    [2008/07/24 01:04:55 | 000,117,760 | ---- | C] () -- C:\WINDOWS\System32\NCSPI8EN.DLL
    [2008/07/24 01:04:46 | 000,022,480 | ---- | C] () -- C:\WINDOWS\System32\PFMAPI16.DLL
    [2008/07/24 01:04:46 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\PFMAPI32.DLL
    [2008/07/24 00:53:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\ATKCheckDispIDs.dll
    [2008/07/24 00:53:47 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
    [2008/07/24 00:53:47 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
    [2008/07/24 00:45:02 | 000,001,191 | ---- | C] () -- C:\WINDOWS\WTAPI.INI
    [2008/07/24 00:41:32 | 000,016,384 | ---- | C] () -- C:\WINDOWS\hpu.dll
    [2008/07/23 22:52:34 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2008/07/23 21:22:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2008/07/23 21:16:45 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
    [2008/07/23 20:40:47 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
    [2008/07/23 20:33:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2008/07/23 20:29:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2008/07/23 16:03:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2008/07/23 16:02:01 | 000,741,424 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2006/02/28 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2006/02/28 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2006/02/28 06:00:00 | 000,436,002 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2006/02/28 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2006/02/28 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2006/02/28 06:00:00 | 000,068,706 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2006/02/28 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2006/02/28 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2006/02/28 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2006/02/28 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2006/02/28 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
    [2006/02/28 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2004/10/11 09:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL
    [2003/01/07 13:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
    [2001/07/06 13:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
    [1998/08/31 08:40:10 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\vbcrc.dll

    ========== LOP Check ==========

    [2010/02/03 18:05:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
    [2011/12/30 13:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Chit Chat For Facebook
    [2011/12/05 17:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
    [2009/08/26 12:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
    [2011/10/04 14:41:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrashPlan
    [2008/09/26 22:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.4 Output
    [2010/10/05 11:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure
    [2008/07/28 21:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP
    [2009/08/12 12:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
    [2012/01/01 11:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
    [2011/07/30 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maestro
    [2011/11/16 23:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
    [2010/08/01 02:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    [2011/09/06 16:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
    [2009/02/21 12:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
    [2008/08/02 01:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
    [2011/10/27 04:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RingCentral
    [2009/06/14 16:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
    [2008/07/24 01:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
    [2009/07/08 21:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    [2011/04/13 22:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{A2A58654-12AA-408A-B411-58A76959BE7F}
    [2010/08/20 08:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\acccore
    [2010/08/29 12:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Auslogics
    [2009/11/24 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CBS Interactive
    [2008/07/24 02:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2011/10/04 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\CrashPlan
    [2011/12/11 16:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Domain Name Analyzer v4.1
    [2011/09/06 16:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Downloaded Installations
    [2009/07/17 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eBookPro6
    [2008/09/26 22:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eFax Messenger
    [2008/12/24 14:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\eMusic
    [2010/04/29 19:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\GARMIN
    [2008/09/27 18:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ICQ
    [2009/11/11 18:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Image Zone Express
    [2011/01/03 17:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\ImgBurn
    [2008/09/26 22:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\j2 Global
    [2011/11/29 15:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\mjusbsp
    [2010/08/01 02:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\NCH Swift Sound
    [2008/08/07 16:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nexon
    [2011/09/06 17:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Nitro PDF
    [2010/10/06 12:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\OpenCandy
    [2010/09/01 16:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Password Manager
    [2010/07/28 12:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Recordpad
    [2011/04/28 01:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Skinux
    [2010/04/27 14:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\SmartDraw
    [2011/12/08 20:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TeamViewer
    [2010/03/07 07:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Thunderbird
    [2011/11/10 16:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\Toolbar4
    [2011/10/07 23:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michelle\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
    [2010/08/04 02:57:01 | 000,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\expressripShakeIcon.job
    [2011/12/31 02:33:00 | 000,000,470 | ---- | M] () -- C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
    [2010/08/04 02:57:01 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\soundtapShakeIcon.job
    [2010/07/31 23:56:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\switchShakeIcon.job
    [2012/01/01 19:22:00 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job
    [2010/08/04 02:56:04 | 000,000,288 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job

    ========== Purity Check ==========



    < End of report >


    As for MBAM, there seems to be a problem with it, so I have to see if support got back to me on what to do.

    It should already be up-to-date, it's on automatic.

    Thanks


    Michelle
     
  13. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    They had me uninstall & reinstall & now my key isn't working. I have to wait until Tues. to get an answer from that other company if somehow the key changed.

    Here's the log...

    Malwarebytes Anti-Malware (Trial) 1.60.0.1800
    www.malwarebytes.org

    Database version: v2012.01.01.04

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Michelle :: EXOTIC-3C629299 [administrator]

    Protection: Enabled

    1/1/2012 11:30:06 PM
    mbam-log-2012-01-01 (23-30-06).txt

    Scan type: Full scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 345987
    Time elapsed: 1 hour(s), 35 minute(s), 11 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 1
    C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

    Files Detected: 0
    (No malicious items detected)

    (end)
     
  14. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,770
    For the Extra's log for OTL, is it not in the same place where OTL is run from, ie D:\Downloads?

    If not, its okay, as we'll run a different tool to get that part ;)

    Do you know what these are? If you do, that's okay:

    C:\WINDOWS\Tasks\expressripShakeIcon.job
    C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
    C:\WINDOWS\Tasks\soundtapShakeIcon.job
    C:\WINDOWS\Tasks\switchShakeIcon.job
    C:\WINDOWS\Tasks\wavepadShakeIcon.job



    --------

    Update Java as its out of date:

    Please download JavaRa to your desktop and unzip it to its own folder
    • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.
    • Now, go here and download the latest Java Version.


    -----



    Can you do this for me next:


    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :file
      C:\Program Files\ChitChat Toolbar\tbcore3.dll
      C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe
      C:\WINDOWS\System32\drivers\WLNdis50.sys
      :reg
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} /sub
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{338B4DFE-2E2C-4338-9E41-E176D497299E} /sub
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D} /sub
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found at on your Desktop entitled SystemLook.txt



    -------

    Then, can you run this tool:

    Download ComboFix from one of these locations:

    Link 1
    Link 2


    * IMPORTANT !!! As you download it rename it to username123.exe and save it to your Desktop


    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      • Remember to re-enable the protection again afterwards before connecting to the Internet.
    • Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


    [​IMG]


    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    [​IMG]


    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    eddie
     
  15. ep2002

    ep2002 Thread Starter

    Joined:
    Oct 31, 2006
    Messages:
    187
    No, the only "extras" I found was from March. It's an old file. I'm going to delete it actually so there's no future confusion.

    No clue what these are??? Are they on my computer?

    C:\WINDOWS\Tasks\expressripShakeIcon.job
    C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
    C:\WINDOWS\Tasks\soundtapShakeIcon.job
    C:\WINDOWS\Tasks\switchShakeIcon.job
    C:\WINDOWS\Tasks\wavepadShakeIcon.job

    ==================
    Ok, here's the log file for the removal of Java

    JavaRa 1.16 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Mon Jan 02 13:43:20 2012

    Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_11

    Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_12

    Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_13

    Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_14

    Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_15

    Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_17

    Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_19

    Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_22

    Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_24

    Found and removed: C:\Documents and Settings\Michelle\Application Data\Sun\Java\jre1.6.0_26

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

    JavaRa 1.16 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Mon Jan 02 13:43:54 2012

    ------------------------------------

    Finished reporting.


    ------------------System Look notepad--------------------
    SystemLook 30.07.11 by jpshortstuff
    Log created at 13:47 on 02/01/2012 by Michelle
    Administrator - Elevation successful

    ========== file ==========

    C:\Program Files\ChitChat Toolbar\tbcore3.dll - File found and opened.
    MD5: C68C3397B0339DF5F0B36FAE64B38942
    Created at 03:44 on 23/06/2011
    Modified at 03:44 on 23/06/2011
    Size: 2398720 bytes
    Attributes: -----c-
    FileDescription: IE Toolbar Engine
    FileVersion: 4, 2, 0, 7
    ProductVersion: 4, 2, 0, 7
    OriginalFilename: tbcore3U.dll
    InternalName: tbcore3U
    ProductName: IE Toolbar
    LegalCopyright: Copyright © 2001-2010. All rights reserved.

    C:\Program Files\Chit Chat For Facebook\CCFFacebook.exe - File found and opened.
    MD5: 67A77933DF3C81047E905972AF990534
    Created at 02:38 on 25/11/2011
    Modified at 05:33 on 22/11/2011
    Size: 3788288 bytes
    Attributes: --a--c-
    FileDescription: Chit Chat for Facebook
    FileVersion: 1.4.5.4
    ProductVersion: 1.4.5.4
    OriginalFilename:
    InternalName:
    ProductName:
    CompanyName: Athena IT Limited
    LegalCopyright: Copyright 2011
    Comments:

    C:\WINDOWS\System32\drivers\WLNdis50.sys - File found and opened.
    MD5: BB2C5A7A555B387B85481B8BDE5370D7
    Created at 18:19 on 06/05/2011
    Modified at 15:54 on 27/02/2008
    Size: 20480 bytes
    Attributes: --a--c-
    FileDescription: WLAN NDIS 5.0 User Mode Control Driver
    FileVersion: 1.0.0.50
    ProductVersion: 1.0.0.50
    OriginalFilename: WLNDIS50.SYS
    InternalName: WLNDIS50.SYS
    ProductName: Windows (R) DDK driver
    CompanyName:
    LegalCopyright: Copyright (C)
    Comments:

    ========== reg ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
    @="SMTTB2009"
    "NoExplorer"= 0x0000000001 (1)


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{338B4DFE-2E2C-4338-9E41-E176D497299E}]
    (Unable to open key - key not found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D}]
    "SystemComponent"= 0x0000000000 (0)
    "Installer"="MSICD"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D}\Contains]
    (No values found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D}\Contains\Files]
    "C:\WINDOWS\system32\RCMedia.dll"=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D}\DownloadInformation]
    "CODEBASE"="http://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab"
    "INF"="C:\WINDOWS\Downloaded Program Files\RCMedia.inf"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CF25C291-E91C-11D3-873F-0000B4A2973D}\InstalledVersion]
    @="1,4,0,31"
    "LastModified"="Thu, 19 Aug 2010 08:58:15 GMT"


    -= EOF =-

    -----------------------------ComboFix

    Why do you have to rename it?

    Also it didn't ask me if I wanted to continue or give me any prompts, it just copied the secure point (I hope) & then started fixing.

    Thank you

    Ok, CF did stuff to the computer while I stepped away. It shut down Fx & I lost Yahoo & my ring central, thank gawd everything came back online when I clicked on it. I thought I lost my Internet & everything I had written in this post up until now.

