Unable to run Spybot or Malwarebytes program(RESOLVED)

twan1971 · #1 (**permalink**) 01-03-2009, 06:43 PM

Hi All,

My desktop PC starting acting up and not allowing normal internet browsing. When I try to run Spybot and Malwarebytes programs, the hour glass shows up for a few seconds and then nothing happens. I was able to run Avira program, and quarantined whatever it found. Right now, I'm unable to access the other programs to check for more viruses.

Also, I have 3 users set up for my desktop, myself, my fiance and one for my children. Will the anti-virus / anti-malware find entries under each user name?

In the meantime, I will be trying to run spybot and malwarebytes from a flash drive.

Here is my hijackthis log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10

36 AM, on 3/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: BHO - {C9C42510-9B21-41c1-9DCD-8382A2D07C61} - C:\WINDOWS\system32\iehelper.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 - Toolbar: Mirar - {9D196D04-F9DA-4894-9CD6-994473C96FB8} - C:\WINDOWS\system32\wineg77.dll (file missing)
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Chatango] C:\Program Files\Chatango\Chatango.exe
O4 - HKCU\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - HKCU\..\Run: [rundll32.exe] rundll32.exe "C:\Documents and Settings\Twan\Application Data\Macromedia\Common\9e5ae0141.dll""
O4 - HKUS\S-1-5-19\..\Run: [rundll32.exe] rundll32.exe "C:\Documents and Settings\LocalService\Application Data\Macromedia\Common\9e5ae0141.dll"" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [rundll32.exe] rundll32.exe "C:\Documents and Settings\NetworkService\Application Data\Macromedia\Common\9e5ae0141.dll"" (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - Comcast.net Home (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - Comcast Help & Support (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - Comcast Help & Support (file missing)
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.att.net
O16 - DPF: Starfield Technologies - http://video.secureserver.net/plugin...chnologies.CAB
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {416792D8-F532-493A-BECC-1C99A1501FF9} (vmLaunch Class) - http://media2.comcast.net/anon.comca...mLauncher2.cab
O16 - DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} (SupportSoft External Control) - https://actsvr.comcastonline.com/tec...20Controls.cab
O16 - DPF: {475DF11A-2BC2-41A9-8A97-E989E023E517} (SetupComponent Class) - http://gw.us.hanjin.com/ezIcd.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1134438539750
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9E1C0C21-48B8-455A-9005-48C8D78B7900} (ezLauncher Class) - http://gw.us.hanjin.com/ezIcd2.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MrHealthy (MrHealthyService) - Symantec Corporation - C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Pem4sfgesvc - VSO Software - (no file)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe

--
End of file - 14367 bytes

Neal · #2 (**permalink**) 02-03-2009, 12:29 AM

It looks like you have two anti-virus programs running, you should uninstall one of them as many problems can occur if more then one is running.

Try renameing malwarebytes to something else like scanme.exe and then try it.

Malwarebytes can also be run from safe mode if possible.

You do have several problems looks like.

Yes each account will have to be scanned separately but let's work one account at a time as it can make it confuseing.

twan1971 · #3 (**permalink**) 02-03-2009, 05:52 AM

ok, I successfully changed the .exe file and was able to run malwarebytes. Here is the log

Malwarebytes' Anti-Malware 1.31
Database version: 1456
Windows 5.1.2600 Service Pack 2

3/1/2009 10:46:51 PM
mbam-log-2009-03-01 (22-46-51).txt

Scan type: Full Scan (C:\|)
Objects scanned: 234521
Time elapsed: 1 hour(s), 58 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{c9c42510-9b21-41c1-9dcd-8382a2d07c61} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9c42510-9b21-41c1-9dcd-8382a2d07c61} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\prunnet (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
--------------------------------------------------------------------------------

New HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:25 PM, on 3/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - J:\Spybot - Search & Destroy\SDHelper.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Chatango] C:\Program Files\Chatango\Chatango.exe
O4 - HKCU\..\Run: [rundll32.exe] rundll32.exe "C:\Documents and Settings\Twan\Application Data\Macromedia\Common\9e5ae0141.dll""
O4 - HKCU\..\Run: [SpybotSD TeaTimer] J:\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - Comcast.net Home (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - Comcast Help & Support (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - Comcast Help & Support (file missing)
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - J:\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - J:\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.att.net
O16 - DPF: Starfield Technologies - http://video.secureserver.net/plugin...chnologies.CAB
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {416792D8-F532-493A-BECC-1C99A1501FF9} (vmLaunch Class) - http://media2.comcast.net/anon.comca...mLauncher2.cab
O16 - DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} (SupportSoft External Control) - https://actsvr.comcastonline.com/tec...20Controls.cab
O16 - DPF: {475DF11A-2BC2-41A9-8A97-E989E023E517} (SetupComponent Class) - http://gw.us.hanjin.com/ezIcd.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1134438539750
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9E1C0C21-48B8-455A-9005-48C8D78B7900} (ezLauncher Class) - http://gw.us.hanjin.com/ezIcd2.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Pem4sfgesvc - VSO Software - (no file)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe

--
End of file - 13464 bytes
-------------------------------------------------------------------------------
I have tried to uninstall that mcafee about 10 times....It told me to download an "uninstall program" but still won't unistall.

twan1971 · #4 (**permalink**) 03-03-2009, 04:37 AM

I think I was able to uninstall mcafee this time. i'm also having that search engine problem that I saw another individual post on. i was searching for a rundll32.exe file (on the internet to see what it was) and it pulls up a results screen that is formatted totally different from normal. If I click a link it takes me to some off the wall site. I've tried to search/update my ad-aware and when typing in the lavasoft directly into the address bar, it returns a search results screen. When I click on lavasoft, i'm redirected to noman's land....help me please

Neal · #5 (**permalink**) 03-03-2009, 11:41 PM

Visit this page below to familiarize yourself to the tool below and download from one of the links provided.

A guide and tutorial on using ComboFix

If you have previously downloaded ComboFix,please delete that version now.

It is IMPORTANT that it is saved directly to your desktop

Close any open browsers.

Disconnect from the Internet.

Please do not re-connect your machine back to the Internet until Combofix has completely finished.

Disable your antivirus program and any realtime malware scanners and script blockers now

How To Disable

Double click on combofix.exe and follow the prompts.

When it's finished it will produce a log.
Post the entire contents of C:\ComboFix.txt into your next reply.

Note:
Do not mouseclick combofix's window while it's running.

That may cause the program to freeze/hang.

Do NOT post the ComboFix-quarantined-files.txt unless I ask.

Re-enable your anti-virus and re-connect back to the internet and post the combofix log.

*Note*
In case your Antivirus or any other realtime scanner is displaying an alert after you downloaded Combofix or while you use Combofix,please disable your scanner and redownload Combofix again.
Some scanners may see some combofix related components as suspicious and block or delete them while there's nothing wrong with them.

ComboFix SHOULD NOT be used unless requested by a forum helper.

twan1971 · #6 (**permalink**) 04-03-2009, 03:57 AM

How or where can I find the recovery console? Combofix asked if I wanted to install it, but said I had to be connected to the internet. I said no to continue the scan.
Here is my combofix log
-------------------------------------------------------------------------------------------------------------

ComboFix 09-03-02.03 - Twan 2009-03-03 20:10:10.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.638.388 [GMT -6:00]
Running from: c:\documents and settings\Twan\Desktop\dal.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
ADS - WINDOWS: deleted 72 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Brian\Application Data\inst.exe
c:\windows\IE4 Error Log.txt
c:\windows\patch.exe
c:\windows\system32\config\systemprofile\Applicati on Data\Macromedia\Common
c:\windows\system32\drivers\UACggiqtltd.sys
c:\windows\system32\UACaqaoeiny.dll
c:\windows\system32\UACivaksdwd.log
c:\windows\system32\UACmohgfskk.dll
c:\windows\system32\UACpfrfxkaj.dll
c:\windows\system32\UACqvbmemko.dat
c:\windows\system32\UACvdlhawbw.log
c:\windows\system32\UACxbkdegea.dll
c:\windows\system32\UACysxnedvl.log
c:\windows\wiaservv.log
F:\Autorun.inf
G:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys

((((((((((((((((((((((((( Files Created from 2009-02-04 to 2009-03-04 )))))))))))))))))))))))))))))))
.

2009-03-03 19:56 . 2009-03-03 19:57 <DIR> d-------- C:\Combo
2009-02-26 18:13 . 2009-03-03 05:55 5,516 --a------ c:\windows\SYSTEM32\uacinit.dll
2009-02-09 23:01 . 2009-02-09 23:01 <DIR> d--hs---- c:\windows\ftpcache
2009-02-09 22:42 . 2009-02-09 22:42 <DIR> d-------- c:\documents and settings\Brian\Application Data\Smith Micro
2009-02-09 22:36 . 2008-06-05 01:59 222,552 --------- c:\windows\RM.exe
2009-02-09 22:35 . 2009-02-19 20:05 <DIR> d-------- c:\program files\Sprint Instinct Applications
2009-02-09 22:35 . 2009-02-09 22:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Tarma Installer
2009-02-09 22:24 . 2007-07-03 18:58 106,792 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdmdm.sys
2009-02-09 22:24 . 2007-07-03 18:57 11,944 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdmdfl.sys
2009-02-09 22:24 . 2007-07-03 18:56 9,256 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdcmnt.sys
2009-02-09 22:24 . 2007-07-03 18:56 9,256 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdcm.sys
2009-02-09 22:23 . 2007-07-03 18:54 80,552 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdbus.sys
2009-02-09 22:23 . 2007-07-03 19:00 9,256 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdwhnt.sys
2009-02-09 22:23 . 2007-07-03 19:00 9,256 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdwh.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-03-03 03:49 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-03 03:49 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-02 02:46 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-03-01 17:11 --------- d-----w c:\program files\Common Files\Research In Motion
2009-03-01 01:38 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-28 18:17 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2009-02-24 23:06 --------- d-----w c:\program files\Safari
2009-02-07 23:36 --------- d-s---w c:\program files\mIRC Power Pack
2009-01-19 20:43 --------- d-----w c:\program files\Bonjour
2009-01-19 20:41 --------- d-----w c:\program files\iTunes
2009-01-19 20:41 --------- d-----w c:\program files\iPod
2009-01-19 20:41 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-19 20:38 --------- d-----w c:\program files\QuickTime
2009-01-19 20:36 --------- d-----w c:\program files\Common Files\Apple
2009-01-15 15:16 --------- d-----w c:\documents and settings\All Users\Application Data\Comcast
2009-01-11 23:25 47,360 ----a-w c:\documents and settings\Brian\Application Data\pcouffin.sys
2009-01-11 23:25 --------- d-----w c:\documents and settings\Brian\Application Data\Vso
2009-01-08 23:59 18,816 ----a-w c:\windows\system32\drivers\dvd43llh.sys
2009-01-08 23:59 --------- d-----w c:\program files\SlySoft
2009-01-08 23:59 --------- d-----w c:\program files\dvd43
2008-12-20 23:15 826,368 ----a-w c:\windows\SYSTEM32\wininet.dll
2008-12-12 17:18 87,336 ----a-w c:\windows\SYSTEM32\dns-sd.exe
2008-12-12 17:11 61,440 ----a-w c:\windows\SYSTEM32\dnssd.dll
2008-07-03 04:34 87,608 ----a-w c:\documents and settings\Brian\Application Data\ezpinst.exe
2006-11-25 00:57 9,583,328 ----a-w c:\documents and settings\Lil Brian\DesktopDoctor1.5.4.exe
2006-03-03 23:49 284 ----a-w c:\documents and settings\Brian\Application Data\ViewerApp.dat
2005-07-16 20:29 3,932 ----a-w c:\documents and settings\Twan\Application Data\LMLayout.dat
2005-07-16 20:29 268 ----a-w c:\documents and settings\Twan\Application Data\LMCPaper.dat
2005-05-09 18:20 3,932 -c--a-w c:\documents and settings\Brian\Application Data\LMLayout.dat
2005-05-09 18:20 268 ----a-w c:\documents and settings\Brian\Application Data\LMCPaper.dat
2002-01-18 12:52 3,932 -c----w c:\documents and settings\LocalService\Application Data\LMLayout.dat
2008-08-03 16:47 32,768 --sha-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\MSHist012008080320080 804\index.dat
.

((((((((((((((((((((((((((((( snapshot@2008-09-01_21.13.05.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-27 17:31:16 765,952 ----a-w c:\windows\$hf_mig$\KB938127-v2-IE7\SP2QFE\vgx.dll
+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB938127-v2-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB938127-v2-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB938127-v2-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB938127-v2-IE7\update\update.exe
+ 2007-03-06 01:23:47 371,424 ----a-w c:\windows\$hf_mig$\KB938127-v2-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:20:44 755,576 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2008-05-02 13:30:08 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:49 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:42:10 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:20:44 755,576 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-07-07 20:06:43 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:18 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:39:39 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-12 05:22:26 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:31 755,576 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-05-01 15:04:00 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:33:02 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:38:05 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:28:00 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:10 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 16:01:38 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 16:01:38 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 16:01:39 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 16:01:39 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 16:01:39 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 16:01:39 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 16:01:39 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 16:01:40 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 16:01:40 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 16:01:43 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 16:01:43 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 16:01:44 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 16:01:46 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 16:01:46 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 16:01:46 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 16:01:49 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 16:01:49 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 16:01:49 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 16:01:50 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 16:01:50 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 16:01:50 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 16:01:50 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 16:01:51 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 16:01:51 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 16:01:51 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-09-15 12:17:07 1,846,912 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 12:12:56 1,846,400 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 12:25:27 1,846,912 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-10-03 09:57:49 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP2QFE\strmdll.dll
+ 2008-10-03 10:02:42 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3GDR\strmdll.dll
+ 2008-10-03 09:49:31 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB954600\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB954600\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB954600\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB954600\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB954600\update\updspapi.dll
+ 2008-09-04 16:32:52 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP2QFE\msxml3.dll
+ 2008-09-04 17:15:04 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3GDR\msxml3.dll
+ 2008-09-04 17:12:27 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe
+ 2008-07-09 19:08:38 382,840 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll
+ 2008-10-22 09:47:25 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-08-26 09:08:35 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:08:36 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:08:36 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:08:36 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:08:36 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:08:36 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:08:36 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:28:12 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:08:36 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:08:37 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 17:26:50 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:08:39 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:08:39 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05

