trojan:win32/alureon.dx

**Bostyboston** · **Bostyboston** on 11th December 2010, 5:48 am

Hi there,

I have an old IBM using xp professional version 2002 service pack 3. OLD but trusty (usually).

A couple of weeks ago i was infected with the Thinkpoint virus and used your website and Malwarebytes to clean my computer - Fantastic job thanks very much. However, i am constantly being hit by a threat - trojan:win32/alureon.dx which is being blocked by microsoft security essentials or so i hope. My question is, is this in anyway connected, how can i stop the threats and how can i check my computer to ensure it's clean. I have run a full updated Malwarebytes scan (which takes 5+ hours) and nothing found. Tonight alone every hour MSE is stopping threats from the same trojan or it's not cleaning it properly and picking it up agian and again. I have also had issues with random crashing and a blue screen.

I think your website is ace, i was very happy to find a way to clean Thinkpoint off my laptop.. hopefully

Anouska

**Belahzur** · **Belahzur** on 11th December 2010, 5:36 pm

Hello.

Download OTL by OldTimer to your Desktop.

Close all windows and double click OTL.exe
Click Run Scan and let the program run uninterrupted
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

**Bostyboston** · **Bostyboston** on 12th December 2010, 2:57 am

OLT.Txt

OTL logfile created on: 11/12/2010 18:45:44 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\bonzarippanoush\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

767.00 Mb Total Physical Memory | 257.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25.45 Gb Total Space | 0.46 Gb Free Space | 1.81% Space Free | Partition Type: NTFS

Computer Name: NOUSHANFERGSTOY | User Name: bonzarippanoush | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/11 18:42:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bonzarippanoush\Desktop\OTL.exe
PRC - [2010/12/09 16:05:01 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/11/24 11:40:38 | 002,069,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 11:32:29 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgfws9.exe
PRC - [2010/11/24 11:32:13 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/23 08:13:45 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/07/20 20:03:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/07/06 16:26:04 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/07/06 16:25:58 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/06 16:23:34 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/12/15 19:01:44 | 000,040,960 | ---- | M] (Vimicro) -- C:\WINDOWS\VM_STI.EXE
PRC - [2003/07/03 00:25:00 | 000,057,344 | ---- | M] () -- C:\WINDOWS\system32\ibmpmsvc.exe
PRC - [2002/08/20 10:29:26 | 000,040,960 | ---- | M] (Easy Systems Japan Ltd.) -- C:\WINDOWS\system32\ezSP_Px.exe
PRC - [2002/07/15 01:20:00 | 000,049,152 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
PRC - [2002/07/15 01:20:00 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\QCONSVC.EXE
PRC - [2002/06/28 14:10:52 | 000,086,016 | ---- | M] () -- C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
PRC - [2002/04/19 02:23:32 | 000,077,824 | ---- | M] () -- C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
PRC - [2002/01/10 14:01:34 | 000,065,536 | ---- | M] (IBM Corporation) -- C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe

========== Modules (SafeList) ==========

MOD - [2010/12/11 18:42:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bonzarippanoush\Desktop\OTL.exe
MOD - [2010/08/23 08:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\spoolsv.exe -- (Spooler)
SRV - [2010/11/24 11:32:29 | 002,331,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/07/20 20:03:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/06 16:23:34 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/07/06 16:22:57 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/04/16 07:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2004/10/29 01:20:54 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2004/10/29 01:18:24 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2003/07/03 00:25:00 | 000,057,344 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2002/07/15 01:20:00 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\QCONSVC.EXE -- (QCONSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/07/06 16:29:16 | 000,025,168 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\AVGIDSxx.sys -- (AVGIDSErHrxpx)
DRV - [2010/07/06 16:29:14 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010/07/06 16:29:12 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/06 16:28:53 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/07/06 16:28:49 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/07/06 16:23:06 | 000,122,448 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys -- (AVGIDSDriverxpx)
DRV - [2010/07/06 16:23:04 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys -- (AVGIDSFilterxpx)
DRV - [2010/07/06 16:23:03 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys -- (AVGIDSShimxpx)
DRV - [2010/07/06 16:22:18 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010/07/06 16:22:18 | 000,030,104 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2009/09/10 14:58:26 | 000,021,648 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OlyCamComm.sys -- (OlyCamComm)
DRV - [2008/04/14 00:24:38 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2008/04/14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2007/06/06 13:36:38 | 000,087,040 | R--- | M] (Cmotech Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmusbser.sys -- (cmusbser)
DRV - [2007/01/26 15:48:28 | 012,028,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2006/03/10 10:22:58 | 000,194,933 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM31b.sys -- (ZSMC301b) Vimicro USB PC Camera (ZC0301PL)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2003/07/03 00:25:00 | 000,011,344 | ---- | M] (IBM Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2003/02/14 15:16:32 | 000,096,256 | ---- | M] (Cisco Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCX504.sys -- (PCX504)
DRV - [2002/07/15 01:20:00 | 000,002,295 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.SYS -- (IBMTPCHK)
DRV - [2002/06/28 00:30:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SMAPINT.SYS -- (Smapint)
DRV - [2002/06/28 00:30:00 | 000,012,288 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWR.SYS -- (TPPWR)
DRV - [2002/06/28 00:30:00 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TDSMAPI.SYS -- (TDSMAPI)
DRV - [2002/06/19 02:06:00 | 000,014,096 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tp4track.sys -- (Tp4Track)
DRV - [2002/06/18 10:44:50 | 000,456,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002/04/19 02:22:58 | 000,012,605 | ---- | M] (IBM Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\TPHKDRV.sys -- (TPHKDRV)
DRV - [2002/02/22 16:26:26 | 001,112,096 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002/01/10 13:55:22 | 000,004,010 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\egathdrv.sys -- (EGATHDRV)
DRV - [2001/09/13 06:58:02 | 000,007,012 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PMEMNT.SYS -- (PMEM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://facebook.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/11/24 11:43:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/09 16:05:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/09 16:05:29 | 000,000,000 | ---D | M]