    Here's the log

    ComboFix 12-01-02.01 - Michelle 01/02/2012 14:10:30.3.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.1446 [GMT -6:00]
    Running from: d:\downloads\Username123.exe
    AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\Michelle\231.97]
    c:\documents and settings\Michelle\Application Data\HPSU_48BitScanUpdate.log
    c:\documents and settings\Michelle\Application Data\Toolbar4
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\affid.dat
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\basis.xml
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\13b7a417232703c4b27b193fba6e2cde
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\27c746d432b7a753a0af8d7c033b46fe
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\3b194b7303d1532b1f5d39dea9b3ec11
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\44567846e0387d6a62062ab4dbf9ae96
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\52b66d6979ef2abcea9a736d1b4dbc82
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\5d25dd004ed9512e16e1d76d6deb2a6c
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\622bce39c48e19cebc684ad479f30525
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\6edbc2eba99f3ac95a3e57b92dbd9418
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\757a20d7a75ae93435ac64a6095eab39
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\89c35566d3dfdce78572ff8c2a627ad2
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\92cca852350b3e48532151afdadcc5c5
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9840cd5f73490a37d4f3e47107ced675
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9956734e872eec3ea3e17f52e84dc6cc
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9d810aab3f7bcbacb07c241f8d726714
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9e43b23ad10de3e0eceb370efafb39ef
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\acfc834035dccfb94e7f9067f5d48a83
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\b801583e8861fc45946de3f28fe5bb04
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\bdcf0ed363b85538f740c9b718bf611c
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c48c9e27c16419ab995d48b077a802ff
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c594d37e13c887da6ddc9975fa9aae82
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c81d0870792eee856f1fa6c4f43ceeee
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\db97ecdde59727f50132d25b008ece4e
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\dcd16c0f4842bc19d648b261e3cf263d
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\icons.bmp
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\24c38a4b7ed33b16baefa8b8e3daf9f0
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\e31285dc114a51462284ab6f06d92dd8
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\fad0bb3b6dde19a843f661b9bec8e194
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\info.txt
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\install.ico
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbback.bmp
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbbigopen.bmp
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbclose.bmp
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbfwd.bmp
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbsep.bmp
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\nav1c.bmp
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\tbcore3.inf
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\TbHelper2.exe
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\uninstall.exe
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\UninstallToolbar.exe
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\update.exe
    c:\documents and settings\Michelle\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\version.txt
    c:\documents and settings\Michelle\g2ax_customer_downloadhelper_win32_x86.exe
    c:\documents and settings\Michelle\g2mdlhlpx.exe
    c:\documents and settings\Michelle\WINDOWS
    c:\program files\ChitChat Toolbar\tbHElper.dll
    c:\windows\system32\Acrobat.dll
    c:\windows\system32\IME\svchost.exe
    c:\windows\system32\SET7C.tmp
    c:\windows\system32\SET80.tmp
    c:\windows\system32\SET81.tmp
    c:\windows\system32\SET88.tmp
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-12-02 to 2012-01-02 )))))))))))))))))))))))))))))))
    .
    .
    2012-01-02 19:46 . 2011-11-10 11:54 476904 -c--a-w- c:\program files\Mozilla Firefox\plugins\REN204.tmp
    2012-01-02 05:25 . 2012-01-02 05:25 -------- dc----w- c:\documents and settings\Michelle\Application Data\Malwarebytes
    2012-01-02 05:25 . 2012-01-02 05:25 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2012-01-02 05:25 . 2012-01-02 05:25 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
    2012-01-02 05:25 . 2011-12-10 21:24 20464 -c--a-w- c:\windows\system32\drivers\mbam.sys
    2011-12-22 21:26 . 2006-08-02 05:02 49152 -c--a-w- c:\windows\system32\ChCfg.exe
    2011-12-22 21:25 . 2006-05-17 08:04 2879488 -c--a-w- c:\windows\SkyTel.exe
    2011-12-22 21:25 . 2011-12-22 21:25 -------- dc----w- c:\program files\Realtek
    2011-12-22 21:25 . 2006-09-13 04:34 499712 -c--a-w- c:\windows\RtlExUpd.dll
    2011-12-22 21:25 . 2006-02-07 21:45 757760 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
    2011-12-22 21:25 . 2006-02-07 21:40 204800 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
    2011-12-22 21:25 . 2006-02-07 21:40 69715 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
    2011-12-22 21:25 . 2006-02-07 21:40 274432 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
    2011-12-22 21:25 . 2005-11-14 05:19 5632 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
    2011-12-22 21:25 . 2011-12-22 21:25 331908 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
    2011-12-22 21:25 . 2011-12-22 21:25 200836 -c--a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
    2011-12-11 19:39 . 2011-12-11 22:57 -------- dc----w- c:\documents and settings\Michelle\Application Data\Domain Name Analyzer v4.1
    2011-12-11 19:39 . 2011-12-11 19:39 -------- dc----w- c:\program files\Softnik Technologies
    2011-12-10 15:38 . 2011-12-10 15:38 -------- d-----w- C:\found.001
    2011-12-09 04:28 . 2011-12-10 04:01 -------- dc----w- C:\EVENTDB
    2011-12-09 04:28 . 2011-12-09 10:59 -------- dc----w- C:\LOGFILES
    2011-12-09 04:28 . 2011-12-09 05:55 -------- dc----w- C:\REPORTS
    2011-12-09 04:28 . 2011-12-09 05:55 -------- dc----w- C:\INFECTED
    2011-12-09 01:39 . 2011-12-09 01:39 -------- dc----w- c:\program files\OverDrive Media Console
    2011-12-05 23:43 . 2011-12-05 23:43 -------- dc----w- c:\program files\Cisco Systems
    2011-12-05 23:13 . 2011-12-05 23:13 -------- dc----w- c:\documents and settings\All Users\Application Data\Cisco Systems
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-15 19:24 . 2010-09-24 07:11 83360 -c--a-w- c:\windows\system32\LMIRfsClientNP.dll
    2011-12-15 19:24 . 2010-09-24 07:11 52096 -c--a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
    2011-12-15 19:24 . 2010-09-24 07:11 30592 -c--a-w- c:\windows\system32\LMIport.dll
    2011-12-15 19:24 . 2010-09-24 07:11 87424 -c--a-w- c:\windows\system32\LMIinit.dll
    2011-12-09 10:58 . 2011-10-29 15:05 134856 -c--a-w- c:\windows\system32\drivers\avipbb.sys
    2011-11-23 13:25 . 2006-02-28 12:00 1859584 -c--a-w- c:\windows\system32\win32k.sys
    2011-11-15 01:21 . 2011-05-26 16:10 414368 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-10 11:54 . 2010-11-19 07:32 472808 -c--a-w- c:\windows\system32\deployJava1.dll
    2011-11-10 09:27 . 2008-10-06 07:12 73728 -c--a-w- c:\windows\system32\javacpl.cpl
    2011-11-07 16:52 . 2011-11-07 16:52 4734 -c--a-w- c:\windows\system32\PerfStringBackup.TMP
    2011-11-04 19:20 . 2006-02-28 12:00 916992 -c--a-w- c:\windows\system32\wininet.dll
    2011-11-04 19:20 . 2006-02-28 12:00 43520 -c--a-w- c:\windows\system32\licmgr10.dll
    2011-11-04 19:20 . 2006-02-28 12:00 1469440 -c----w- c:\windows\system32\inetcpl.cpl
    2011-11-04 11:23 . 2006-02-28 12:00 385024 -c--a-w- c:\windows\system32\html.iec
    2011-11-01 16:07 . 2006-02-28 12:00 1288704 -c--a-w- c:\windows\system32\ole32.dll
    2011-10-28 05:31 . 2006-02-28 12:00 33280 -c--a-w- c:\windows\system32\csrsrv.dll
    2011-10-25 13:37 . 2006-02-28 12:00 2148864 -c----w- c:\windows\system32\ntoskrnl.exe
    2011-10-25 12:52 . 2004-08-03 22:59 2027008 -c----w- c:\windows\system32\ntkrnlpa.exe
    2011-10-19 21:56 . 2011-10-29 15:05 74640 -c--a-w- c:\windows\system32\drivers\avgntflt.sys
    2011-10-19 21:56 . 2011-10-29 15:05 36000 -c--a-w- c:\windows\system32\drivers\avkmgr.sys
    2011-10-18 11:13 . 2006-02-28 12:00 186880 -c--a-w- c:\windows\system32\encdec.dll
    2011-10-10 14:22 . 2008-07-24 02:29 692736 -c--a-w- c:\windows\system32\inetcomm.dll
    2011-10-07 14:37 . 2010-09-24 07:11 83360 -c--a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
    2011-10-07 14:37 . 2010-09-24 07:11 87424 -c--a-w- c:\windows\system32\LMIinit.dll.000.bak
    2011-11-09 20:28 . 2011-06-25 00:57 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ------- Sigcheck -------
    Note: Unsigned files aren't necessarily malware.
    .
    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\ERDNT\cache\es.dll
    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
    [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
    [-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
    [7] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
    [7] 2006-02-28 12:00 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
    .
    [-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
    [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\ERDNT\cache\mfc40u.dll
    [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
    [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
    [7] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
    [-] 2006-02-28 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
    .
    ((((((((((((((((((((((((((((( SnapShot_2010-11-19_06.50.21 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2011-04-19 03:51 . 2011-04-19 03:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_fda75712\vcomp90.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_22d7157b\mfc90kor.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 43840 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_22d7157b\mfc90jpn.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 56128 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_22d7157b\mfc90ita.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 57168 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_22d7157b\mfc90fra.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 56128 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_22d7157b\mfc90esp.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 56144 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_22d7157b\mfc90esn.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_22d7157b\mfc90enu.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 57664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_22d7157b\mfc90deu.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 38736 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_22d7157b\mfc90cht.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 38224 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_22d7157b\mfc90chs.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
    + 2009-07-12 03:54 . 2009-07-12 03:54 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_b256a1bb\mfcm90u.dll
    + 2009-07-12 03:54 . 2009-07-12 03:54 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_b256a1bb\mfcm90.dll
    + 2011-05-14 01:17 . 2011-05-14 01:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
    + 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
    + 2011-05-14 00:45 . 2011-05-14 00:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
    + 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
    + 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
    + 2011-05-14 00:45 . 2011-05-14 00:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
    + 2011-05-14 00:45 . 2011-05-14 00:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
    + 2011-05-14 00:45 . 2011-05-14 00:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
    + 2011-05-14 00:45 . 2011-05-14 00:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
    + 2011-05-14 00:45 . 2011-05-14 00:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
    + 2011-05-14 06:06 . 2011-05-14 06:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
    + 2011-05-14 06:23 . 2011-05-14 06:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
    + 2011-05-13 23:37 . 2011-05-13 23:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
    + 2011-04-14 05:12 . 2011-04-14 05:12 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
    - 2010-07-28 18:51 . 2010-07-28 18:51 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
    + 2009-08-20 02:51 . 2009-08-20 02:51 73728 c:\windows\twain_32\BrSc09c\Common\BrStiIf.dll
    + 2008-07-09 04:16 . 2008-07-09 04:16 81920 c:\windows\twain_32\BrSc09c\Common\BrScnFlt.dll
    + 2009-08-20 02:51 . 2009-08-20 02:51 90112 c:\windows\twain_32\BrSc09c\Common\BrScnDev.dll
    + 2012-01-02 05:14 . 2012-01-02 05:14 16384 c:\windows\TEMP\Perflib_Perfdata_9fc.dat
    + 2012-01-02 19:46 . 2012-01-02 19:46 16384 c:\windows\TEMP\Perflib_Perfdata_1e3c.dat
    + 2011-06-11 06:58 . 2011-06-11 06:58 51024 c:\windows\system32\vcomp100.dll
    + 2011-05-28 23:08 . 1998-06-18 05:00 89360 c:\windows\system32\VB5DB.DLL
    + 2008-07-24 05:57 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
    - 2008-07-24 05:57 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
    + 2011-09-06 22:57 . 2011-03-21 16:15 79168 c:\windows\system32\spool\drivers\w32x86\NitroUI.dll
    + 2011-09-06 22:57 . 2011-03-21 16:15 42304 c:\windows\system32\spool\drivers\w32x86\NitroGraphics.dll
    + 2010-09-24 07:11 . 2011-12-15 19:24 55168 c:\windows\system32\spool\drivers\w32x86\LMIprinterui.dll
    + 2010-09-24 07:11 . 2011-12-15 19:24 55168 c:\windows\system32\spool\drivers\w32x86\LMIprinterdat.dll
    + 2010-09-24 07:11 . 2011-12-15 19:24 43392 c:\windows\system32\spool\drivers\w32x86\LMIprinter.dll
    + 2011-02-23 00:17 . 2010-01-08 04:43 53760 c:\windows\system32\spool\drivers\w32x86\brothermfc_j615w89be\bril10b.dll
    + 2010-07-10 00:22 . 2010-10-11 21:39 52992 c:\windows\system32\spool\drivers\w32x86\3\RCPrnDrv.DLL
    + 2010-07-10 00:22 . 2010-10-11 21:39 33024 c:\windows\system32\spool\drivers\w32x86\3\RCLog.DLL
    + 2011-09-06 22:57 . 2011-03-21 16:15 79168 c:\windows\system32\spool\drivers\w32x86\3\NitroUI.dll
    + 2011-09-06 22:57 . 2011-03-21 16:15 42304 c:\windows\system32\spool\drivers\w32x86\3\NitroGraphics.dll
    + 2010-09-24 07:11 . 2011-12-15 19:24 55168 c:\windows\system32\spool\drivers\w32x86\3\LMIprinterui.dll
    + 2010-09-24 07:11 . 2011-12-15 19:24 55168 c:\windows\system32\spool\drivers\w32x86\3\LMIprinterdat.dll
    + 2010-09-24 07:11 . 2011-12-15 19:24 43392 c:\windows\system32\spool\drivers\w32x86\3\LMIprinter.dll
    + 2011-02-23 00:17 . 2010-01-08 04:43 53760 c:\windows\system32\spool\drivers\w32x86\3\bril10b.dll
    + 2010-07-10 00:22 . 2010-10-11 21:39 52992 c:\windows\system32\spool\drivers\w32x86\1\RCPrnDrv.DLL
    + 2010-07-10 00:22 . 2010-10-11 21:39 33024 c:\windows\system32\spool\drivers\w32x86\1\RCLog.DLL
    + 2011-12-22 21:25 . 2005-09-21 14:24 86016 c:\windows\system32\ReinstallBackups\0006\DriverFiles\SOUNDMAN.EXE
    + 2011-12-22 21:25 . 2008-04-14 00:12 23552 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\wdmaud.drv
    + 2011-12-22 21:25 . 2008-04-13 18:45 49408 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\stream.sys
    + 2011-12-22 21:25 . 2008-04-13 18:45 60160 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\drmk.sys
    + 2011-12-22 21:26 . 2005-05-03 22:43 69632 c:\windows\system32\ReinstallBackups\0006\DriverFiles\ALCMTR.EXE
    + 2007-02-08 05:40 . 2007-02-08 05:40 64512 c:\windows\system32\ptpitcp.dll
    + 2006-02-28 12:00 . 2011-11-07 16:52 68706 c:\windows\system32\perfc009.dat
    + 2006-02-28 12:00 . 2011-09-26 16:41 20480 c:\windows\system32\oleaccrc.dll
    + 2011-03-21 16:17 . 2011-03-21 16:17 68928 c:\windows\system32\NLSSRV32.EXE
    + 2011-09-06 22:57 . 2011-03-21 16:15 17728 c:\windows\system32\nitrolocalui.dll
    + 2011-09-06 22:57 . 2011-03-21 16:15 26432 c:\windows\system32\nitrolocalmon.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 66560 c:\windows\system32\mshtmled.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 66560 c:\windows\system32\mshtmled.dll
    - 2007-08-13 22:54 . 2010-09-10 05:58 55296 c:\windows\system32\msfeedsbs.dll
    + 2007-08-13 22:54 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 81744 c:\windows\system32\mfcm100u.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 81744 c:\windows\system32\mfcm100.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 60752 c:\windows\system32\mfc100rus.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 43344 c:\windows\system32\mfc100kor.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 43856 c:\windows\system32\mfc100jpn.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 62288 c:\windows\system32\mfc100ita.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 64336 c:\windows\system32\mfc100fra.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 63824 c:\windows\system32\mfc100esn.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 55120 c:\windows\system32\mfc100enu.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 64336 c:\windows\system32\mfc100deu.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 36176 c:\windows\system32\mfc100cht.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 36176 c:\windows\system32\mfc100chs.dll
    + 2011-09-16 06:45 . 2007-04-09 17:23 28040 c:\windows\system32\mdimon.dll
    - 2008-07-24 04:52 . 2007-04-09 17:23 28040 c:\windows\system32\mdimon.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 17744 c:\windows\system32\lfwpgu.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 68432 c:\windows\system32\lfjbgu.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 35152 c:\windows\system32\lfgifu.dll
    + 2010-07-10 00:22 . 2009-03-11 17:28 73728 c:\windows\system32\lffax13n.dll
    - 2010-07-10 00:22 . 2009-03-11 16:28 73728 c:\windows\system32\lffax13n.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 26448 c:\windows\system32\lfepsu.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 30544 c:\windows\system32\lfbmpu.dll
    - 2010-07-10 00:22 . 2009-03-11 16:28 30208 c:\windows\system32\lfbmp13n.dll
    + 2010-07-10 00:22 . 2009-03-11 17:28 30208 c:\windows\system32\lfbmp13n.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 25600 c:\windows\system32\jsproxy.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll
    + 2008-07-24 02:29 . 2010-11-18 18:12 81920 c:\windows\system32\isign32.dll
    - 2008-07-24 02:29 . 2008-04-14 00:11 81920 c:\windows\system32\isign32.dll
    + 2011-01-03 19:49 . 2010-05-05 18:21 77712 c:\windows\system32\ICONLIB.dll
    + 2011-04-14 05:16 . 2007-06-06 13:25 40960 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDLM.dll
    + 2011-04-14 05:16 . 2007-06-06 13:36 28672 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDGPD.dll
    + 2011-04-14 05:16 . 2007-06-06 13:18 45056 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDDynCC.DLL
    + 2011-02-23 00:17 . 2010-01-06 09:51 31051 c:\windows\system32\DRVSTORE\brpri10b_6EDA772B2903AB2A7EC33EFF6A4672C19A7255E8\brprtink.dll
    + 2011-02-23 00:17 . 2010-01-08 04:43 17328 c:\windows\system32\DRVSTORE\brpri10b_6EDA772B2903AB2A7EC33EFF6A4672C19A7255E8\bril10b.dll
    + 2011-02-23 00:17 . 2009-11-03 03:06 11520 c:\windows\system32\DRVSTORE\brpoi10b_D82372677EA608145D1247216F03684A9E10741C\x86\BrUsbSib.sys
    + 2011-02-23 00:17 . 2009-11-03 03:06 71424 c:\windows\system32\DRVSTORE\brpoi10b_D82372677EA608145D1247216F03684A9E10741C\x86\BrSerIb.sys
    + 2011-02-23 00:17 . 2009-08-18 10:36 27901 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\BrUsi09c.dll
    + 2011-02-23 00:17 . 2009-08-20 02:50 87430 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\BrTwdsUi.dll
    + 2011-02-23 00:17 . 2009-08-20 02:49 98460 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\BrTwds.dll
    + 2011-02-23 00:17 . 2009-08-20 03:51 48425 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\BrTwdLng.dll
    + 2011-02-23 00:17 . 2009-08-20 02:51 41679 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\BrStiIf.dll
    + 2011-02-23 00:17 . 2004-10-15 03:50 10713 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\BrScnUsb.sys
    + 2011-02-23 00:17 . 2008-07-09 04:16 48653 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\BrScnFlt.dll
    + 2011-02-23 00:17 . 2009-08-20 02:51 49296 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\BrScnDev.dll
    + 2011-05-06 18:19 . 2008-02-27 15:54 20480 c:\windows\system32\drivers\WLNdis50.sys
    + 2011-11-17 05:05 . 2008-04-13 20:45 60032 c:\windows\system32\drivers\USBAUDIO.sys
    - 2004-08-03 23:08 . 2008-04-13 18:45 49408 c:\windows\system32\drivers\stream.sys
    + 2004-08-03 23:08 . 2008-04-13 20:45 49408 c:\windows\system32\drivers\stream.sys
    + 2008-07-24 07:45 . 2010-06-17 20:14 28520 c:\windows\system32\drivers\ssmdrv.sys
    - 2008-07-24 07:45 . 2009-05-11 13:12 28520 c:\windows\system32\drivers\ssmdrv.sys
    + 2010-12-10 23:17 . 2009-12-30 16:20 27064 c:\windows\system32\drivers\revoflt.sys
    + 2006-02-28 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
    + 2006-02-28 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
    - 2008-07-24 08:38 . 2008-04-13 18:45 60160 c:\windows\system32\drivers\drmk.sys
    + 2008-07-24 08:38 . 2008-04-13 20:45 60160 c:\windows\system32\drivers\drmk.sys
    + 2006-02-28 12:00 . 2008-05-02 10:49 62976 c:\windows\system32\drivers\cdrom.sys
    - 2006-02-28 12:00 . 2008-04-13 18:40 62976 c:\windows\system32\drivers\cdrom.sys
    + 2011-02-23 00:17 . 2009-11-03 03:06 11520 c:\windows\system32\drivers\BrUsbSib.sys
    + 2011-02-23 00:17 . 2009-11-03 03:06 71424 c:\windows\system32\drivers\BrSerIb.sys
    + 2010-08-02 15:52 . 2004-10-15 03:50 15295 c:\windows\system32\drivers\BrScnUsb.sys
    - 2010-08-02 15:52 . 2004-10-15 16:50 15295 c:\windows\system32\drivers\BrScnUsb.sys
    + 2006-02-28 12:00 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
    - 2006-02-28 12:00 . 2008-04-14 00:11 45568 c:\windows\system32\dnsrslvr.dll
    - 2009-06-12 18:56 . 2010-09-10 05:58 12800 c:\windows\system32\dllcache\xpshims.dll
    + 2009-06-12 18:56 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll
    + 2008-07-24 02:29 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
    + 2011-11-17 05:05 . 2008-04-13 20:45 60032 c:\windows\system32\dllcache\usbaudio.sys
    - 2004-08-03 23:08 . 2008-04-13 18:45 49408 c:\windows\system32\dllcache\stream.sys
    + 2004-08-03 23:08 . 2008-04-13 20:45 49408 c:\windows\system32\dllcache\stream.sys
    + 2006-02-28 12:00 . 2011-09-26 16:41 20480 c:\windows\system32\dllcache\oleaccrc.dll