16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:08:40 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:08:40 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:08:40 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:08:43 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:08:43 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:08:44 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:08:44 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:08:44 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:08:44 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:08:44 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:08:45 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:08:45 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:08:45 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36 14,048 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-10-23 12:51:04 284,160 ----a-w c:\windows\$hf_mig$\KB956802\SP2QFE\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3GDR\gdi32.dll
+ 2008-10-23 12:43:42 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:02:01 17,272 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:02:02 231,288 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:02:01 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 09:55:01 2,142,720 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlmp.exe
+ 2008-08-14 09:18:44 2,062,976 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
+ 2008-08-14 09:18:46 2,020,864 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrpamp.exe
+ 2008-08-14 09:57:20 2,185,984 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
+ 2008-08-14 10:09:26 2,145,280 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 09:33:16 2,066,048 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 09:33:16 2,023,936 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 10:11:02 2,189,184 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 10:39:28 2,145,280 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 20:39:46 2,066,048 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 10:09:44 2,023,936 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 21:11:10 2,189,184 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-10-24 11:25:29 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP2QFE\mrxsmb.sys
+ 2008-10-24 11

09 455,296 ----a-w c:\windows\$hf_mig$\KB957097\SP3GDR\mrxsmb.sys
+ 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys
+ 2008-07-08 13:02:01 17,272 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll
+ 2008-07-08 13:02:02 231,288 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe
+ 2008-07-08 13:02:01 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll
+ 2008-07-08 13:02:04 755,576 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe
+ 2008-07-08 13:02:12 382,840 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll
+ 2008-10-16 20:24:09 124,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\advpack.dll
+ 2008-10-16 20:24:09 347,136 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtmsft.dll
+ 2008-10-16 20:24:09 214,528 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtrans.dll
+ 2008-10-16 20:24:09 132,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\extmgr.dll
+ 2008-10-16 20:24:09 63,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\icardie.dll
+ 2008-10-16 12:46:08 70,656 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe
+ 2008-10-16 20:24:09 153,088 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakeng.dll
+ 2008-10-16 20:24:09 230,400 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieaksie.dll
+ 2008-10-15 06:33:26 161,792 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dat
+ 2008-10-16 20:24:09 380,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dll
+ 2008-10-16 20:24:09 388,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-16 20:24:09 6,068,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll
+ 2008-10-16 20:24:09 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iernonce.dll
+ 2008-10-16 20:24:09 267,776 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll
+ 2008-10-16 12:46:08 13,824 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe
+ 2008-10-15 06:34:58 633,632 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
+ 2008-10-16 20:24:10 27,648 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\jsproxy.dll
+ 2008-10-16 20:24:10 459,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeeds.dll
+ 2008-10-16 20:24:10 52,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeedsbs.dll
+ 2008-10-16 20:24:10 3,595,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
+ 2008-10-16 20:24:10 477,696 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtmled.dll
+ 2008-10-16 20:24:10 193,024 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msrating.dll
+ 2008-10-16 20:24:10 671,232 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mstime.dll
+ 2008-10-16 20:24:10 102,912 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\occache.dll
+ 2008-10-16 20:24:10 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\pngfilt.dll
+ 2008-10-16 20:24:10 105,984 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\url.dll
+ 2008-10-16 20:24:11 1,163,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\urlmon.dll
+ 2008-10-16 20:24:11 233,472 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\webcheck.dll
+ 2008-10-16 20:24:11 827,904 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\updspapi.dll
+ 2008-10-15 16:53:28 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP2QFE\netapi32.dll
+ 2008-10-15 16:34:24 337,408 ----a-w c:\windows\$hf_mig$\KB958644\SP3GDR\netapi32.dll
+ 2008-10-15 16:25:53 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE\netapi32.dll
+ 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll
+ 2008-12-11 10:24:44 333,184 ----a-w c:\windows\$hf_mig$\KB958687\SP2QFE\srv.sys
+ 2008-12-11 10:57:09 333,952 ----a-w c:\windows\$hf_mig$\KB958687\SP3GDR\srv.sys
+ 2008-12-11 12:33:59 333,952 ----a-w c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB958687\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB958687\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB958687\update\spcustom.dll
+ 2007-11-30 11:18:51 755,576 ----a-w c:\windows\$hf_mig$\KB958687\update\update.exe
+ 2007-11-30 11:18:51 382,840 ----a-w c:\windows\$hf_mig$\KB958687\update\updspapi.dll
+ 2008-12-13 06:26:56 3,594,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
+ 2007-03-06 01:22:33 14,048 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spmsg.dll
+ 2007-03-06 01:22:39 213,216 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spuninst.exe
+ 2007-03-06 01:22:31 22,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56 716,000 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\update.exe
+ 2007-03-06 01:23:47 371,424 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\updspapi.dll
+ 2008-07-03 13:03:29 8,460,800 ----a-w c:\windows\$hf_mig$\KB967715\SP2QFE\shell32.dll
+ 2008-02-15 09:06:21 351,744 ----a-w c:\windows\$hf_mig$\KB967715\SP2QFE\xpsp3res.dll
+ 2008-06-17 19:02:19 8,461,312 ----a-w c:\windows\$hf_mig$\KB967715\SP3GDR\shell32.dll
+ 2008-06-17 19:04:34 8,461,824 ----a-w c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll
+ 2008-07-09 07:38:24 17,272 ----a-w c:\windows\$hf_mig$\KB967715\spmsg.dll
+ 2008-07-09 07:38:25 231,288 ----a-w c:\windows\$hf_mig$\KB967715\spuninst.exe
+ 2008-07-09 07:38:24 26,488 ----a-w c:\windows\$hf_mig$\KB967715\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB967715\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB967715\update\updspapi.dll
- 2005-03-21 19:00:20 2,890,240 -c--a-w c:\windows\$MSI31Uninstall_KB893803v2$\msi.dll
+ 2004-08-04 12:00:00 2,804,224 -c----w c:\windows\$MSI31Uninstall_KB893803v2$\msi.dll
+ 2004-08-04 12:00:00 77,312 -c----w c:\windows\$MSI31Uninstall_KB893803v2$\msiexec.exe
+ 2004-08-04 12:00:00 331,264 -c----w c:\windows\$MSI31Uninstall_KB893803v2$\msihnd.dll
+ 2004-08-04 12:00:00 884,736 -c----w c:\windows\$MSI31Uninstall_KB893803v2$\msimsg.dll
+ 2004-08-04 12:00:00 44,032 -c----w c:\windows\$MSI31Uninstall_KB893803v2$\msisip.dll
- 2005-05-04 18:45:26 209,632 -c--a-w c:\windows\$MSI31Uninstall_KB893803v2$\spuninst\sp uninst.exe
+ 2005-05-04 20:45:26 209,632 -c----w c:\windows\$MSI31Uninstall_KB893803v2$\spuninst\sp uninst.exe
- 2005-05-04 18:45:28 371,936 -c--a-w c:\windows\$MSI31Uninstall_KB893803v2$\spuninst\up dspapi.dll
+ 2005-05-04 20:45:28 371,936 -c----w c:\windows\$MSI31Uninstall_KB893803v2$\spuninst\up dspapi.dll
+ 2005-06-28 17:23:24 213,216 -c----w c:\windows\$NtUninstallKB923689$\spuninst\spuninst .exe
+ 2005-06-28 17:23:53 371,424 -c----w c:\windows\$NtUninstallKB923689$\spuninst\updspapi .dll
+ 2005-01-28 17:44:28 2,370,296 -c----w c:\windows\$NtUninstallKB923689$\wmvcore.dll
+ 2004-08-04 12:00:00 294,400 -c----w c:\windows\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:22:34 22,752 -c----w c:\windows\$NtUninstallKB932823-v3$\spcustom.dll
+ 2007-03-06 01:22:36 14,048 -c----w c:\windows\$NtUninstallKB932823-v3$\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB932823-v3$\spuninst.exe
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2007-03-06 01:22:59 716,000 -c----w c:\windows\$NtUninstallKB932823-v3$\update.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB932823-v3$\updspapi.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB938464$\spuninst\spuninst .exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB938464$\spuninst\updspapi .dll
+ 2007-10-27 21:39:36 213,216 -c----w c:\windows\$NtUninstallKB941569$\spuninst\spuninst .exe
+ 2007-10-27 21:39:46 371,424 -c----w c:\windows\$NtUninstallKB941569$\spuninst\updspapi .dll
+ 2005-01-28 17:44:28 224,768 -c----w c:\windows\$NtUninstallKB941569$\wmasf.dll
+ 2004-08-04 07

43 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB946648$\spuninst\spuninst .exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB946648$\spuninst\updspapi .dll
+ 2004-08-04 12:00:00 561,179 -c----w c:\windows\$NtUninstallKB950749$\dao360.dll
+ 2004-08-04 12:00:00 512,029 -c----w c:\windows\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-04 12:00:00 319,517 -c----w c:\windows\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-04 12:00:00 1,507,356 -c----w c:\windows\$NtUninstallKB950749$\msjet40.dll
+ 2004-08-04 12:00:00 358,976 -c----w c:\windows\$NtUninstallKB950749$\msjetol1.dll
+ 2004-08-04 12:00:00 358,976 -c----w c:\windows\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-04 12:00:00 151,583 -c----w c:\windows\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-04 12:00:00 53,279 -c----w c:\windows\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-04 12:00:00 241,693 -c----w c:\windows\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-04 12:00:00 213,023 -c----w c:\windows\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-04 12:00:00 348,189 -c----w c:\windows\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-04 12:00:00 421,919 -c----w c:\windows\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-04 12:00:00 315,423 -c----w c:\windows\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-04 12:00:00 552,989 -c----w c:\windows\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-04 12:00:00 258,077 -c----w c:\windows\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-04 12:00:00 831,519 -c----w c:\windows\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-04 12:00:00 614,429 -c----w c:\windows\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-04 12:00:00 348,189 -c----w c:\windows\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:22:34 22,752 -c----w c:\windows\$NtUninstallKB950749$\spcustom.dll
+ 2007-03-06 01:22:36 14,048 -c----w c:\windows\$NtUninstallKB950749$\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB950749$\spuninst.exe
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\$NtUninstallKB950749$\spuninst\spuninst .exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB950749$\spuninst\updspapi .dll
+ 2007-03-06 01:22:59 716,000 -c----w c:\windows\$NtUninstallKB950749$\update.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\$NtUninstallKB950749$\updspapi.dll
+ 2004-08-04 12:00:00 200,064 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:22 26,488 -c----w c:\windows\$NtUninstallKB950762$\spcustom.dll
+ 2007-11-30 12:39:22 17,272 -c----w c:\windows\$NtUninstallKB950762$\spmsg.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950762$\spuninst.exe
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950762$\spuninst\spuninst .exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB950762$\spuninst\updspapi .dll
+ 2007-11-30 12:39:22 755,576 -c----w c:\windows\$NtUninstallKB950762$\update.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB950762$\updspapi.dll
+ 2004-08-04 12:00:00 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB950974$\spuninst\spuninst .exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB950974$\spuninst\updspapi .dll
+ 2004-08-04 12:00:00 678,400 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951066$\spuninst\spuninst .exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951066$\spuninst\updspapi .dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\updspapi.dll
+ 2007-11-13 11:31:11 60,416 -c----w c:\windows\$NtUninstallKB951072-v2$\tzchange.exe
+ 2004-08-04 12:00:00 274,304 -c----w c:\windows\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:18:51 26,488 -c----w c:\windows\$NtUninstallKB951376-v2$\spcustom.dll
+ 2007-11-30 11:18:51 17,272 -c----w c:\windows\$NtUninstallKB951376-v2$\spmsg.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst.exe
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2007-11-30 11:18:51 755,576 -c----w c:\windows\$NtUninstallKB951376-v2$\update.exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB951376-v2$\updspapi.dll
+ 2004-08-04 12:00:00 1,287,680 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:18:51 26,488 -c----w c:\windows\$NtUninstallKB951698$\spcustom.dll
+ 2007-11-30 11:18:51 17,272 -c----w c:\windows\$NtUninstallKB951698$\spmsg.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951698$\spuninst.exe
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB951698$\spuninst\spuninst .exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951698$\spuninst\updspapi .dll
+ 2007-11-30 12:39:22 755,576 -c----w c:\windows\$NtUninstallKB951698$\update.exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB951698$\updspapi.dll
+ 2004-08-04 12:00:00 100,352 -c----w c:\windows\$NtUninstallKB951748$\6to4svc.dll
+ 2004-08-04 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748$\afd.sys
+ 2004-08-04 12:00:00 148,480 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll
+ 2004-08-04 12:00:00 245,248 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:22 26,488 -c----w c:\windows\$NtUninstallKB951748$\spcustom.dll
+ 2007-11-30 12:39:22 17,272 -c----w c:\windows\$NtUninstallKB951748$\spmsg.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951748$\spuninst.exe
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB951748$\spuninst\spuninst .exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB951748$\spuninst\updspapi .dll
+ 2004-08-04 12:00:00 359,040 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys
+ 2004-08-04 12:00:00 223,616 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys
+ 2007-11-30 12:39:18 755,576 -c----w c:\windows\$NtUninstallKB951748$\update.exe
+ 2007-11-30 12:39:19 382,840 -c----w c:\windows\$NtUninstallKB951748$\updspapi.dll
+ 2005-01-28 17:44:28 96,768 -c----w c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2007-07-27 15:41:48 231,288 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\spun inst.exe
+ 2007-07-27 15:41:48 382,840 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\upds papi.dll
+ 2005-01-28 17:44:28 1,027,072 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll
+ 2006-12-07 05:29:34 2,374,472 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll
+ 2004-08-04 07