[2008/07/07 10:46:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bonzarippanoush\Application Data\Mozilla\Extensions
[2010/10/22 15:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\bonzarippanoush\Application Data\Mozilla\Firefox\Profiles\fk6ppxzh.default\extensions
[2010/12/10 17:04:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/09 09:37:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2004/11/12 19:36:20 | 000,005,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/04/01 08:56:49 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/04/01 08:56:50 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/04/01 08:56:50 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/04/01 08:56:50 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/03/29 15:54:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE (Vimicro)
O4 - HKLM..\Run: [BMMGAG] C:\Program Files\ThinkPad\Utilities\PWRMONIT.DLL (IBM Corp.)
O4 - HKLM..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE ()
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1269907524913 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop BackupWallPaper: C:\Documents and Settings\bonzarippanoush\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/07 11:02:14 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/11 18:41:52 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\bonzarippanoush\Desktop\OTL.exe
[2010/12/09 10:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/12/09 09:37:13 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/12/09 09:37:13 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/12/09 09:37:12 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/12/09 09:37:12 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/11/24 16:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\bonzarippanoush\My Documents\Downloads
[2010/11/11 23:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/11/11 22:14:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/11/11 22:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2008/05/04 02:18:22 | 000,151,552 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll
[2008/05/04 02:18:20 | 000,077,824 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/11 18:54:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/12/11 18:47:57 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{06F749FB-4395-417D-BA84-47608CB2AD0A}.job
[2010/12/11 18:42:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\bonzarippanoush\Desktop\OTL.exe
[2010/12/11 17:54:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/12/11 17:43:22 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\BMMTask.job
[2010/12/11 16:54:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/12/11 16:50:28 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/11 16:49:10 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\bonzarippanoush\Local Settings\Application Data\prvlcl.dat
[2010/12/11 16:44:54 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/11 16:41:17 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/12/11 16:41:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/11 16:40:58 | 804,245,504 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/11 08:51:55 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/12/10 21:54:11 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/12/10 21:54:08 | 000,014,739 | ---- | M] () -- C:\WINDOWS\System32\12543.js
[2010/12/10 20:54:06 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/12/10 20:35:39 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\bonzarippanoush\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/12/10 19:54:09 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/12/10 16:47:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/12/10 16:47:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/12/10 16:47:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/12/10 16:47:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/12/10 16:47:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/12/10 16:47:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/12/10 16:47:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/12/10 16:47:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/12/09 15:54:36 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/12/09 15:06:59 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[2010/12/09 15:06:59 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
[2010/12/09 14:59:24 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/12/09 14:54:51 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/12/09 12:54:29 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/12/09 12:22:40 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/12/09 11:54:13 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/12/09 10:54:13 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/12/09 10:45:36 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/12/09 10:32:22 | 000,130,560 | ---- | M] () -- C:\WINDOWS\bike
[2010/12/09 10:17:59 | 000,115,224 | ---- | M] () -- C:\snp2sxp-001.raw
[2010/12/07 12:01:16 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/07 08:30:37 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/24 21:54:14 | 000,007,500 | ---- | M] () -- C:\WINDOWS\System32\123.js
[2010/11/24 17:31:59 | 000,001,943 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/11/24 16:27:08 | 000,000,000 | ---- | M] () -- C:\WINDOWS\syscheck.INI
[2010/11/24 11:36:48 | 068,035,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/11/19 17:54:27 | 000,632,241 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavifw.avm
[2010/11/11 22:54:10 | 000,012,477 | ---- | M] () -- C:\WINDOWS\System32\234.js
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/10 22:50:25 | 804,245,504 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/09 10:54:12 | 000,014,739 | ---- | C] () -- C:\WINDOWS\System32\12543.js
[2010/12/09 10:10:30 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/11/24 16:27:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\syscheck.INI
[2010/11/23 22:54:03 | 000,007,500 | ---- | C] () -- C:\WINDOWS\System32\123.js
[2010/11/11 21:55:19 | 000,012,477 | ---- | C] () -- C:\WINDOWS\System32\234.js
[2010/11/06 15:41:55 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\bonzarippanoush\Application Data\completescan
[2010/11/06 06:27:16 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\bonzarippanoush\Application Data\install
[2010/07/10 08:43:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\bonzarippanoush\Local Settings\Application Data\prvlcl.dat
[2009/06/02 08:29:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2008/05/27 12:46:48 | 000,001,775 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/05/04 02:18:31 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2008/05/04 02:18:27 | 000,025,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2008/05/04 02:18:24 | 012,028,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2007/10/02 16:08:58 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[2007/10/02 16:02:18 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Space Choir
[2007/10/02 16:02:18 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\bonzarippanoush\Application Data\Solid Colors
[2007/10/02 16:02:18 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
[2007/01/19 22:12:07 | 000,002,102 | ---- | C] () -- C:\WINDOWS\ActivStats.INI
[2006/12/27 15:09:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\RunSetup.dll
[2006/11/26 11:09:48 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2006/11/26 11:09:48 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2006/11/26 11:09:48 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2006/11/26 11:09:48 | 000,000,342 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2006/11/26 11:09:48 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2006/01/19 17:59:31 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\bonzarippanoush\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/11/25 22:04:22 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005/11/10 08:06:38 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/27 15:32:08 | 000,004,052 | ---- | C] () -- C:\WINDOWS\unwise.ini
[2005/05/27 15:30:42 | 000,000,222 | ---- | C] () -- C:\WINDOWS\Welcome.ini
[2005/05/27 15:25:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/05/27 15:24:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll
[2005/05/27 15:23:35 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2005/05/27 15:23:01 | 000,002,295 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.SYS
[2005/05/27 15:19:06 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/05/27 15:03:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/12/19 05:29:40 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/19 05:17:10 | 000,614,400 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003/07/03 00:25:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\tpinspm.dll
[2002/11/15 10:13:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CInsX500.dll
[2002/10/06 10:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 15:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2002/10/04 15:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/10/04 15:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/05/15 15:38:40 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002/01/10 13:55:22 | 000,004,010 | ---- | C] () -- C:\WINDOWS\System32\egathdrv.sys
[2001/10/24 16:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[1998/10/10 15:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1979/12/31 23:00:00 | 000,114,176 | ---- | C] () -- C:\WINDOWS\System32\tp4uires.dll
[1979/12/31 23:00:00 | 000,002,481 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

< End of report >

**Bostyboston** · **Bostyboston** on 12th December 2010, 2:57 am

Extras.Txt

OTL Extras logfile created on: 11/12/2010 18:45:44 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\bonzarippanoush\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

767.00 Mb Total Physical Memory | 257.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 25.45 Gb Total Space | 0.46 Gb Free Space | 1.81% Space Free | Partition Type: NTFS

Computer Name: NOUSHANFERGSTOY | User Name: bonzarippanoush | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify AB)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{22B71A00-4DED-11D4-A5E5-0004AC564F43}" = IBM Access Connections
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 22
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{31C2FBAC-67CF-4093-8F36-15A146613747}" = IBM Update Connector
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B7B3B4A-AF8C-4671-A92E-3E7E9ABCB22B}" = IBM Rapid Restore PC Setup
"{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}" = VIMICRO USB PC Camera
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{76BB7B2D-748F-4AE9-89C3-78C051833EA1}" = OpenOffice.org 2.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{BB92E35A-F5B8-4D59-90F3-CF863871BCF3}" = OpenMG Secure Module 4.0.05
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1939820-A945-11D4-86F6-0001031E5712}" = InterVideo WinDVD
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EA664480-3844-11D5-8C25-444553540000}" = IBM TrackPoint Accessibility Features
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{FB11BC46-7504-4877-87E4-4034D4133A2C}" = SPSS 13.0 for Windows Student Version
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AdobeESD" = Adobe Download Manager 2.0 (Remove Only)
"ATI Display Driver" = ATI Display Driver
"AVG9Uninstall" = AVG 9.0
"E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"EasyEject Utility" = IBM ThinkPad EasyEject Utility
"EPSON Printer and Utilities" = EPSON Printer Software
"ie8" = Windows Internet Explorer 8
"InstallShield_{BB92E35A-F5B8-4D59-90F3-CF863871BCF3}" = OpenMG Secure Module 4.0.05
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"OpenMG HotFix4.0-04-11-01-01" = OpenMG Limited Patch 4.0-04-11-01-01
"PCFriendly" = PCFriendly
"Power Features" = IBM ThinkPad Battery MaxiMiser and Power Management Features
"Power Management Driver" = IBM ThinkPad Power Management Driver
"Presentation Director" = IBM ThinkPad Presentation Director
"PROSet" = Intel(R) PRO Ethernet Adapter and Software
"RealPlayer 6.0" = RealPlayer
"Spotify" = Spotify
"Support.com" = Support.com Software
"ThinkPad Configuration" = IBM ThinkPad Configuration
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"ThinkPadSoftwareInstaller" = ThinkPad Software Installer
"TrackPoint" = IBM TrackPoint Support
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/12/2010 18:10:07 | Computer Name = NOUSHANFERGSTOY | Source = Application Hang | ID = 1002
Description = Hanging application Skype.exe, version 4.2.0.187, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 04/12/2010 23:04:44 | Computer Name = NOUSHANFERGSTOY | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
module ac3audio.ax, version 2.2.0.0, fault address 0x0001121d.

Error - 04/12/2010 23:04:49 | Computer Name = NOUSHANFERGSTOY | Source = Application Error | ID = 1001
Description = Fault bucket 341773141.

Error - 04/12/2010 23:06:18 | Computer Name = NOUSHANFERGSTOY | Source = Application Error | ID = 1000
Description = Faulting application realplay.exe, version 6.0.12.1662, faulting module
ac3audio.ax, version 2.2.0.0, fault address 0x0001121d.

Error - 05/12/2010 21:02:39 | Computer Name = NOUSHANFERGSTOY | Source = ESENT | ID = 490
Description = svchost (1720) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 05/12/2010 21:02:39 | Computer Name = NOUSHANFERGSTOY | Source = ESENT | ID = 470
Description = Catalog Database (1720) Database C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
is partially attached. Attachment stage: 3. Error: -1032.

Error - 06/12/2010 11:26:02 | Computer Name = NOUSHANFERGSTOY | Source = ESENT | ID = 490
Description = svchost (1720) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 06/12/2010 11:26:02 | Computer Name = NOUSHANFERGSTOY | Source = ESENT | ID = 454
Description = Catalog Database (1720) Database recovery/restore failed with unexpected
error -1032.

Error - 09/12/2010 14:08:42 | Computer Name = NOUSHANFERGSTOY | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 4.2.0.187, faulting module
skype.exe, version 4.2.0.187, fault address 0x000e39f9.

Error - 09/12/2010 14:08:45 | Computer Name = NOUSHANFERGSTOY | Source = Application Error | ID = 1001
Description = Fault bucket 2021844330.