    + 2006-02-28 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
    + 2006-02-28 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\dllcache\ndistapi.sys
    + 2006-02-28 12:00 . 2011-11-04 19:20 66560 c:\windows\system32\dllcache\mshtmled.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 66560 c:\windows\system32\dllcache\mshtmled.dll
    - 2008-07-24 04:59 . 2010-09-10 05:58 55296 c:\windows\system32\dllcache\msfeedsbs.dll
    + 2008-07-24 04:59 . 2011-11-04 19:20 55296 c:\windows\system32\dllcache\msfeedsbs.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 43520 c:\windows\system32\dllcache\licmgr10.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 43520 c:\windows\system32\dllcache\licmgr10.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 25600 c:\windows\system32\dllcache\jsproxy.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 25600 c:\windows\system32\dllcache\jsproxy.dll
    - 2008-07-24 02:29 . 2008-04-14 00:11 81920 c:\windows\system32\dllcache\isign32.dll
    + 2008-07-24 02:29 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
    + 2008-07-24 08:38 . 2008-04-13 20:45 60160 c:\windows\system32\dllcache\drmk.sys
    - 2008-07-24 08:38 . 2008-04-13 18:45 60160 c:\windows\system32\dllcache\drmk.sys
    + 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
    - 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
    + 2009-12-14 07:08 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
    - 2006-02-28 12:00 . 2008-04-13 18:40 62976 c:\windows\system32\dllcache\cdrom.sys
    + 2006-02-28 12:00 . 2008-05-02 10:49 62976 c:\windows\system32\dllcache\cdrom.sys
    + 2008-07-24 02:35 . 2011-11-30 17:34 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    - 2008-07-24 02:35 . 2008-07-24 08:36 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    + 2008-07-24 02:35 . 2011-11-30 17:34 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
    - 2008-07-24 02:35 . 2008-07-24 08:36 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
    + 2011-11-19 04:10 . 2011-11-19 04:10 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
    + 2011-11-19 04:10 . 2011-11-30 17:34 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
    + 2009-08-18 10:36 . 2009-08-18 10:36 55808 c:\windows\system32\BrUsi09c.dll
    + 2011-02-23 00:17 . 2010-01-06 09:51 61440 c:\windows\system32\brprtink.dll
    + 2010-08-02 15:52 . 2007-12-14 03:16 73728 c:\windows\system32\BrDctF2.dll
    + 2011-02-23 00:17 . 2006-07-07 17:40 73728 c:\windows\system32\BRCrypt.dll
    + 2011-01-03 19:49 . 2010-05-05 18:21 25280 c:\windows\system32\bmfaxprn.drv
    - 2005-09-21 14:24 . 2005-09-21 14:24 86016 c:\windows\SOUNDMAN.EXE
    + 2005-09-21 14:24 . 2006-07-22 06:14 86016 c:\windows\SoundMan.exe
    + 2011-08-17 16:13 . 2011-08-17 16:13 19968 c:\windows\Installer\45bd00cc.msi
    + 2011-10-15 23:46 . 2011-10-15 23:46 22016 c:\windows\Installer\23e56445.msi
    + 2011-10-08 05:06 . 2011-10-08 05:06 22528 c:\windows\Installer\1f93262.msi
    + 2011-10-08 05:06 . 2011-10-08 05:06 28160 c:\windows\Installer\1f93257.msi
    + 2011-04-14 05:16 . 2011-04-14 05:16 45056 c:\windows\Installer\{FCDB1C92-03C6-4C76-8625-371224256091}\PdockShortcut4.exe
    + 2011-04-09 02:17 . 2011-04-09 02:17 14534 c:\windows\Installer\{E13890DC-1654-47A7-9F28-1A397AA1CE2F}\SystemFolder_msiexec.exe
    + 2011-04-09 02:17 . 2011-04-09 02:17 25214 c:\windows\Installer\{E13890DC-1654-47A7-9F28-1A397AA1CE2F}\StudioTax.exe
    + 2011-04-09 02:17 . 2011-04-09 02:17 26950 c:\windows\Installer\{E13890DC-1654-47A7-9F28-1A397AA1CE2F}\Overview.exe
    + 2011-04-09 02:17 . 2011-04-09 02:17 26694 c:\windows\Installer\{E13890DC-1654-47A7-9F28-1A397AA1CE2F}\help_en.exe
    + 2011-04-09 02:17 . 2011-04-09 02:17 25214 c:\windows\Installer\{E13890DC-1654-47A7-9F28-1A397AA1CE2F}\controlPanelIcon.exe
    + 2011-12-09 01:39 . 2011-12-09 01:39 25214 c:\windows\Installer\{D647F06F-2908-487E-9CDA-DE52148CBF49}\_4ae13d6c.exe
    + 2011-12-09 01:39 . 2011-12-09 01:39 25214 c:\windows\Installer\{D647F06F-2908-487E-9CDA-DE52148CBF49}\_2cd672ae.exe
    + 2011-12-09 01:39 . 2011-12-09 01:39 25214 c:\windows\Installer\{D647F06F-2908-487E-9CDA-DE52148CBF49}\_294823.exe
    + 2011-12-09 01:39 . 2011-12-09 01:39 25214 c:\windows\Installer\{D647F06F-2908-487E-9CDA-DE52148CBF49}\_18be6784.exe
    + 2011-10-15 23:49 . 2011-10-15 23:49 65536 c:\windows\Installer\{CFCD2A80-EC16-11E0-A273-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
    + 2010-11-27 05:57 . 2010-11-27 05:57 11264 c:\windows\Installer\{98613C99-1399-416C-A07C-1EE1C585D872}\Icon98613C992.exe
    + 2011-12-21 08:32 . 2011-12-21 08:32 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
    - 2010-11-10 00:15 . 2010-11-10 00:15 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    + 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
    + 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
    + 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
    + 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
    + 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
    + 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
    + 2011-11-19 04:14 . 2011-11-19 04:14 65536 c:\windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ARPPRODUCTICON.exe
    + 2011-04-14 05:13 . 2011-04-14 05:13 92854 c:\windows\Installer\{42938595-0D83-404D-9F73-F8177FDD531A}\EasyShareStartupShortcut10.exe
    + 2011-04-14 05:13 . 2011-04-14 05:13 92854 c:\windows\Installer\{42938595-0D83-404D-9F73-F8177FDD531A}\EasyShareStartMenu10_1.exe
    + 2011-04-14 05:13 . 2011-04-14 05:13 92854 c:\windows\Installer\{42938595-0D83-404D-9F73-F8177FDD531A}\EasyShareDesktopShortcut10.exe
    + 2010-09-23 08:47 . 2010-09-23 08:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\reader_sl.exe
    + 2010-09-23 07:03 . 2010-09-23 07:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\eula.exe
    + 2010-09-21 03:07 . 2010-09-21 03:07 70584 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\adobeextractfiles.dll
    + 2010-09-23 06:52 . 2010-09-23 06:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrotextextractor.exe
    + 2010-09-22 22:12 . 2010-09-22 22:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32Info.exe
    + 2011-12-21 04:10 . 2011-08-22 23:48 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 12800 c:\windows\ie8updates\KB2586448-IE8\xpshims.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 66560 c:\windows\ie8updates\KB2586448-IE8\mshtmled.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 55296 c:\windows\ie8updates\KB2586448-IE8\msfeedsbs.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 43520 c:\windows\ie8updates\KB2586448-IE8\licmgr10.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 25600 c:\windows\ie8updates\KB2586448-IE8\jsproxy.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 12800 c:\windows\ie8updates\KB2530548-IE8\xpshims.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 66560 c:\windows\ie8updates\KB2530548-IE8\mshtmled.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 55296 c:\windows\ie8updates\KB2530548-IE8\msfeedsbs.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 43520 c:\windows\ie8updates\KB2530548-IE8\licmgr10.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 25600 c:\windows\ie8updates\KB2530548-IE8\jsproxy.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 12800 c:\windows\ie8updates\KB2497640-IE8\xpshims.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 66560 c:\windows\ie8updates\KB2497640-IE8\mshtmled.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 55296 c:\windows\ie8updates\KB2497640-IE8\msfeedsbs.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 43520 c:\windows\ie8updates\KB2497640-IE8\licmgr10.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 25600 c:\windows\ie8updates\KB2497640-IE8\jsproxy.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 12800 c:\windows\ie8updates\KB2416400-IE8\xpshims.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 66560 c:\windows\ie8updates\KB2416400-IE8\mshtmled.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 55296 c:\windows\ie8updates\KB2416400-IE8\msfeedsbs.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 43520 c:\windows\ie8updates\KB2416400-IE8\licmgr10.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 25600 c:\windows\ie8updates\KB2416400-IE8\jsproxy.dll
    + 2011-04-14 05:12 . 2008-05-02 10:49 62976 c:\windows\Driver Cache\i386\cdrom.sys
    + 2011-12-05 22:05 . 2011-12-05 22:05 49152 c:\windows\Downloaded Program Files\WebEx\932\wbxtrace.dll
    + 2011-12-05 22:06 . 2011-12-05 22:06 70144 c:\windows\Downloaded Program Files\WebEx\932\wbxscutil.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 65536 c:\windows\Downloaded Program Files\WebEx\932\wbxcrypt.dll
    + 2011-12-05 22:06 . 2011-12-05 22:06 79160 c:\windows\Downloaded Program Files\WebEx\932\safereboot.exe
    + 2011-12-05 22:06 . 2011-12-05 22:06 27448 c:\windows\Downloaded Program Files\WebEx\932\atscjoin.exe
    + 2011-12-05 22:06 . 2011-12-05 22:06 48201 c:\windows\Downloaded Program Files\WebEx\932\atpack.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 24576 c:\windows\Downloaded Program Files\WebEx\932\atmemmgr.dll
    + 2011-12-05 22:06 . 2011-12-05 22:06 81408 c:\windows\Downloaded Program Files\WebEx\932\atjpeg60.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 53248 c:\windows\Downloaded Program Files\WebEx\932\atcarmcl.dll
    + 2011-12-05 22:06 . 2011-12-05 22:06 32648 c:\windows\Downloaded Program Files\WebEx\932\atasanot.exe
    + 2011-12-05 22:06 . 2011-12-05 22:06 95822 c:\windows\Downloaded Program Files\WebEx\932\atas32_lite.dll
    + 2011-12-05 22:06 . 2011-12-05 22:06 11576 c:\windows\Downloaded Program Files\WebEx\932\advlimit.exe
    + 2010-01-23 07:04 . 2010-01-23 07:04 99208 c:\windows\Downloaded Program Files\ieatgpc.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 28472 c:\windows\Downloaded Program Files\atgpcdec.dll
    + 2011-07-07 05:35 . 2011-07-07 05:35 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aefe683674c97a998f4e908c1a7ee7c6\Microsoft.Build.Framework.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\845eef4d09f28da6ee05d99f93c90f6e\Microsoft.Build.Framework.ni.dll
    + 2011-07-07 05:35 . 2011-07-07 05:35 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll
    + 2011-07-07 05:34 . 2011-07-07 05:34 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
    + 2011-10-15 22:08 . 2011-10-15 22:08 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\ab7ce2d94ca725c3889a4e3c1ee88ece\dfsvc.ni.exe
    + 2011-07-07 05:33 . 2011-07-07 05:33 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
    + 2011-10-15 22:07 . 2011-10-15 22:07 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
    + 2011-04-14 05:13 . 2011-04-14 05:13 86016 c:\windows\assembly\GAC_MSIL\VirtualCollectionBase-Defs-PlatReq\1.0.7323.4563__b0cfd8589c27b05f\VirtualCollectionBase-Defs-PlatReq.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
    - 2010-10-04 16:40 . 2010-10-04 16:40 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    + 2011-04-14 05:13 . 2011-04-14 05:13 38400 c:\windows\assembly\GAC_32\PeopleRecognition-Defs-PlatReq\1.1.7323.4563__b0cfd8589c27b05f\PeopleRecognition-Defs-PlatReq.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    + 2005-05-03 22:43 . 2005-05-04 08:43 69632 c:\windows\Alcmtr.exe
    - 2005-05-03 22:43 . 2005-05-03 22:43 69632 c:\windows\ALCMTR.EXE
    + 2011-08-28 00:16 . 2010-11-03 13:12 46080 c:\windows\$NtUninstallKB2570791$\tzchange.exe
    + 2011-08-28 00:16 . 2011-07-09 00:32 16896 c:\windows\$NtUninstallKB2570791$\spuninst\tzchange.dll
    + 2011-08-28 00:08 . 2008-04-13 18:57 10112 c:\windows\$NtUninstallKB2566454$\ndistapi.sys
    + 2011-10-15 21:23 . 2006-02-28 12:00 16896 c:\windows\$NtUninstallKB2564958$\oleaccrc.dll
    + 2011-04-01 19:50 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
    + 2011-04-01 19:50 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
    + 2011-11-15 23:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2641690\update\spcustom.dll
    + 2011-11-15 23:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2641690\spmsg.dll
    + 2011-09-16 06:46 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2616676\update\spcustom.dll
    + 2011-09-16 06:46 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2616676\spmsg.dll
    + 2011-09-07 14:54 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2607712\update\spcustom.dll
    + 2011-09-07 14:54 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2607712\spmsg.dll
    + 2011-10-15 21:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2592799\update\spcustom.dll
    + 2011-10-15 21:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2592799\spmsg.dll
    + 2011-10-15 21:16 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2586448-IE8\update\spcustom.dll
    + 2011-10-15 21:16 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2586448-IE8\spmsg.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 12800 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\xpshims.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 66560 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtmled.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 55296 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\msfeedsbs.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 43520 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\licmgr10.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 25600 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\jsproxy.dll
    + 2011-09-16 06:41 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570947\update\spcustom.dll
    + 2011-09-16 06:41 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570947\spmsg.dll
    + 2011-08-28 00:13 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2570222\update\spcustom.dll
    + 2011-08-28 00:13 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2570222\spmsg.dll
    + 2011-08-28 00:14 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2567680\update\spcustom.dll
    + 2011-08-28 00:14 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2567680\spmsg.dll
    + 2011-10-15 21:17 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2567053\update\spcustom.dll
    + 2011-10-15 21:17 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2567053\spmsg.dll
    + 2011-08-28 00:08 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2566454\update\spcustom.dll
    + 2011-08-28 00:08 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2566454\spmsg.dll
    + 2011-08-28 00:02 . 2011-07-08 13:51 10496 c:\windows\$hf_mig$\KB2566454\SP3QFE\ndistapi.sys
    + 2011-08-28 00:07 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2562937\update\spcustom.dll
    + 2011-08-28 00:07 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2562937\spmsg.dll
    + 2011-08-28 00:09 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2559049-IE8\update\spcustom.dll
    + 2011-08-28 00:09 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2559049-IE8\spmsg.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 12800 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\xpshims.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 66560 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtmled.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 55296 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeedsbs.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 43520 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\licmgr10.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 25600 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\jsproxy.dll
    + 2011-07-19 02:42 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2555917\update\spcustom.dll
    + 2011-07-19 02:42 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2555917\spmsg.dll
    + 2011-06-16 16:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893\update\spcustom.dll
    + 2011-06-16 16:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893\spmsg.dll
    + 2011-11-15 23:20 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544893-v2\update\spcustom.dll
    + 2011-11-15 23:20 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544893-v2\spmsg.dll
    + 2011-06-16 16:45 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544521-IE8\update\spcustom.dll
    + 2011-06-16 16:45 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544521-IE8\spmsg.dll
    + 2011-07-07 04:26 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2541763\update\spcustom.dll
    + 2011-07-07 04:26 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2541763\spmsg.dll
    + 2011-06-16 16:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276\update\spcustom.dll
    + 2011-06-16 16:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276\spmsg.dll
    + 2011-08-28 00:13 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2536276-v2\update\spcustom.dll
    + 2011-08-28 00:13 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2536276-v2\spmsg.dll
    + 2011-06-16 16:51 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2535512\update\spcustom.dll
    + 2011-06-16 16:51 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2535512\spmsg.dll
    + 2011-06-16 16:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2530548-IE8\update\spcustom.dll
    + 2011-06-16 16:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2530548-IE8\spmsg.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 12800 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\xpshims.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 66560 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtmled.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 55296 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeedsbs.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 43520 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\licmgr10.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 25600 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\jsproxy.dll
    + 2011-03-30 19:27 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2524375\update\spcustom.dll
    + 2011-03-30 19:27 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2524375\spmsg.dll
    + 2011-04-28 00:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2511455\update\spcustom.dll
    + 2011-04-28 00:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2511455\spmsg.dll
    + 2011-04-28 00:46 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2510531-IE8\update\spcustom.dll
    + 2011-04-28 00:46 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2510531-IE8\spmsg.dll
    + 2011-04-28 00:47 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2509553\update\spcustom.dll
    + 2011-04-28 00:47 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2509553\spmsg.dll
    + 2009-04-20 17:06 . 2009-04-20 17:06 45568 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsrslvr.dll
    + 2011-04-28 00:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2508429\update\spcustom.dll
    + 2011-04-28 00:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2508429\spmsg.dll
    + 2011-04-28 00:50 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2508272\update\spcustom.dll
    + 2011-04-28 00:50 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2508272\spmsg.dll
    + 2011-07-19 02:47 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll
    + 2011-07-19 02:47 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507938\spmsg.dll
    + 2011-04-26 11:02 . 2011-04-26 11:02 33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll
    + 2011-04-28 00:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2507618\update\spcustom.dll
    + 2011-04-28 00:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2507618\spmsg.dll
    + 2011-04-28 00:54 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2506223\update\spcustom.dll
    + 2011-04-28 00:54 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2506223\spmsg.dll
    + 2011-04-28 00:47 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2506212\update\spcustom.dll
    + 2011-04-28 00:47 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2506212\spmsg.dll
    + 2011-06-16 16:53 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2503665\update\spcustom.dll
    + 2011-06-16 16:53 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2503665\spmsg.dll
    + 2011-04-28 00:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2503658\update\spcustom.dll
    + 2011-04-28 00:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2503658\spmsg.dll
    + 2011-04-28 00:54 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2497640-IE8\update\spcustom.dll
    + 2011-04-28 00:54 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2497640-IE8\spmsg.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 12800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\xpshims.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 66560 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtmled.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 55296 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeedsbs.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 43520 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\licmgr10.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 25600 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\jsproxy.dll
    + 2011-04-28 00:55 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485663\update\spcustom.dll
    + 2011-04-28 00:55 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485663\spmsg.dll
    + 2011-02-09 08:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2485376\update\spcustom.dll
    + 2011-02-09 08:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2485376\spmsg.dll
    + 2011-02-09 08:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2483185\update\spcustom.dll
    + 2011-02-09 08:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2483185\spmsg.dll
    + 2011-02-09 08:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2482017-IE8\update\spcustom.dll
    + 2011-02-09 08:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2482017-IE8\spmsg.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 12800 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\xpshims.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 66560 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtmled.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 55296 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeedsbs.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 43520 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\licmgr10.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 25600 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\jsproxy.dll
    + 2011-03-11 04:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
    + 2011-03-11 04:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2481109\spmsg.dll
    + 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
    + 2011-03-11 04:51 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
    + 2011-03-11 04:51 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
    + 2011-02-09 08:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479628\update\spcustom.dll