42 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB952287$\spuninst\spuninst .exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB952287$\spuninst\updspapi .dll
+ 2004-08-04 12:00:00 73,728 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB952954$\spuninst\spuninst .exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB952954$\spuninst\updspapi .dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB953839$\spuninst\spuninst .exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB953839$\spuninst\updspapi .dll
+ 2007-07-27 15:41:48 231,288 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\spu ninst.exe
+ 2007-07-27 15:41:48 382,840 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\upd spapi.dll
+ 2006-10-19 02:47:20 295,936 -c----w c:\windows\$NtUninstallKB954154_WM11$\wmpeffects.d ll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst .exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi .dll
+ 2004-08-04 12:00:00 1,835,904 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB954600$\spuninst\spuninst .exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB954600$\spuninst\updspapi .dll
+ 2004-08-04 12:00:00 246,302 -c----w c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2004-08-04 12:00:00 1,236,480 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB955069$\spuninst\spuninst .exe
+ 2008-07-09 19:08:38 382,840 -c----w c:\windows\$NtUninstallKB955069$\spuninst\updspapi .dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB955839$\spuninst\spuninst .exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB955839$\spuninst\updspapi .dll
+ 2008-07-14 11:09:18 62,976 -c----w c:\windows\$NtUninstallKB955839$\tzchange.exe
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst .exe
+ 2007-11-30 12:39:22 382,840 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi .dll
+ 2004-08-04 12:00:00 278,016 -c----w c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB956802$\spuninst\spuninst .exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB956802$\spuninst\updspapi .dll
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst .exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi .dll
+ 2004-08-04 12:00:00 2,056,832 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
+ 2004-08-04 12:00:00 2,180,992 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst .exe
+ 2008-07-09 07:38:37 382,840 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi .dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst .exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi .dll
+ 2004-08-04 12:00:00 336,256 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
+ 2004-08-04 12:00:00 451,456 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
+ 2008-07-08 13:02:02 231,288 -c----w c:\windows\$NtUninstallKB957097$\spuninst\spuninst .exe
+ 2008-07-08 13:02:12 382,840 -c----w c:\windows\$NtUninstallKB957097$\spuninst\updspapi .dll
+ 2004-08-04 12:00:00 332,288 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll
+ 2007-11-30 11:18:51 231,288 -c----w c:\windows\$NtUninstallKB958644$\spuninst\spuninst .exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB958644$\spuninst\updspapi .dll
+ 2007-11-30 12:39:22 231,288 -c----w c:\windows\$NtUninstallKB958687$\spuninst\spuninst .exe
+ 2007-11-30 11:18:51 382,840 -c----w c:\windows\$NtUninstallKB958687$\spuninst\updspapi .dll
+ 2008-08-28 10:04:17 333,056 -c----w c:\windows\$NtUninstallKB958687$\srv.sys
+ 2008-07-28 23:01:36 195,832 ----a-w c:\windows\Downloaded Program Files\AsAdmin2.dll
+ 2008-07-28 22:58:52 233,472 ----a-w c:\windows\Downloaded Program Files\ezIcd2.dll
+ 2008-06-13 13:10:50 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
+ 2008-10-24 11:10:42 453,632 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-08-14 09:58:27 2,136,064 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 09:22:13 2,057,728 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 09:22:14 2,015,744 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 10:00:45 2,180,352 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-21 01:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-21 02:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
- 2000-08-31 13:00:00 89,504 ----a-w c:\windows\fdsv.exe
+ 2000-08-31 14:00:00 89,504 ----a-w c:\windows\fdsv.exe
- 2000-08-31 13:00:00 80,412 ----a-w c:\windows\grep.exe
+ 2000-08-31 14:00:00 80,412 ----a-w c:\windows\grep.exe
+ 2007-03-06 01:22:34 22,752 -c----w c:\windows\ie7updates\KB938127-IE7\spcustom.dll
+ 2007-03-06 01:22:36 14,048 -c----w c:\windows\ie7updates\KB938127-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB938127-IE7\spuninst.exe
+ 2007-03-06 01:22:59 716,000 -c----w c:\windows\ie7updates\KB938127-IE7\update.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB938127-IE7\updspapi.dll
- 2006-12-22 15:49:12 765,952 -c--a-w c:\windows\ie7updates\KB938127-IE7\vgx.dll
+ 2007-08-13 23:54:10 765,952 -c----w c:\windows\ie7updates\KB938127-IE7\vgx.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w c:\windows\ie7updates\KB938127-v2-IE7\spuninst\updspapi.dll
+ 2007-07-12 23:31:54 765,952 -c----w c:\windows\ie7updates\KB938127-v2-IE7\vgx.dll
+ 2007-08-13 23:39:00 123,904 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll
+ 2007-08-13 23:35:46 346,624 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2007-08-13 23:35:38 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll
+ 2007-08-13 23:54:10 131,584 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:28 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll
+ 2007-08-13 23:39:06 54,784 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2007-08-13 23:39:26 152,064 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll
+ 2007-08-13 23:39:54 229,376 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll
+ 2007-08-13 22

54 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:28 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2007-08-13 23:39:50 382,976 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:28 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll
+ 2007-08-13 23:39:10 43,008 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:28 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll
+ 2007-08-13 23:39:10 13,312 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
+ 2007-08-13 23:43:56 622,080 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
+ 2007-08-13 23:54:10 27,136 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:28 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:28 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2007-08-13 23:54:12 3,578,368 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll
+ 2007-08-13 23:54:10 475,648 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll
+ 2007-08-13 23:44:26 192,000 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll
+ 2007-08-13 23:54:10 670,720 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll
+ 2007-08-13 23:44:06 101,376 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll
+ 2007-08-13 23:36:12 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2007-08-13 23:44:30 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll
+ 2007-08-13 23:54:10 1,162,240 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll
+ 2007-08-13 23:54:10 231,424 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll
+ 2007-08-13 23:54:10 818,688 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll
+ 2008-06-23 16:57:27 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:57:27 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:57:27 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:57:27 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:57:28 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:20:25 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:57:29 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:57:29 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:57:29 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:57:29 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:57:33 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:57:33 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:57:34 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:20:52 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:57:35 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:57:36 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:57:36 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 15:57:40 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:57:39 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:57:39 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:57:40 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:57:40 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:57:40 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:57:40 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:57:40 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:57:41 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:57:41 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2008-08-26 07:24:28 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 07:24:28 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 07:24:28 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 07:24:28 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 07:24:28 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:37:59 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 07:24:28 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 07:24:28 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 07:24:28 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 07:24:29 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 07:24:29 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 07:24:29 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05

15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 07:24:30 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 07:24:30 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 07:24:30 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-27 08:24:32 3,593,216 -c----w c:\windows\ie7updates\KB958215-IE7\mshtml.dll
+ 2008-08-26 07:24:30 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 07:24:30 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 07:24:30 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 07:24:30 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 07:24:30 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 07:24:30 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 07:24:31 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 07:24:31 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-10-17 08:08:40 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
+ 2008-10-16 20:38:34 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll
+ 2008-10-16 20:38:34 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll
+ 2008-10-16 20:38:34 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll
+ 2008-10-16 20:38:35 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll
+ 2008-10-16 20:38:35 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll
+ 2008-10-16 13:11:09 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe
+ 2008-10-16 20:38:35 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll
+ 2008-10-16 20:38:35 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll
+ 2008-10-15 07:04:53 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll
+ 2008-10-16 20:38:35 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll
+ 2008-10-16 20:38:35 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll
+ 2008-10-16 20:38:37 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll
+ 2008-10-16 20:38:37 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll
+ 2008-10-16 20:38:37 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe
+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe
+ 2008-10-16 20:38:37 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll
+ 2008-10-16 20:38:37 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll
+ 2008-10-16 20:38:37 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll
+ 2008-12-13 06:40:02 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll
+ 2008-10-16 20:38:38 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll
+ 2008-10-16 20:38:38 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll
+ 2008-10-16 20:38:39 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll
+ 2008-10-16 20:38:39 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll
+ 2008-10-16 20:38:39 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll
+ 2007-03-06 01:22:41 213,216 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll
+ 2008-10-16 20:38:39 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll
+ 2008-10-16 20:38:39 1,160,192 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll
+ 2008-10-16 20:38:39 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll
+ 2008-10-16 20:38:40 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll
+ 2007-04-20 14:11:56 992,808 ----a-r c:\windows\Installer\$PatchCache$\Managed\3B94178D D1A78454C9FB30B297E19580\2.5.2\bcont.exe
+ 2007-04-19 19

40 202,280 ----a-r c:\windows\Installer\$PatchCache$\Managed\3B94178D D1A78454C9FB30B297E19580\2.5.2\sprtsvc.exe
+ 2009-01-19 20:43:27 86,016 ----a-r c:\windows\Installer\{07287123-B8AC-41CE-8346-3D777245C35B}\PrntWzrdIco.exe
+ 2009-01-19 20:42:17 102,400 ----a-r c:\windows\Installer\{318AB667-3230-41B5-A617-CB3BF748D371}\iTunesIco.exe
+ 2008-11-07 01:04:23 27,136 ----a-r c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2008-11-13 05:23:54 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2007-02-28 05:29:50 65,536 ----a-r c:\windows\Installer\{D6D4F23F-75F9-4F3D-8D0F-2CD426B1B69D}\DesktopMgr.exe
+ 2008-11-18 01:40:51 65,536 ----a-r c:\windows\Installer\{D6D4F23F-75F9-4F3D-8D0F-2CD426B1B69D}\DesktopMgr.exe
+ 2009-02-24 23:06:21 307,200 ----a-r c:\windows\Installer\{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}\SafariIco.exe
- 1998-10-29 21:45:06 306,688 ----a-w c:\windows\IsUninst.exe
+ 1998-10-29 22:45:06 306,688 ----a-w c:\windows\IsUninst.exe
- 2000-08-31 13:00:00 28,672 ----a-w c:\windows\nircmd.exe
+ 2000-08-31 14:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
- 2000-08-31 13:00:00 98,816 ----a-w c:\windows\sed.exe
+ 2000-08-31 14:00:00 98,816 ----a-w c:\windows\sed.exe
- 2000-08-31 13:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-31 14:00:00 161,792 ----a-w c:\windows\SWREG.exe
- 2000-08-31 13:00:00 136,704 ----a-w c:\windows\swsc.exe
+ 2000-08-31 14:00:00 136,704 ----a-w c:\windows\SWSC.exe
- 2000-08-31 13:00:00 212,480 ----a-w c:\windows\swxcacls.exe
+ 2000-08-31 14:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe
- 2004-08-04 12:00:00 100,352 ----a-w c:\windows\SYSTEM32\6to4svc.dll
+ 2006-08-16 11:58:05 100,352 ----a-w c:\windows\SYSTEM32\6to4svc.dll
+ 2008-08-06 21:22:02 114,688 ----a-w c:\windows\SYSTEM32\Adobe\Director\np32dsw.dll
+ 2008-08-06 21:30:48 202,168 ----a-w c:\windows\SYSTEM32\Adobe\Director\swdir.dll
+ 2008-08-06 21:31:08 67,000 ----a-w c:\windows\SYSTEM32\Adobe\Director\SwDnld.exe
+ 2008-08-06 21:22:42 499,712 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\Control.dll
+ 2008-08-06 20:45:40 1,798,144 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\dirapi.dll
+ 2008-08-06 21:22:44 9,216 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2008-08-06 20:35:52 706,048 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\gi.dll
+ 2008-08-06 20:35:52 1,145,896 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\gt.exe
+ 2008-08-06 20:35:52 52,288 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\gtapi.dll
+ 2008-08-06 20:42:04 892,928 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\iml32.dll
+ 2008-08-06 20:35:52 54,656 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\pccuapi.dll
+ 2008-08-06 21

14 266,240 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\Plugin.dll
+ 2008-08-06 21:24:14 446,464 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\Proj.dll
+ 2008-08-06 21:30:30 447,928 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\SwHelper_1100465.exe
+ 2008-08-06 21:24:56 114,688 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\SwInit.exe
+ 2008-08-06 21

04 94,208 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\SwMenu.dll
+ 2008-08-06 20:35:52 50,808 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 2008-11-01 21:02:18 234,872 ----atw c:\windows\SYSTEM32\Adobe\Shockwave 11\symcheckupstub.exe
+ 1999-06-25 16:55:30 149,504 ----a-w c:\windows\SYSTEM32\Adobe\Shockwave 11\UNWISE.EXE
- 2007-08-13 23:39:00 123,904 ----a-w c:\windows\SYSTEM32\advpack.dll
+ 2008-12-20 23:15:11 124,928 ----a-w c:\windows\SYSTEM32\advpack.dll
- 2005-01-28 17:44:28 484,352 ----a-w c:\windows\SYSTEM32\Audiodev.dll
+ 2006-10-19 03:47:08 276,992 ----a-w c:\windows\SYSTEM32\audiodev.dll
- 2005-01-28 17:44:28 294,912 ----a-w c:\windows\SYSTEM32\blackbox.dll
+ 2006-10-19 03:47:10 542,720 ----a-w c:\windows\SYSTEM32\blackbox.dll
- 2007-07-31 00:19:20 92,504 ----a-w c:\windows\SYSTEM32\cdm.dll
+ 2008-10-16 20:09:44 92,696 ----a-w c:\windows\SYSTEM32\cdm.dll
- 2005-01-28 17:44:28 164,864 ----a-w c:\windows\SYSTEM32\cewmdm.dll
+ 2006-10-19 03:47:10 229,376 ----a-w c:\windows\SYSTEM32\cewmdm.dll
- 2008-08-03 16:50:44 32,768 -c--a-w c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\I NDEX.DAT
+ 2009-03-03 11:52:15 32,768 -c--a-w c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\I NDEX.DAT
- 2008-08-03 16:50:44 32,768 -c--a-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\INDEX.DAT
+ 2009-03-03 11:52:15 32,768 -c--a-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\INDEX.DAT
- 2008-08-03 16:50:44 32,768 --sha-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-03 11:52:15 32,768 --sha-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2004-08-04 12:00:00 100,352 -c--a-w c:\windows\SYSTEM32\DLLCACHE\6to4svc.dll
+ 2006-08-16 11:58:05 100,352 -c--a-w c:\windows\SYSTEM32\DLLCACHE\6to4svc.dll
- 2007-08-13 23:39:00 123,904 -c--a-w c:\windows\SYSTEM32\DLLCACHE\advpack.dll
+ 2008-12-20 23:15:11 124,928 -c--a-w c:\windows\SYSTEM32\DLLCACHE\advpack.dll
- 2004-08-04 12:00:00 138,496 -c--a-w c:\windows\SYSTEM32\DLLCACHE\afd.sys
+ 2008-08-14 09:51:43 138,368 -c--a-w c:\windows\SYSTEM32\DLLCACHE\afd.sys
- 2005-01-28 17:44:28 294,912 -c--a-w c:\windows\SYSTEM32\DLLCACHE\blackbox.dll
+ 2006-10-19 03:47:10 542,720 -c--a-w c:\windows\SYSTEM32\DLLCACHE\blackbox.dll
- 2004-08-04 12:00:00 274,304 -c--a-w c:\windows\SYSTEM32\DLLCACHE\bthport.sys
+ 2008-06-13 13:10:50 272,128 -c--a-w c:\windows\SYSTEM32\DLLCACHE\bthport.sys
- 2007-07-31 00:19:20 92,504 -c--a-w c:\windows\SYSTEM32\DLLCACHE\cdm.dll
+ 2008-10-16 20:09:44 92,696 -c--a-w c:\windows\SYSTEM32\DLLCACHE\cdm.dll
- 2005-01-28 17:44:28 164,864 -c--a-w c:\windows\SYSTEM32\DLLCACHE\cewmdm.dll
+ 2006-10-19 03:47:10 229,376 -c--a-w c:\windows\SYSTEM32\DLLCACHE\cewmdm.dll
- 2004-08-04 12:00:00 561,179 -c--a-w c:\windows\SYSTEM32\DLLCACHE\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w c:\windows\SYSTEM32\DLLCACHE\dao360.dll
- 2004-08-04 12:00:00 148,480 -c--a-w c:\windows\SYSTEM32\DLLCACHE\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 -c--a-w c:\windows\SYSTEM32\DLLCACHE\dnsapi.dll
- 2005-01-28 17:44:28 502,272 -c--a-w c:\windows\SYSTEM32\DLLCACHE\drmv2clt.dll
+ 2006-10-19 03:47:10 991,744 -c--a-w c:\windows\SYSTEM32\DLLCACHE\drmv2clt.dll
- 2007-08-13 23:35:46 346,624 -c--a-w c:\windows\SYSTEM32\DLLCACHE\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 -c--a-w c:\windows\SYSTEM32\DLLCACHE\dxtmsft.dll
- 2007-08-13 23:35:38 214,528 -c--a-w c:\windows\SYSTEM32\DLLCACHE\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 -c--a-w c:\windows\SYSTEM32\DLLCACHE\dxtrans.dll
- 2004-08-04 12:00:00 243,200 -c--a-w c:\windows\SYSTEM32\DLLCACHE\es.dll
+ 2008-07-07 20:32:22 253,952 -c--a-w c:\windows\SYSTEM32\DLLCACHE\es.dll
- 2007-08-13 23:54:10 131,584 -c--a-w c:\windows\SYSTEM32\DLLCACHE\extmgr.dll
+ 2008-12-20 23:15:13 133,120 -c--a-w c:\windows\SYSTEM32\DLLCACHE\extmgr.dll
- 2004-08-04 12:00:00 278,016 -c--a-w c:\windows\SYSTEM32\DLLCACHE\gdi32.dll
+ 2008-10-23 13:01:36 283,648 -c--a-w c:\windows\SYSTEM32\DLLCACHE\gdi32.dll
+ 2008-12-20 23:15:13 63,488 -c----w c:\windows\SYSTEM32\DLLCACHE\icardie.dll
- 2007-08-13 23:39:06 54,784 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
- 2007-08-13 23:39:26 152,064 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ieakeng.dll
- 2007-08-13 23:39:54 229,376 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ieaksie.dll
- 2007-08-13 22