[ Application Events ]
Error - 02/12/2010 18:10:07 | Computer Name = NOUSHANFERGSTOY | Source = Application Hang | ID = 1002
Description = Hanging application Skype.exe, version 4.2.0.187, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 04/12/2010 23:04:44 | Computer Name = NOUSHANFERGSTOY | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 11.0.5721.5145, faulting
module ac3audio.ax, version 2.2.0.0, fault address 0x0001121d.

Error - 04/12/2010 23:04:49 | Computer Name = NOUSHANFERGSTOY | Source = Application Error | ID = 1001
Description = Fault bucket 341773141.

Error - 04/12/2010 23:06:18 | Computer Name = NOUSHANFERGSTOY | Source = Application Error | ID = 1000
Description = Faulting application realplay.exe, version 6.0.12.1662, faulting module
ac3audio.ax, version 2.2.0.0, fault address 0x0001121d.

Error - 05/12/2010 21:02:39 | Computer Name = NOUSHANFERGSTOY | Source = ESENT | ID = 490
Description = svchost (1720) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 05/12/2010 21:02:39 | Computer Name = NOUSHANFERGSTOY | Source = ESENT | ID = 470
Description = Catalog Database (1720) Database C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
is partially attached. Attachment stage: 3. Error: -1032.

Error - 06/12/2010 11:26:02 | Computer Name = NOUSHANFERGSTOY | Source = ESENT | ID = 490
Description = svchost (1720) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 06/12/2010 11:26:02 | Computer Name = NOUSHANFERGSTOY | Source = ESENT | ID = 454
Description = Catalog Database (1720) Database recovery/restore failed with unexpected
error -1032.

Error - 09/12/2010 14:08:42 | Computer Name = NOUSHANFERGSTOY | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 4.2.0.187, faulting module
skype.exe, version 4.2.0.187, fault address 0x000e39f9.

Error - 09/12/2010 14:08:45 | Computer Name = NOUSHANFERGSTOY | Source = Application Error | ID = 1001
Description = Fault bucket 2021844330.

[ System Events ]
Error - 11/12/2010 02:47:27 | Computer Name = NOUSHANFERGSTOY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/12/2010 02:48:29 | Computer Name = NOUSHANFERGSTOY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/12/2010 02:50:39 | Computer Name = NOUSHANFERGSTOY | Source = E100B | ID = 262148
Description = Adapter Intel(R) PRO/100 VE Network Connection: Adapter Link Down

Error - 11/12/2010 02:52:41 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7000
Description = The Print Spooler service failed to start due to the following error:
%%2

Error - 11/12/2010 02:52:41 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%2

Error - 11/12/2010 03:26:22 | Computer Name = NOUSHANFERGSTOY | Source = E100B | ID = 262148
Description = Adapter Intel(R) PRO/100 VE Network Connection: Adapter Link Down

Error - 11/12/2010 12:53:41 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7000
Description = The Print Spooler service failed to start due to the following error:
%%2

Error - 11/12/2010 12:53:42 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%2

Error - 11/12/2010 20:44:36 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7000
Description = The Print Spooler service failed to start due to the following error:
%%2

Error - 11/12/2010 20:44:36 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%2

[ System Events ]
Error - 11/12/2010 02:47:27 | Computer Name = NOUSHANFERGSTOY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/12/2010 02:48:29 | Computer Name = NOUSHANFERGSTOY | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/12/2010 02:50:39 | Computer Name = NOUSHANFERGSTOY | Source = E100B | ID = 262148
Description = Adapter Intel(R) PRO/100 VE Network Connection: Adapter Link Down

Error - 11/12/2010 02:52:41 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7000
Description = The Print Spooler service failed to start due to the following error:
%%2

Error - 11/12/2010 02:52:41 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%2

Error - 11/12/2010 03:26:22 | Computer Name = NOUSHANFERGSTOY | Source = E100B | ID = 262148
Description = Adapter Intel(R) PRO/100 VE Network Connection: Adapter Link Down

Error - 11/12/2010 12:53:41 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7000
Description = The Print Spooler service failed to start due to the following error:
%%2

Error - 11/12/2010 12:53:42 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%2

Error - 11/12/2010 20:44:36 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7000
Description = The Print Spooler service failed to start due to the following error:
%%2

Error - 11/12/2010 20:44:36 | Computer Name = NOUSHANFERGSTOY | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%2

< End of report >

**Belahzur** · **Belahzur** on 12th December 2010, 10:08 pm

Hello.

Please run OTL.exe.

Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:OTL
[2010/11/23 22:54:03 | 000,007,500 | ---- | C] () -- C:\WINDOWS\System32\123.js
[2010/11/11 21:55:19 | 000,012,477 | ---- | C] () -- C:\WINDOWS\System32\234.js
[2010/12/09 10:54:12 | 000,014,739 | ---- | C] () -- C:\WINDOWS\System32\12543.js
[2010/11/06 15:41:55 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\bonzarippanoush\Application Data\completescan
[2010/11/06 06:27:16 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\bonzarippanoush\Application Data\install
[2010/07/10 08:43:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\bonzarippanoush\Local Settings\Application Data\prvlcl.dat

:files
C:\WINDOWS\tasks\At*.job
Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
Click the red Run Fix button.
A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

**Bostyboston** · **Bostyboston** on 13th December 2010, 3:50 am

========== OTL ==========
C:\WINDOWS\system32\123.js moved successfully.
C:\WINDOWS\system32\234.js moved successfully.
C:\WINDOWS\system32\12543.js moved successfully.
C:\Documents and Settings\bonzarippanoush\Application Data\completescan moved successfully.
C:\Documents and Settings\bonzarippanoush\Application Data\install moved successfully.
C:\Documents and Settings\bonzarippanoush\Local Settings\Application Data\prvlcl.dat moved successfully.
========== FILES ==========
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At10.job moved successfully.
C:\WINDOWS\tasks\At11.job moved successfully.
C:\WINDOWS\tasks\At12.job moved successfully.
C:\WINDOWS\tasks\At13.job moved successfully.
C:\WINDOWS\tasks\At14.job moved successfully.
C:\WINDOWS\tasks\At15.job moved successfully.
C:\WINDOWS\tasks\At16.job moved successfully.
C:\WINDOWS\tasks\At17.job moved successfully.
C:\WINDOWS\tasks\At18.job moved successfully.
C:\WINDOWS\tasks\At19.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At20.job moved successfully.
C:\WINDOWS\tasks\At21.job moved successfully.
C:\WINDOWS\tasks\At22.job moved successfully.
C:\WINDOWS\tasks\At23.job moved successfully.
C:\WINDOWS\tasks\At24.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\WINDOWS\tasks\At5.job moved successfully.
C:\WINDOWS\tasks\At6.job moved successfully.
C:\WINDOWS\tasks\At7.job moved successfully.
C:\WINDOWS\tasks\At8.job moved successfully.
C:\WINDOWS\tasks\At9.job moved successfully.

OTL by OldTimer - Version 3.2.17.3 log created on 12122010_194909

**Bostyboston** · **Bostyboston** on 13th December 2010, 5:01 am

Hi there, i thought i'd follow your instructions to tbmjfreeman after running the OTL custom scan. Here is the updated malwarebytes quick scan report. Nothing detected.

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5303

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/12/2010 20:47:17
mbam-log-2010-12-12 (20-47-17).txt

Scan type: Quick scan
Objects scanned: 156420
Time elapsed: 21 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I noticed in your reply to tbmjfreeman regarding installing combo fix and wondered if that is also my next step - if i disable MSE will my computer be safe. Thanks again for your assistance..

Anouska

**Belahzur** · **Belahzur** on 13th December 2010, 11:45 pm

Hello.

Download combofix from here
Link 1
Link 2

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:

3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
We need to disable your local AV (Anti-virus) before running Combofix.
See HERE for how to disable your AV.
Double click on ComboFix.exe.
Follow the prompts. NOTE:
ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
Allow ComboFix to download the Recovery Console.
Accept the End-User License Agreement.
The Recovery Console will be installed.
You will then get this next prompt that asks if you want to continue the malware scan, select yes
Allow combofix to run
Post C:\combofix.txt back here.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

**Bostyboston** · **Bostyboston** on 14th December 2010, 3:27 am

ComboFix 10-12-13.02 - bonzarippanoush 13/12/2010 18:49:05.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.767.339 [GMT -8:00]
Running from: c:\documents and settings\bonzarippanoush\Desktop\Combo-Fix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\bonzarippanoush\System
c:\documents and settings\bonzarippanoush\System\win_qs8.jqx
c:\windows\system32\system

c:\windows\regedit.exe . . . is infected!!

.
((((((((((((((((((((((((( Files Created from 2010-11-14 to 2010-12-14 )))))))))))))))))))))))))))))))
.