    + 2011-02-09 08:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479628\spmsg.dll
    + 2011-02-09 08:07 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478971\update\spcustom.dll
    + 2011-02-09 08:07 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478971\spmsg.dll
    + 2011-02-09 08:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2478960\update\spcustom.dll
    + 2011-02-09 08:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2478960\spmsg.dll
    + 2011-02-09 08:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476687\update\spcustom.dll
    + 2011-02-09 08:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476687\spmsg.dll
    + 2010-12-09 14:29 . 2010-12-09 14:29 33280 c:\windows\$hf_mig$\KB2476687\SP3QFE\csrsrv.dll
    + 2011-06-16 16:54 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll
    + 2011-06-16 16:54 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476490\spmsg.dll
    + 2010-12-15 08:04 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2467659\update\spcustom.dll
    + 2010-12-15 08:04 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2467659\spmsg.dll
    + 2010-12-15 08:05 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2443105\update\spcustom.dll
    + 2010-12-15 08:05 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2443105\spmsg.dll
    + 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\$hf_mig$\KB2443105\SP3QFE\isign32.dll
    + 2010-12-15 08:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2440591\update\spcustom.dll
    + 2010-12-15 08:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2440591\spmsg.dll
    + 2010-12-15 07:31 . 2010-11-03 05:55 40960 c:\windows\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys
    + 2010-12-15 08:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2436673\update\spcustom.dll
    + 2010-12-15 08:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2436673\spmsg.dll
    + 2010-12-15 08:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2423089\update\spcustom.dll
    + 2010-12-15 08:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2423089\spmsg.dll
    + 2010-12-15 07:30 . 2010-10-11 14:55 45568 c:\windows\$hf_mig$\KB2423089\SP3QFE\wab.exe
    + 2011-01-12 08:00 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2419632\update\spcustom.dll
    + 2011-01-12 08:00 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2419632\spmsg.dll
    + 2010-12-15 08:05 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2416400-IE8\update\spcustom.dll
    + 2010-12-15 08:05 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2416400-IE8\spmsg.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 12800 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\xpshims.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 66560 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtmled.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 55296 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\msfeedsbs.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 43520 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\licmgr10.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 25600 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\jsproxy.dll
    + 2011-02-09 08:00 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2393802\update\spcustom.dll
    + 2011-02-09 01:57 . 2010-12-09 15:15 16896 c:\windows\$hf_mig$\KB2393802\update\mpsyschk.dll
    + 2011-02-09 08:00 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2393802\spmsg.dll
    + 2010-12-15 08:05 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2296199\update\spcustom.dll
    + 2010-12-15 08:05 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2296199\spmsg.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
    + 2009-04-26 20:35 . 2011-02-17 12:32 5120 c:\windows\system32\xpsp4res.dll
    - 2009-04-26 20:35 . 2010-08-26 12:52 5120 c:\windows\system32\xpsp4res.dll
    + 2011-01-03 19:47 . 2010-05-05 18:22 8704 c:\windows\system32\ws2thk.dll
    + 2011-02-23 00:18 . 2008-07-23 16:00 7168 c:\windows\system32\spool\drivers\w32x86\brotherpc_fax_v_2_1f116\Brlfx05B.dll
    + 2011-02-23 00:18 . 2008-07-23 16:00 7168 c:\windows\system32\spool\drivers\w32x86\3\Brlfx05B.dll
    + 2011-12-22 21:25 . 2008-04-14 00:11 4096 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\ksuser.dll
    + 2011-02-23 00:17 . 2009-08-18 10:34 7586 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\BrSti09c.dll
    + 2010-08-02 15:52 . 2010-01-22 20:34 3072 c:\windows\system32\BrDctF2S.dll
    + 2010-08-02 15:52 . 2007-12-14 03:16 5120 c:\windows\system32\BrDctF2L.dll
    + 2011-04-09 02:17 . 2011-04-09 02:17 4608 c:\windows\Installer\c1a34e.msi
    + 2008-07-24 04:52 . 2011-12-21 04:05 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    + 2011-10-04 20:41 . 2011-10-04 20:41 4286 c:\windows\Installer\{425C644F-3F69-429B-8B47-A7FD76BE4E21}\CrashPlanTray.exe
    + 2011-12-05 22:05 . 2011-12-05 22:05 5706 c:\windows\Downloaded Program Files\WebEx\932\atkbctl.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
    + 2011-04-14 05:14 . 2011-04-14 05:14 3072 c:\windows\assembly\GAC_32\policy.2.0.EastmanKodakCompany.EasyShare\2.0.6005.7527__e736f44e197b3380\policy.2.0.EastmanKodakCompany.EasyShare.dll
    + 2011-04-14 05:14 . 2011-04-14 05:14 3072 c:\windows\assembly\GAC_32\policy.1.0.EastmanKodakCompany.EasyShare\1.0.0.2__e736f44e197b3380\policy.1.0.EastmanKodakCompany.EasyShare.dll
    + 2011-02-17 12:32 . 2011-02-17 12:32 5120 c:\windows\$hf_mig$\KB2508429\SP3QFE\xpsp4res.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 652608 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_e1702eb6\msvcr90.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 565584 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_e1702eb6\msvcp90.dll
    + 2009-07-12 03:54 . 2009-07-12 03:54 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_e1702eb6\msvcm90.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_42101c2a\atl90.dll
    + 2011-05-14 06:17 . 2011-05-14 06:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
    + 2011-05-14 06:12 . 2011-05-14 06:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
    + 2011-05-14 06:11 . 2011-05-14 06:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
    + 2009-08-20 03:51 . 2009-08-20 03:51 106496 c:\windows\twain_32\BrSc09c\Lang\BrTwdLng.dll
    + 2009-08-20 02:50 . 2009-08-20 02:50 155648 c:\windows\twain_32\BrSc09c\Common\BrTwdsUi.dll
    + 2009-08-20 02:49 . 2009-08-20 02:49 172032 c:\windows\twain_32\BrSc09c\Common\BrTwds.dll
    + 2006-02-28 12:00 . 2011-06-20 17:44 293376 c:\windows\system32\winsrv.dll
    - 2006-02-28 12:00 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
    + 2006-02-28 12:00 . 2011-03-04 06:37 420864 c:\windows\system32\vbscript.dll
    - 2006-02-28 12:00 . 2009-03-08 08:34 105984 c:\windows\system32\url.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 105984 c:\windows\system32\url.dll
    + 2011-01-03 19:49 . 2010-05-05 18:21 193696 c:\windows\system32\UNIDRV.dll
    + 2008-07-30 00:59 . 2011-09-26 16:41 611328 c:\windows\system32\uiautomationcore.dll
    + 2011-02-23 00:18 . 2008-07-23 16:00 165755 c:\windows\system32\spool\drivers\w32x86\brotherpc_fax_v_2_1f116\BRUFX05B.DLL
    + 2011-02-23 00:18 . 2008-07-23 16:00 177147 c:\windows\system32\spool\drivers\w32x86\brotherpc_fax_v_2_1f116\BROFX05B.DLL
    + 2010-07-10 00:22 . 2010-10-11 21:39 107776 c:\windows\system32\spool\drivers\w32x86\3\RCImaging.DLL
    + 2011-02-23 00:18 . 2008-07-23 16:00 165755 c:\windows\system32\spool\drivers\w32x86\3\BRUFX05B.DLL
    + 2011-02-23 00:18 . 2008-07-23 16:00 177147 c:\windows\system32\spool\drivers\w32x86\3\BROFX05B.DLL
    + 2009-02-13 03:29 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\1\UNIRES.DLL
    + 2009-02-13 03:29 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\1\UNIDRVUI.DLL
    + 2009-02-13 03:29 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\1\UNIDRV.DLL
    + 2010-07-10 00:22 . 2010-10-11 21:39 107776 c:\windows\system32\spool\drivers\w32x86\1\RCImaging.DLL
    + 2006-02-28 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
    - 2006-02-28 12:00 . 2008-04-14 00:12 135168 c:\windows\system32\shsvcs.dll
    + 2006-02-28 12:00 . 2011-01-21 14:44 439296 c:\windows\system32\shimgvw.dll
    + 2006-02-28 12:00 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll
    - 2006-02-28 12:00 . 2008-04-14 00:12 270848 c:\windows\system32\sbe.dll
    + 2006-02-28 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\sbe.dll
    + 2005-09-16 18:14 . 2006-07-22 21:40 143360 c:\windows\system32\RTCOM\RtlCPAPI.dll
    + 2005-09-23 22:24 . 2006-08-18 04:03 270336 c:\windows\system32\RTCOM\RTCOMDLL.dll
    + 2011-12-22 21:26 . 2005-09-21 20:29 356352 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RtlUpd.exe
    + 2011-12-22 21:26 . 2005-09-16 18:14 157184 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RTLCPAPI.dll
    + 2011-12-22 21:26 . 2005-09-23 22:24 249856 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RTCOMDLL.dll
    + 2011-12-22 21:25 . 2008-04-13 19:19 146048 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\portcls.sys
    + 2011-12-22 21:25 . 2008-04-13 19:16 141056 c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\ks.sys
    + 2011-01-03 19:49 . 2010-05-05 18:21 166704 c:\windows\system32\R0tiff.dll
    + 2008-07-24 08:22 . 2008-05-28 07:13 425472 c:\windows\system32\photometadatahandler.dll
    + 2006-02-28 12:00 . 2011-11-07 16:52 436002 c:\windows\system32\perfh009.dat
    + 2006-02-28 12:00 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
    - 2006-02-28 12:00 . 2008-04-14 00:12 551936 c:\windows\system32\oleaut32.dll
    + 2006-02-28 12:00 . 2011-09-26 16:41 220160 c:\windows\system32\oleacc.dll
    - 2006-02-28 12:00 . 2008-04-14 00:12 249856 c:\windows\system32\odbc32.dll
    + 2006-02-28 12:00 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 206848 c:\windows\system32\occache.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 206848 c:\windows\system32\occache.dll
    + 2006-02-28 12:00 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll
    + 2010-08-02 15:51 . 2010-02-09 22:11 217088 c:\windows\system32\NSSearch.dll
    + 2006-02-28 12:00 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
    - 2006-02-28 12:00 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 773968 c:\windows\system32\msvcr100.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 421200 c:\windows\system32\msvcp100.dll
    - 2008-07-24 02:28 . 2008-04-14 00:12 677888 c:\windows\system32\mstsc.exe
    + 2008-07-24 02:28 . 2011-01-27 11:57 677888 c:\windows\system32\mstsc.exe
    - 2006-02-28 12:00 . 2010-09-10 05:58 611840 c:\windows\system32\mstime.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 611840 c:\windows\system32\mstime.dll
    + 2007-08-13 22:54 . 2011-11-04 19:20 602112 c:\windows\system32\msfeeds.dll
    - 2007-08-13 22:54 . 2010-09-10 05:58 602112 c:\windows\system32\msfeeds.dll
    + 2006-02-28 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\mfc42u.dll
    - 2006-02-28 12:00 . 2010-09-18 16:23 974848 c:\windows\system32\mfc42u.dll
    + 2006-02-28 12:00 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll
    + 2011-11-15 01:21 . 2011-11-15 01:21 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe
    + 2011-10-16 18:17 . 2011-10-16 18:17 247968 c:\windows\system32\Macromed\Flash\FlashUtil11c_Plugin.exe
    + 2011-01-03 17:50 . 2010-10-11 21:39 521552 c:\windows\system32\ltkrnu.dll
    - 2010-07-10 00:22 . 2009-03-11 16:28 453120 c:\windows\system32\ltkrn13n.dll
    + 2010-07-10 00:22 . 2009-03-11 17:28 453120 c:\windows\system32\ltkrn13n.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 226640 c:\windows\system32\Ltjp2u.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 157088 c:\windows\system32\ltimgutlu.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 193872 c:\windows\system32\ltimgefxu.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 411040 c:\windows\system32\ltimgcoru.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 218528 c:\windows\system32\ltimgclru.dll
    - 2010-07-10 00:22 . 2009-03-11 16:28 445440 c:\windows\system32\ltimg13n.dll
    + 2010-07-10 00:22 . 2009-03-11 17:28 445440 c:\windows\system32\ltimg13n.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 193872 c:\windows\system32\ltfilu.DLL
    - 2010-07-10 00:22 . 2009-03-11 16:28 154112 c:\windows\system32\ltfil13n.DLL
    + 2010-07-10 00:22 . 2009-03-11 17:28 154112 c:\windows\system32\ltfil13n.DLL
    + 2011-01-03 17:50 . 2010-10-11 21:39 259408 c:\windows\system32\ltefxu.dll
    - 2010-07-10 00:22 . 2009-03-11 16:28 206848 c:\windows\system32\ltefx13n.dll
    + 2010-07-10 00:22 . 2009-03-11 17:28 206848 c:\windows\system32\ltefx13n.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 271776 c:\windows\system32\ltdisu.dll
    + 2010-07-10 00:22 . 2009-03-11 17:28 265216 c:\windows\system32\LTDIS13n.dll
    - 2010-07-10 00:22 . 2009-03-11 16:28 265216 c:\windows\system32\LTDIS13n.dll
    + 2006-02-28 12:00 . 2010-12-20 17:26 730112 c:\windows\system32\lsasrv.dll
    - 2006-02-28 12:00 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 165280 c:\windows\system32\lftifu.dll
    - 2010-07-10 00:22 . 2009-03-11 16:28 142848 c:\windows\system32\lftif13n.dll
    + 2010-07-10 00:22 . 2009-03-11 17:28 142848 c:\windows\system32\lftif13n.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 128416 c:\windows\system32\lfpngu.dll
    + 2010-07-10 00:22 . 2009-03-11 17:28 182784 c:\windows\system32\Lfpng13n.dll
    - 2010-07-10 00:22 . 2009-03-11 16:28 182784 c:\windows\system32\Lfpng13n.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 251296 c:\windows\system32\lfj2ku.dll
    + 2010-07-10 00:22 . 2009-03-11 17:28 246272 c:\windows\system32\LFJ2K13n.dll
    - 2010-07-10 00:22 . 2009-03-11 16:28 246272 c:\windows\system32\LFJ2K13n.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 107936 c:\windows\system32\lffaxu.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 435616 c:\windows\system32\lfcmpu.DLL
    + 2010-07-10 00:22 . 2009-03-11 17:28 388608 c:\windows\system32\LFCMP13n.DLL
    - 2010-07-10 00:22 . 2009-03-11 16:28 388608 c:\windows\system32\LFCMP13n.DLL
    + 2007-06-06 13:18 . 2007-06-06 13:18 196608 c:\windows\system32\KPDRES.DLL
    + 2007-06-06 13:38 . 2007-06-06 13:38 237568 c:\windows\system32\KPDPMUI.dll
    + 2007-06-06 13:38 . 2007-06-06 13:38 344064 c:\windows\system32\KPDPM.dll
    - 2006-02-28 12:00 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
    + 2006-02-28 12:00 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll
    + 2006-02-28 12:00 . 2011-03-04 06:37 726528 c:\windows\system32\jscript.dll
    - 2006-02-28 12:00 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll
    + 2012-01-02 19:46 . 2011-11-10 11:54 157472 c:\windows\system32\javaws.exe
    + 2012-01-02 19:46 . 2011-11-10 11:54 149280 c:\windows\system32\javaw.exe
    + 2012-01-02 19:46 . 2011-11-10 11:54 149280 c:\windows\system32\java.exe
    + 2011-04-14 05:12 . 2008-05-02 13:25 465920 c:\windows\system32\imapi2fs.dll
    + 2011-04-14 05:12 . 2008-05-02 13:25 317952 c:\windows\system32\imapi2.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 184320 c:\windows\system32\iepeers.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 184320 c:\windows\system32\iepeers.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 387584 c:\windows\system32\iedkcs32.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 387584 c:\windows\system32\iedkcs32.dll
    + 2006-02-28 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
    + 2009-09-16 23:27 . 2009-09-16 23:27 508224 c:\windows\system32\ICCProfiles.dll
    + 2008-07-23 22:02 . 2011-12-21 08:27 741424 c:\windows\system32\FNTCACHE.DAT
    - 2008-07-23 22:02 . 2010-10-14 00:35 741424 c:\windows\system32\FNTCACHE.DAT
    + 2011-04-14 05:16 . 2007-06-06 13:46 229376 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDVS.dll
    + 2011-04-14 05:16 . 2007-06-06 13:37 278528 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDUI.dll
    + 2011-04-14 05:16 . 2007-06-06 13:18 196608 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDRES.dll
    + 2011-04-14 05:16 . 2007-06-06 13:37 258048 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\KPDGDI.dll
    + 2011-02-23 00:17 . 2010-01-08 04:43 693715 c:\windows\system32\DRVSTORE\brpri10b_6EDA772B2903AB2A7EC33EFF6A4672C19A7255E8\briu10b.dll
    + 2006-02-28 12:00 . 2011-02-17 13:18 357888 c:\windows\system32\drivers\srv.sys
    + 2008-07-24 02:28 . 2011-06-24 14:10 139656 c:\windows\system32\drivers\rdpwd.sys
    - 2008-07-24 02:28 . 2008-04-14 00:13 139656 c:\windows\system32\drivers\rdpwd.sys
    - 2008-07-24 08:38 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys
    + 2008-07-24 08:38 . 2008-04-13 21:19 146048 c:\windows\system32\drivers\portcls.sys
    + 2006-02-28 12:00 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
    + 2006-02-28 12:00 . 2011-07-15 13:29 456320 c:\windows\system32\drivers\mrxsmb.sys
    - 2004-08-03 23:15 . 2008-04-13 19:16 141056 c:\windows\system32\drivers\ks.sys
    + 2004-08-03 23:15 . 2008-04-13 21:16 141056 c:\windows\system32\drivers\ks.sys
    + 2006-02-28 12:00 . 2011-08-17 13:49 138496 c:\windows\system32\drivers\afd.sys
    - 2006-02-28 12:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
    + 2006-02-28 12:00 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
    - 2010-06-18 17:45 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
    + 2010-06-18 17:45 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 916992 c:\windows\system32\dllcache\wininet.dll
    + 2008-07-24 02:29 . 2011-04-30 03:01 758784 c:\windows\system32\dllcache\vgx.dll
    + 2006-02-28 12:00 . 2011-03-04 06:37 420864 c:\windows\system32\dllcache\vbscript.dll
    - 2006-02-28 12:00 . 2009-03-08 08:34 105984 c:\windows\system32\dllcache\url.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 105984 c:\windows\system32\dllcache\url.dll
    + 2006-02-28 12:00 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
    + 2009-07-27 23:17 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
    + 2011-01-21 14:44 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
    + 2008-12-05 06:54 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll
    + 2006-02-28 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
    - 2006-02-28 12:00 . 2008-04-14 00:12 270848 c:\windows\system32\dllcache\sbe.dll
    + 2008-07-24 02:28 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys
    - 2008-07-24 02:28 . 2008-04-14 00:13 139656 c:\windows\system32\dllcache\rdpwd.sys
    + 2008-07-24 08:38 . 2008-04-13 21:19 146048 c:\windows\system32\dllcache\portcls.sys
    - 2008-07-24 08:38 . 2008-04-13 19:19 146048 c:\windows\system32\dllcache\portcls.sys
    + 2010-12-20 17:32 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
    + 2006-02-28 12:00 . 2011-09-26 16:41 220160 c:\windows\system32\dllcache\oleacc.dll
    + 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 206848 c:\windows\system32\dllcache\occache.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 206848 c:\windows\system32\dllcache\occache.dll
    + 2009-04-26 20:37 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
    + 2006-02-28 12:00 . 2011-04-21 13:37 105472 c:\windows\system32\dllcache\mup.sys
    - 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
    + 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 611840 c:\windows\system32\dllcache\mstime.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 611840 c:\windows\system32\dllcache\mstime.dll
    + 2008-07-24 02:29 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
    - 2008-07-24 02:29 . 2008-04-14 00:12 102400 c:\windows\system32\dllcache\msjro.dll
    + 2008-07-24 04:59 . 2011-11-04 19:20 602112 c:\windows\system32\dllcache\msfeeds.dll
    - 2008-07-24 04:59 . 2010-09-10 05:58 602112 c:\windows\system32\dllcache\msfeeds.dll
    + 2008-07-24 02:29 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
    - 2008-07-24 02:29 . 2008-04-14 00:11 200704 c:\windows\system32\dllcache\msadox.dll
    - 2008-07-24 02:29 . 2008-04-14 00:11 180224 c:\windows\system32\dllcache\msadomd.dll
    + 2008-07-24 02:29 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
    - 2008-07-24 02:29 . 2008-04-14 00:11 536576 c:\windows\system32\dllcache\msado15.dll
    + 2008-07-24 02:29 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
    + 2008-07-24 02:29 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
    - 2008-07-24 02:29 . 2008-04-14 00:11 143360 c:\windows\system32\dllcache\msadco.dll
    + 2006-02-28 12:00 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
    + 2006-02-28 12:00 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
    - 2006-02-28 12:00 . 2010-09-18 16:23 974848 c:\windows\system32\dllcache\mfc42u.dll
    + 2010-10-13 23:27 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
    + 2009-04-26 20:37 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
    - 2009-04-26 20:37 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
    + 2008-07-24 02:28 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
    - 2008-07-24 02:28 . 2008-04-14 00:12 677888 c:\windows\system32\dllcache\lhmstsc.exe
    + 2004-08-03 23:15 . 2008-04-13 21:16 141056 c:\windows\system32\dllcache\ks.sys
    - 2004-08-03 23:15 . 2008-04-13 19:16 141056 c:\windows\system32\dllcache\ks.sys
    - 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
    + 2009-06-25 08:25 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
    + 2008-05-09 10:53 . 2011-03-04 06:37 726528 c:\windows\system32\dllcache\jscript.dll
    - 2008-05-09 10:53 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll
    + 2008-08-19 04:08 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll
    - 2008-08-19 04:08 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
    + 2011-04-14 05:12 . 2008-05-02 13:25 465920 c:\windows\system32\dllcache\imapi2fs.dll
    + 2011-04-14 05:12 . 2008-05-02 13:25 317952 c:\windows\system32\dllcache\imapi2.dll
    - 2009-06-12 18:56 . 2010-09-10 05:58 247808 c:\windows\system32\dllcache\ieproxy.dll
    + 2009-06-12 18:56 . 2011-11-04 19:20 247808 c:\windows\system32\dllcache\ieproxy.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 184320 c:\windows\system32\dllcache\iepeers.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 184320 c:\windows\system32\dllcache\iepeers.dll
    - 2010-06-14 03:30 . 2010-09-10 05:58 743424 c:\windows\system32\dllcache\iedvtool.dll
    + 2010-06-14 03:30 . 2011-11-04 19:20 743424 c:\windows\system32\dllcache\iedvtool.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 387584 c:\windows\system32\dllcache\iedkcs32.dll
    - 2006-02-28 12:00 . 2010-09-10 05:58 387584 c:\windows\system32\dllcache\iedkcs32.dll
    + 2006-02-28 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
    + 2006-02-28 12:00 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
    - 2006-02-28 12:00 . 2008-04-14 00:11 186880 c:\windows\system32\dllcache\encdec.dll
    + 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
    - 2006-02-28 12:00 . 2008-04-14 00:11 599040 c:\windows\system32\dllcache\crypt32.dll