54 161,792 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ieakui.dll
+ 2008-12-19 05:23:56 161,792 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c----w c:\windows\SYSTEM32\DLLCACHE\ieapfltr.dat
+ 2008-12-20 23:15:15 383,488 -c----w c:\windows\SYSTEM32\DLLCACHE\ieapfltr.dll
- 2007-08-13 23:39:50 382,976 -c--a-w c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 -c--a-w c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
+ 2008-12-20 23:15:21 6,066,688 -c----w c:\windows\SYSTEM32\DLLCACHE\ieframe.dll
- 2007-08-13 23:39:10 43,008 -c--a-w c:\windows\SYSTEM32\DLLCACHE\iernonce.dll
+ 2008-12-20 23:15:21 44,544 -c--a-w c:\windows\SYSTEM32\DLLCACHE\iernonce.dll
+ 2008-12-20 23:15:22 267,776 -c----w c:\windows\SYSTEM32\DLLCACHE\iertutil.dll
+ 2008-12-19 09:10:15 13,824 -c----w c:\windows\SYSTEM32\DLLCACHE\ieudinit.exe
- 2007-08-13 23:43:56 622,080 -c--a-w c:\windows\SYSTEM32\DLLCACHE\iexplore.exe
+ 2008-12-19 05:25:25 634,024 -c--a-w c:\windows\SYSTEM32\DLLCACHE\iexplore.exe
- 2004-08-04 12:00:00 678,400 -c--a-w c:\windows\SYSTEM32\DLLCACHE\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 -c--a-w c:\windows\SYSTEM32\DLLCACHE\inetcomm.dll
- 2007-08-13 23:54:10 27,136 -c--a-w c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 -c--a-w c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
- 2005-01-28 17:44:28 6,656 -c--a-w c:\windows\SYSTEM32\DLLCACHE\laprxy.dll
+ 2006-10-19 03:47:14 11,264 -c--a-w c:\windows\SYSTEM32\DLLCACHE\LAPRXY.dll
- 2005-01-28 17:44:28 96,768 -c--a-w c:\windows\SYSTEM32\DLLCACHE\logagent.exe
+ 2008-06-18 07:09:22 100,864 -c--a-w c:\windows\SYSTEM32\DLLCACHE\logagent.exe
- 2004-08-04 12:00:00 310,272 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mp43dmod.dll
+ 2006-10-19 03:47:14 4,096 -c--a-w c:\windows\SYSTEM32\DLLCACHE\MP43DMOD.dll
- 2004-08-04 12:00:00 384,512 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mp4sdmod.dll
+ 2006-10-19 03:47:14 4,096 -c--a-w c:\windows\SYSTEM32\DLLCACHE\MP4SDMOD.dll
- 2004-08-04 12:00:00 240,640 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mpg4dmod.dll
+ 2006-10-19 03:47:14 4,096 -c--a-w c:\windows\SYSTEM32\DLLCACHE\MPG4DMOD.dll
- 2004-08-04 12:00:00 451,456 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mrxsmb.sys
- 2004-08-04 07

42 331,776 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msadce.dll
+ 2008-05-01 14:30:33 331,776 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msadce.dll
- 2004-08-04 12:00:00 73,728 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mscms.dll
+ 2008-06-24 16:23:05 74,240 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mscms.dll
- 2004-08-04 12:00:00 294,400 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msctf.dll
+ 2008-02-26 11:59:50 294,912 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msctf.dll
- 2004-08-04 12:00:00 512,029 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msexch40.dll
- 2004-08-04 12:00:00 319,517 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msexcl40.dll
+ 2008-12-20 23:15:23 459,264 -c----w c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
+ 2008-12-20 23:15:24 52,224 -c----w c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
- 2007-08-13 23:54:12 3,578,368 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
+ 2009-01-17 03:35:14 3,594,752 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
- 2007-08-13 23:54:10 475,648 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mshtmled.dll
- 2004-08-04 12:00:00 2,804,224 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msi.dll
+ 2005-05-04 20:45:32 2,890,240 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msi.dll
- 2004-08-04 12:00:00 77,312 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msiexec.exe
+ 2005-05-04 20:45:36 78,848 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msiexec.exe
- 2004-08-04 12:00:00 331,264 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msihnd.dll
+ 2005-05-04 20:45:36 271,360 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msihnd.dll
- 2004-08-04 12:00:00 884,736 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msimsg.dll
+ 2005-05-04 20:45:36 884,736 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msimsg.dll
- 2004-08-04 12:00:00 44,032 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msisip.dll
+ 2005-05-04 20:45:36 15,360 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msisip.dll
- 2004-08-04 12:00:00 1,507,356 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msjet40.dll
- 2004-08-04 12:00:00 358,976 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msjetol1.dll
- 2004-08-04 12:00:00 151,583 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msjint40.dll
+ 2008-03-27 08:12:54 151,583 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msjint40.dll
- 2004-08-04 12:00:00 53,279 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msjter40.dll
- 2004-08-04 12:00:00 241,693 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msjtes40.dll
- 2004-08-04 12:00:00 213,023 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msltus40.dll
- 2005-01-28 17:44:28 142,336 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msnetobj.dll
+ 2006-10-19 03:47:16 179,712 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msnetobj.dll
- 2004-08-04 12:00:00 348,189 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mspbde40.dll
- 2005-01-28 17:44:28 25,088 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mspmsnsv.dll
+ 2006-10-19 03:47:16 27,136 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mspmsnsv.dll
- 2005-01-28 17:44:28 173,568 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mspmsp.dll
+ 2006-10-19 03:47:16 175,616 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mspmsp.dll
- 2007-08-13 23:44:26 192,000 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msrating.dll
+ 2008-12-20 23:15:31 193,024 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msrating.dll
- 2004-08-04 12:00:00 421,919 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msrd2x40.dll
- 2004-08-04 12:00:00 315,423 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msrd3x40.dll
- 2004-08-04 12:00:00 552,989 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msrepl40.dll
- 2005-01-28 17:44:28 364,784 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msscp.dll
+ 2006-12-04 22