2010-12-14 02:29 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C1F4B48B-7CB2-4E67-896A-1A716E10BE6C}\mpengine.dll
2010-12-13 03:49 . 2010-12-13 03:49 -------- d-----w- C:\_OTL
2010-12-09 18:10 . 2010-12-09 18:10 -------- d-----w- c:\program files\Common Files\Skype
2010-12-09 17:37 . 2010-09-15 12:50 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-12-09 17:37 . 2010-09-15 12:50 472808 ----a-w- c:\windows\system32\deployJava1.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-30 01:42 . 2010-11-07 00:21 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-30 01:42 . 2010-11-07 00:20 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-10 04:33 . 2010-03-30 23:27 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-10-19 20:51 . 2010-03-30 21:21 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-18 19:23 . 1980-01-01 07:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 1980-01-01 07:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 1980-01-01 07:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 1980-01-01 07:00 953856 ------w- c:\windows\system32\mfc40u.dll
2010-09-15 10:29 . 2010-04-11 20:34 73728 ----a-w- c:\windows\system32\javacpl.cpl
.

------- Sigcheck -------

[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\atapi.sys
[-] 2002-01-30 . 48BC2767CEEC6E8B0E15B0289F18232E . 86912 . . [5.1.2600.28] . . c:\windows\ERDNT\cache\atapi.sys

[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\asyncmac.sys
[-] 2001-08-18 . 03F403B07A884FC2AA54A0916C410931 . 13568 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\asyncmac.sys

[-] 2001-08-18 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\beep.sys
[-] 2001-08-18 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-08-18 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\kbdclass.sys
[-] 2001-08-18 . 9C30CD464D87102497FD7C32910E6253 . 23424 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\kbdclass.sys

[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ndis.sys
[-] 2001-08-18 . 3EFD4F59BA0A340DE0A3AB984001DBF7 . 161536 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\ndis.sys

[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ntfs.sys
[-] 2002-01-30 . E57AD09522176A8F7D8081B2FA3C4881 . 516480 . . [5.1.2600.28] . . c:\windows\ERDNT\cache\ntfs.sys

[-] 2001-08-18 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\null.sys
[-] 2001-08-18 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-08-18 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tcpip.sys
[-] 2001-08-18 . E7774698BB0D14B0710A9A31E209F9B6 . 327168 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\tcpip.sys

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\browser.dll
[-] 2001-08-18 . 1C9CDCAD17F23BB7206451802307C529 . 49152 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\browser.dll

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lsass.exe
[-] 2001-08-18 . 8A590EA109B5E0C7629E022F8A6B17C5 . 11776 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\lsass.exe

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\netman.dll
[-] 2001-08-18 . 2B150D3A00137588EB4D68BB30C25214 . 147968 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\netman.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\qmgr.dll
[-] 2001-08-18 . 3E6ACF2CD2E8C19B16E4B42D08CA3838 . 179200 . . [6.0.2600.0] . . c:\windows\$NtUninstallKB842773$\qmgr.dll
[-] 2001-08-18 . 3E6ACF2CD2E8C19B16E4B42D08CA3838 . 179200 . . [6.0.2600.0] . . c:\windows\ERDNT\cache\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2004-08-04 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2004-08-04 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rpcss.dll
[-] 2001-08-18 . 3F1C4DC5F03535E544996968DD225837 . 259072 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\rpcss.dll

[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\services.exe
[-] 2001-08-18 . E3DF4A0252D287C44606EE55355E1623 . 101376 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\services.exe

[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2004-08-04 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2004-08-04 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spoolsv.exe
[-] 2001-08-18 . 9B4155BA58192D4073082B8FC5D42612 . 51200 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\spoolsv.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\winlogon.exe
[-] 2001-08-18 . 2B0E480E975EE51F2D5CE5F068FED6E2 . 430080 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\winlogon.exe

[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2004-08-04 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2004-08-04 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\comctl32.dll
[-] 2001-08-18 . 1C38C4D90DD3C07A1946E4D5005EE928 . 557568 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll
[-] 2001-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cryptsvc.dll
[-] 2001-08-18 . C1B26CE5483DD20D59BCF608331413E6 . 51200 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\cryptsvc.dll

[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 13:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 13:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2004-08-04 08:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2004-08-04 07:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\es.dll
[-] 2001-08-18 12:00 . F5963768CFD62FDB926FDB588EE69315 . 224768 . . [2001.12.4414.42] . . c:\windows\ERDNT\cache\es.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\imm32.dll
[-] 2001-08-18 . E046037FD5BCDF92CE1A122B749B9B09 . 96768 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\imm32.dll

[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\kernel32.dll
[-] 2001-08-18 . 379B0B31D7F8D2C9F7FF302B454A6C54 . 926720 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\kernel32.dll

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\linkinfo.dll
[-] 2001-08-18 . 7D8C58C0CBB7331E9296A7357827CA8E . 15360 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\linkinfo.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lpk.dll
[-] 2001-08-18 . 55990CA08692E2739A8DDCE0B04352AC . 18944 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\lpk.dll

[-] 2010-09-10 . DE41132DA8E5A3CD57201C6F2175EC05 . 5957120 . . [8.00.6001.18975] . . c:\windows\system32\mshtml.dll
[-] 2010-09-10 . DE41132DA8E5A3CD57201C6F2175EC05 . 5957120 . . [8.00.6001.18975] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2010-09-10 . 8A03CC037E6B7D1796192815231B0C3F . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 94DC7E938C57F3C3D1BC4A0F68FC5830 . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 4D7EF94795384CD2BBAAB078B7929FEA . 5951488 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-02-26 . EE6B9880933172AE78A1146BE15D6D21 . 3073536 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\mshtml.dll
[-] 2010-02-25 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2010-02-25 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904] . . c:\windows\SoftwareDistribution\Download\bf853aeb396b834ced5a417bda2c636f\SP3GDR\mshtml.dll
[-] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\SoftwareDistribution\Download\bf853aeb396b834ced5a417bda2c636f\SP3QFE\mshtml.dll
[-] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
[-] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:\windows\SoftwareDistribution\Download\f1062d4e51d6818acdde68ea67673088\SP3GDR\mshtml.dll
[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\SoftwareDistribution\Download\f1062d4e51d6818acdde68ea67673088\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie8\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2004-08-04 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2004-08-04 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mshtml.dll
[-] 2001-08-18 . 2C8725BBC943212B349B34D11153E5F6 . 2793984 . . [6.00.2600.0000] . . c:\windows\ERDNT\cache\mshtml.dll

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msvcrt.dll
[-] 2001-08-18 . EC9057C0640DA2A44B1F47E8515AB972 . 322560 . . [7.0.2600.0] . . c:\windows\ERDNT\cache\msvcrt.dll
[-] 2001-08-18 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-04 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2004-08-04 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mswsock.dll
[-] 2001-08-18 . 18A8BE5A66B93F9C9615F7D4C148EDE2 . 228352 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\mswsock.dll

[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\netlogon.dll
[-] 2001-08-18 . F41C1602DC79AB72035F2388FCA0255F . 397824 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\netlogon.dll

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\powrprof.dll
[-] 2001-08-18 . 865AD7CCB20856727D5BD994B094DC5E . 14848 . . [6.00.2600.0000] . . c:\windows\ERDNT\cache\powrprof.dll

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\scecli.dll
[-] 2001-08-18 . 73968C834C316ADC7A2F07DC4B5F3665 . 174080 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\scecli.dll

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sfc.dll
[-] 2001-08-18 . 52BB2A508CB3EB8AAA5F6F142F5B73D6 . 4096 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\sfc.dll

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\svchost.exe
[-] 2001-08-18 . 0F7D9C87B0CE1FA520473119752C6F79 . 12800 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\svchost.exe

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tapisrv.dll
[-] 2001-08-18 . 9CD079C25A94D6AB600E0C1C4361281F . 233984 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\tapisrv.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\user32.dll
[-] 2001-08-18 . BE57A5C3ABD240514B98F6BCA872FB21 . 561152 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\user32.dll

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\userinit.exe
[-] 2001-08-18 . 585398603F570F9705774D65D292E5D1 . 21504 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\userinit.exe