    + 2006-02-28 12:00 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
    + 2010-04-20 05:30 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
    - 2006-02-28 12:00 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
    + 2006-02-28 12:00 . 2011-08-17 13:49 138496 c:\windows\system32\dllcache\afd.sys
    + 2006-02-28 12:00 . 2011-09-28 07:06 599040 c:\windows\system32\crypt32.dll
    - 2006-02-28 12:00 . 2008-04-14 00:11 599040 c:\windows\system32\crypt32.dll
    + 2010-08-02 15:52 . 2010-02-05 16:42 180224 c:\windows\system32\BroSNMP.dll
    + 2010-08-02 15:51 . 2009-10-13 21:59 180224 c:\windows\system32\BrMuSNMP.dll
    + 2011-02-23 00:16 . 2008-08-24 00:17 118784 c:\windows\system32\BrMfNt.dll
    + 2011-02-23 00:16 . 2008-10-18 01:02 126976 c:\windows\system32\BrfxD05b.dll
    + 2006-02-28 12:00 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 138056 c:\windows\system32\atl100.dll
    + 2011-07-07 10:18 . 2011-07-07 10:18 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
    - 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
    + 2011-03-25 11:15 . 2011-03-25 11:15 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
    - 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
    + 2011-07-07 10:18 . 2011-07-07 10:18 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
    + 2011-12-09 01:39 . 2011-12-09 01:39 493056 c:\windows\Installer\f40771a.msi
    + 2010-11-12 16:08 . 2010-11-12 16:08 889344 c:\windows\Installer\b89d6d7.msp
    + 2011-11-23 22:24 . 2011-11-23 22:25 333824 c:\windows\Installer\af51078.msi
    + 2011-06-16 16:54 . 2011-06-16 16:54 223744 c:\windows\Installer\65584ab1.msi
    + 2011-06-16 16:48 . 2011-06-16 16:48 467456 c:\windows\Installer\65584a43.msi
    + 2010-11-27 05:57 . 2010-11-27 05:57 454656 c:\windows\Installer\2108b86.msi
    + 2011-10-27 10:49 . 2011-10-27 10:49 160768 c:\windows\Installer\1c5d6f.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 295936 c:\windows\Installer\1b212fc3.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 370688 c:\windows\Installer\1b212fbc.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 404480 c:\windows\Installer\1b212fb5.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 213504 c:\windows\Installer\1b212fad.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 186368 c:\windows\Installer\1b212fa5.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 180736 c:\windows\Installer\1b212f9e.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 181248 c:\windows\Installer\1b212f97.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 475136 c:\windows\Installer\1b212f90.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 548352 c:\windows\Installer\1b212f89.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 291840 c:\windows\Installer\1b212f82.msi
    + 2011-04-14 05:13 . 2011-04-14 05:13 357376 c:\windows\Installer\1b212f7b.msi
    + 2011-04-14 05:13 . 2011-04-14 05:13 291840 c:\windows\Installer\1b212f74.msi
    + 2011-04-14 05:13 . 2011-04-14 05:13 182784 c:\windows\Installer\1b212f6d.msi
    + 2011-04-14 05:13 . 2011-04-14 05:13 288768 c:\windows\Installer\1b212f66.msi
    + 2011-04-14 05:13 . 2011-04-14 05:13 294912 c:\windows\Installer\1b212f5f.msi
    + 2011-04-14 04:54 . 2011-04-14 04:54 218624 c:\windows\Installer\1b116437.msi
    + 2011-11-11 02:43 . 2011-11-11 02:43 203776 c:\windows\Installer\11190a23.msi
    + 2011-04-14 05:16 . 2011-04-14 05:16 135168 c:\windows\Installer\{FCDB1C92-03C6-4C76-8625-371224256091}\PdockShortcut5.exe
    + 2011-10-16 02:42 . 2011-10-16 02:42 371272 c:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
    + 2011-04-14 04:56 . 2011-04-14 04:56 370070 c:\windows\Installer\{9A5909B3-8CF3-4E06-92A8-F3CB7C97EF20}\ARPPRODUCTICON.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
    + 2008-07-24 04:52 . 2011-12-21 04:05 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
    - 2008-07-24 04:52 . 2010-11-10 00:14 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
    + 2011-10-04 20:41 . 2011-10-04 20:41 355574 c:\windows\Installer\{425C644F-3F69-429B-8B47-A7FD76BE4E21}\controlPanelIcon.exe
    + 2010-09-21 03:07 . 2010-09-21 03:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\readerupdater.exe
    + 2010-09-10 22:17 . 2010-09-10 22:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\JP2KLib.dll
    + 2010-09-23 00:41 . 2010-09-23 00:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AdobeCollabSync.exe
    + 2010-09-21 03:07 . 2010-09-21 03:07 932288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\adobearm.exe
    + 2010-09-23 08:47 . 2010-09-23 08:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.exe
    + 2010-09-22 22:04 . 2010-09-22 22:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroPDF.dll
    + 2010-09-22 23:39 . 2010-09-22 23:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrobroker.exe
    + 2010-09-21 03:07 . 2010-09-21 03:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\acrobatupdater.exe
    + 2010-09-22 22:50 . 2010-09-22 22:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\a3dutility.exe
    + 2011-01-14 12:10 . 2011-01-14 12:10 155520 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD6.DLL
    + 2011-01-14 12:10 . 2011-01-14 12:10 140160 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL2.DLL
    + 2011-12-21 04:10 . 2011-08-22 23:48 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
    + 2011-12-21 04:10 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
    + 2011-12-21 04:10 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
    + 2011-12-21 04:10 . 2011-08-22 23:48 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
    + 2011-12-21 04:10 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
    + 2011-10-15 21:16 . 2011-06-23 18:36 916480 c:\windows\ie8updates\KB2586448-IE8\wininet.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 105984 c:\windows\ie8updates\KB2586448-IE8\url.dll
    + 2011-10-15 21:16 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2586448-IE8\spuninst\updspapi.dll
    + 2011-10-15 21:16 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2586448-IE8\spuninst\spuninst.exe
    + 2011-10-15 21:16 . 2011-06-23 18:36 206848 c:\windows\ie8updates\KB2586448-IE8\occache.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 611840 c:\windows\ie8updates\KB2586448-IE8\mstime.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 602112 c:\windows\ie8updates\KB2586448-IE8\msfeeds.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 247808 c:\windows\ie8updates\KB2586448-IE8\ieproxy.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 184320 c:\windows\ie8updates\KB2586448-IE8\iepeers.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 743424 c:\windows\ie8updates\KB2586448-IE8\iedvtool.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 387584 c:\windows\ie8updates\KB2586448-IE8\iedkcs32.dll
    + 2011-10-15 21:16 . 2011-06-23 12:05 173568 c:\windows\ie8updates\KB2586448-IE8\ie4uinit.exe
    + 2011-08-28 00:09 . 2011-04-25 16:11 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll
    + 2011-08-28 00:09 . 2009-03-08 08:34 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll
    + 2011-08-28 00:09 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
    + 2011-08-28 00:09 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
    + 2011-08-28 00:09 . 2011-04-25 16:11 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
    + 2011-08-28 00:09 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
    + 2011-06-16 16:45 . 2009-03-08 08:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
    + 2011-06-16 16:45 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
    + 2011-06-16 16:45 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
    + 2011-06-16 16:48 . 2011-02-22 23:06 916480 c:\windows\ie8updates\KB2530548-IE8\wininet.dll
    + 2011-06-16 16:48 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2530548-IE8\spuninst\updspapi.dll
    + 2011-06-16 16:48 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2530548-IE8\spuninst\spuninst.exe
    + 2011-06-16 16:48 . 2011-02-22 23:06 206848 c:\windows\ie8updates\KB2530548-IE8\occache.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 611840 c:\windows\ie8updates\KB2530548-IE8\mstime.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 602112 c:\windows\ie8updates\KB2530548-IE8\msfeeds.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 247808 c:\windows\ie8updates\KB2530548-IE8\ieproxy.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 184320 c:\windows\ie8updates\KB2530548-IE8\iepeers.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 743424 c:\windows\ie8updates\KB2530548-IE8\iedvtool.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 387584 c:\windows\ie8updates\KB2530548-IE8\iedkcs32.dll
    + 2011-06-16 16:48 . 2011-02-18 11:49 173568 c:\windows\ie8updates\KB2530548-IE8\ie4uinit.exe
    + 2011-04-28 00:46 . 2010-03-10 06:15 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
    + 2011-04-28 00:46 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
    + 2011-04-28 00:46 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
    + 2011-04-28 00:46 . 2009-12-09 05:53 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 916480 c:\windows\ie8updates\KB2497640-IE8\wininet.dll
    + 2011-04-28 00:54 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2497640-IE8\spuninst\updspapi.dll
    + 2011-04-28 00:54 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2497640-IE8\spuninst\spuninst.exe
    + 2011-04-28 00:54 . 2010-12-20 23:59 206848 c:\windows\ie8updates\KB2497640-IE8\occache.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 611840 c:\windows\ie8updates\KB2497640-IE8\mstime.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 602112 c:\windows\ie8updates\KB2497640-IE8\msfeeds.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 247808 c:\windows\ie8updates\KB2497640-IE8\ieproxy.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 184320 c:\windows\ie8updates\KB2497640-IE8\iepeers.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 743424 c:\windows\ie8updates\KB2497640-IE8\iedvtool.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 387584 c:\windows\ie8updates\KB2497640-IE8\iedkcs32.dll
    + 2011-04-28 00:54 . 2010-12-20 12:55 173568 c:\windows\ie8updates\KB2497640-IE8\ie4uinit.exe
    + 2011-02-09 08:01 . 2010-11-06 00:26 916480 c:\windows\ie8updates\KB2482017-IE8\wininet.dll
    + 2011-02-09 08:01 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll
    + 2011-02-09 08:01 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe
    + 2011-02-09 08:01 . 2010-11-06 00:26 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll
    + 2011-02-09 08:01 . 2010-11-03 12:26 173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe
    + 2010-12-15 08:05 . 2010-09-10 05:58 916480 c:\windows\ie8updates\KB2416400-IE8\wininet.dll
    + 2010-12-15 08:05 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2416400-IE8\spuninst\updspapi.dll
    + 2010-12-15 08:05 . 2010-02-22 14:23 231288 c:\windows\ie8updates\KB2416400-IE8\spuninst\spuninst.exe
    + 2010-12-15 08:05 . 2010-09-10 05:58 206848 c:\windows\ie8updates\KB2416400-IE8\occache.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 611840 c:\windows\ie8updates\KB2416400-IE8\mstime.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 602112 c:\windows\ie8updates\KB2416400-IE8\msfeeds.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 247808 c:\windows\ie8updates\KB2416400-IE8\ieproxy.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 184320 c:\windows\ie8updates\KB2416400-IE8\iepeers.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 743424 c:\windows\ie8updates\KB2416400-IE8\iedvtool.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 387584 c:\windows\ie8updates\KB2416400-IE8\iedkcs32.dll
    + 2010-12-15 08:05 . 2010-08-26 12:22 173056 c:\windows\ie8updates\KB2416400-IE8\ie4uinit.exe
    + 2011-09-29 15:03 . 2011-09-29 15:03 274432 c:\windows\ERDNT\AutoBackup\9-29-2011\Users\00000002\UsrClass.dat
    + 2011-09-29 15:03 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\9-29-2011\ERDNT.EXE
    + 2011-12-10 04:09 . 2011-12-10 04:09 282624 c:\windows\ERDNT\AutoBackup\12-9-2011\Users\00000002\UsrClass.dat
    + 2011-12-10 04:09 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-9-2011\ERDNT.EXE
    + 2011-12-05 23:36 . 2011-12-05 23:36 282624 c:\windows\ERDNT\AutoBackup\12-5-2011\Users\00000002\UsrClass.dat
    + 2011-12-05 23:36 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-5-2011\ERDNT.EXE
    + 2011-12-30 17:15 . 2011-12-30 17:15 282624 c:\windows\ERDNT\AutoBackup\12-30-2011\Users\00000002\UsrClass.dat
    + 2011-12-30 17:15 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-30-2011\ERDNT.EXE
    + 2011-12-25 03:21 . 2011-12-25 03:21 282624 c:\windows\ERDNT\AutoBackup\12-24-2011\Users\00000002\UsrClass.dat
    + 2011-12-25 03:21 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-24-2011\ERDNT.EXE
    + 2011-12-23 08:24 . 2011-12-23 08:24 282624 c:\windows\ERDNT\AutoBackup\12-23-2011\Users\00000002\UsrClass.dat
    + 2011-12-23 08:24 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-23-2011\ERDNT.EXE
    + 2011-12-22 18:01 . 2011-12-22 18:01 282624 c:\windows\ERDNT\AutoBackup\12-22-2011\Users\00000002\UsrClass.dat
    + 2011-12-22 18:01 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-22-2011\ERDNT.EXE
    + 2011-12-21 08:28 . 2011-12-21 08:28 282624 c:\windows\ERDNT\AutoBackup\12-21-2011\Users\00000002\UsrClass.dat
    + 2011-12-21 08:28 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-21-2011\ERDNT.EXE
    + 2011-12-20 14:40 . 2011-12-20 14:40 282624 c:\windows\ERDNT\AutoBackup\12-20-2011\Users\00000002\UsrClass.dat
    + 2011-12-20 14:40 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-20-2011\ERDNT.EXE
    + 2011-12-14 17:39 . 2011-12-14 17:39 282624 c:\windows\ERDNT\AutoBackup\12-14-2011\Users\00000002\UsrClass.dat
    + 2011-12-14 17:39 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-14-2011\ERDNT.EXE
    + 2011-12-10 15:49 . 2011-12-10 15:49 282624 c:\windows\ERDNT\AutoBackup\12-10-2011\Users\00000002\UsrClass.dat
    + 2011-12-10 15:49 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-10-2011\ERDNT.EXE
    + 2011-12-01 19:25 . 2011-12-01 19:25 282624 c:\windows\ERDNT\AutoBackup\12-1-2011\Users\00000002\UsrClass.dat
    + 2011-12-01 19:25 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\12-1-2011\ERDNT.EXE
    + 2011-11-07 16:51 . 2011-11-07 16:51 278528 c:\windows\ERDNT\AutoBackup\11-7-2011\Users\00000002\UsrClass.dat
    + 2011-11-07 16:51 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-7-2011\ERDNT.EXE
    + 2011-11-06 00:05 . 2011-11-06 00:05 278528 c:\windows\ERDNT\AutoBackup\11-5-2011\Users\00000002\UsrClass.dat
    + 2011-11-06 00:05 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-5-2011\ERDNT.EXE
    + 2011-11-30 17:34 . 2011-11-30 17:34 282624 c:\windows\ERDNT\AutoBackup\11-30-2011\Users\00000002\UsrClass.dat
    + 2011-11-30 17:34 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-30-2011\ERDNT.EXE
    + 2011-11-27 03:39 . 2011-11-27 03:39 282624 c:\windows\ERDNT\AutoBackup\11-26-2011\Users\00000002\UsrClass.dat
    + 2011-11-27 03:39 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-26-2011\ERDNT.EXE
    + 2011-11-25 19:10 . 2011-11-25 19:10 282624 c:\windows\ERDNT\AutoBackup\11-25-2011\Users\00000002\UsrClass.dat
    + 2011-11-25 19:10 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-25-2011\ERDNT.EXE
    + 2011-11-25 02:33 . 2011-11-25 02:33 282624 c:\windows\ERDNT\AutoBackup\11-24-2011\Users\00000002\UsrClass.dat
    + 2011-11-25 02:33 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-24-2011\ERDNT.EXE
    + 2011-11-21 19:21 . 2011-11-21 19:21 282624 c:\windows\ERDNT\AutoBackup\11-21-2011\Users\00000002\UsrClass.dat
    + 2011-11-21 19:21 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-21-2011\ERDNT.EXE
    + 2011-11-19 20:22 . 2011-11-19 20:22 282624 c:\windows\ERDNT\AutoBackup\11-19-2011\Users\00000002\UsrClass.dat
    + 2011-11-19 20:22 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-19-2011\ERDNT.EXE
    + 2011-11-15 07:06 . 2011-11-15 07:06 282624 c:\windows\ERDNT\AutoBackup\11-15-2011\Users\00000002\UsrClass.dat
    + 2011-11-15 07:06 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-15-2011\ERDNT.EXE
    + 2011-11-15 01:20 . 2011-11-15 01:20 282624 c:\windows\ERDNT\AutoBackup\11-14-2011\Users\00000002\UsrClass.dat
    + 2011-11-15 01:20 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\11-14-2011\ERDNT.EXE
    + 2011-10-09 00:29 . 2011-10-09 00:29 274432 c:\windows\ERDNT\AutoBackup\10-8-2011\Users\00000002\UsrClass.dat
    + 2011-10-09 00:29 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-8-2011\ERDNT.EXE
    + 2011-10-07 19:56 . 2011-10-07 19:56 274432 c:\windows\ERDNT\AutoBackup\10-7-2011\Users\00000002\UsrClass.dat
    + 2011-10-07 19:56 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-7-2011\ERDNT.EXE
    + 2011-10-31 16:42 . 2011-10-31 16:42 278528 c:\windows\ERDNT\AutoBackup\10-31-2011\Users\00000002\UsrClass.dat
    + 2011-10-31 16:42 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-31-2011\ERDNT.EXE
    + 2011-10-29 14:17 . 2011-10-29 14:17 278528 c:\windows\ERDNT\AutoBackup\10-29-2011\Users\00000002\UsrClass.dat
    + 2011-10-29 14:17 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-29-2011\ERDNT.EXE
    + 2011-10-27 10:24 . 2011-10-27 10:24 278528 c:\windows\ERDNT\AutoBackup\10-27-2011\Users\00000002\UsrClass.dat
    + 2011-10-27 10:24 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-27-2011\ERDNT.EXE
    + 2011-10-19 20:09 . 2011-10-19 20:09 278528 c:\windows\ERDNT\AutoBackup\10-19-2011\Users\00000002\UsrClass.dat
    + 2011-10-19 20:09 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-19-2011\ERDNT.EXE
    + 2011-10-16 18:16 . 2011-10-16 18:16 274432 c:\windows\ERDNT\AutoBackup\10-16-2011\Users\00000002\UsrClass.dat
    + 2011-10-16 18:16 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\10-16-2011\ERDNT.EXE
    + 2012-01-02 05:14 . 2012-01-02 05:14 282624 c:\windows\ERDNT\AutoBackup\1-1-2012\Users\00000002\UsrClass.dat
    + 2012-01-02 05:14 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\1-1-2012\ERDNT.EXE
    + 2011-04-03 07:47 . 2011-04-03 07:47 245760 c:\windows\ERDNT\4-3-2011\Users\00000002\UsrClass.dat
    + 2011-04-03 07:47 . 2005-10-20 16:02 163328 c:\windows\ERDNT\4-3-2011\ERDNT.EXE
    + 2011-03-30 04:57 . 2011-03-30 04:57 241664 c:\windows\ERDNT\3-30-2011\Users\00000002\UsrClass.dat
    + 2011-03-30 04:57 . 2005-10-20 16:02 163328 c:\windows\ERDNT\3-30-2011\ERDNT.EXE
    + 2011-03-27 16:58 . 2011-03-27 16:58 241664 c:\windows\ERDNT\3-27-2011\Users\00000002\UsrClass.dat
    + 2011-03-27 16:58 . 2005-10-20 16:02 163328 c:\windows\ERDNT\3-27-2011\ERDNT.EXE
    + 2008-12-04 19:18 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
    + 2011-12-05 22:05 . 2011-12-05 22:05 165176 c:\windows\Downloaded Program Files\WebEx\932\wbxreport.exe
    + 2011-12-05 22:05 . 2011-12-05 22:05 163840 c:\windows\Downloaded Program Files\WebEx\932\uilibres.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 217088 c:\windows\Downloaded Program Files\WebEx\932\scwbxui7.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 356352 c:\windows\Downloaded Program Files\WebEx\932\sccustres.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 278528 c:\windows\Downloaded Program Files\WebEx\932\attp.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 744760 c:\windows\Downloaded Program Files\WebEx\932\atsccust.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 221184 c:\windows\Downloaded Program Files\WebEx\932\atres_lite.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 311296 c:\windows\Downloaded Program Files\WebEx\932\atlchat.dll
    + 2011-12-05 22:06 . 2011-12-05 22:06 150091 c:\windows\Downloaded Program Files\WebEx\932\atdl2006.dll
    + 2011-12-05 22:06 . 2011-12-05 22:06 114764 c:\windows\Downloaded Program Files\WebEx\932\atasuicom.dll
    + 2011-12-05 22:06 . 2011-12-05 22:06 101256 c:\windows\Downloaded Program Files\WebEx\932\atasnt40.dll
    + 2011-12-05 22:06 . 2011-12-05 22:06 354192 c:\windows\Downloaded Program Files\WebEx\932\atasctrl_lite.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 364544 c:\windows\Downloaded Program Files\WebEx\932\atarm.dll
    + 2011-12-05 22:05 . 2011-12-05 22:05 185224 c:\windows\Downloaded Program Files\atgpcext.dll
    + 2011-12-05 22:06 . 2011-12-05 22:06 324920 c:\windows\Downloaded Program Files\atcliun.exe
    + 2011-08-28 00:21 . 2011-08-28 00:21 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe
    + 2011-10-15 22:08 . 2011-10-15 22:08 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\c8627df7adb416722d8e0f05c57fef6b\WsatConfig.ni.exe
    + 2011-08-28 00:34 . 2011-08-28 00:34 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll
    + 2011-10-15 22:21 . 2011-10-15 22:21 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\018b6e48c32d5b5d78086998e3505f1c\System.Web.RegularExpressions.ni.dll
    + 2011-10-15 22:09 . 2011-10-15 22:09 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\734ab0ea87d7dfd5c583eea535c05878\System.Web.Abstractions.ni.dll
    + 2011-08-28 00:22 . 2011-08-28 00:22 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
    + 2011-08-28 00:22 . 2011-08-28 00:22 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
    + 2011-08-28 00:22 . 2011-08-28 00:22 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll
    + 2011-08-28 00:20 . 2011-08-28 00:20 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll
    + 2011-10-15 22:07 . 2011-10-15 22:07 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\20a77c41ee12362d303fb2574fcd5a24\System.IO.Log.ni.dll
    + 2011-08-28 00:20 . 2011-08-28 00:20 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll
    + 2011-10-15 22:07 . 2011-10-15 22:07 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\41c3a2fcffc58b20023c7d54e57ea956\System.IdentityModel.Selectors.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.Wrapper.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
    + 2011-08-28 00:18 . 2011-08-28 00:18 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll
    + 2011-10-15 21:26 . 2011-10-15 21:26 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\896eca06e2d9377b2dc4fad56ce49b07\System.Drawing.Design.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\33e9b0c368c31ef37a2ec7b5a181044b\System.DirectoryServices.Protocols.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe
    + 2011-10-15 22:08 . 2011-10-15 22:08 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6e45cf503f025c5fe814ea7e52f62a78\SMSvcHost.ni.exe
    + 2011-08-28 00:21 . 2011-08-28 00:21 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\474a341340f687bcbd7777f2820a8c7a\SMDiagnostics.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f2df1ca28301bfe7e1d52b86c8394217\ServiceModelReg.ni.exe
    + 2011-08-28 00:21 . 2011-08-28 00:21 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575a6beb3a416bd480b98a7\ServiceModelReg.ni.exe
    + 2011-08-28 00:21 . 2011-08-28 00:21 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe
    + 2011-10-15 22:08 . 2011-10-15 22:08 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\04595f414c49cf2a65b349648ba23e62\MSBuild.ni.exe