50 414,720 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msscp.dll
- 2004-08-04 12:00:00 258,077 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mstext40.dll
- 2007-08-13 23:54:10 670,720 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mstime.dll
+ 2008-12-20 23:15:32 671,232 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mstime.dll
- 2004-08-04 12:00:00 831,519 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mswdat10.dll
- 2005-01-28 17:44:28 315,904 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mswmdm.dll
+ 2006-10-19 03:47:16 321,536 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mswmdm.dll
- 2004-08-04 12:00:00 245,248 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mswsock.dll
+ 2008-06-20 17:41:10 245,248 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mswsock.dll
- 2004-08-04 12:00:00 614,429 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 -c--a-w c:\windows\SYSTEM32\DLLCACHE\mswstr10.dll
- 2004-08-04 12:00:00 348,189 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msxbde40.dll
- 2004-08-04 12:00:00 1,236,480 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msxml3.dll
+ 2008-09-04 16:42:02 1,106,944 -c--a-w c:\windows\SYSTEM32\DLLCACHE\msxml3.dll
- 2004-08-04 12:00:00 332,288 -c--a-w c:\windows\SYSTEM32\DLLCACHE\netapi32.dll
+ 2008-10-15 16:57:55 332,800 -c--a-w c:\windows\SYSTEM32\DLLCACHE\netapi32.dll
+ 2008-08-14 09:58:27 2,136,064 -c----w c:\windows\SYSTEM32\DLLCACHE\ntkrnlmp.exe
- 2004-08-04 12:00:00 2,056,832 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
+ 2008-08-14 09:22:13 2,057,728 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ntkrnlpa.exe
+ 2008-08-14 09:22:14 2,015,744 -c----w c:\windows\SYSTEM32\DLLCACHE\ntkrpamp.exe
- 2004-08-04 12:00:00 2,180,992 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
+ 2008-08-14 10:00:45 2,180,352 -c--a-w c:\windows\SYSTEM32\DLLCACHE\ntoskrnl.exe
- 2007-08-13 23:44:06 101,376 -c--a-w c:\windows\SYSTEM32\DLLCACHE\occache.dll
+ 2008-12-20 23:15:38 102,912 -c--a-w c:\windows\SYSTEM32\DLLCACHE\occache.dll
- 2007-08-13 23:36:12 44,544 -c--a-w c:\windows\SYSTEM32\DLLCACHE\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 -c--a-w c:\windows\SYSTEM32\DLLCACHE\pngfilt.dll
- 2005-01-28 17:44:28 221,184 -c--a-w c:\windows\SYSTEM32\DLLCACHE\qasf.dll
+ 2006-10-19 03:47:18 211,456 -c--a-w c:\windows\SYSTEM32\DLLCACHE\qasf.dll
- 2004-08-04 12:00:00 1,287,680 -c--a-w c:\windows\SYSTEM32\DLLCACHE\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 -c--a-w c:\windows\SYSTEM32\DLLCACHE\quartz.dll
- 2004-08-04 12:00:00 200,064 -c--a-w c:\windows\SYSTEM32\DLLCACHE\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w c:\windows\SYSTEM32\DLLCACHE\rmcast.sys
- 2004-08-04 12:00:00 8,384,000 -c--a-w c:\windows\SYSTEM32\DLLCACHE\shell32.dll
+ 2008-07-03 13:16:57 8,454,656 -c--a-w c:\windows\SYSTEM32\DLLCACHE\shell32.dll
- 2004-08-04 12:00:00 336,256 -c--a-w c:\windows\SYSTEM32\DLLCACHE\srv.sys
+ 2008-12-11 11:57:21 333,184 -c--a-w c:\windows\SYSTEM32\DLLCACHE\srv.sys
- 2004-08-04 12:00:00 246,302 -c--a-w c:\windows\SYSTEM32\DLLCACHE\strmdll.dll
+ 2008-10-03 10:15:47 247,326 -c--a-w c:\windows\SYSTEM32\DLLCACHE\strmdll.dll
- 2004-08-04 12:00:00 359,040 -c--a-w c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w c:\windows\SYSTEM32\DLLCACHE\tcpip.sys
- 2004-08-04 12:00:00 223,616 -c--a-w c:\windows\SYSTEM32\DLLCACHE\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w c:\windows\SYSTEM32\DLLCACHE\tcpip6.sys
- 2007-08-13 23:44:30 105,984 -c--a-w c:\windows\SYSTEM32\DLLCACHE\url.dll
+ 2008-12-20 23:15:39 105,984 -c--a-w c:\windows\SYSTEM32\DLLCACHE\url.dll
- 2007-08-13 23:54:10 1,162,240 -c--a-w c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 -c--a-w c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
- 2007-08-13 23:54:10 765,952 -c--a-w c:\windows\SYSTEM32\DLLCACHE\vgx.dll
+ 2008-05-27 17:23:58 765,952 -c--a-w c:\windows\SYSTEM32\DLLCACHE\vgx.dll
- 2007-08-13 23:54:10 231,424 -c--a-w c:\windows\SYSTEM32\DLLCACHE\webcheck.dll
+ 2008-12-20 23:15:40 233,472 -c--a-w c:\windows\SYSTEM32\DLLCACHE\webcheck.dll
- 2004-08-04 12:00:00 1,835,904 -c--a-w c:\windows\SYSTEM32\DLLCACHE\win32k.sys
+ 2008-09-15 11:57:41 1,846,016 -c--a-w c:\windows\SYSTEM32\DLLCACHE\win32k.sys
- 2007-08-13 23:54:10 818,688 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2008-12-20 23:15:41 826,368 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wininet.dll
- 2005-01-28 17:44:28 396,528 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmadmod.dll
+ 2006-10-19 03:47:18 757,248 -c--a-w c:\windows\SYSTEM32\DLLCACHE\WMADMOD.dll
- 2005-01-28 17:44:28 716,288 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmadmoe.dll
+ 2006-10-19 03:47:18 1,117,696 -c--a-w c:\windows\SYSTEM32\DLLCACHE\WMADMOE.dll
- 2005-01-28 17:44:28 224,768 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmasf.dll
+ 2007-10-27 23:40:30 222,720 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmasf.dll
- 2005-01-28 17:44:28 28,160 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmdmlog.dll
+ 2006-10-19 03:47:18 33,792 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmdmlog.dll
- 2005-01-28 17:44:28 33,792 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmdmps.dll
+ 2006-10-19 03:47:18 37,376 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmdmps.dll
- 2005-01-28 17:44:28 150,016 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmidx.dll
+ 2006-10-19 03:47:20 157,184 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmidx.dll
- 2005-01-28 17:44:28 1,027,072 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmnetmgr.dll
+ 2008-06-18 11:03:08 938,496 -c--a-w c:\windows\SYSTEM32\DLLCACHE\WMNetmgr.dll
- 2005-01-28 17:44:28 5,525,504 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmp.dll
+ 2007-04-30 13:20:24 5,537,792 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmp.dll
- 2005-01-28 17:44:28 774,904 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmsdmod.dll
+ 2006-10-19 03:47:22 4,096 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmsdmod.dll
- 2005-01-28 17:44:28 1,119,744 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmsdmoe2.dll
+ 2006-10-19 03:47:22 4,096 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmsdmoe2.dll
- 2005-01-28 17:44:28 413,944 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmspdmod.dll
+ 2006-10-19 03:47:22 603,648 -c--a-w c:\windows\SYSTEM32\DLLCACHE\WMSPDMOD.dll
- 2005-01-28 17:44:28 940,544 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmspdmoe.dll
+ 2006-10-19 03:47:22 1,329,152 -c--a-w c:\windows\SYSTEM32\DLLCACHE\WMSPDMOE.dll
- 2005-01-28 17:44:28 2,370,296 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmvcore.dll
+ 2008-06-18 11:03:14 2,458,112 -c--a-w c:\windows\SYSTEM32\DLLCACHE\WMVCore.dll
- 2005-01-28 17:44:28 895,736 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmvdmod.dll
+ 2006-10-19 03:47:22 4,096 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmvdmod.dll
- 2005-01-28 17:44:28 1,003,008 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmvdmoe2.dll
+ 2006-10-19 03:47:22 4,096 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wmvdmoe2.dll
- 2007-07-31 00:19:36 549,720 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wuapi.dll
+ 2008-10-16 20:12:20 561,688 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wuapi.dll
- 2007-07-31 00:19:16 53,080 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wuauclt.exe
+ 2008-10-16 20:09:44 51,224 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wuauclt.exe
- 2007-07-31 00:19:42 1,712,984 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wuaueng.dll
+ 2008-10-16 20:13:40 1,809,944 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wuaueng.dll
- 2007-07-31 00:19:32 325,976 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wucltui.dll
+ 2008-10-16 20:12:22 323,608 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wucltui.dll
- 2007-07-30 23:18:40 33,624 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wups.dll
+ 2008-10-16 20:08:58 34,328 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wups.dll
- 2007-07-31 00:19:28 203,096 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wuweb.dll
+ 2008-10-16 20:13:40 202,776 -c--a-w c:\windows\SYSTEM32\DLLCACHE\wuweb.dll
- 2004-08-04 12:00:00 148,480 ----a-w c:\windows\SYSTEM32\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 ----a-w c:\windows\SYSTEM32\dnsapi.dll
- 2004-08-04 12:00:00 138,496 ----a-w c:\windows\SYSTEM32\DRIVERS\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\SYSTEM32\DRIVERS\afd.sys
- 2008-06-27 20:03:55 75,072 ----a-w c:\windows\SYSTEM32\DRIVERS\avipbb.sys
+ 2008-11-26 00:50:28 75,072 ----a-w c:\windows\SYSTEM32\DRIVERS\avipbb.sys
- 2004-08-04 12:00:00 274,304 ----a-w c:\windows\SYSTEM32\DRIVERS\bthport.sys
+ 2008-06-13 13:10:50 272,128 ----a-w c:\windows\SYSTEM32\DRIVERS\bthport.sys
+ 2008-07-21 12:11:58 24,392 ----a-w c:\windows\SYSTEM32\DRIVERS\ElbyCDIO.sys
- 2006-09-19 20:44:04 15,664 ----a-w c:\windows\SYSTEM32\DRIVERS\GEARAspiWDM.sys
+ 2008-04-17 19:12:54 15,464 ----a-w c:\windows\SYSTEM32\DRIVERS\GEARAspiWDM.sys
- 2008-08-17 20:01:14 17,144 ----a-w c:\windows\SYSTEM32\DRIVERS\mbam.sys
+ 2008-12-04 01:52:34 15,504 ----a-w c:\windows\SYSTEM32\DRIVERS\mbam.sys
- 2008-08-17 20:01:18 38,472 ----a-w c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys
+ 2008-12-04 01:52:38 38,496 ----a-w c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys
- 2004-08-04 12:00:00 451,456 ----a-w c:\windows\SYSTEM32\DRIVERS\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\SYSTEM32\DRIVERS\mrxsmb.sys
- 2008-01-14 17:39:53 47,360 ----a-w c:\windows\SYSTEM32\DRIVERS\pcouffin.sys
+ 2008-12-13 01:22:26 47,360 ----a-w c:\windows\SYSTEM32\DRIVERS\pcouffin.sys
- 2007-01-18 15:24:58 26,496 ----a-r c:\windows\SYSTEM32\DRIVERS\RimSerial.sys
+ 2006-06-30 22:10:56 26,752 ----a-r c:\windows\SYSTEM32\DRIVERS\RimSerial.sys
- 2004-08-04 12:00:00 200,064 ----a-w c:\windows\SYSTEM32\DRIVERS\RMCast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w c:\windows\SYSTEM32\DRIVERS\rmcast.sys
- 2004-08-04 12:00:00 336,256 ----a-w c:\windows\SYSTEM32\DRIVERS\srv.sys
+ 2008-12-11 11:57:21 333,184 ----a-w c:\windows\SYSTEM32\DRIVERS\srv.sys
- 2004-08-04 12:00:00 359,040 ----a-w c:\windows\SYSTEM32\DRIVERS\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w c:\windows\SYSTEM32\DRIVERS\tcpip.sys
- 2004-08-04 12:00:00 223,616 ----a-w c:\windows\SYSTEM32\DRIVERS\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w c:\windows\SYSTEM32\DRIVERS\tcpip6.sys
+ 2008-10-01 19:01:28 32,000 ----a-w c:\windows\SYSTEM32\DRIVERS\usbaapl.sys
- 2005-01-28 17:44:28 18,944 ----a-w c:\windows\SYSTEM32\DRIVERS\wpdusb.sys
+ 2006-10-19 02:00:00 38,528 ----a-w c:\windows\SYSTEM32\DRIVERS\wpdusb.sys
- 2005-01-28 17:44:28 502,272 ----a-w c:\windows\SYSTEM32\drmv2clt.dll
+ 2006-10-19 03:47:10 991,744 ----a-w c:\windows\SYSTEM32\drmv2clt.dll
+ 2008-04-17 19:12:54 107,368 -c--a-w c:\windows\SYSTEM32\DRVSTORE\GEARAspiWD_D213663B63 81F01E45A131159A9DEFE018321CB3\x86\GEARAspi.dll
+ 2008-04-17 19:12:54 15,464 -c--a-w c:\windows\SYSTEM32\DRVSTORE\GEARAspiWD_D213663B63 81F01E45A131159A9DEFE018321CB3\x86\GEARAspiWDM.sys
+ 2008-10-01 19:01:28 32,000 -c--a-w c:\windows\SYSTEM32\DRVSTORE\usbaapl_246F92BBD6449 C86FC3F3F28C40D59AC1F69C558\usbaapl.sys
- 2007-08-13 23:35:46 346,624 ----a-w c:\windows\SYSTEM32\dxtmsft.dll
+ 2008-12-20 23:15:12 347,136 ----a-w c:\windows\SYSTEM32\dxtmsft.dll
- 2007-08-13 23:35:38 214,528 ----a-w c:\windows\SYSTEM32\dxtrans.dll
+ 2008-12-20 23:15:13 214,528 ----a-w c:\windows\SYSTEM32\dxtrans.dll
+ 2008-11-19 17

47 93,128 ----a-w c:\windows\SYSTEM32\ElbyCDIO.dll
- 2004-08-04 12:00:00 243,200 ----a-w c:\windows\SYSTEM32\es.dll
+ 2008-07-07 20:32:22 253,952 ----a-w c:\windows\SYSTEM32\es.dll
- 2007-08-13 23:54:10 131,584 ----a-w c:\windows\SYSTEM32\extmgr.dll
+ 2008-12-20 23:15:13 133,120 ----a-w c:\windows\SYSTEM32\extmgr.dll
- 2008-08-12 20:42:06 1,796,744 ----a-w c:\windows\SYSTEM32\FNTCACHE.DAT
+ 2008-10-15 09:00:10 1,791,936 ----a-w c:\windows\SYSTEM32\FNTCACHE.DAT
- 2004-08-04 12:00:00 278,016 ----a-w c:\windows\SYSTEM32\gdi32.dll
+ 2008-10-23 13:01:36 283,648 ----a-w c:\windows\SYSTEM32\gdi32.dll
+ 2007-10-20 01:46:10 1,645,320 ----a-w c:\windows\SYSTEM32\gdiplus.dll
- 2006-10-04 00:47:52 109,360 ----a-w c:\windows\SYSTEM32\GEARAspi.dll
+ 2008-04-17 19:12:54 107,368 ----a-w c:\windows\SYSTEM32\GEARAspi.dll
- 2008-04-23 04:16:28 63,488 ----a-w c:\windows\SYSTEM32\icardie.dll
+ 2008-12-20 23:15:13 63,488 ----a-w c:\windows\SYSTEM32\icardie.dll
- 2007-08-13 23:39:06 54,784 ----a-w c:\windows\SYSTEM32\ie4uinit.exe
+ 2008-12-19 09:10:15 70,656 ----a-w c:\windows\SYSTEM32\ie4uinit.exe
- 2007-08-13 23:39:26 152,064 ----a-w c:\windows\SYSTEM32\ieakeng.dll
+ 2008-12-20 23:15:14 153,088 ----a-w c:\windows\SYSTEM32\ieakeng.dll
- 2007-08-13 23:39:54 229,376 ----a-w c:\windows\SYSTEM32\ieaksie.dll
+ 2008-12-20 23:15:14 230,400 ----a-w c:\windows\SYSTEM32\ieaksie.dll
- 2007-08-13 22