[-] 2010-09-10 . 36FE8ABC59AAFBE20CBE54BC372F9429 . 916480 . . [8.00.6001.18968] . . c:\windows\system32\wininet.dll
[-] 2010-09-10 . 36FE8ABC59AAFBE20CBE54BC372F9429 . 916480 . . [8.00.6001.18968] . . c:\windows\system32\dllcache\wininet.dll
[-] 2010-09-10 . 0555E190DCD06B8998E6DDCA42DAEB82 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 60237E50D575FBA9BEC9BC043F157149 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . D3DEB6B2B424AC93DE3801EAEB21A9A5 . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-26 . AEB15B107E1C6543F99D9104BE0DD800 . 668672 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\wininet.dll
[-] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\SoftwareDistribution\Download\bf853aeb396b834ced5a417bda2c636f\SP3GDR\wininet.dll
[-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\SoftwareDistribution\Download\bf853aeb396b834ced5a417bda2c636f\SP3QFE\wininet.dll
[-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\SoftwareDistribution\Download\f1062d4e51d6818acdde68ea67673088\SP3GDR\wininet.dll
[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\SoftwareDistribution\Download\f1062d4e51d6818acdde68ea67673088\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ie8\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2004-08-04 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2004-08-04 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wininet.dll
[-] 2001-10-03 . 825813FFE2EE0840C34B1864E404F56A . 568832 . . [6.00.2600.0001] . . c:\windows\ERDNT\cache\wininet.dll

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ws2_32.dll
[-] 2001-08-18 . 8529C295DF59B564D37A73B5629162B1 . 75264 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\ws2_32.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ws2help.dll

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\explorer.exe
[-] 2001-08-18 . 5A26FC6010886D25B3E412493DD95ED8 . 1000960 . . [6.00.2600.0000] . . c:\windows\ERDNT\cache\explorer.exe

[-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2004-08-04 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll
[-] 2004-08-04 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ole32.dll

[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2004-08-04 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
[-] 2004-08-04 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\usp10.dll

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\srsvc.dll
[-] 2001-08-18 . E305E78536FA6649299F71FD8EA9A84D . 155136 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\srsvc.dll

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wscntfy.exe

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\xmlprov.dll

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\eventlog.dll
[-] 2001-08-18 . A510B91253544D56B5712D66BE8371E9 . 47616 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\eventlog.dll

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sfcfiles.dll
[-] 2001-10-16 . DC0E27326EA64001B486EBA4DB1A74C9 . 1560576 . . [5.1.2600.16] . . c:\windows\ERDNT\cache\sfcfiles.dll

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ctfmon.exe
[-] 2001-08-18 . 85B1054DB58D13AA42D7DCA778C30F57 . 13312 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\ctfmon.exe

[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\shsvcs.dll
[-] 2001-08-18 . AB2F114874D9D990A16EBC9372628489 . 114688 . . [6.00.2600.0000] . . c:\windows\ERDNT\cache\shsvcs.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\regsvc.dll
[-] 2001-08-18 . 9DF4527D53613601D3F79946EAA1DCB1 . 51712 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\regsvc.dll

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\schedsvc.dll
[-] 2001-08-18 . F6E2095CBC14522CEACD2853620FAF4D . 158720 . . [4.71.2600.1] . . c:\windows\ERDNT\cache\schedsvc.dll

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ssdpsrv.dll
[-] 2001-12-18 . A37C3CA3FBFA03A2F46479CEA69D4B4B . 41472 . . [5.1.2600.23] . . c:\windows\ERDNT\cache\ssdpsrv.dll

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\termsrv.dll
[-] 2001-11-03 . 344784BB9B02891E813260C192F271DE . 197632 . . [5.1.2600.18] . . c:\windows\ERDNT\cache\termsrv.dll

[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-04 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
[-] 2004-08-04 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\appmgmts.dll
[-] 2001-08-18 . 14F36167D270C83C7F90956B1F0BBBB6 . 155648 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\appmgmts.dll

[-] 2001-08-18 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\acpiec.sys
[-] 2001-08-18 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys
[-] 2001-08-18 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-14 06:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-14 06:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-04 06:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys
[-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\aec.sys
[-] 2001-07-24 . B45A744CA0A15A59D8B0307CE9741E92 . 122472 . . [5.1.2520.0] . . c:\windows\ERDNT\cache\aec.sys

[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\agp440.sys
[-] 2001-08-17 . 65880045C51AA36184841CEE915A61DF . 25472 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\AGP440.SYS

[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip6fw.sys

[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 13:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 13:41 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2001-08-18 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
[-] 2001-08-18 12:00 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . c:\windows\ERDNT\cache\mfc40u.dll

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msgsvc.dll
[-] 2001-08-18 . A81487520F11F65BF270D50EE29887B2 . 34304 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\msgsvc.dll

[-] 2008-04-14 13:42 . C7E39EA41233E9F5B86C8DA3A9F1E4A8 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-19 05:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-19 05:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-08-04 08:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll
[-] 2004-08-04 08:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mspmsnsv.dll

[-] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntkrnlpa.exe
[-] 2009-12-08 . A6683E23468776F75EB2D8C6A02AAD3B . 2066048 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-02-08 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB977165-v2$\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-04-14 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-14 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2004-08-04 . 947FB1D86D14AFCFFDB54BF837EC25D0 . 2056832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2004-08-04 . 947FB1D86D14AFCFFDB54BF837EC25D0 . 2056832 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ntkrnlpa.exe
[-] 2001-08-18 . 46E2E3DCF54B819CFB2EBFE48A22B5C9 . 1896704 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\ntkrnlpa.exe

[-] 2008-04-14 13:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 13:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-04 08:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
[-] 2004-08-04 07:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ntmssvc.dll
[-] 2001-08-18 12:00 . C63415DEFA08D7BD244E636C97B32F3D . 392192 . . [5.1.2400.1] . . c:\windows\ERDNT\cache\ntmssvc.dll

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\upnphost.dll
[-] 2001-08-18 . 6FB00F87EA0CDE9A5657F4E800997440 . 162816 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\upnphost.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dsound.dll
[-] 2002-12-12 08:14 . CA6CC3A47D8813208CEE02EB40DACA21 . 355328 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\d3d9.dll

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ddraw.dll
[-] 2002-12-12 08:14 . 61CC64C43BEC193100E3722F6CF4B1E1 . 284160 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll

[-] 2008-04-14 13:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 13:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-04 08:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
[-] 2004-08-04 07:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\olepro32.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\perfctrs.dll

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
[-] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\version.dll

[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntoskrnl.exe
[-] 2009-12-08 . 78EC47F9B9A3A1D539262D8834C896CE . 2189184 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-02-08 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB977165-v2$\ntoskrnl.exe
[-] 2008-04-14 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-04-14 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2004-08-04 . CE218BC7088681FAA06633E218596CA7 . 2180992 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2004-08-04 . CE218BC7088681FAA06633E218596CA7 . 2180992 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ntoskrnl.exe
[-] 2001-08-18 . A29222D5281056E497408FCC9062F749 . 1982208 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\ntoskrnl.exe

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\srsvc.dll
[-] 2001-08-18 . E305E78536FA6649299F71FD8EA9A84D . 155136 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\srsvc.dll

[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-04 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
[-] 2004-08-04 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\w32time.dll

[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2004-08-04 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
[-] 2004-08-04 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wiaservc.dll

c:\windows\System32\spoolsv.exe ... is missing !!