    + 2011-10-15 22:08 . 2011-10-15 22:08 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\4cbd7ed9fbf9f1b3cbdf23906cc0f5a3\Microsoft.Transactions.Bridge.Dtc.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\ff6d4892775fd1f9b137f7c92ea453f2\Microsoft.Build.Utilities.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\da112c5757e3c68d6369b6aa46cc9682\Microsoft.Build.Engine.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll
    + 2011-07-07 05:35 . 2011-07-07 05:35 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\3e6deccf191ab943d3a0812a38ab5c97\CustomMarshalers.ni.dll
    + 2011-08-28 00:20 . 2011-08-28 00:20 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe
    + 2011-10-15 22:08 . 2011-10-15 22:08 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\4e68d5df30b197ff72c75f1c3c24b949\ComSvcConfig.ni.exe
    + 2011-08-28 00:20 . 2011-08-28 00:20 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetMMCExt.ni.dll
    + 2011-10-15 22:07 . 2011-10-15 22:07 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\e1bcee92f5af50d560d577c0a99ea3bd\AspNetMMCExt.ni.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
    - 2010-10-04 16:40 . 2010-10-04 16:40 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
    + 2011-04-14 05:13 . 2011-04-14 05:13 442368 c:\windows\assembly\GAC_32\WicFileFormat-PlatOpt\1.1.7323.4563__b0cfd8589c27b05f\WicFileFormat-PlatOpt.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
    + 2011-04-14 05:14 . 2011-04-14 05:14 262144 c:\windows\assembly\GAC_32\EastmanKodakCompany.EasyShare\2.0.6005.7527__e736f44e197b3380\EastmanKodakCompany.EasyShare.dll
    + 2011-04-14 05:14 . 2011-04-14 05:14 282624 c:\windows\assembly\GAC_32\EastmanKodakCompany.EasyShare\1.0.2698.25402__e736f44e197b3380\EastmanKodakCompany.EasyShare.dll
    + 2011-11-15 23:17 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2641690$\spuninst\updspapi.dll
    + 2011-11-15 23:17 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2641690$\spuninst\spuninst.exe
    + 2011-11-15 23:17 . 2011-09-09 09:12 599040 c:\windows\$NtUninstallKB2641690$\crypt32.dll
    + 2011-09-16 06:46 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2616676$\spuninst\updspapi.dll
    + 2011-09-16 06:46 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2616676$\spuninst\spuninst.exe
    + 2011-09-16 06:46 . 2011-09-03 10:17 599040 c:\windows\$NtUninstallKB2616676$\crypt32.dll
    + 2011-09-07 14:54 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2607712$\spuninst\updspapi.dll
    + 2011-09-07 14:54 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2607712$\spuninst\spuninst.exe
    + 2011-09-07 14:54 . 2008-04-14 00:11 599040 c:\windows\$NtUninstallKB2607712$\crypt32.dll
    + 2011-10-15 21:17 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2592799$\spuninst\updspapi.dll
    + 2011-10-15 21:17 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2592799$\spuninst\spuninst.exe
    + 2011-10-15 21:17 . 2011-02-16 13:22 138496 c:\windows\$NtUninstallKB2592799$\afd.sys
    + 2011-09-16 06:41 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570947$\spuninst\updspapi.dll
    + 2011-09-16 06:41 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570947$\spuninst\spuninst.exe
    + 2011-08-28 00:16 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570791$\spuninst\updspapi.dll
    + 2011-08-28 00:16 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570791$\spuninst\spuninst.exe
    + 2011-08-28 00:13 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2570222$\spuninst\updspapi.dll
    + 2011-08-28 00:13 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2570222$\spuninst\spuninst.exe
    + 2011-08-28 00:13 . 2008-04-14 00:13 139656 c:\windows\$NtUninstallKB2570222$\rdpwd.sys
    + 2011-08-28 00:14 . 2011-04-26 11:07 293376 c:\windows\$NtUninstallKB2567680$\winsrv.dll
    + 2011-08-28 00:14 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2567680$\spuninst\updspapi.dll
    + 2011-08-28 00:14 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2567680$\spuninst\spuninst.exe
    + 2011-10-15 21:17 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2567053$\spuninst\updspapi.dll
    + 2011-10-15 21:17 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2567053$\spuninst\spuninst.exe
    + 2011-08-28 00:08 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2566454$\spuninst\updspapi.dll
    + 2011-08-28 00:08 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2566454$\spuninst\spuninst.exe
    + 2011-10-15 21:23 . 2008-07-30 00:59 161296 c:\windows\$NtUninstallKB2564958$\uiautomationcore.dll
    + 2011-10-15 21:23 . 2011-08-12 18:51 382840 c:\windows\$NtUninstallKB2564958$\spuninst\updspapi.dll
    + 2011-10-15 21:23 . 2011-08-12 18:51 231288 c:\windows\$NtUninstallKB2564958$\spuninst\spuninst.exe
    + 2011-10-15 21:23 . 2006-02-28 12:00 163328 c:\windows\$NtUninstallKB2564958$\oleacc.dll
    + 2011-08-28 00:07 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2562937$\spuninst\updspapi.dll
    + 2011-08-28 00:07 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2562937$\spuninst\spuninst.exe
    + 2011-11-15 23:20 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2544893-v2$\spuninst\updspapi.dll
    + 2011-11-15 23:20 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe
    + 2011-11-15 23:20 . 2011-05-02 15:31 692736 c:\windows\$NtUninstallKB2544893-v2$\inetcomm.dll
    + 2011-08-28 00:13 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2536276-v2$\spuninst\updspapi.dll
    + 2011-08-28 00:13 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe
    + 2011-08-28 00:13 . 2011-04-29 16:19 456320 c:\windows\$NtUninstallKB2536276-v2$\mrxsmb.sys
    + 2011-04-01 19:50 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
    + 2011-04-01 19:50 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
    + 2011-04-01 19:50 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
    + 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
    + 2011-11-15 23:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2641690\update\updspapi.dll
    + 2011-11-15 23:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2641690\update\update.exe
    + 2011-11-15 23:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2641690\spuninst.exe
    + 2011-09-28 07:05 . 2011-09-28 07:05 599552 c:\windows\$hf_mig$\KB2641690\SP3QFE\crypt32.dll
    + 2011-09-16 06:46 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2616676\update\updspapi.dll
    + 2011-09-16 06:46 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2616676\update\update.exe
    + 2011-09-16 06:46 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2616676\spuninst.exe
    + 2011-09-09 09:11 . 2011-09-09 09:11 599552 c:\windows\$hf_mig$\KB2616676\SP3QFE\crypt32.dll
    + 2011-09-07 14:54 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2607712\update\updspapi.dll
    + 2011-09-07 14:54 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2607712\update\update.exe
    + 2011-09-07 14:54 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2607712\spuninst.exe
    + 2011-09-03 10:16 . 2011-09-03 10:16 599552 c:\windows\$hf_mig$\KB2607712\SP3QFE\crypt32.dll
    + 2011-10-15 21:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2592799\update\updspapi.dll
    + 2011-10-15 21:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2592799\update\update.exe
    + 2011-10-15 21:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2592799\spuninst.exe
    + 2011-10-13 16:11 . 2011-08-17 13:41 138496 c:\windows\$hf_mig$\KB2592799\SP3QFE\afd.sys
    + 2011-10-15 21:16 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2586448-IE8\update\updspapi.dll
    + 2011-10-15 21:16 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2586448-IE8\update\update.exe
    + 2011-10-15 21:16 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2586448-IE8\spuninst.exe
    + 2011-10-13 16:11 . 2011-08-22 23:47 919552 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 105984 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\url.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 206848 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\occache.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 611840 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mstime.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 602112 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\msfeeds.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 247808 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieproxy.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 184320 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iepeers.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 743424 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iedvtool.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 387584 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iedkcs32.dll
    + 2011-10-13 16:11 . 2011-08-22 11:52 174080 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ie4uinit.exe
    + 2011-09-16 06:41 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570947\update\updspapi.dll
    + 2011-09-16 06:41 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570947\update\update.exe
    + 2011-09-16 06:41 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570947\spuninst.exe
    + 2011-08-28 00:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570222\update\updspapi.dll
    + 2011-08-28 00:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570222\update\update.exe
    + 2011-08-28 00:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570222\spuninst.exe
    + 2011-08-28 00:04 . 2011-06-24 14:09 139656 c:\windows\$hf_mig$\KB2570222\SP3QFE\rdpwd.sys
    + 2011-08-28 00:14 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567680\update\updspapi.dll
    + 2011-08-28 00:14 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567680\update\update.exe
    + 2011-08-28 00:14 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567680\spuninst.exe
    + 2011-06-20 17:43 . 2011-06-20 17:43 293376 c:\windows\$hf_mig$\KB2567680\SP3QFE\winsrv.dll
    + 2011-10-15 21:17 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567053\update\updspapi.dll
    + 2011-10-15 21:17 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567053\update\update.exe
    + 2011-10-15 21:17 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567053\spuninst.exe
    + 2011-08-28 00:08 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2566454\update\updspapi.dll
    + 2011-08-28 00:08 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2566454\update\update.exe
    + 2011-08-28 00:08 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2566454\spuninst.exe
    + 2011-08-28 00:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2562937\update\updspapi.dll
    + 2011-08-28 00:07 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2562937\update\update.exe
    + 2011-08-28 00:07 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2562937\spuninst.exe
    + 2011-08-28 00:09 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2559049-IE8\update\updspapi.dll
    + 2011-08-28 00:09 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2559049-IE8\update\update.exe
    + 2011-08-28 00:09 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2559049-IE8\spuninst.exe
    + 2011-08-28 00:04 . 2011-06-23 18:33 919552 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 105984 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\url.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 206848 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\occache.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 611840 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mstime.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 602112 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeeds.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 247808 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieproxy.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 184320 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iepeers.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 743424 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedvtool.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 387584 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedkcs32.dll
    + 2011-08-28 00:04 . 2011-06-23 12:19 173568 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ie4uinit.exe
    + 2011-07-19 02:42 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll
    + 2011-07-19 02:42 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2555917\update\update.exe
    + 2011-07-19 02:42 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2555917\spuninst.exe
    + 2011-06-16 16:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893\update\updspapi.dll
    + 2011-06-16 16:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893\update\update.exe
    + 2011-06-16 16:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893\spuninst.exe
    + 2011-06-16 09:58 . 2011-05-02 15:30 692736 c:\windows\$hf_mig$\KB2544893\SP3QFE\inetcomm.dll
    + 2011-11-15 23:20 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893-v2\update\updspapi.dll
    + 2011-11-15 23:20 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893-v2\update\update.exe
    + 2011-11-15 23:20 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893-v2\spuninst.exe
    + 2011-10-10 14:21 . 2011-10-10 14:21 692736 c:\windows\$hf_mig$\KB2544893-v2\SP3QFE\inetcomm.dll
    + 2011-06-16 16:45 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544521-IE8\update\updspapi.dll
    + 2011-06-16 16:45 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544521-IE8\update\update.exe
    + 2011-06-16 16:45 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544521-IE8\spuninst.exe
    + 2011-06-16 09:58 . 2011-04-30 02:59 758784 c:\windows\$hf_mig$\KB2544521-IE8\SP3QFE\vgx.dll
    + 2011-07-07 04:26 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2541763\update\updspapi.dll
    + 2011-07-07 04:26 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2541763\update\update.exe
    + 2011-07-07 04:26 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2541763\spuninst.exe
    + 2011-04-29 17:23 . 2011-04-29 17:23 151552 c:\windows\$hf_mig$\KB2541763\SP3QFE\schannel.dll
    + 2011-06-16 16:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276\update\updspapi.dll
    + 2011-06-16 16:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276\update\update.exe
    + 2011-06-16 16:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276\spuninst.exe
    + 2011-06-16 09:59 . 2011-04-29 16:47 457856 c:\windows\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys
    + 2011-08-28 00:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276-v2\update\updspapi.dll
    + 2011-08-28 00:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276-v2\update\update.exe
    + 2011-08-28 00:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276-v2\spuninst.exe
    + 2011-08-28 00:05 . 2011-07-15 13:29 457856 c:\windows\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys
    + 2011-06-16 16:51 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2535512\update\updspapi.dll
    + 2011-06-16 16:51 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2535512\update\update.exe
    + 2011-06-16 16:51 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2535512\spuninst.exe
    + 2011-06-16 09:59 . 2011-04-21 13:52 105472 c:\windows\$hf_mig$\KB2535512\SP3QFE\mup.sys
    + 2011-06-16 16:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2530548-IE8\update\updspapi.dll
    + 2011-06-16 16:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2530548-IE8\update\update.exe
    + 2011-06-16 16:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2530548-IE8\spuninst.exe
    + 2011-06-16 09:59 . 2011-04-25 16:09 919552 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 206848 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\occache.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 611840 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mstime.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 602112 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeeds.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 247808 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieproxy.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 184320 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iepeers.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 743424 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedvtool.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 387584 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedkcs32.dll
    + 2011-06-16 09:59 . 2011-04-25 11:37 173568 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ie4uinit.exe
    + 2011-03-30 19:27 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2524375\update\updspapi.dll
    + 2011-03-30 19:27 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2524375\update\update.exe
    + 2011-03-30 19:27 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2524375\spuninst.exe
    + 2011-04-28 00:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2511455\update\updspapi.dll
    + 2011-04-28 00:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2511455\update\update.exe
    + 2011-04-28 00:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2511455\spuninst.exe
    + 2011-04-20 18:57 . 2011-02-17 13:19 457472 c:\windows\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys
    + 2011-04-28 00:46 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2510531-IE8\update\updspapi.dll
    + 2011-04-28 00:46 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2510531-IE8\update\update.exe
    + 2011-04-28 00:46 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2510531-IE8\spuninst.exe
    + 2011-04-20 18:57 . 2011-03-04 06:35 420864 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\vbscript.dll
    + 2011-04-20 18:57 . 2011-03-04 06:35 726528 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\jscript.dll
    + 2011-04-28 00:47 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2509553\update\updspapi.dll
    + 2011-04-28 00:47 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2509553\update\update.exe
    + 2011-04-28 00:47 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2509553\spuninst.exe
    + 2008-06-20 11:16 . 2008-06-20 11:16 225856 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys
    + 2008-06-20 11:59 . 2008-06-20 11:59 361600 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
    + 2008-06-20 17:43 . 2008-06-20 17:43 245248 c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
    + 2011-03-03 06:53 . 2011-03-03 06:53 149504 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsapi.dll
    + 2008-10-16 15:07 . 2008-10-16 15:07 138496 c:\windows\$hf_mig$\KB2509553\SP3QFE\afd.sys
    + 2011-04-28 00:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508429\update\updspapi.dll
    + 2011-04-28 00:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508429\update\update.exe
    + 2011-04-28 00:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508429\spuninst.exe
    + 2011-02-17 13:19 . 2011-02-17 13:19 357888 c:\windows\$hf_mig$\KB2508429\SP3QFE\srv.sys
    + 2011-04-28 00:50 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508272\update\updspapi.dll
    + 2011-04-28 00:50 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508272\update\update.exe
    + 2011-04-28 00:50 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508272\spuninst.exe
    + 2011-07-19 02:47 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll
    + 2011-07-19 02:47 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507938\update\update.exe
    + 2011-07-19 02:47 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507938\spuninst.exe
    + 2011-04-26 11:02 . 2011-04-26 11:02 293376 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
    + 2011-04-28 00:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507618\update\updspapi.dll
    + 2011-04-28 00:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507618\update\update.exe
    + 2011-04-28 00:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507618\spuninst.exe
    + 2011-02-15 13:05 . 2011-02-15 13:05 290432 c:\windows\$hf_mig$\KB2507618\SP3QFE\atmfd.dll
    + 2011-04-28 00:54 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506223\update\updspapi.dll
    + 2011-04-28 00:54 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506223\update\update.exe
    + 2011-04-28 00:54 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506223\spuninst.exe
    + 2011-04-28 00:47 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506212\update\updspapi.dll
    + 2011-04-28 00:47 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506212\update\update.exe
    + 2011-04-28 00:47 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506212\spuninst.exe
    + 2011-02-08 13:32 . 2011-02-08 13:32 974848 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42u.dll
    + 2011-02-08 13:32 . 2011-02-08 13:32 978944 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42.dll
    + 2011-06-16 16:53 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503665\update\updspapi.dll
    + 2011-06-16 16:53 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503665\update\update.exe
    + 2011-06-16 16:53 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503665\spuninst.exe
    + 2011-06-16 10:00 . 2011-02-16 13:25 138496 c:\windows\$hf_mig$\KB2503665\SP3QFE\afd.sys
    + 2011-04-28 00:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503658\update\updspapi.dll
    + 2011-04-28 00:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503658\update\update.exe
    + 2011-04-28 00:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503658\spuninst.exe
    + 2011-03-07 05:31 . 2011-03-07 05:31 692736 c:\windows\$hf_mig$\KB2503658\SP3QFE\inetcomm.dll
    + 2011-04-28 00:54 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2497640-IE8\update\updspapi.dll
    + 2011-04-28 00:54 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2497640-IE8\update\update.exe
    + 2011-04-28 00:54 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2497640-IE8\spuninst.exe
    + 2011-04-20 18:58 . 2011-02-22 23:27 919552 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 206848 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\occache.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 611840 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mstime.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 602112 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeeds.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 247808 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieproxy.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 184320 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iepeers.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 743424 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedvtool.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 387584 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedkcs32.dll