54 161,792 ----a-w c:\windows\SYSTEM32\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ----a-w c:\windows\SYSTEM32\ieakui.dll
- 2008-04-23 04:16:28 383,488 ----a-w c:\windows\SYSTEM32\ieapfltr.dll
+ 2008-12-20 23:15:15 383,488 ----a-w c:\windows\SYSTEM32\ieapfltr.dll
- 2007-08-13 23:39:50 382,976 ----a-w c:\windows\SYSTEM32\iedkcs32.dll
+ 2008-12-20 23:15:16 384,512 ----a-w c:\windows\SYSTEM32\iedkcs32.dll
- 2008-04-23 04:16:28 6,066,176 ----a-w c:\windows\SYSTEM32\ieframe.dll
+ 2008-12-20 23:15:21 6,066,688 ----a-w c:\windows\SYSTEM32\ieframe.dll
- 2007-08-13 23:39:10 43,008 ----a-w c:\windows\SYSTEM32\iernonce.dll
+ 2008-12-20 23:15:21 44,544 ----a-w c:\windows\SYSTEM32\iernonce.dll
- 2008-04-23 04:16:28 267,776 ----a-w c:\windows\SYSTEM32\iertutil.dll
+ 2008-12-20 23:15:22 267,776 ----a-w c:\windows\SYSTEM32\iertutil.dll
- 2007-08-13 23:39:10 13,312 ----a-w c:\windows\SYSTEM32\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 ----a-w c:\windows\SYSTEM32\ieudinit.exe
- 2004-08-04 12:00:00 678,400 ----a-w c:\windows\SYSTEM32\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 ----a-w c:\windows\SYSTEM32\inetcomm.dll
- 2007-08-13 23:54:10 27,136 ----a-w c:\windows\SYSTEM32\jsproxy.dll
+ 2008-12-20 23:15:23 27,648 ----a-w c:\windows\SYSTEM32\jsproxy.dll
- 2005-01-28 17:44:28 6,656 ----a-w c:\windows\SYSTEM32\laprxy.dll
+ 2006-10-19 03:47:14 11,264 ----a-w c:\windows\SYSTEM32\LAPRXY.dll
- 2005-01-28 17:44:28 96,768 ----a-w c:\windows\SYSTEM32\logagent.exe
+ 2008-06-18 07:09:22 100,864 ----a-w c:\windows\SYSTEM32\logagent.exe
+ 2006-09-04 04:10:30 54,960 ----a-w c:\windows\SYSTEM32\Macromed\Director\swdir_bckup. dll
- 2007-02-05 12:14:44 585,728 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\Control.dll
+ 2008-12-04 06:59:26 581,632 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\Control.dll
+ 2008-12-04 06:59:30 1,490,944 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\dirapiX.dll
- 2006-09-03 18:13:02 24,576 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2008-12-04 06:59:26 24,576 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2008-12-04 06:59:30 606,208 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\iml32X.dll
- 2006-11-10 20:49:32 339,968 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\Plugin.dll
+ 2008-12-04 06:59:26 339,968 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\Plugin.dll
- 2006-11-10 20:49:40 483,328 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\PluginPing.dll
+ 2008-12-04 06:59:26 475,136 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\PluginPing.dll
- 2006-11-10 20:49:56 180,224 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\Proj.dll
+ 2008-12-04 06:59:26 180,224 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\Proj.dll
- 2006-11-10 20:49:28 73,728 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\SwInit.exe
+ 2008-12-04 06:59:26 77,824 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\SwInit.exe
+ 2008-12-04 06:59:26 86,016 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\SwMenuX.dll
- 2006-11-10 20:49:24 98,304 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\SwOnce.dll
+ 2008-12-04 06:59:26 98,304 ----a-w c:\windows\SYSTEM32\Macromed\Shockwave 10\SwOnce.dll
- 2008-05-10 19:46:41 121,532 ---ha-w c:\windows\SYSTEM32\mlfcache.dat
+ 2008-11-20 12:25:48 121,356 ---ha-w c:\windows\SYSTEM32\mlfcache.dat
- 2004-08-04 12:00:00 310,272 ----a-w c:\windows\SYSTEM32\mp43dmod.dll
+ 2006-10-19 03:47:14 4,096 ----a-w c:\windows\SYSTEM32\MP43DMOD.dll
- 2004-08-04 12:00:00 384,512 ----a-w c:\windows\SYSTEM32\mp4sdmod.dll
+ 2006-10-19 03:47:14 4,096 ----a-w c:\windows\SYSTEM32\MP4SDMOD.dll
- 2004-08-04 12:00:00 240,640 ----a-w c:\windows\SYSTEM32\mpg4dmod.dll
+ 2006-10-19 03:47:14 4,096 ----a-w c:\windows\SYSTEM32\MPG4DMOD.dll
- 2004-08-04 12:00:00 73,728 ----a-w c:\windows\SYSTEM32\mscms.dll
+ 2008-06-24 16:23:05 74,240 ----a-w c:\windows\SYSTEM32\mscms.dll
- 2004-08-04 12:00:00 294,400 ----a-w c:\windows\SYSTEM32\MSCTF.dll
+ 2008-02-26 11:59:50 294,912 ----a-w c:\windows\SYSTEM32\msctf.dll
- 2004-08-04 12:00:00 512,029 ----a-w c:\windows\SYSTEM32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w c:\windows\SYSTEM32\msexch40.dll
- 2004-08-04 12:00:00 319,517 ----a-w c:\windows\SYSTEM32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w c:\windows\SYSTEM32\msexcl40.dll
- 2008-04-23 04:16:28 459,264 ----a-w c:\windows\SYSTEM32\msfeeds.dll
+ 2008-12-20 23:15:23 459,264 ----a-w c:\windows\SYSTEM32\msfeeds.dll
- 2008-04-23 04:16:28 52,224 ----a-w c:\windows\SYSTEM32\msfeedsbs.dll
+ 2008-12-20 23:15:24 52,224 ----a-w c:\windows\SYSTEM32\msfeedsbs.dll
- 2007-08-13 23:54:12 3,578,368 ----a-w c:\windows\SYSTEM32\mshtml.dll
+ 2009-01-17 03:35:14 3,594,752 ----a-w c:\windows\SYSTEM32\mshtml.dll
- 2007-08-13 23:54:10 475,648 ----a-w c:\windows\SYSTEM32\mshtmled.dll
+ 2008-12-20 23:15:30 477,696 ----a-w c:\windows\SYSTEM32\mshtmled.dll
- 2004-08-04 12:00:00 2,804,224 ----a-w c:\windows\SYSTEM32\msi.dll
+ 2005-05-04 20:45:32 2,890,240 ----a-w c:\windows\SYSTEM32\msi.dll
- 2004-08-04 12:00:00 77,312 ----a-w c:\windows\SYSTEM32\msiexec.exe
+ 2005-05-04 20:45:36 78,848 ----a-w c:\windows\SYSTEM32\msiexec.exe
- 2004-08-04 12:00:00 331,264 ----a-w c:\windows\SYSTEM32\msihnd.dll
+ 2005-05-04 20:45:36 271,360 ----a-w c:\windows\SYSTEM32\msihnd.dll
- 2004-08-04 12:00:00 884,736 ----a-w c:\windows\SYSTEM32\msimsg.dll
+ 2005-05-04 20:45:36 884,736 ----a-w c:\windows\SYSTEM32\msimsg.dll
- 2004-08-04 12:00:00 44,032 ----a-w c:\windows\SYSTEM32\msisip.dll
+ 2005-05-04 20:45:36 15,360 ----a-w c:\windows\SYSTEM32\msisip.dll
- 2004-08-04 12:00:00 1,507,356 ----a-w c:\windows\SYSTEM32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w c:\windows\SYSTEM32\msjet40.dll
- 2004-08-04 12:00:00 358,976 ----a-w c:\windows\SYSTEM32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w c:\windows\SYSTEM32\msjetoledb40.dll
- 2004-08-04 12:00:00 151,583 ----a-w c:\windows\SYSTEM32\msjint40.dll
+ 2008-03-27 08:12:54 151,583 ----a-w c:\windows\SYSTEM32\msjint40.dll
- 2004-08-04 12:00:00 53,279 ----a-w c:\windows\SYSTEM32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w c:\windows\SYSTEM32\msjter40.dll
- 2004-08-04 12:00:00 241,693 ----a-w c:\windows\SYSTEM32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w c:\windows\SYSTEM32\msjtes40.dll
- 2004-08-04 12:00:00 213,023 ----a-w c:\windows\SYSTEM32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w c:\windows\SYSTEM32\msltus40.dll
- 2005-01-28 17:44:28 142,336 ----a-w c:\windows\SYSTEM32\msnetobj.dll
+ 2006-10-19 03:47:16 179,712 ----a-w c:\windows\SYSTEM32\msnetobj.dll
- 2004-08-04 12:00:00 348,189 ----a-w c:\windows\SYSTEM32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w c:\windows\SYSTEM32\mspbde40.dll
- 2005-01-28 17:44:28 25,088 ----a-w c:\windows\SYSTEM32\MsPMSNSv.dll
+ 2006-10-19 03:47:16 27,136 ----a-w c:\windows\SYSTEM32\mspmsnsv.dll
- 2005-01-28 17:44:28 173,568 ----a-w c:\windows\SYSTEM32\MsPMSP.dll
+ 2006-10-19 03:47:16 175,616 ----a-w c:\windows\SYSTEM32\mspmsp.dll
- 2007-08-13 23:44:26 192,000 ----a-w c:\windows\SYSTEM32\msrating.dll
+ 2008-12-20 23:15:31 193,024 ----a-w c:\windows\SYSTEM32\msrating.dll
- 2004-08-04 12:00:00 421,919 ----a-w c:\windows\SYSTEM32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w c:\windows\SYSTEM32\msrd2x40.dll
- 2004-08-04 12:00:00 315,423 ----a-w c:\windows\SYSTEM32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w c:\windows\SYSTEM32\msrd3x40.dll
- 2004-08-04 12:00:00 552,989 ----a-w c:\windows\SYSTEM32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w c:\windows\SYSTEM32\msrepl40.dll
- 2005-01-28 17:44:28 364,784 ----a-w c:\windows\SYSTEM32\MSSCP.dll
+ 2006-12-04 22

50 414,720 ----a-w c:\windows\SYSTEM32\msscp.dll
- 2004-08-04 12:00:00 258,077 ----a-w c:\windows\SYSTEM32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w c:\windows\SYSTEM32\mstext40.dll
- 2007-08-13 23:54:10 670,720 ----a-w c:\windows\SYSTEM32\mstime.dll
+ 2008-12-20 23:15:32 671,232 ----a-w c:\windows\SYSTEM32\mstime.dll
- 2004-08-04 12:00:00 831,519 ----a-w c:\windows\SYSTEM32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w c:\windows\SYSTEM32\mswdat10.dll
- 2005-01-28 17:44:28 315,904 ----a-w c:\windows\SYSTEM32\MSWMDM.dll
+ 2006-10-19 03:47:16 321,536 ----a-w c:\windows\SYSTEM32\mswmdm.dll
- 2004-08-04 12:00:00 245,248 ----a-w c:\windows\SYSTEM32\mswsock.dll
+ 2008-06-20 17:41:10 245,248 ----a-w c:\windows\SYSTEM32\mswsock.dll
- 2004-08-04 12:00:00 614,429 ----a-w c:\windows\SYSTEM32\mswstr10.dll
+ 2008-03-25 04:50:58 621,344 ----a-w c:\windows\SYSTEM32\mswstr10.dll
- 2004-08-04 12:00:00 348,189 ----a-w c:\windows\SYSTEM32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w c:\windows\SYSTEM32\msxbde40.dll
- 2004-08-04 12:00:00 1,236,480 ----a-w c:\windows\SYSTEM32\msxml3.dll
+ 2008-09-04 16:42:02 1,106,944 ----a-w c:\windows\SYSTEM32\msxml3.dll
- 2007-05-08 20:03:04 1,275,392 ----a-w c:\windows\SYSTEM32\msxml4.dll
+ 2008-09-30 22:43:34 1,286,152 ----a-w c:\windows\SYSTEM32\msxml4.dll
- 2004-08-04 12:00:00 332,288 ----a-w c:\windows\SYSTEM32\netapi32.dll
+ 2008-10-15 16:57:55 332,800 ----a-w c:\windows\SYSTEM32\netapi32.dll
- 2004-08-04 12:00:00 2,056,832 ----a-w c:\windows\SYSTEM32\ntkrnlpa.exe
+ 2008-08-14 09:22:13 2,057,728 ----a-w c:\windows\SYSTEM32\ntkrnlpa.exe
- 2004-08-04 12:00:00 2,180,992 ----a-w c:\windows\SYSTEM32\ntoskrnl.exe
+ 2008-08-14 10:00:45 2,180,352 ----a-w c:\windows\SYSTEM32\ntoskrnl.exe
- 2007-08-13 23:44:06 101,376 ----a-w c:\windows\SYSTEM32\occache.dll
+ 2008-12-20 23:15:38 102,912 ----a-w c:\windows\SYSTEM32\occache.dll
- 2008-08-12 20:46:06 78,144 ----a-w c:\windows\SYSTEM32\PERFC009.DAT
+ 2008-11-04 00:08:34 78,144 ----a-w c:\windows\SYSTEM32\PERFC009.DAT
- 2008-08-12 20:46:06 449,456 ----a-w c:\windows\SYSTEM32\PERFH009.DAT
+ 2008-11-04 00:08:34 449,456 ----a-w c:\windows\SYSTEM32\PERFH009.DAT
- 2007-08-13 23:36:12 44,544 ----a-w c:\windows\SYSTEM32\pngfilt.dll
+ 2008-12-20 23:15:38 44,544 ----a-w c:\windows\SYSTEM32\pngfilt.dll
- 2005-01-28 17:44:28 221,184 ----a-w c:\windows\SYSTEM32\qasf.dll
+ 2006-10-19 03:47:18 211,456 ----a-w c:\windows\SYSTEM32\qasf.dll
- 2004-08-04 12:00:00 1,287,680 ----a-w c:\windows\SYSTEM32\quartz.dll
+ 2008-05-07 05:18:48 1,287,680 ----a-w c:\windows\SYSTEM32\quartz.dll
+ 2008-07-23 01:32:44 32,000 ----a-w c:\windows\SYSTEM32\ReinstallBackups\0012\DriverFiles\usbaapl.sys
+ 2006-06-30 22:10:56 26,752 ----a-r c:\windows\SYSTEM32\ReinstallBackups\0014\DriverFiles\RimSerial.sys
- 2008-08-08 22:12:09 7,534,064 -c--a-w c:\windows\SYSTEM32\Restore\rstrlog.dat
+ 2008-10-28 02:38:50 688,548 -c--a-w c:\windows\SYSTEM32\Restore\rstrlog.dat
- 2004-08-04 12:00:00 8,384,000 ----a-w c:\windows\SYSTEM32\shell32.dll
+ 2008-07-03 13:16:57 8,454,656 ----a-w c:\windows\SYSTEM32\shell32.dll
+ 2008-07-19 03:10:20 36,552 ----a-w c:\windows\SYSTEM32\SoftwareDistribution\Setup\Ser viceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-10-16 20:08:58 34,328 ----a-w c:\windows\SYSTEM32\SoftwareDistribution\Setup\Ser viceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-07-19 03:10:40 45,768 ----a-w c:\windows\SYSTEM32\SoftwareDistribution\Setup\Ser viceStartup\wups2.dll\7.2.6001.784\wups2.dll
+ 2008-10-16 20:09:44 43,544 ----a-w c:\windows\SYSTEM32\SoftwareDistribution\Setup\Ser viceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2006-09-25 22:58:48 14,640 ----a-w c:\windows\SYSTEM32\spmsg.dll
+ 2008-07-09 07:38:24 17,272 ------w c:\windows\SYSTEM32\spmsg.dll
- 2004-08-04 12:00:00 246,302 ----a-w c:\windows\SYSTEM32\strmdll.dll
+ 2008-10-03 10:15:47 247,326 ----a-w c:\windows\SYSTEM32\strmdll.dll
- 2007-11-13 11:31:11 60,416 ----a-w c:\windows\SYSTEM32\tzchange.exe
+ 2008-10-22 09:47:07 62,976 ----a-w c:\windows\SYSTEM32\tzchange.exe
- 2007-08-13 23:44:30 105,984 ----a-w c:\windows\SYSTEM32\url.dll
+ 2008-12-20 23:15:39 105,984 ----a-w c:\windows\SYSTEM32\url.dll
- 2007-08-13 23:54:10 1,162,240 ----a-w c:\windows\SYSTEM32\urlmon.dll
+ 2008-12-20 23:15:40 1,160,192 ----a-w c:\windows\SYSTEM32\urlmon.dll
- 2005-01-28 17:44:28 47,104 ----a-w c:\windows\SYSTEM32\uwdf.exe
+ 2006-10-19 03:58:00 8,704 ----a-w c:\windows\SYSTEM32\uwdf.exe
- 2005-01-28 17:44:28 15,872 ----a-w c:\windows\SYSTEM32\wdfapi.dll
+ 2006-10-19 03:47:18 4,096 ----a-w c:\windows\SYSTEM32\wdfapi.dll
- 2005-01-28 17:44:28 38,912 ----a-w c:\windows\SYSTEM32\wdfmgr.exe
+ 2006-10-19 03:58:00 8,704 ----a-w c:\windows\SYSTEM32\wdfmgr.exe
- 2007-08-13 23:54:10 231,424 ----a-w c:\windows\SYSTEM32\webcheck.dll
+ 2008-12-20 23:15:40 233,472 ----a-w c:\windows\SYSTEM32\webcheck.dll
- 2004-08-04 12:00:00 1,835,904 ----a-w c:\windows\SYSTEM32\win32k.sys
+ 2008-09-15 11:57:41 1,846,016 ----a-w c:\windows\SYSTEM32\win32k.sys
- 2005-01-28 17:44:28 396,528 ----a-w c:\windows\SYSTEM32\wmadmod.dll
+ 2006-10-19 03:47:18 757,248 ----a-w c:\windows\SYSTEM32\WMADMOD.dll
- 2005-01-28 17:44:28 716,288 ----a-w c:\windows\SYSTEM32\wmadmoe.dll
+ 2006-10-19 03:47:18 1,117,696 ----a-w c:\windows\SYSTEM32\WMADMOE.dll
- 2005-01-28 17:44:28 224,768 ----a-w c:\windows\SYSTEM32\wmasf.dll
+ 2007-10-27 23:40:30 222,720 ----a-w c:\windows\SYSTEM32\wmasf.dll
- 2005-01-28 17:44:28 28,160 ----a-w c:\windows\SYSTEM32\WMDMLOG.dll
+ 2006-10-19 03:47:18 33,792 ----a-w c:\windows\SYSTEM32\wmdmlog.dll
- 2005-01-28 17:44:28 33,792 ----a-w c:\windows\SYSTEM32\WMDMPS.dll
+ 2006-10-19 03:47:18 37,376 ----a-w c:\windows\SYSTEM32\wmdmps.dll
- 2005-01-28 17:44:28 335,872 ----a-w c:\windows\SYSTEM32\WMDRMdev.dll
+ 2006-10-19 03:47:18 429,056 ----a-w c:\windows\SYSTEM32\wmdrmdev.dll
- 2005-01-28 17:44:28 290,816 ----a-w c:\windows\SYSTEM32\WMDRMNet.dll
+ 2006-10-19 03:47:20 348,672 ----a-w c:\windows\SYSTEM32\wmdrmnet.dll
- 2005-01-28 17:44:28 150,016 ----a-w c:\windows\SYSTEM32\wmidx.dll
+ 2006-10-19 03:47:20 157,184 ----a-w c:\windows\SYSTEM32\wmidx.dll
- 2005-01-28 17:44:28 1,027,072 ----a-w c:\windows\SYSTEM32\wmnetmgr.dll
+ 2008-06-18 11:03:08 938,496 ----a-w c:\windows\SYSTEM32\WMNetmgr.dll
- 2005-01-28 17:44:28 5,525,504 ----a-w c:\windows\SYSTEM32\wmp.dll
+ 2007-04-30 13:20:24 5,537,792 ----a-w c:\windows\SYSTEM32\wmp.dll
- 2006-10-19 02:47:20 295,936 ----a-w c:\windows\SYSTEM32\wmpeffects.dll
+ 2008-06-24 23:12:58 295,936 ----a-w c:\windows\SYSTEM32\wmpeffects.dll
- 2005-01-28 17:44:28 774,904 ----a-w c:\windows\SYSTEM32\wmsdmod.dll
+ 2006-10-19 03:47:22 4,096 ----a-w c:\windows\SYSTEM32\wmsdmod.dll
- 2005-01-28 17:44:28 1,119,744 ----a-w c:\windows\SYSTEM32\wmsdmoe2.dll
+ 2006-10-19 03:47:22 4,096 ----a-w c:\windows\SYSTEM32\wmsdmoe2.dll
- 2005-01-28 17:44:28 413,944 ----a-w c:\windows\SYSTEM32\wmspdmod.dll
+ 2006-10-19 03:47:22 603,648 ----a-w c:\windows\SYSTEM32\WMSPDMOD.dll
- 2005-01-28 17:44:28 940,544 ----a-w c:\windows\SYSTEM32\wmspdmoe.dll
+ 2006-10-19 03:47:22 1,329,152 ----a-w c:\windows\SYSTEM32\WMSPDMOE.dll
- 2005-01-28 17:44:28 1,218,808 ----a-w c:\windows\SYSTEM32\wmvadvd.dll
+ 2006-10-19 03:47:22 4,096 ----a-w c:\windows\SYSTEM32\WMVADVD.dll
- 2005-01-28 17:44:28 1,512,448 ----a-w c:\windows\SYSTEM32\WMVADVE.DLL
+ 2006-10-19 03:47:22 4,096 ----a-w c:\windows\SYSTEM32\WMVADVE.DLL
- 2005-01-28 17:44:28 2,370,296 ----a-w c:\windows\SYSTEM32\wmvcore.dll
+ 2008-06-18 11:03:14 2,458,112 ----a-w c:\windows\SYSTEM32\WMVCore.dll
- 2005-01-28 17:44:28 895,736 ----a-w c:\windows\SYSTEM32\wmvdmod.dll
+ 2006-10-19 03:47:22 4,096 ----a-w c:\windows\SYSTEM32\wmvdmod.dll
- 2005-01-28 17:44:28 1,003,008 ----a-w c:\windows\SYSTEM32\wmvdmoe2.dll
+ 2006-10-19 03:47:22 4,096 ----a-w c:\windows\SYSTEM32\wmvdmoe2.dll
- 2005-01-28 17:44:28 38,912 ----a-w c:\windows\SYSTEM32\wpd_ci.dll
+ 2006-10-19 03:47:22 629,760 ----a-w c:\windows\SYSTEM32\wpd_ci.dll
- 2005-01-28 17:44:28 61,952 ----a-w c:\windows\SYSTEM32\wpdconns.dll
+ 2006-10-19 03:47:22 35,840 ----a-w c:\windows\SYSTEM32\wpdconns.dll
- 2005-01-28 17:44:28 114,176 ----a-w c:\windows\SYSTEM32\wpdmtp.dll
+ 2006-10-19 03:47:22 154,624 ----a-w c:\windows\SYSTEM32\wpdmtp.dll
- 2005-01-28 17:44:28 66,560 ----a-w c:\windows\SYSTEM32\wpdmtpus.dll
+ 2006-10-19 03:47:22 63,488 ----a-w c:\windows\SYSTEM32\wpdmtpus.dll
- 2006-10-19 02:47:22 38,400 ----a-w c:\windows\SYSTEM32\wpdshextres.dll
+ 2006-10-19 03:47:22 38,400 ----a-w c:\windows\SYSTEM32\wpdshextres.dll
- 2005-01-28 17:44:28 331,264 ----a-w c:\windows\SYSTEM32\wpdsp.dll
+ 2006-10-19 03:47:22 356,352 ----a-w c:\windows\SYSTEM32\wpdsp.dll
- 2007-07-31 00:19:36 549,720 ----a-w c:\windows\SYSTEM32\wuapi.dll
+ 2008-10-16 20:12:20 561,688 ----a-w c:\windows\SYSTEM32\wuapi.dll
- 2007-07-31 00:19:16 53,080 ----a-w c:\windows\SYSTEM32\wuauclt.exe
+ 2008-10-16 20:09:44 51,224 ----a-w c:\windows\SYSTEM32\wuauclt.exe
- 2007-07-31 00:19:42 1,712,984 ----a-w c:\windows\SYSTEM32\wuaueng.dll
+ 2008-10-16 20:13:40 1,809,944 ----a-w c:\windows\SYSTEM32\wuaueng.dll
- 2007-07-31 00:19:32 325,976 ----a-w c:\windows\SYSTEM32\wucltui.dll
+ 2008-10-16 20:12:22 323,608 ----a-w c:\windows\SYSTEM32\wucltui.dll
- 2007-07-30 23:18:40 33,624 ----a-w c:\windows\SYSTEM32\wups.dll
+ 2008-10-16 20:08:58 34,328 ----a-w c:\windows\SYSTEM32\wups.dll
- 2007-07-30 23:19:12 43,352 ----a-w c:\windows\SYSTEM32\wups2.dll
+ 2008-10-16 20:09:44 43,544 ----a-w c:\windows\SYSTEM32\wups2.dll
- 2007-07-31 00:19:28 203,096 ----a-w c:\windows\SYSTEM32\wuweb.dll
+ 2008-10-16 20:13:40 202,776 ----a-w c:\windows\SYSTEM32\wuweb.dll
- 2000-08-31 13:00:00 49,152 ----a-w c:\windows\VFind.exe
+ 2000-08-31 14:00:00 49,152 ----a-w c:\windows\VFIND.exe
+ 2008-09-30 22:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf34 5378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 22:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf3 45378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2008-04-15 17:54:19 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_65 95b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
- 2000-08-31 13:00:00 68,096 ----a-w c:\windows\zip.exe
+ 2000-08-31 14:00:00 68,096 ----a-w c:\windows\zip.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"EasyLinkAdvisor"="c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe" [2006-04-02 389120]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"DwlClient"="c:\program files\Common Files\Dell\EUSW\Support.exe" [2004-05-27 323584]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-10 368706]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-19 185896]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"dvd43"="c:\program files\dvd43\dvd43_tray.exe" [2008-11-17 827904]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 c:\windows\BCMSMMSG.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.CTRX"= ctrxvid.drv
"vidc.xvid"= xvid.dll
"VIDC.PIXL"= pclepixl.dll
"VIDC.NTN1"= NUVision.ax
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"VIDC.MJPG"= pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0stera