**Bostyboston** · **Bostyboston** on 14th December 2010, 3:37 am

.
((((((((((((((((((((((((((((( SnapShot@2010-03-29_23.55.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 13:42 . 2008-04-14 13:42 57344 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2010-03-30 04:46 . 2004-08-04 08:57 54784 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcirt.dll
+ 2009-07-12 03:54 . 2009-07-12 03:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-12 08:07 . 2009-07-12 08:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 08:19 . 2009-07-12 08:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2009-07-12 02:41 . 2009-07-12 02:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2008-04-14 13:42 . 2008-04-14 13:42 74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-10-01 00:45 . 2008-10-01 00:45 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 50688 c:\windows\twain_32.dll
+ 2010-12-14 00:45 . 2010-12-14 00:45 16384 c:\windows\temp\Perflib_Perfdata_7a4.dat
+ 2005-05-27 23:08 . 2008-04-14 13:42 11776 c:\windows\system32\xolehlp.dll
+ 2010-03-30 04:44 . 2008-04-14 13:42 50176 c:\windows\system32\xmlprovi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 30720 c:\windows\system32\xcopy.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 91648 c:\windows\system32\xactsrv.dll
+ 2001-08-18 05:36 . 2008-04-14 13:42 52736 c:\windows\system32\wzcsapi.dll
+ 2010-03-30 00:05 . 2009-08-07 03:24 44768 c:\windows\system32\wups2.dll
+ 2010-03-30 00:05 . 2009-08-07 03:24 35552 c:\windows\system32\wups.dll
+ 2006-09-29 02:56 . 2006-09-29 02:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-09-29 04:13 . 2006-09-29 04:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2005-05-27 23:08 . 2009-08-07 03:24 53472 c:\windows\system32\wuauclt.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 18432 c:\windows\system32\wtsapi32.dll
+ 2005-11-10 16:06 . 2008-04-14 13:42 50688 c:\windows\system32\wstdecod.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 22528 c:\windows\system32\wsock32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 41984 c:\windows\system32\wsnmp32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 19456 c:\windows\system32\wshtcpip.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 11264 c:\windows\system32\wshrm.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 14336 c:\windows\system32\wship6.dll
+ 1980-01-01 07:00 . 2008-05-09 10:53 90112 c:\windows\system32\wshext.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 36864 c:\windows\system32\wshcon.dll
+ 2010-03-30 04:44 . 2008-04-14 13:42 80896 c:\windows\system32\wscsvc.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 11264 c:\windows\system32\wpnpinst.exe
+ 2006-10-19 05:47 . 2006-10-19 05:47 38400 c:\windows\system32\wpdshextres.dll
+ 2006-10-19 04:00 . 2006-10-19 04:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2006-10-19 05:47 . 2006-10-19 05:47 63488 c:\windows\system32\wpdmtpus.dll
+ 2006-10-19 05:47 . 2006-10-19 05:47 35840 c:\windows\system32\wpdconns.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 32256 c:\windows\system32\wpabaln.exe
- 2009-02-03 21:21 . 2002-12-11 15:09 20480 c:\windows\system32\wmpui.dll
+ 2009-02-03 21:21 . 2008-04-14 13:42 20480 c:\windows\system32\wmpui.dll
+ 2009-02-03 21:21 . 2006-10-19 05:47 99840 c:\windows\system32\wmpshell.dll
+ 2009-02-03 21:21 . 2008-04-14 13:42 20480 c:\windows\system32\wmpcore.dll
- 2009-02-03 21:21 . 2002-12-11 15:09 20480 c:\windows\system32\wmpcore.dll
- 2009-02-03 21:21 . 2002-12-11 15:09 20480 c:\windows\system32\wmpcd.dll
+ 2009-02-03 21:21 . 2008-04-14 13:42 20480 c:\windows\system32\wmpcd.dll
+ 2009-02-03 21:20 . 2006-10-19 05:47 37376 c:\windows\system32\wmdmps.dll
+ 2009-02-03 21:20 . 2006-10-19 05:47 33792 c:\windows\system32\wmdmlog.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 92672 c:\windows\system32\wlnotify.dll
+ 2010-03-30 18:40 . 2008-04-14 13:42 69120 c:\windows\system32\wlanapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 53760 c:\windows\system32\winsta.dll
+ 2010-03-30 04:44 . 2008-04-14 13:42 17408 c:\windows\system32\winshfhc.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 99328 c:\windows\system32\winscard.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 16896 c:\windows\system32\winrnr.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 32256 c:\windows\system32\winipsec.dll
+ 2010-03-30 23:07 . 2007-11-01 04:48 20992 c:\windows\system32\windowspowershell\v1.0\pwrshsip.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 75776 c:\windows\system32\wiascr.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 65024 c:\windows\system32\wextract.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 68096 c:\windows\system32\webclnt.dll
+ 2005-05-27 23:04 . 2008-04-14 13:42 23552 c:\windows\system32\wdmaud.drv
+ 1980-01-01 07:00 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 95232 c:\windows\system32\wbem\wmiutils.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 41472 c:\windows\system32\wbem\wmipsess.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 62464 c:\windows\system32\wbem\wmipjobj.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 61952 c:\windows\system32\wbem\wmipiprt.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 60928 c:\windows\system32\wbem\wmicookr.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 88576 c:\windows\system32\wbem\wmiaprpl.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 43520 c:\windows\system32\wbem\wbemsvc.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 18944 c:\windows\system32\wbem\wbemprox.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 43008 c:\windows\system32\wbem\wbemperf.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 71680 c:\windows\system32\wbem\wbemcons.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 86528 c:\windows\system32\wbem\stdprov.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 36352 c:\windows\system32\wbem\scrcons.exe
+ 2005-05-27 23:08 . 2008-04-14 13:42 92672 c:\windows\system32\wbem\policman.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 47104 c:\windows\system32\wbem\ncprov.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 16384 c:\windows\system32\wbem\mofcomp.exe
+ 2005-05-27 23:08 . 2008-04-14 13:41 24576 c:\windows\system32\wbem\krnlprov.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 21504 c:\windows\system32\wbem\evntrprv.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 45056 c:\windows\system32\wbem\cmdevtgprov.dll
+ 1980-01-01 07:00 . 2008-04-14 08:15 17664 c:\windows\system32\watchdog.sys
+ 2010-03-30 04:44 . 2008-04-14 13:42 15872 c:\windows\system32\w3ssl.dll
+ 2007-01-03 19:02 . 2008-04-14 13:42 53760 c:\windows\system32\vfwwdm32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 26624 c:\windows\system32\verifier.dll
+ 2010-03-30 18:40 . 2008-04-14 13:42 28672 c:\windows\system32\verclsid.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 51712 c:\windows\system32\vdmredir.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 26112 c:\windows\system32\vdmdbg.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 30749 c:\windows\system32\vbajet32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 50176 c:\windows\system32\utilman.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 19968 c:\windows\system32\usmt\log.dll
+ 2010-03-30 18:40 . 2008-04-14 06:14 17920 c:\windows\system32\usmt\cobramsg.dll
+ 2005-05-27 23:04 . 2008-04-14 13:42 74240 c:\windows\system32\usbui.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 16896 c:\windows\system32\usbmon.dll
+ 2003-02-21 13:16 . 2003-02-21 13:16 49152 c:\windows\system32\URTTemp\regtlib.exe
+ 2010-03-30 19:41 . 2003-02-21 03:09 77824 c:\windows\system32\URTTemp\mscorsn.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 18432 c:\windows\system32\ups.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 16896 c:\windows\system32\upnpcont.exe
- 1980-01-01 07:00 . 2001-08-18 12:00 13824 c:\windows\system32\uniplat.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 13824 c:\windows\system32\uniplat.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 74240 c:\windows\system32\unimdmat.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 35840 c:\windows\system32\umandlg.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 26624 c:\windows\system32\udhisapi.dll
+ 2010-03-30 18:40 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
+ 2010-03-30 04:44 . 2008-04-14 13:42 57856 c:\windows\system32\twext.dll
+ 2008-07-30 05:10 . 2008-07-30 05:10 26112 c:\windows\system32\TsWpfWrp.exe
+ 2010-03-30 18:40 . 2008-04-14 13:42 50688 c:\windows\system32\tspkg.dll
+ 2010-03-30 18:40 . 2008-04-14 13:42 53248 c:\windows\system32\tsgqec.dll
+ 1980-01-01 07:00 . 2008-04-14 13:43 12168 c:\windows\system32\tsddd.dll
+ 2005-05-27 23:08 . 2004-08-04 06:59 44544 c:\windows\system32\tscupgrd.exe
+ 2005-05-27 23:08 . 2008-04-14 13:42 93696 c:\windows\system32\tscfgwmi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 90112 c:\windows\system32\trkwks.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 12800 c:\windows\system32\tree.com
+ 1980-01-01 07:00 . 2008-04-14 13:42 12288 c:\windows\system32\tracert.exe
+ 2003-07-03 08:25 . 2003-07-03 08:25 49152 c:\windows\system32\tpinspm.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 73216 c:\windows\system32\tlntsvr.exe
+ 1980-01-01 07:00 . 2009-06-12 12:31 80896 c:\windows\system32\tlntsess.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 61440 c:\windows\system32\tlntadmn.exe
+ 1980-01-01 07:00 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 45568 c:\windows\system32\tcpmonui.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 45568 c:\windows\system32\tcpmon.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 14848 c:\windows\system32\tcpmib.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 77824 c:\windows\system32\tasklist.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 76288 c:\windows\system32\taskkill.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 71680 c:\windows\system32\systeminfo.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 57856 c:\windows\system32\synceng.dll