    + 2011-04-20 18:58 . 2011-02-22 12:08 173568 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ie4uinit.exe
    + 2011-04-28 00:55 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485663\update\updspapi.dll
    + 2011-04-28 00:55 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485663\update\update.exe
    + 2011-04-28 00:55 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485663\spuninst.exe
    + 2011-02-09 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485376\update\updspapi.dll
    + 2011-02-09 08:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485376\update\update.exe
    + 2011-02-09 08:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485376\spuninst.exe
    + 2011-01-07 14:09 . 2011-01-07 14:09 290048 c:\windows\$hf_mig$\KB2485376\SP3QFE\atmfd.dll
    + 2011-02-09 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2483185\update\updspapi.dll
    + 2011-02-09 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2483185\update\update.exe
    + 2011-02-09 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2483185\spuninst.exe
    + 2011-01-21 14:42 . 2011-01-21 14:42 439808 c:\windows\$hf_mig$\KB2483185\SP3QFE\shimgvw.dll
    + 2011-02-09 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2482017-IE8\update\updspapi.dll
    + 2011-02-09 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2482017-IE8\update\update.exe
    + 2011-02-09 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2482017-IE8\spuninst.exe
    + 2011-02-09 01:57 . 2010-12-20 23:58 919552 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 206848 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\occache.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 611840 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mstime.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 602112 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeeds.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 247808 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieproxy.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 184320 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iepeers.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 743424 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iedvtool.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 387584 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iedkcs32.dll
    + 2011-02-09 01:57 . 2010-12-20 12:48 173568 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ie4uinit.exe
    + 2011-03-11 04:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
    + 2011-03-11 04:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2481109\update\update.exe
    + 2011-03-11 04:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2481109\spuninst.exe
    + 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
    + 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
    + 2011-03-11 04:51 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
    + 2011-03-11 04:51 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
    + 2011-03-11 04:51 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
    + 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
    + 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
    + 2011-02-09 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479628\update\updspapi.dll
    + 2011-02-09 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479628\update\update.exe
    + 2011-02-09 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479628\spuninst.exe
    + 2011-02-09 08:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478971\update\updspapi.dll
    + 2011-02-09 08:07 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478971\update\update.exe
    + 2011-02-09 08:07 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478971\spuninst.exe
    + 2010-12-22 12:32 . 2010-12-22 12:32 301568 c:\windows\$hf_mig$\KB2478971\SP3QFE\kerberos.dll
    + 2011-02-09 08:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478960\update\updspapi.dll
    + 2011-02-09 08:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478960\update\update.exe
    + 2011-02-09 08:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478960\spuninst.exe
    + 2010-12-20 17:24 . 2010-12-20 17:24 730112 c:\windows\$hf_mig$\KB2478960\SP3QFE\lsasrv.dll
    + 2011-02-09 08:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476687\update\updspapi.dll
    + 2011-02-09 08:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476687\update\update.exe
    + 2011-02-09 08:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476687\spuninst.exe
    + 2011-06-16 16:54 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
    + 2011-06-16 16:54 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
    + 2011-06-16 16:54 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
    + 2010-12-20 17:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
    + 2010-12-15 08:04 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2467659\update\updspapi.dll
    + 2010-12-15 08:04 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2467659\update\update.exe
    + 2010-12-15 08:04 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2467659\spuninst.exe
    + 2010-12-15 08:05 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2443105\update\updspapi.dll
    + 2010-12-15 08:05 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2443105\update\update.exe
    + 2010-12-15 08:05 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2443105\spuninst.exe
    + 2010-12-15 08:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2440591\update\updspapi.dll
    + 2010-12-15 08:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2440591\update\update.exe
    + 2010-12-15 08:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2440591\spuninst.exe
    + 2010-12-15 08:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2436673\update\updspapi.dll
    + 2010-12-15 08:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2436673\update\update.exe
    + 2010-12-15 08:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2436673\spuninst.exe
    + 2010-12-15 08:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2423089\update\updspapi.dll
    + 2010-12-15 08:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2423089\update\update.exe
    + 2010-12-15 08:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2423089\spuninst.exe
    + 2011-01-12 08:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2419632\update\updspapi.dll
    + 2011-01-12 08:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2419632\update\update.exe
    + 2011-01-12 08:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2419632\spuninst.exe
    + 2010-11-09 14:50 . 2010-11-09 14:50 253952 c:\windows\$hf_mig$\KB2419632\SP3QFE\odbc32.dll
    + 2010-11-09 14:50 . 2010-11-09 14:50 102400 c:\windows\$hf_mig$\KB2419632\SP3QFE\msjro.dll
    + 2010-11-09 14:50 . 2010-11-09 14:50 200704 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadox.dll
    + 2010-11-09 14:50 . 2010-11-09 14:50 180224 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadomd.dll
    + 2010-11-09 14:50 . 2010-11-09 14:50 565248 c:\windows\$hf_mig$\KB2419632\SP3QFE\msado15.dll
    + 2010-11-09 14:50 . 2010-11-09 14:50 143360 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadco.dll
    + 2010-12-15 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2416400-IE8\update\updspapi.dll
    + 2010-12-15 08:05 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2416400-IE8\update\update.exe
    + 2010-12-15 08:05 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2416400-IE8\spuninst.exe
    + 2010-12-15 07:31 . 2010-11-06 00:27 919552 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 206848 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\occache.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 611840 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mstime.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 602112 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\msfeeds.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 247808 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ieproxy.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 184320 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iepeers.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 743424 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iedvtool.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 387584 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iedkcs32.dll
    + 2010-12-15 07:31 . 2010-11-03 12:01 173568 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ie4uinit.exe
    + 2011-02-09 08:00 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2393802\update\updspapi.dll
    + 2011-02-09 08:00 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2393802\update\update.exe
    + 2011-02-09 08:00 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2393802\spuninst.exe
    + 2011-02-09 01:57 . 2010-12-09 15:15 718336 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
    + 2010-12-15 08:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2296199\update\updspapi.dll
    + 2010-12-15 08:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2296199\update\update.exe
    + 2010-12-15 08:05 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2296199\spuninst.exe
    + 2010-10-28 13:08 . 2010-10-28 13:08 290048 c:\windows\$hf_mig$\KB2296199\SP3QFE\atmfd.dll
    + 2011-04-20 18:58 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
    + 2011-04-19 03:51 . 2011-04-19 03:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 1159488 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_b256a1bb\mfc90u.dll
    + 2009-07-12 03:51 . 2009-07-12 03:51 1153352 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.218_x-ww_b256a1bb\mfc90.dll
    + 2011-05-14 01:04 . 2011-05-14 01:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
    + 2011-05-14 01:04 . 2011-05-14 01:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
    + 2011-04-14 05:12 . 2011-04-14 05:12 1233920 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
    + 2009-08-20 02:51 . 2009-08-20 02:51 1478656 c:\windows\twain_32\BrSc09c\Common\BrTwdScn.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 1212416 c:\windows\system32\urlmon.dll
    + 2011-02-23 00:17 . 2010-01-08 04:43 1884160 c:\windows\system32\spool\drivers\w32x86\brothermfc_j615w89be\briu10b.dll
    + 2011-02-23 00:17 . 2010-01-08 04:43 1710080 c:\windows\system32\spool\drivers\w32x86\brothermfc_j615w89be\brio10b.dll
    + 2011-02-23 00:17 . 2010-01-08 04:43 1884160 c:\windows\system32\spool\drivers\w32x86\3\briu10b.dll
    + 2011-02-23 00:17 . 2010-01-08 04:43 1710080 c:\windows\system32\spool\drivers\w32x86\3\brio10b.dll
    - 2006-02-28 12:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
    + 2006-02-28 12:00 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
    + 2011-12-22 21:25 . 2005-09-21 19:23 9710592 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RTLCPL.EXE
    + 2011-12-22 21:25 . 2005-09-23 22:56 3966976 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RtkHDAud.sys
    + 2011-12-22 21:25 . 2005-09-07 14:40 2142208 c:\windows\system32\ReinstallBackups\0006\DriverFiles\MicCal.exe
    + 2011-12-22 21:26 . 2005-09-21 19:32 2807808 c:\windows\system32\ReinstallBackups\0006\DriverFiles\ALCWZRD.EXE
    + 2008-07-24 02:28 . 2011-02-02 07:58 2067456 c:\windows\system32\mstscax.dll
    + 2006-02-28 12:00 . 2011-11-04 19:20 5978112 c:\windows\system32\mshtml.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 4422992 c:\windows\system32\mfc100u.dll
    + 2011-06-11 06:58 . 2011-06-11 06:58 4397384 c:\windows\system32\mfc100.dll
    + 2010-01-27 01:07 . 2011-11-15 01:21 8527008 c:\windows\system32\Macromed\Flash\NPSWF32.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 2319776 c:\windows\system32\ltwvcu.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 1549728 c:\windows\system32\ltwvca.dll
    + 2011-01-03 17:50 . 2010-10-11 21:39 2315680 c:\windows\system32\ltwvc2u.dll
    + 2010-07-10 00:22 . 2009-03-11 17:28 1009664 c:\windows\system32\Ltwvc13n.dll
    - 2010-07-10 00:22 . 2009-03-11 16:28 1009664 c:\windows\system32\Ltwvc13n.dll
    + 2007-08-13 22:34 . 2011-11-04 19:20 2000384 c:\windows\system32\iertutil.dll
    + 2011-04-14 05:16 . 2007-06-06 13:57 2363392 c:\windows\system32\DRVSTORE\kpd_116B8E56BDDDF953EAB6D8D8F5CDA37DE77C0E1A\xerces-c_2_7.dll
    + 2011-02-23 00:17 . 2010-01-08 04:43 1062712 c:\windows\system32\DRVSTORE\brpri10b_6EDA772B2903AB2A7EC33EFF6A4672C19A7255E8\brio10b.dll
    + 2011-02-23 00:17 . 2009-08-18 10:40 1602741 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\x86\BrWia09c.dll
    + 2011-02-23 00:17 . 2010-01-12 02:01 1604430 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\x86\BrWi209c.dll
    + 2011-02-23 00:17 . 2009-08-20 02:51 1288808 c:\windows\system32\DRVSTORE\brimi10b_A6F5BA730EF2AAEF9680B801195A77800797E1CA\BrTwdScn.dll
    + 2005-09-23 22:56 . 2006-11-16 04:34 4225920 c:\windows\system32\drivers\RtkHDAud.Sys
    + 2008-11-08 15:36 . 2011-11-23 13:25 1859584 c:\windows\system32\dllcache\win32k.sys
    + 2006-02-28 12:00 . 2011-11-04 19:20 1212416 c:\windows\system32\dllcache\urlmon.dll
    - 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
    + 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
    + 2010-07-16 12:05 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
    + 2008-11-08 15:36 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
    + 2004-08-03 22:59 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
    + 2008-11-08 15:36 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
    + 2006-02-28 12:00 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
    + 2006-02-28 12:00 . 2011-11-04 19:20 5978112 c:\windows\system32\dllcache\mshtml.dll
    + 2008-07-24 02:28 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
    + 2008-07-24 04:59 . 2011-11-04 19:20 2000384 c:\windows\system32\dllcache\iertutil.dll
    + 2009-08-18 10:40 . 2009-08-18 10:40 1535488 c:\windows\system32\BrWia09c.dll
    + 2005-09-21 20:29 . 2006-11-14 03:07 1183744 c:\windows\RtlUpd.exe
    + 2005-09-21 19:23 . 2006-05-05 06:35 9709568 c:\windows\RTLCPL.exe
    + 2011-03-25 11:15 . 2011-03-25 11:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
    - 2008-07-25 16:17 . 2008-07-25 16:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
    - 2010-03-23 09:32 . 2010-03-23 09:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
    + 2011-04-29 02:50 . 2011-04-29 02:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
    + 2011-07-07 10:18 . 2011-07-07 10:18 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
    - 2010-05-11 10:40 . 2010-05-11 10:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
    + 2011-07-07 10:18 . 2011-07-07 10:18 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
    + 2005-09-07 14:40 . 2006-10-12 07:42 2157568 c:\windows\MicCal.exe
    + 2011-01-19 04:36 . 2011-01-19 04:36 2687488 c:\windows\Installer\f767c67.msp
    + 2011-09-07 23:36 . 2011-09-07 23:36 6069248 c:\windows\Installer\df9c9.msp
    + 2011-11-03 19:31 . 2011-11-03 19:31 5525504 c:\windows\Installer\babef.msp
    + 2010-10-22 20:45 . 2010-10-22 20:45 8444928 c:\windows\Installer\b89d6ef.msp
    + 2010-12-06 20:02 . 2010-12-06 20:02 5518848 c:\windows\Installer\b89d6bc.msp
    + 2010-10-02 02:53 . 2010-10-02 02:53 4147712 c:\windows\Installer\b89d6a5.msp
    + 2011-02-22 15:32 . 2011-02-22 15:32 5520384 c:\windows\Installer\b4687ec.msp
    + 2011-05-02 05:06 . 2011-05-02 05:06 2705920 c:\windows\Installer\a09c2.msp
    + 2011-07-26 18:50 . 2011-07-26 18:50 5522432 c:\windows\Installer\a09b9.msp
    + 2011-09-06 22:57 . 2011-09-06 22:57 1025024 c:\windows\Installer\6ae1a82.msi
    + 2011-04-29 17:28 . 2011-04-29 17:28 1995264 c:\windows\Installer\65584aba.msp
    + 2011-04-28 00:51 . 2011-04-28 00:51 6825472 c:\windows\Installer\65584aa8.msp
    + 2011-05-20 22:31 . 2011-05-20 22:31 5518848 c:\windows\Installer\65584a91.msp
    + 2011-05-17 23:28 . 2011-05-17 23:28 6862848 c:\windows\Installer\65584a7a.msp
    + 2011-04-29 17:33 . 2011-04-29 17:33 8173568 c:\windows\Installer\65584a63.msp
    + 2011-04-29 18:04 . 2011-04-29 18:04 5053440 c:\windows\Installer\65584a59.msp
    + 2011-04-29 17:30 . 2011-04-29 17:30 1197056 c:\windows\Installer\65584a30.msp
    + 2011-08-10 22:43 . 2011-08-10 22:43 3795968 c:\windows\Installer\64e524b.msp
    + 2011-07-26 13:17 . 2011-07-26 13:17 6824960 c:\windows\Installer\64e522a.msp
    + 2011-08-16 17:35 . 2011-08-16 17:35 5519872 c:\windows\Installer\64e5213.msp
    + 2011-07-21 17:34 . 2011-07-21 17:34 3456000 c:\windows\Installer\64e51fd.msp
    + 2011-09-07 02:48 . 2011-09-07 02:48 8181248 c:\windows\Installer\64e51f0.msp
    + 2011-07-27 12:39 . 2011-07-27 12:39 9892352 c:\windows\Installer\64e51e6.msp
    + 2011-01-27 18:49 . 2011-01-27 18:49 6825472 c:\windows\Installer\62497826.msp
    + 2011-04-05 16:52 . 2011-04-05 16:52 5519872 c:\windows\Installer\624977f8.msp
    + 2010-11-21 03:34 . 2010-11-21 03:34 1198080 c:\windows\Installer\624977d4.msp
    + 2011-03-18 00:01 . 2011-03-18 00:01 9563648 c:\windows\Installer\624977ca.msp
    + 2011-03-03 15:25 . 2011-03-03 15:25 5051904 c:\windows\Installer\624977c0.msp
    + 2011-01-11 21:50 . 2011-01-11 21:50 8177152 c:\windows\Installer\624977a9.msp
    + 2011-05-23 19:15 . 2011-05-23 19:15 3617792 c:\windows\Installer\34a4ce08.msp
    + 2011-11-01 19:34 . 2011-11-01 19:34 2531840 c:\windows\Installer\2fabd.msp
    + 2011-12-13 07:10 . 2011-12-13 07:10 4703232 c:\windows\Installer\2fab4.msp
    + 2011-11-01 19:34 . 2011-11-01 19:34 1552384 c:\windows\Installer\2e0c17f.msp
    + 2011-10-30 05:10 . 2011-10-30 05:10 6824960 c:\windows\Installer\2e0c175.msp
    + 2011-10-31 18:37 . 2011-10-31 18:37 4146688 c:\windows\Installer\2e0c15e.msp
    + 2011-11-17 16:55 . 2011-11-17 16:55 5522944 c:\windows\Installer\2e0c146.msp
    + 2011-10-16 02:42 . 2011-10-16 02:42 1527808 c:\windows\Installer\24858999.msi
    + 2011-09-20 20:36 . 2011-09-20 20:36 5521408 c:\windows\Installer\235a8d9c.msp
    + 2011-06-29 02:27 . 2011-06-29 02:27 4028928 c:\windows\Installer\212ded.msp
    + 2011-04-14 05:16 . 2011-04-14 05:16 1515008 c:\windows\Installer\1b212fd2.msi
    + 2011-04-14 05:14 . 2011-04-14 05:14 2035200 c:\windows\Installer\1b212fca.msi
    + 2011-04-14 05:13 . 2011-04-14 05:13 1100288 c:\windows\Installer\1b212f57.msi
    + 2011-04-14 04:55 . 2011-04-14 04:55 6465536 c:\windows\Installer\1b11643c.msi
    + 2011-10-04 20:41 . 2011-10-04 20:41 1317376 c:\windows\Installer\1b0af846.msi
    + 2011-01-17 21:06 . 2011-01-17 21:06 5518848 c:\windows\Installer\171b66fa.msp
    + 2011-11-17 16:55 . 2011-11-17 16:55 5522944 c:\windows\Installer\1657c719.msp
    + 2011-11-11 22:16 . 2011-11-11 22:16 8458240 c:\windows\Installer\1657c717.msp
    + 2011-11-19 04:14 . 2011-11-19 04:14 1435136 c:\windows\Installer\107c1596.msi
    + 2007-04-19 18:09 . 2007-04-19 18:09 1061720 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OMFC.DLL
    + 2010-09-22 22:05 . 2010-09-22 22:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\rt3d.dll
    + 2010-06-19 21:51 . 2010-06-19 21:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AGM.dll
    + 2011-01-14 12:10 . 2011-01-14 12:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD.DLL
    + 2011-01-14 12:10 . 2011-01-14 12:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKPOWERPOINT.DLL
    + 2011-01-14 12:10 . 2011-01-14 12:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL.DLL
    + 2011-07-27 09:44 . 2011-07-27 09:44 1791824 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\PPCNV.DLL
    + 2011-12-21 04:10 . 2011-08-22 23:48 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
    + 2011-12-21 04:10 . 2011-10-03 08:35 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
    + 2011-12-21 04:10 . 2011-08-22 23:48 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 1212416 c:\windows\ie8updates\KB2586448-IE8\urlmon.dll
    + 2011-10-15 21:16 . 2011-07-25 15:17 5969920 c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 1991680 c:\windows\ie8updates\KB2586448-IE8\iertutil.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
    + 2011-08-28 00:09 . 2011-05-30 22:19 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
    + 2011-08-28 00:09 . 2011-04-25 16:11 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 1210880 c:\windows\ie8updates\KB2530548-IE8\urlmon.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 5962240 c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 1991680 c:\windows\ie8updates\KB2530548-IE8\iertutil.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 1210880 c:\windows\ie8updates\KB2497640-IE8\urlmon.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 5961216 c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
    + 2011-04-28 00:54 . 2010-12-20 23:59 1991680 c:\windows\ie8updates\KB2497640-IE8\iertutil.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 1210880 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 5959168 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 1991680 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 1210880 c:\windows\ie8updates\KB2416400-IE8\urlmon.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 5957120 c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 1986560 c:\windows\ie8updates\KB2416400-IE8\iertutil.dll
    + 2008-11-08 15:36 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
    + 2008-11-08 15:36 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
    + 2008-11-08 15:36 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
    + 2008-11-08 15:36 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
    + 2011-08-28 00:17 . 2011-08-28 00:17 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsBase.ni.dll
    + 2011-10-15 21:24 . 2011-10-15 21:24 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll
    + 2011-08-28 00:16 . 2011-08-28 00:16 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
    + 2011-10-15 21:24 . 2011-10-15 21:24 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
    + 2011-10-15 21:26 . 2011-10-15 21:26 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
    + 2011-08-28 00:18 . 2011-08-28 00:18 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
    + 2011-08-28 00:34 . 2011-08-28 00:34 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll
    + 2011-10-15 22:21 . 2011-10-15 22:21 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6303e256d2ac0843c3e4c24172c90544\System.Web.Services.ni.dll
    + 2011-10-15 22:21 . 2011-10-15 22:21 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\f5dac0448a1dbe2687a5df92904d6274\System.Web.Mobile.ni.dll
    + 2011-08-28 00:34 . 2011-08-28 00:34 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll
    + 2011-10-15 22:21 . 2011-10-15 22:21 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\ccaf6bdd256a9b5079fedadcc8993327\System.Web.Extensions.ni.dll
    + 2011-08-28 00:33 . 2011-08-28 00:33 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll
    + 2011-08-28 00:20 . 2011-08-28 00:20 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