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package Menu.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Picture Package Menu.lnk
backup=c:\windows\pss\Picture Package Menu.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package VCD Maker.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk
backup=c:\windows\pss\Picture Package VCD Maker.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
--a--c--- 2004-01-26 09:46 53248 c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2007-08-08 08:25 1828136 c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\mIRC Power Pack\\mirc.exe"=
"c:\\Program Files\\Roxio\\Media Manager 9\\MediaManager9.exe"=
"c:\\Program Files\\Roxio\\Digital Home 9\\RoxioUPnPRenderer9.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Roxio\\Digital Home 9\\RoxioUpnpService9.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

S3 ACCSKMD;Canon Camera Storage Device;c:\windows\SYSTEM32\DRIVERS\accskmd.sys [2002-06-26 26240]
S3 NUVision;Pinnacle DVC 80 Video;c:\windows\SYSTEM32\DRIVERS\nuvvid2.sys [2005-07-31 155264]
S3 Pem4sfgesvc;Pem4sfgesvc; [x]
S3 SNDP610;Dual Mode Camera;c:\windows\SYSTEM32\DRIVERS\sndp610.sys [2006-07-09 219392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{3e59f94f-6f71-11dc-9913-000bdbc30874}]
\Shell\AutoRun\command - H:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{ee7feca4-3f7e-11dc-98dd-000bdbc30874}]
\Shell\AutoRun\command - f:\wd_windows_tools\setup.exe
.
Contents of the 'Scheduled Tasks' folder

2009-03-04 c:\windows\Tasks\A91B0D959184854D.job
- c:\progra~1\messvi~1\defy list extra.exe []

2009-03-04 c:\windows\Tasks\AC27C19991807461.job
- c:\progra~1\messvi~1\defy list extra.exe []

2009-03-04 c:\windows\Tasks\AEDD15C0930E88D8.job
- c:\progra~1\messvi~1\defy list extra.exe []

2009-03-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-03-03 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2009-01-26 15:31]

2008-10-27 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SDUpdate.exe [2009-01-26 15:31]

2009-03-04 c:\windows\Tasks\User_Feed_Synchronization-{712559F0-C4DB-4491-91AF-E57B2F42A15F}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{9D196D04-F9DA-4894-9CD6-994473C96FB8} - c:\windows\system32\wineg77.dll
HKLM-Run-LogitechVideoTray - c:\program files\Logitech\Video\LogiTray.exe
HKLM-Run-LogitechVideoRepair - c:\program files\Logitech\Video\ISStart.exe
MSConfigStartUp-MCAgentExe - c:\progra~1\mcafee.com\agent\McAgent.exe
MSConfigStartUp-MCUpdateExe - c:\progra~1\mcafee.com\agent\McUpdate.exe
MSConfigStartUp-rundll32 - c:\documents and settings\Twan\Application Data\Macromedia\Common\9e5ae0141.dll

.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source? }
mStart Page = hxxp://www.yahoo.com
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = localhost
Trusted Zone: att.net
Trusted Zone: sbcglobal.net
Trusted Zone: yahoo.com\clientapps
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: Starfield Technologies - hxxp://video.secureserver.net/plugins/starfield_technologies.CAB
DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} - hxxps://actsvr.comcastonline.com/techtools/dl/Comcast%20Activation%20Controls.cab
DPF: {475DF11A-2BC2-41A9-8A97-E989E023E517} - hxxp://gw.us.hanjin.com/ezIcd.cab
DPF: {9E1C0C21-48B8-455A-9005-48C8D78B7900} - hxxp://gw.us.hanjin.com/ezIcd2.cab
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-03 20

21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4 B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af ,b0,29,a3,98,09,41,5a,0b,6f,
91,e9,1d,e2,63,26,f1,3f,c8,ff,68,a2,b5,26,8b,2e,dc ,0b,26,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98 A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61 ,af,45,84,18,f6,90,c5,2b,c1,
1c,3a,95,6a,9c,d6,61,af,45,84,18,d3,37,14,fe,ef,80 ,de,ca,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373F B-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e ,55,20,c9,26,bf,f9,62,0c,ff,
66,bb,93,ff,7c,85,e0,43,d4,0e,fe,0a,57,d5,53,8b,59 ,7a,39,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CC D-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0 ,57,5a,93,61,57,67,0f,06,17,
9e,d3,fa,86,8c,21,01,be,91,eb,e7,2e,67,9e,05,71,d1 ,ef,bc,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F 9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9 ,a6,33,6c,cd,8f,10,b4,c1,1a,
87,10,d5,f5,1d,4d,73,a8,13,5c,05,8b,c8,02,fb,aa,83 ,20,12,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E 8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62 ,78,6b,cf,c8,6d,8a,e3,e6,a7,
7c,f0,d2,df,20,58,62,78,6b,cf,c8,d5,38,97,f9,c3,eb ,27,b5,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30 B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba ,b1,f8,68,02,1f,0a,42,5d,26,
91,fe,b5,fb,a7,78,e6,12,2f,9a,ea,93,61,92,fc,a0,59 ,d6,5d,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654C A-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc ,e8,04,4a,f1,cd,4d,52,f1,ba,
27,14,48,01,3a,48,fc,e8,04,4a,f1,82,04,7b,21,e8,52 ,e3,3b,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E 8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58 ,98,5b,89,c9,7d,a3,26,9d,23,
3f,be,d3,f6,0f,4e,58,98,5b,89,c9,7f,19,b9,c8,21,fe ,bc,e6,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE 5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26 ,2d,45,aa,78,28,06,bd,7b,38,
8f,2b,74,3d,ce,ea,26,2d,45,aa,78,90,f2,e4,b6,dd,49 ,9a,d9,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02AD D-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5 ,eb,bc,2f,6b,14,56,1a,d3,e7,
4d,60,85,2a,b7,cc,b5,b9,7f,41,e7,2a,ae,b1,95,9b,54 ,ff,77,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE 2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f ,d4,3b,6b,70,90,43,4f,47,4a,
9f,ed,09,6c,43,2d,1e,aa,22,2f,9c,84,01,10,cf,4d,59 ,e8,8c,6c,43,2d,1e,aa,22,\
.
Completion time: 2009-03-03 20:27:08
ComboFix-quarantined-files.txt 2009-03-04 02:25:49
ComboFix2.txt 2008-09-02 02:14:09
ComboFix3.txt 2007-05-27 03:16:46

Pre-Run: 7,295,553,536 bytes free
Post-Run: 7,546,105,856 bytes free

1470 --- E O F --- 2009-02-26 09:02:26

Neal · #7 (**permalink**) 06-03-2009, 01:36 AM

Open notepad(Must be NotePad) and copy/paste the text in the quotebox below into it:NOT THE WORD QUOTE

Quote:

File::
c:\windows\SYSTEM32\uacinit.dll
c:\windows\Tasks\A91B0D959184854D.job
c:\windows\Tasks\AC27C19991807461.job
c:\windows\Tasks\AEDD15C0930E88D8.job

Folder::
c:\progra~1\messvi~1

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

[IMG]

[/IMG]

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThislog.

twan1971 · #8 (**permalink**) 06-03-2009, 03:40 AM

Combofix log

ComboFix 09-03-04.01 - Twan 2009-03-05 20:10:34.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.638.218 [GMT -6:00]
Running from: c:\documents and settings\Twan\Desktop\dal.exe
Command switches used :: c:\documents and settings\Twan\Desktop\CFScript.txt
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
c:\windows\SYSTEM32\uacinit.dll
c:\windows\Tasks\A91B0D959184854D.job
c:\windows\Tasks\AC27C19991807461.job
c:\windows\Tasks\AEDD15C0930E88D8.job
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\SYSTEM32\uacinit.dll
c:\windows\Tasks\A91B0D959184854D.job
c:\windows\Tasks\AC27C19991807461.job
c:\windows\Tasks\AEDD15C0930E88D8.job

.
((((((((((((((((((((((((( Files Created from 2009-02-06 to 2009-03-06 )))))))))))))))))))))))))))))))
.