+ 2010-03-30 04:44 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll
+ 2005-05-27 23:03 . 2008-04-14 13:42 74752 c:\windows\system32\storprop.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 14848 c:\windows\system32\stimon.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 68096 c:\windows\system32\sti.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 59392 c:\windows\system32\stclient.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 14336 c:\windows\system32\ssstars.scr
+ 1980-01-01 07:00 . 2008-04-14 13:42 18944 c:\windows\system32\ssmyst.scr
+ 1980-01-01 07:00 . 2008-04-14 13:42 47104 c:\windows\system32\ssmypics.scr
+ 1980-01-01 07:00 . 2008-04-14 13:42 20992 c:\windows\system32\ssmarque.scr
+ 1980-01-01 07:00 . 2008-04-14 13:42 34816 c:\windows\system32\ssdpapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 19968 c:\windows\system32\ssbezier.scr
+ 1980-01-01 07:00 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll
+ 2005-05-27 23:10 . 2008-04-14 13:42 67584 c:\windows\system32\srclient.dll
+ 2004-08-04 08:56 . 2008-04-14 13:42 20992 c:\windows\system32\spupdwxp.exe
+ 2010-03-30 03:25 . 2009-01-08 02:21 26144 c:\windows\system32\spupdsvc.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 75264 c:\windows\system32\spoolss.dll
+ 2010-03-30 20:02 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2004-08-04 08:56 . 2008-04-14 13:42 11264 c:\windows\system32\spnpinst.exe
+ 2010-03-30 19:48 . 2009-01-08 02:20 16928 c:\windows\system32\spmsg.dll
+ 2010-03-30 04:45 . 2008-04-14 08:13 12800 c:\windows\system32\spiisupd.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 24576 c:\windows\system32\sort.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 18944 c:\windows\system32\snmpapi.dll
+ 2010-03-30 18:41 . 2008-04-14 13:42 10752 c:\windows\system32\smtpapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 50688 c:\windows\system32\smss.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 89600 c:\windows\system32\smlogsvc.exe
+ 2010-03-30 04:44 . 2008-04-14 13:42 73796 c:\windows\system32\slserv.exe
+ 2010-03-30 04:44 . 2008-04-14 13:42 32866 c:\windows\system32\slrundll.exe
+ 2010-03-30 04:44 . 2008-04-14 13:42 73832 c:\windows\system32\slcoinst.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 98304 c:\windows\system32\slbiop.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 25088 c:\windows\system32\slayerxp.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 26112 c:\windows\system32\skeys.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 70144 c:\windows\system32\sigverif.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 13312 c:\windows\system32\sigtab.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 19456 c:\windows\system32\shutdown.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 27648 c:\windows\system32\shscrap.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 77824 c:\windows\system32\shrpubw.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 45056 c:\windows\system32\shmgrate.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 65024 c:\windows\system32\shimeng.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 68096 c:\windows\system32\shgina.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 25088 c:\windows\system32\shfolder.dll
+ 2010-03-30 18:40 . 2008-04-14 13:42 32768 c:\windows\system32\setupn.exe
+ 2010-03-30 04:45 . 2008-04-14 13:42 33792 c:\windows\system32\Setup\tabletoc.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 17408 c:\windows\system32\Setup\ocmsn.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 15360 c:\windows\system32\Setup\ocgen.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 62976 c:\windows\system32\Setup\ntoc.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 77312 c:\windows\system32\Setup\netoc.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 15360 c:\windows\system32\Setup\msgrocm.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 90112 c:\windows\system32\Setup\msdtcstp.dll
+ 2010-03-30 04:45 . 2008-04-14 13:41 16896 c:\windows\system32\Setup\medctroc.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 32828 c:\windows\system32\Setup\fp40ext.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 32828 c:\windows\system32\Setup\fp40ext.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 23040 c:\windows\system32\setup.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 31232 c:\windows\system32\sethc.exe
+ 2005-05-27 23:08 . 2008-04-14 13:42 56320 c:\windows\system32\servdeps.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 39424 c:\windows\system32\sens.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 54784 c:\windows\system32\sendmail.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 29184 c:\windows\system32\sendcmsg.dll
+ 1980-01-01 07:00 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 18944 c:\windows\system32\seclogon.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 18944 c:\windows\system32\secedit.exe
+ 2010-03-30 04:44 . 2008-04-14 13:42 29184 c:\windows\system32\sdhcinst.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 77312 c:\windows\system32\sdbinst.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 20480 c:\windows\system32\sclgntfy.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 95744 c:\windows\system32\scardsvr.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 69632 c:\windows\system32\scarddlg.dll
+ 1980-01-01 07:00 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 13312 c:\windows\system32\savedump.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 64000 c:\windows\system32\samlib.dll
+ 2005-05-27 23:10 . 2008-04-14 13:42 45568 c:\windows\system32\safrslv.dll
+ 2005-05-27 23:10 . 2008-04-14 13:42 29696 c:\windows\system32\safrdm.dll
+ 2005-05-27 23:10 . 2008-04-14 13:42 43520 c:\windows\system32\safrcdlg.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 14336 c:\windows\system32\runonce.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 33280 c:\windows\system32\rundll32.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 44032 c:\windows\system32\rtutils.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 31744 c:\windows\system32\rtipxmib.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 77312 c:\windows\system32\rtcshare.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 92672 c:\windows\system32\rsvpsp.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 18944 c:\windows\system32\rsmps.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 39936 c:\windows\system32\rshx32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 14848 c:\windows\system32\rsh.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 13824 c:\windows\system32\rexec.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 58880 c:\windows\system32\resutils.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 60416 c:\windows\system32\remotepg.dll
+ 2010-04-03 18:13 . 2002-06-03 08:21 53248 c:\windows\system32\ReinstallBackups\0007\DriverFiles\ibmpmsvc.exe
+ 2010-03-30 23:07 . 2002-04-01 22:27 88064 c:\windows\system32\ReinstallBackups\0006\DriverFiles\PCX504.sys
+ 2010-03-30 18:24 . 2004-08-04 06:59 36096 c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\intelppm.sys
+ 2010-03-30 19:24 . 2008-04-14 13:41 21504 c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\hidserv.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 11776 c:\windows\system32\regsvr32.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 49664 c:\windows\system32\regapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 50176 c:\windows\system32\reg.exe
+ 2005-05-27 23:08 . 2008-04-14 13:42 67072 c:\windows\system32\rdshost.exe
+ 2005-05-27 23:08 . 2008-04-14 13:42 13824 c:\windows\system32\rdsaddin.exe
+ 2005-05-27 23:08 . 2008-04-14 13:43 87176 c:\windows\system32\rdpwsx.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 19968 c:\windows\system32\rdpsnd.dll
+ 1980-01-01 07:00 . 2008-04-14 13:43 92424 c:\windows\system32\rdpdd.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 62976 c:\windows\system32\rdpclip.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 21504 c:\windows\system32\rcp.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 35840 c:\windows\system32\rcimlby.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 58368 c:\windows\system32\rastapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 16384 c:\windows\system32\rassapi.dll
+ 2010-03-30 18:40 . 2008-04-14 13:42 61952 c:\windows\system32\rasqec.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 56832 c:\windows\system32\rasphone.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 61440 c:\windows\system32\rasman.dll
+ 1980-01-01 07:00 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 88576 c:\windows\system32\rasauto.dll
+ 2005-05-27 23:10 . 2008-04-14 13:42 43520 c:\windows\system32\racpldlg.dll
+ 2010-03-30 18:40 . 2008-04-14 13:42 76800 c:\windows\system32\qutil.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 19968 c:\windows\system32\qprocess.exe
+ 2010-03-30 00:07 . 2008-04-14 13:42 18944 c:\windows\system32\qmgrprxy.dll
+ 2010-03-30 18:40 . 2008-04-14 13:42 62464 c:\windows\system32\qcliprov.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 34304 c:\windows\system32\pstorsvc.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 43520 c:\windows\system32\pstorec.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 96768 c:\windows\system32\psbase.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 23040 c:\windows\system32\psapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 50176 c:\windows\system32\proquota.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 27648 c:\windows\system32\profmap.dll