    + 2011-10-15 22:07 . 2011-10-15 22:07 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d14065ede44df8e9b5d6b60c5ddccc69\System.IdentityModel.ni.dll
    + 2011-08-28 00:20 . 2011-08-28 00:20 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll
    + 2011-10-15 21:26 . 2011-10-15 21:26 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
    + 2011-08-28 00:18 . 2011-08-28 00:18 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\91cd88a803768151c6262853d3454ba7\System.DirectoryServices.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll
    + 2011-10-15 21:25 . 2011-10-15 21:25 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
    + 2011-08-28 00:18 . 2011-08-28 00:18 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ef748704f543a8791e23387652d34dfb\System.Data.SqlXml.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll
    + 2011-08-28 00:22 . 2011-08-28 00:22 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll
    + 2011-10-15 22:09 . 2011-10-15 22:09 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\d507b9e0e50e453793ee5e01c07a5485\System.Core.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce1ecd602ca089eb13a9b428dc7f0449\Microsoft.Transactions.Bridge.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\50e7c5eb58c982dba7b21cd10a69b095\Microsoft.Build.Tasks.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\eea7bcc8d356e3f2dcb4f36dfc1c6bc0\Microsoft.Build.Engine.ni.dll
    + 2011-08-28 00:21 . 2011-08-28 00:21 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
    - 2010-10-04 16:40 . 2010-10-04 16:40 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
    - 2010-10-04 16:40 . 2010-10-04 16:40 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
    - 2010-10-04 16:41 . 2010-10-04 16:41 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
    + 2011-10-15 21:22 . 2011-10-15 21:22 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
    + 2005-09-21 19:32 . 2006-05-05 06:26 2808832 c:\windows\alcwzrd.exe
    + 2011-10-15 21:17 . 2011-06-02 14:02 1858944 c:\windows\$NtUninstallKB2567053$\win32k.sys
    + 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 1214464 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\urlmon.dll
    + 2011-10-13 16:11 . 2011-10-03 08:34 5972992 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 2001408 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\iertutil.dll
    + 2011-09-06 13:25 . 2011-09-06 13:25 1867904 c:\windows\$hf_mig$\KB2567053\SP3QFE\win32k.sys
    + 2011-08-28 00:04 . 2011-06-23 18:33 1214464 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\urlmon.dll
    + 2011-08-28 00:04 . 2011-07-25 15:15 5971456 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
    + 2011-08-28 00:04 . 2011-06-23 18:33 1992192 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iertutil.dll
    + 2011-06-02 14:07 . 2011-06-02 14:07 1867904 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys
    + 2011-06-16 09:59 . 2011-04-25 16:09 1213952 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\urlmon.dll
    + 2011-06-16 09:59 . 2011-05-30 22:17 5967360 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 1992192 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iertutil.dll
    + 2011-03-03 13:27 . 2011-03-03 13:27 1866880 c:\windows\$hf_mig$\KB2506223\SP3QFE\win32k.sys
    + 2011-04-20 18:58 . 2011-02-22 23:27 1212928 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\urlmon.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 5964800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
    + 2011-04-20 18:58 . 2011-02-22 23:27 1992192 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iertutil.dll
    + 2011-01-21 14:42 . 2011-01-21 14:42 8463360 c:\windows\$hf_mig$\KB2483185\SP3QFE\shell32.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 1211904 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\urlmon.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 5962240 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 1992192 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iertutil.dll
    + 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
    + 2010-12-31 13:14 . 2010-12-31 13:14 1864064 c:\windows\$hf_mig$\KB2479628\SP3QFE\win32k.sys
    + 2010-10-26 13:27 . 2010-10-26 13:27 1862272 c:\windows\$hf_mig$\KB2436673\SP3QFE\win32k.sys
    + 2010-12-15 07:31 . 2010-11-06 00:27 1211904 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\urlmon.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 5960704 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
    + 2010-12-15 07:31 . 2010-11-06 00:27 1992192 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\iertutil.dll
    + 2011-02-09 01:57 . 2010-12-09 13:43 2192768 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
    + 2011-02-09 01:57 . 2010-12-09 13:09 2027008 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe
    + 2010-12-09 23:39 . 2010-12-09 23:39 2069376 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
    + 2011-02-09 01:57 . 2010-12-09 13:47 2148864 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe
    + 2011-12-22 21:25 . 2005-09-22 17:36 14854144 c:\windows\system32\ReinstallBackups\0006\DriverFiles\RTHDCPL.EXE
    + 2008-07-24 05:00 . 2011-12-21 04:05 52988224 c:\windows\system32\MRT.exe
    + 2007-08-13 22:54 . 2011-11-04 19:20 11081728 c:\windows\system32\ieframe.dll
    + 2008-07-24 04:59 . 2011-11-04 19:20 11081728 c:\windows\system32\dllcache\ieframe.dll
    + 2005-09-22 17:36 . 2006-11-15 07:21 16270848 c:\windows\RTHDCPL.exe
    + 2011-03-28 08:27 . 2011-03-28 08:27 15456256 c:\windows\Installer\f767c75.msp
    + 2011-07-26 21:33 . 2011-07-26 21:33 10984448 c:\windows\Installer\64e5241.msp
    + 2011-06-08 04:39 . 2011-06-08 04:39 19798016 c:\windows\Installer\63ab6.msp
    + 2011-02-24 13:38 . 2011-02-24 13:38 10984448 c:\windows\Installer\6249780f.msp
    + 2011-02-12 00:47 . 2011-02-12 00:47 12028928 c:\windows\Installer\624977e1.msp
    + 2011-07-12 01:43 . 2011-07-12 01:43 11641344 c:\windows\Installer\235a8da8.msp
    + 2011-09-15 23:37 . 2011-09-15 23:37 38176256 c:\windows\Installer\2183a2.msp
    + 2011-04-14 05:12 . 2011-04-14 05:12 26428928 c:\windows\Installer\1b212f4f.msi
    + 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\1144de.msp
    + 2010-09-23 07:03 . 2010-09-23 07:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0400000010\9.4.0\AcroRd32.dll
    + 2011-08-30 13:40 . 2011-08-30 13:40 15145832 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\XL12CNV.EXE
    + 2011-12-21 04:10 . 2011-08-23 22:48 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
    + 2011-10-15 21:16 . 2011-06-23 18:36 11081728 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll
    + 2011-08-28 00:09 . 2011-04-26 15:11 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
    + 2011-06-16 16:48 . 2011-02-22 23:06 11080704 c:\windows\ie8updates\KB2530548-IE8\ieframe.dll
    + 2011-04-28 00:54 . 2010-12-21 10:29 11080704 c:\windows\ie8updates\KB2497640-IE8\ieframe.dll
    + 2011-02-09 08:01 . 2010-11-06 00:26 11080704 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll
    + 2010-12-15 08:05 . 2010-09-10 05:58 11080192 c:\windows\ie8updates\KB2416400-IE8\ieframe.dll
    + 2011-09-29 15:03 . 2011-09-29 15:03 11608064 c:\windows\ERDNT\AutoBackup\9-29-2011\Users\00000001\ntuser.dat
    + 2011-12-10 04:09 . 2011-12-10 04:09 11763712 c:\windows\ERDNT\AutoBackup\12-9-2011\Users\00000001\ntuser.dat
    + 2011-12-05 23:36 . 2011-12-05 23:36 11743232 c:\windows\ERDNT\AutoBackup\12-5-2011\Users\00000001\ntuser.dat
    + 2011-12-30 17:15 . 2011-12-30 17:15 11788288 c:\windows\ERDNT\AutoBackup\12-30-2011\Users\00000001\ntuser.dat
    + 2011-12-25 03:21 . 2011-12-25 03:21 11788288 c:\windows\ERDNT\AutoBackup\12-24-2011\Users\00000001\ntuser.dat
    + 2011-12-23 08:24 . 2011-12-23 08:24 11788288 c:\windows\ERDNT\AutoBackup\12-23-2011\Users\00000001\ntuser.dat
    + 2011-12-22 18:01 . 2011-12-22 18:01 11788288 c:\windows\ERDNT\AutoBackup\12-22-2011\Users\00000001\ntuser.dat
    + 2011-12-21 08:28 . 2011-12-21 08:28 11788288 c:\windows\ERDNT\AutoBackup\12-21-2011\Users\00000001\ntuser.dat
    + 2011-12-20 14:40 . 2011-12-20 14:40 11788288 c:\windows\ERDNT\AutoBackup\12-20-2011\Users\00000001\ntuser.dat
    + 2011-12-14 17:39 . 2011-12-14 17:39 11771904 c:\windows\ERDNT\AutoBackup\12-14-2011\Users\00000001\ntuser.dat
    + 2011-12-10 15:49 . 2011-12-10 15:49 11763712 c:\windows\ERDNT\AutoBackup\12-10-2011\Users\00000001\ntuser.dat
    + 2011-12-01 19:25 . 2011-12-01 19:25 11743232 c:\windows\ERDNT\AutoBackup\12-1-2011\Users\00000001\ntuser.dat
    + 2011-11-07 16:51 . 2011-11-07 16:51 11694080 c:\windows\ERDNT\AutoBackup\11-7-2011\Users\00000001\ntuser.dat
    + 2011-11-06 00:05 . 2011-11-06 00:05 11694080 c:\windows\ERDNT\AutoBackup\11-5-2011\Users\00000001\ntuser.dat
    + 2011-11-30 17:34 . 2011-11-30 17:34 11735040 c:\windows\ERDNT\AutoBackup\11-30-2011\Users\00000001\ntuser.dat
    + 2011-11-27 03:39 . 2011-11-27 03:39 11735040 c:\windows\ERDNT\AutoBackup\11-26-2011\Users\00000001\ntuser.dat
    + 2011-11-25 19:10 . 2011-11-25 19:10 11743232 c:\windows\ERDNT\AutoBackup\11-25-2011\Users\00000001\ntuser.dat
    + 2011-11-25 02:33 . 2011-11-25 02:33 11739136 c:\windows\ERDNT\AutoBackup\11-24-2011\Users\00000001\ntuser.dat
    + 2011-11-21 19:21 . 2011-11-21 19:21 11735040 c:\windows\ERDNT\AutoBackup\11-21-2011\Users\00000001\ntuser.dat
    + 2011-11-19 20:22 . 2011-11-19 20:22 11730944 c:\windows\ERDNT\AutoBackup\11-19-2011\Users\00000001\ntuser.dat
    + 2011-11-15 07:06 . 2011-11-15 07:06 11714560 c:\windows\ERDNT\AutoBackup\11-15-2011\Users\00000001\ntuser.dat
    + 2011-11-15 01:20 . 2011-11-15 01:20 11714560 c:\windows\ERDNT\AutoBackup\11-14-2011\Users\00000001\ntuser.dat
    + 2011-10-09 00:29 . 2011-10-09 00:29 11620352 c:\windows\ERDNT\AutoBackup\10-8-2011\Users\00000001\ntuser.dat
    + 2011-10-07 19:56 . 2011-10-07 19:56 11616256 c:\windows\ERDNT\AutoBackup\10-7-2011\Users\00000001\ntuser.dat
    + 2011-10-31 16:42 . 2011-10-31 16:42 11694080 c:\windows\ERDNT\AutoBackup\10-31-2011\Users\00000001\ntuser.dat
    + 2011-10-29 14:17 . 2011-10-29 14:17 11694080 c:\windows\ERDNT\AutoBackup\10-29-2011\Users\00000001\ntuser.dat
    + 2011-10-27 10:24 . 2011-10-27 10:24 11694080 c:\windows\ERDNT\AutoBackup\10-27-2011\Users\00000001\ntuser.dat
    + 2011-10-19 20:09 . 2011-10-19 20:09 11694080 c:\windows\ERDNT\AutoBackup\10-19-2011\Users\00000001\ntuser.dat
    + 2011-10-16 18:16 . 2011-10-16 18:16 11677696 c:\windows\ERDNT\AutoBackup\10-16-2011\Users\00000001\ntuser.dat
    + 2012-01-02 05:14 . 2012-01-02 05:14 11792384 c:\windows\ERDNT\AutoBackup\1-1-2012\Users\00000001\ntuser.dat
    + 2011-04-03 07:47 . 2011-04-03 07:47 11128832 c:\windows\ERDNT\4-3-2011\Users\00000001\ntuser.dat
    + 2011-03-30 04:57 . 2011-03-30 04:57 11128832 c:\windows\ERDNT\3-30-2011\Users\00000001\ntuser.dat
    + 2011-03-27 16:58 . 2011-03-27 16:58 11128832 c:\windows\ERDNT\3-27-2011\Users\00000001\ntuser.dat
    + 2011-08-28 00:18 . 2011-08-28 00:18 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
    + 2011-10-15 21:26 . 2011-10-15 21:26 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
    + 2011-10-15 22:09 . 2011-10-15 22:09 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
    + 2011-08-28 00:22 . 2011-08-28 00:22 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
    + 2011-08-28 00:20 . 2011-08-28 00:20 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll
    + 2011-10-15 22:08 . 2011-10-15 22:08 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ceadaf3b3d017c7a1ef10a06f8009f6f\System.ServiceModel.ni.dll
    + 2011-10-15 21:26 . 2011-10-15 21:26 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\c6374d32e4af7b7e3e46b32176f76558\System.Design.ni.dll
    + 2011-08-28 00:18 . 2011-08-28 00:18 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038c8e2e41415657db8fc\System.Design.ni.dll
    + 2011-08-28 00:17 . 2011-08-28 00:17 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll
    + 2011-10-15 21:25 . 2011-10-15 21:25 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll
    + 2011-10-15 21:24 . 2011-10-15 21:24 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll
    + 2011-08-28 00:17 . 2011-08-28 00:17 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03eca57419c4f0e884092ee\PresentationCore.ni.dll
    + 2011-10-15 21:23 . 2011-10-15 21:23 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
    + 2011-07-07 04:33 . 2011-07-07 04:33 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
    + 2011-10-13 16:11 . 2011-08-22 23:47 11084288 c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\ieframe.dll
    + 2011-06-25 06:03 . 2011-06-25 06:03 11083776 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieframe.dll
    + 2011-06-16 09:59 . 2011-04-25 16:09 11083776 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll
    + 2011-02-23 08:57 . 2011-02-23 08:57 11082752 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieframe.dll
    + 2011-02-09 01:57 . 2010-12-20 23:58 11082752 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieframe.dll
    + 2010-11-06 10:57 . 2010-11-06 10:57 11082752 c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\ieframe.dll
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-08-18 5137648]
    "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
    "Personal Assistant"="c:\program files\Shelltoys\Personal Assistant\assistant.exe" [2003-03-05 456704]
    "RCUI"="c:\program files\RingCentral\RingCentral Call Controller\RCUI.exe" [2011-02-02 500992]
    "RCHotKey"="c:\program files\RingCentral\RingCentral Call Controller\RCHotKey.exe" [2011-02-02 38144]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 19550344]
    "Chit Chat for Facebook"="c:\program files\Chit Chat For Facebook\CCFFacebook.exe" [2011-11-22 3788288]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "rmtemp"="c:\dostools\rmtemp.bat" [2010-03-08 860]
    "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-02-10 745472]
    "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
    "LogMeIn GUI"="d:\notes\LogMeIn\x86\LogMeInSystray.exe" [2010-05-31 63048]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-02-09 2621440]
    "KodakShareButtonApp"="c:\program files\Kodak\KODAK Share Button App\Listener.exe" [2011-03-07 107008]
    "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-19 258512]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "RTHDCPL"="RTHDCPL.EXE" [2006-11-15 16270848]
    "SkyTel"="SkyTel.EXE" [2006-05-17 2879488]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
    .
    c:\documents and settings\Michelle\Start Menu\Programs\Startup\
    ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2011-6-29 217088]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
    Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2011-2-23 323584]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
    2009-08-26 18:40 16680 ------w- c:\program files\Citrix\GoToAssist\570\g2awinlogon.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
    2011-12-15 19:24 87424 -c--a-w- c:\windows\system32\LMIinit.dll
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
    backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Michelle^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk]
    path=c:\documents and settings\Michelle\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    backup=c:\windows\pss\ERUNT AutoBackup.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2011-03-30 04:59 937920 -c--a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2011-09-07 22:58 37296 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
    2010-11-02 23:09 1862456 -c--a-w- c:\program files\CCleaner\CCleaner.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eFax 4.4]
    2008-07-31 23:40 95744 ----a-w- c:\program files\eFax Messenger 4.4\J2GDllCmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2009-10-30 08:07 133104 -c--atw- c:\documents and settings\Michelle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
    2007-01-01 21:22 3739648 -c--a-w- c:\program files\Google\Google Talk\googletalk.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
    2006-11-13 17:39 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
    2008-09-01 15:08 173304 -c--a-w- c:\program files\ICQ6\ICQ.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
    2011-12-24 23:50 981680 -c--a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfFactory Dispatcher v3]
    2008-04-18 16:24 520192 -c--a-w- c:\windows\system32\spool\drivers\w32x86\3\fppdis3a.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Personal Assistant]
    2003-03-05 18:02 456704 ----a-w- c:\program files\Shelltoys\Personal Assistant\assistant.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    2006-11-15 07:21 16270848 -c--a-w- c:\windows\RTHDCPL.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
    2009-03-04 04:18 61440 -c--a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\ICQ6\\ICQ.exe"=
    "c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "c:\\Documents and Settings\\Michelle\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
    "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
    "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
    "c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
    "c:\\Program Files\\CrashPlan\\CrashPlanService.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
    .
    R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [10/29/2011 9:05 AM 36000]
    R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10/29/2011 9:05 AM 86224]
    R2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [6/29/2011 3:22 AM 152576]
    R2 LMIGuardianSvc;LMIGuardianSvc;d:\notes\LogMeIn\x86\LMIGuardianSvc.exe [9/16/2010 4:49 PM 374152]
    R2 LMIInfo;LogMeIn Kernel Information Provider;d:\notes\LogMeIn\x86\rainfo.sys [5/31/2010 9:31 AM 12856]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/1/2012 11:25 PM 652872]
    R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [3/21/2011 10:17 AM 196928]
    R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [3/21/2011 10:17 AM 68928]
    R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2/22/2011 6:17 PM 245760]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/1/2012 11:25 PM 20464]
    R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\drivers\stdriver32.sys [7/25/2010 2:56 AM 49208]
    S2 AviraUpgradeService;Avira Upgrade Service;"c:\windows\TEMP\AVSETUP_4eac0d84\avupgsvc.exe" /TEMPSTART:""c:\windows\TEMP\AVSETUP_4eac0d84\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE" --> c:\windows\TEMP\AVSETUP_4eac0d84\avupgsvc.exe [?]
    S2 bomgar-scc-1291058205;Bomgar Support Customer Client [1291058205];"c:\documents and settings\All Users\Application Data\Bomgar-SCC-4CF3FC1D\bomgar-scc.exe" -service:run --> c:\documents and settings\All Users\Application Data\Bomgar-SCC-4CF3FC1D\bomgar-scc.exe [?]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/15/2011 5:46 PM 136176]
    S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
    S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2/22/2011 6:17 PM 71424]
    S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [2/22/2011 6:17 PM 11520]
    S3 cpuz129;cpuz129;\??\c:\docume~1\Michelle\LOCALS~1\Temp\cpuz_x32.sys --> c:\docume~1\Michelle\LOCALS~1\Temp\cpuz_x32.sys [?]
    S3 cpuz135;cpuz135;\??\c:\docume~1\Michelle\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys --> c:\docume~1\Michelle\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/15/2011 5:46 PM 136176]
    S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [12/10/2010 5:17 PM 27064]
    S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\DRIVERS\RT2860.sys --> c:\windows\system32\DRIVERS\RT2860.sys [?]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - JAVAQUICKSTARTERSERVICE
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2010-08-04 c:\windows\Tasks\expressripShakeIcon.job
    - c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2010-07-25 08:57]
    .
    2012-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-15 23:45]
    .
    2012-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-15 23:45]
    .
    2012-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003Core.job
    - c:\documents and settings\Michelle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-30 08:07]
    .
    2012-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1844237615-839522115-1003UA.job
    - c:\documents and settings\Michelle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-30 08:07]
    .
    2012-01-02 c:\windows\Tasks\SDMsgUpdate (TE).job
    - c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2010-04-21 16:21]
    .
    2010-08-04 c:\windows\Tasks\soundtapShakeIcon.job
    - c:\program files\NCH Swift Sound\SoundTap\soundtap.exe [2010-07-25 08:56]
    .
    2010-08-01 c:\windows\Tasks\switchShakeIcon.job
    - c:\program files\NCH Swift Sound\Switch\switch.exe [2010-07-25 08:55]
    .
    2012-01-02 c:\windows\Tasks\User_Feed_Synchronization-{AF2BBE8E-6664-4FF1-98F7-FD126014864A}.job
    - c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]
    .
    2010-08-04 c:\windows\Tasks\wavepadShakeIcon.job
    - c:\program files\NCH Swift Sound\WavePad\wavepad.exe [2010-07-25 08:56]
    .
    .
    ------- Supplementary Scan -------
    .
    uInternet Settings,ProxyOverride = *.local
    IE: Add to &Evernote - c:\program files\Evernote\Evernote3.5\enbar.dll/2000
    Trusted Zone: exoticpublishing.com
    TCP: DhcpNameServer = 8.15.12.5 8.5.244.6
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
    DPF: {CF25C291-E91C-11D3-873F-0000B4A2973D} - hxxp://service.ringcentral.com/ActiveX/RingCentral_Message_Player.cab
    FF - ProfilePath - c:\documents and settings\Michelle\Application Data\Mozilla\Firefox\Profiles\vc1po946.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.exoticpublishing.com/adminDB/freelancers_maintenance.php|http://exoticpublishing.hyperoffice...p://www.odesk.com|http://66.7.214.224/cpanel/
    FF - prefs.js: network.proxy.http - http://proxy.uconn.edu:3000/proxy.pac
    FF - prefs.js: network.proxy.type - 0
    FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
    .
    - - - - ORPHANS REMOVED - - - -
    .
    MSConfigStartUp-Carbonite Backup - c:\program files\Carbonite\Carbonite Backup\CarboniteUI.exe
    MSConfigStartUp-nTrayFw - c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-01-02 14:34
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bomgar-scc-1291058205]
    "ImagePath"="\"c:\documents and settings\All Users\Application Data\Bomgar-SCC-4CF3FC1D\bomgar-scc.exe\" -service:run"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'winlogon.exe'(784)
    c:\windows\system32\Ati2evxx.dll
    c:\program files\Citrix\GoToAssist\570\G2AWinLogon.dll
    c:\windows\system32\LMIinit.dll
    .
    Completion time: 2012-01-02 14:37:28
    ComboFix-quarantined-files.txt 2012-01-02 20:37
    ComboFix2.txt 2010-11-19 06:51
    ComboFix3.txt 2009-11-20 07:20
    .
    Pre-Run: 122,941,370,368 bytes free
    Post-Run: 123,001,331,712 bytes free
    .
    - - End Of File - - 393E849891D23EBA1E5E7823185526B1
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1032380