2009-03-03 21:16 . 2009-03-03 21:16 64,160 --a------ c:\windows\SYSTEM32\DRIVERS\Lbd.sys
2009-03-03 21:09 . 2009-03-03 21:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-03-03 21:09 . 2009-03-03 21:09 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-03-03 19:56 . 2009-03-03 19:57 <DIR> d-------- C:\Combo
2009-02-09 23:01 . 2009-02-09 23:01 <DIR> d--hs---- c:\windows\ftpcache
2009-02-09 22:42 . 2009-02-09 22:42 <DIR> d-------- c:\documents and settings\Brian\Application Data\Smith Micro
2009-02-09 22:36 . 2008-06-05 01:59 222,552 --------- c:\windows\RM.exe
2009-02-09 22:35 . 2009-02-19 20:05 <DIR> d-------- c:\program files\Sprint Instinct Applications
2009-02-09 22:35 . 2009-02-09 22:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Tarma Installer
2009-02-09 22:24 . 2007-07-03 18:58 106,792 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdmdm.sys
2009-02-09 22:24 . 2007-07-03 18:57 11,944 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdmdfl.sys
2009-02-09 22:24 . 2007-07-03 18:56 9,256 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdcmnt.sys
2009-02-09 22:24 . 2007-07-03 18:56 9,256 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdcm.sys
2009-02-09 22:23 . 2007-07-03 18:54 80,552 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdbus.sys
2009-02-09 22:23 . 2007-07-03 19:00 9,256 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdwhnt.sys
2009-02-09 22:23 . 2007-07-03 19:00 9,256 -ra------ c:\windows\SYSTEM32\DRIVERS\sscdwh.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-03-04 03:37 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2009-03-04 03:09 --------- d-----w c:\program files\Lavasoft
2009-03-03 03:49 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-03 03:49 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-02 02:46 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-03-01 17:11 --------- d-----w c:\program files\Common Files\Research In Motion
2009-03-01 01:38 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-24 23:06 --------- d-----w c:\program files\Safari
2009-02-07 23:36 --------- d-s---w c:\program files\mIRC Power Pack
2009-01-19 20:43 --------- d-----w c:\program files\Bonjour
2009-01-19 20:41 --------- d-----w c:\program files\iTunes
2009-01-19 20:41 --------- d-----w c:\program files\iPod
2009-01-19 20:41 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-19 20:38 --------- d-----w c:\program files\QuickTime
2009-01-19 20:36 --------- d-----w c:\program files\Common Files\Apple
2009-01-15 15:16 --------- d-----w c:\documents and settings\All Users\Application Data\Comcast
2009-01-11 23:25 47,360 ----a-w c:\documents and settings\Brian\Application Data\pcouffin.sys
2009-01-11 23:25 --------- d-----w c:\documents and settings\Brian\Application Data\Vso
2009-01-08 23:59 18,816 ----a-w c:\windows\system32\drivers\dvd43llh.sys
2009-01-08 23:59 --------- d-----w c:\program files\SlySoft
2009-01-08 23:59 --------- d-----w c:\program files\dvd43
2008-12-20 23:15 826,368 ----a-w c:\windows\SYSTEM32\wininet.dll
2008-12-12 17:18 87,336 ----a-w c:\windows\SYSTEM32\dns-sd.exe
2008-12-12 17:11 61,440 ----a-w c:\windows\SYSTEM32\dnssd.dll
2008-07-03 04:34 87,608 ----a-w c:\documents and settings\Brian\Application Data\ezpinst.exe
2006-11-25 00:57 9,583,328 ----a-w c:\documents and settings\Lil Brian\DesktopDoctor1.5.4.exe
2006-03-03 23:49 284 ----a-w c:\documents and settings\Brian\Application Data\ViewerApp.dat
2005-07-16 20:29 3,932 ----a-w c:\documents and settings\Twan\Application Data\LMLayout.dat
2005-07-16 20:29 268 ----a-w c:\documents and settings\Twan\Application Data\LMCPaper.dat
2005-05-09 18:20 3,932 -c--a-w c:\documents and settings\Brian\Application Data\LMLayout.dat
2005-05-09 18:20 268 ----a-w c:\documents and settings\Brian\Application Data\LMCPaper.dat
2002-01-18 12:52 3,932 -c----w c:\documents and settings\LocalService\Application Data\LMLayout.dat
2008-08-03 16:47 32,768 --sha-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\MSHist012008080320080 804\index.dat
.

((((((((((((((((((((((((((((( SnapShot_2009-03-03_20.23.33.65 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-04 03:16:30 64,160 -c--a-w c:\windows\SYSTEM32\DRVSTORE\lbd_1D149FE61E2CD0936 E43877117FE3EF0674B9944\Lbd.sys
+ 2008-07-29 14:05:06 161,784 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a 1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2008-07-29 09:54:08 225,280 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 14:05:08 572,928 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 14:05:08 655,872 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 09:54:12 312,832 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.DebugCRT_1fc8 b3b9a1e18e3b_9.0.30729.1_x-ww_f863c71f\msvcm90d.dll
+ 2008-07-29 14:05:08 875,520 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.DebugCRT_1fc8 b3b9a1e18e3b_9.0.30729.1_x-ww_f863c71f\msvcp90d.dll
+ 2008-07-29 14:05:08 1,180,672 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.DebugCRT_1fc8 b3b9a1e18e3b_9.0.30729.1_x-ww_f863c71f\msvcr90d.dll
+ 2008-07-29 14:05:12 5,937,144 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.DebugMFC_1fc8 b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\mfc90d.dll
+ 2008-07-29 14:05:12 5,982,720 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.DebugMFC_1fc8 b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\mfc90ud.dll
+ 2008-07-29 12:07:42 80,896 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.DebugMFC_1fc8 b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\mfcm90d.dll
+ 2008-07-29 12:07:42 80,896 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.DebugMFC_1fc8 b3b9a1e18e3b_9.0.30729.1_x-ww_c94a3a24\mfcm90ud.dll
+ 2008-07-29 14:05:08 3,768,312 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2008-07-29 14:05:10 3,783,672 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 12:07:42 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2008-07-29 12:07:42 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 14:05:06 38,912 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 14:05:06 39,936 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 14:05:08 66,560 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 14:05:08 56,832 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 14:05:06 65,024 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 14:05:08 65,024 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 14:05:06 66,048 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 14:05:08 64,512 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 14:05:08 46,592 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 14:05:08 46,080 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 14:05:08 62,976 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"EasyLinkAdvisor"="c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe" [2006-04-02 389120]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"DwlClient"="c:\program files\Common Files\Dell\EUSW\Support.exe" [2004-05-27 323584]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-10 368706]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-19 185896]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"dvd43"="c:\program files\dvd43\dvd43_tray.exe" [2008-11-17 827904]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-03 515416]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 c:\windows\BCMSMMSG.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.CTRX"= ctrxvid.drv
"vidc.xvid"= xvid.dll
"VIDC.PIXL"= pclepixl.dll
"VIDC.NTN1"= NUVision.ax
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"VIDC.MJPG"= pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0stera

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package Menu.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Picture Package Menu.lnk
backup=c:\windows\pss\Picture Package Menu.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package VCD Maker.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk
backup=c:\windows\pss\Picture Package VCD Maker.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
--a--c--- 2004-01-26 09:46 53248 c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2007-08-08 08:25 1828136 c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\mIRC Power Pack\\mirc.exe"=
"c:\\Program Files\\Roxio\\Media Manager 9\\MediaManager9.exe"=
"c:\\Program Files\\Roxio\\Digital Home 9\\RoxioUPnPRenderer9.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Roxio\\Digital Home 9\\RoxioUpnpService9.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R0 Lbd;Lbd;c:\windows\SYSTEM32\DRIVERS\Lbd.sys [2009-03-03 64160]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 951120]
S3 ACCSKMD;Canon Camera Storage Device;c:\windows\SYSTEM32\DRIVERS\accskmd.sys [2002-06-26 26240]
S3 NUVision;Pinnacle DVC 80 Video;c:\windows\SYSTEM32\DRIVERS\nuvvid2.sys [2005-07-31 155264]
S3 Pem4sfgesvc;Pem4sfgesvc; [x]
S3 SNDP610;Dual Mode Camera;c:\windows\SYSTEM32\DRIVERS\sndp610.sys [2006-07-09 219392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{3e59f94f-6f71-11dc-9913-000bdbc30874}]
\Shell\AutoRun\command - H:\setup.exe
.
Contents of the 'Scheduled Tasks' folder

2009-03-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-03 21:16]

2009-03-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-03-05 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2009-01-26 15:31]

2008-10-27 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SDUpdate.exe [2009-01-26 15:31]

2009-03-05 c:\windows\Tasks\User_Feed_Synchronization-{712559F0-C4DB-4491-91AF-E57B2F42A15F}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source? }
mStart Page = hxxp://www.yahoo.com
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = localhost
Trusted Zone: att.net
Trusted Zone: sbcglobal.net
Trusted Zone: yahoo.com\clientapps
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: Starfield Technologies - hxxp://video.secureserver.net/plugins/starfield_technologies.CAB
DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} - hxxps://actsvr.comcastonline.com/techtools/dl/Comcast%20Activation%20Controls.cab
DPF: {475DF11A-2BC2-41A9-8A97-E989E023E517} - hxxp://gw.us.hanjin.com/ezIcd.cab
DPF: {9E1C0C21-48B8-455A-9005-48C8D78B7900} - hxxp://gw.us.hanjin.com/ezIcd2.cab
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-05 20:19:37
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4 B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af ,b0,29,a3,98,09,41,5a,0b,6f,
91,e9,1d,e2,63,26,f1,3f,c8,ff,68,a2,b5,26,8b,2e,dc ,0b,26,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98 A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61 ,af,45,84,18,f6,90,c5,2b,c1,
1c,3a,95,6a,9c,d6,61,af,45,84,18,d3,37,14,fe,ef,80 ,de,ca,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373F B-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e ,55,20,c9,26,bf,f9,62,0c,ff,
66,bb,93,ff,7c,85,e0,43,d4,0e,fe,0a,57,d5,53,8b,59 ,7a,39,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CC D-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0 ,57,5a,93,61,57,67,0f,06,17,
9e,d3,fa,86,8c,21,01,be,91,eb,e7,2e,67,9e,05,71,d1 ,ef,bc,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F 9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9 ,a6,33,6c,cd,8f,10,b4,c1,1a,
87,10,d5,f5,1d,4d,73,a8,13,5c,05,8b,c8,02,fb,aa,83 ,20,12,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E 8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62 ,78,6b,cf,c8,6d,8a,e3,e6,a7,
7c,f0,d2,df,20,58,62,78,6b,cf,c8,d5,38,97,f9,c3,eb ,27,b5,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30 B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba ,b1,f8,68,02,1f,0a,42,5d,26,
91,fe,b5,fb,a7,78,e6,12,2f,9a,ea,93,61,92,fc,a0,59 ,d6,5d,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654C A-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc ,e8,04,4a,f1,cd,4d,52,f1,ba,
27,14,48,01,3a,48,fc,e8,04,4a,f1,82,04,7b,21,e8,52 ,e3,3b,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E 8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58 ,98,5b,89,c9,7d,a3,26,9d,23,
3f,be,d3,f6,0f,4e,58,98,5b,89,c9,7f,19,b9,c8,21,fe ,bc,e6,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE 5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26 ,2d,45,aa,78,28,06,bd,7b,38,
8f,2b,74,3d,ce,ea,26,2d,45,aa,78,90,f2,e4,b6,dd,49 ,9a,d9,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02AD D-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5 ,eb,bc,2f,6b,14,56,1a,d3,e7,
4d,60,85,2a,b7,cc,b5,b9,7f,41,e7,2a,ae,b1,95,9b,54 ,ff,77,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE 2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f ,d4,3b,6b,70,90,43,4f,47,4a,
9f,ed,09,6c,43,2d,1e,aa,22,2f,9c,84,01,10,cf,4d,59 ,e8,8c,6c,43,2d,1e,aa,22,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\MSVCP60.dll
.
Completion time: 2009-03-05 20:27:38
ComboFix-quarantined-files.txt 2009-03-06 02:26:52
ComboFix2.txt 2009-03-04 02:27:10
ComboFix3.txt 2008-09-02 02:14:09
ComboFix4.txt 2007-05-27 03:16:46

Pre-Run: 7,231,156,224 bytes free
Post-Run: 7,294,255,104 bytes free

317 --- E O F --- 2009-02-26 09:02:26
------------------------------------------------------------------------------------------
HiJackthis Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:33:38 PM, on 3/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - Comcast.net Home (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - Comcast Help & Support (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - Comcast Help & Support (file missing)
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.att.net
O16 - DPF: Starfield Technologies - http://video.secureserver.net/plugin...chnologies.CAB
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {416792D8-F532-493A-BECC-1C99A1501FF9} (vmLaunch Class) - http://media2.comcast.net/anon.comca...mLauncher2.cab
O16 - DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} (SupportSoft External Control) - https://actsvr.comcastonline.com/tec...20Controls.cab
O16 - DPF: {475DF11A-2BC2-41A9-8A97-E989E023E517} (SetupComponent Class) - http://gw.us.hanjin.com/ezIcd.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1134438539750
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {9E1C0C21-48B8-455A-9005-48C8D78B7900} (ezLauncher Class) - http://gw.us.hanjin.com/ezIcd2.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramewor...o.cab34246.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Pem4sfgesvc - VSO Software - (no file)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe

--
End of file - 12183 bytes
---------------------------------------------------------------------------------

Thanks Neal.....

Neal · #9 (**permalink**) 07-03-2009, 11:52 PM

What is happening now?

twan1971 · #10 (**permalink**) 10-03-2009, 01:03 PM

Things seem to be going well. Thanks Neal.