+ 2010-03-31 07:16 . 2010-03-31 07:16 99176 c:\windows\system32\PresentationHostProxy.dll
+ 2010-03-30 04:44 . 2008-04-14 13:42 49152 c:\windows\system32\powercfg.exe
+ 2010-03-30 04:44 . 2008-04-14 13:42 58880 c:\windows\system32\pnrpnsp.dll
+ 1980-01-01 07:00 . 2009-03-08 12:31 46592 c:\windows\system32\pngfilt.dll
+ 2001-08-18 05:36 . 2008-04-14 13:42 15360 c:\windows\system32\pjlmon.dll
+ 2005-10-29 07:49 . 2005-10-29 07:49 84480 c:\windows\system32\pintool.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 17920 c:\windows\system32\ping.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 24064 c:\windows\system32\pidgen.dll
+ 2005-11-10 16:06 . 2008-04-14 13:42 35328 c:\windows\system32\pid.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 34816 c:\windows\system32\perfproc.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 25088 c:\windows\system32\perfos.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 17920 c:\windows\system32\perfnet.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 15872 c:\windows\system32\perfmon.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 26624 c:\windows\system32\perfdisk.dll
+ 1980-01-01 07:00 . 2010-11-07 16:36 71462 c:\windows\system32\perfc009.dat
+ 1980-01-01 07:00 . 2008-04-14 13:42 67584 c:\windows\system32\pautoenr.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 58368 c:\windows\system32\packager.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 67584 c:\windows\system32\osuninst.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 67584 c:\windows\system32\openfiles.exe
+ 2005-05-27 23:10 . 2008-04-14 13:42 51200 c:\windows\system32\oobe\oobebaln.exe
+ 2005-05-27 23:10 . 2008-04-14 13:42 29184 c:\windows\system32\oobe\msoobe.exe
+ 2005-05-27 23:10 . 2008-04-14 13:42 19456 c:\windows\system32\oobe\msobweb.dll
+ 2005-05-27 23:10 . 2008-04-14 13:42 30720 c:\windows\system32\oobe\msobshel.dll
+ 2005-05-27 23:10 . 2008-04-14 13:42 16384 c:\windows\system32\oobe\msobdl.dll
+ 2010-05-03 03:09 . 2009-09-10 22:58 29328 c:\windows\system32\OlyClsInstCC.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 37376 c:\windows\system32\olecnv32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 74752 c:\windows\system32\olecli32.dll
+ 1980-01-01 07:00 . 2009-10-08 22:56 20480 c:\windows\system32\oleaccrc.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 20511 c:\windows\system32\odtext32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 20510 c:\windows\system32\odpdx32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 20510 c:\windows\system32\odfox32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 20510 c:\windows\system32\odexl32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 20511 c:\windows\system32\oddbse32.dll
+ 1980-01-01 07:00 . 2008-04-14 06:56 12288 c:\windows\system32\odbcp32r.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 12288 c:\windows\system32\odbcp32r.dll
+ 1980-01-01 07:00 . 2008-04-14 13:40 53279 c:\windows\system32\odbcji32.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 53279 c:\windows\system32\odbcji32.dll
+ 1980-01-01 07:00 . 2008-04-14 06:56 94208 c:\windows\system32\odbcint.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 65536 c:\windows\system32\odbccu32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 65536 c:\windows\system32\odbccr32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 69632 c:\windows\system32\odbcconf.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 24576 c:\windows\system32\odbcbcp.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 24576 c:\windows\system32\odbcbcp.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 32768 c:\windows\system32\odbcad32.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 32768 c:\windows\system32\odbcad32.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 16384 c:\windows\system32\odbc32gt.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 16384 c:\windows\system32\odbc32gt.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 67584 c:\windows\system32\ocmanage.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 65536 c:\windows\system32\nwwks.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 64000 c:\windows\system32\nwapi32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 15360 c:\windows\system32\ntvdmd.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 91136 c:\windows\system32\ntprint.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 40960 c:\windows\system32\ntmsapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 44032 c:\windows\system32\ntlanman.dll
+ 1980-01-01 07:00 . 2004-08-04 06:45 34560 c:\windows\system32\ntio804.sys
+ 1980-01-01 07:00 . 2004-08-04 06:45 35424 c:\windows\system32\ntio412.sys
+ 1980-01-01 07:00 . 2004-08-04 06:45 35648 c:\windows\system32\ntio411.sys
+ 1980-01-01 07:00 . 2004-08-04 06:45 34560 c:\windows\system32\ntio404.sys
+ 1980-01-01 07:00 . 2004-08-04 06:45 33840 c:\windows\system32\ntio.sys
+ 1980-01-01 07:00 . 2008-04-14 13:42 67072 c:\windows\system32\ntdsapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 76800 c:\windows\system32\nslookup.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 54784 c:\windows\system32\npptools.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 15360 c:\windows\system32\npp\nppagent.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 57344 c:\windows\system32\npp\ndisnpp.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 69120 c:\windows\system32\notepad.exe
+ 2009-01-08 02:20 . 2009-01-08 02:20 23552 c:\windows\system32\normaliz.dll
+ 2005-05-27 23:10 . 2008-04-14 13:42 28672 c:\windows\system32\nmmkcert.dll
+ 2009-01-08 02:20 . 2009-01-08 02:20 24576 c:\windows\system32\nlsdl.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 98304 c:\windows\system32\nlhtml.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 80896 c:\windows\system32\netui0.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 36864 c:\windows\system32\netstat.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 86016 c:\windows\system32\netsh.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 11776 c:\windows\system32\netrap.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 49488 c:\windows\system32\netfxperf.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 42496 c:\windows\system32\net.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 18944 c:\windows\system32\nddenb32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 17920 c:\windows\system32\nddeapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 36352 c:\windows\system32\ncobjapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 53760 c:\windows\system32\narrator.exe
+ 2010-03-30 18:40 . 2008-04-14 13:42 30208 c:\windows\system32\napipsec.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 90624 c:\windows\system32\mydocs.dll
+ 2009-11-06 05:17 . 2009-11-06 05:17 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2005-05-27 23:08 . 2008-06-12 14:23 91648 c:\windows\system32\mtxoci.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 34304 c:\windows\system32\mtxlegih.dll
+ 2005-05-27 23:08 . 2008-04-14 13:42 30720 c:\windows\system32\mtxdm.dll
+ 1980-01-01 07:00 . 2008-06-12 14:23 66560 c:\windows\system32\mtxclu.dll
+ 2005-11-10 16:06 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2010-03-30 18:42 . 2008-04-14 06:57 79872 c:\windows\system32\msxml6r.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 72704 c:\windows\system32\msw3prt.dll
+ 1980-01-01 07:00 . 2009-11-27 16:07 28672 c:\windows\system32\msvidc32.dll
+ 1980-01-01 07:00 . 2008-04-14 08:00 61440 c:\windows\system32\msvcrt40.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 57344 c:\windows\system32\msvcirt.dll
+ 2005-05-27 23:10 . 2008-04-14 13:42 12288 c:\windows\system32\mstinit.exe
+ 2010-03-30 18:40 . 2008-04-14 07:45 76800 c:\windows\system32\msshavmsg.dll
+ 1980-01-01 07:00 . 2009-11-27 16:07 11264 c:\windows\system32\msrle32.dll
+ 1980-01-01 07:00 . 2008-04-14 05:53 48128 c:\windows\system32\msprivs.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 29696 c:\windows\system32\mspatcha.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 20480 c:\windows\system32\msorc32r.dll
+ 1980-01-01 07:00 . 2008-04-14 06:54 20480 c:\windows\system32\msorc32r.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 25088 c:\windows\system32\mslbui.dll
+ 1980-01-01 07:00 . 2007-04-03 02:19 60192 c:\windows\system32\msjter40.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 15360 c:\windows\system32\msisip.dll
- 1980-01-01 07:00 . 2005-05-04 13:45 15360 c:\windows\system32\msisip.dll
- 1980-01-01 07:00 . 2005-05-04 13:45 78848 c:\windows\system32\msiexec.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 78848 c:\windows\system32\msiexec.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 51712 c:\windows\system32\msident.dll
+ 1980-01-01 07:00 . 2009-03-08 12:31 48128 c:\windows\system32\mshtmler.dll
+ 1980-01-01 07:00 . 2010-09-10 05:58 66560 c:\windows\system32\mshtmled.dll
+ 1980-01-01 07:00 . 2009-03-08 12:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 12:31 . 2009-03-08 12:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 12:31 . 2010-09-10 05:58 55296 c:\windows\system32\msfeedsbs.dll
+ 2005-05-27 23:08 . 2008-06-12 14:23 58880 c:\windows\system32\msdtclog.dll
+ 2005-11-10 16:06 . 2008-04-14 13:42 14336 c:\windows\system32\msdmo.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 68608 c:\windows\system32\msctfp.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 36864 c:\windows\system32\mscpxl32.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 36864 c:\windows\system32\mscpxl32.dLL
+ 1980-01-01 07:00 . 2008-04-14 06:56 12288 c:\windows\system32\mscpx32r.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 12288 c:\windows\system32\mscpx32r.dLL
+ 2008-07-25 19:16 . 2008-07-25 19:16 83968 c:\windows\system32\mscories.dll
+ 2005-05-27 23:10 . 2008-04-14 13:42 69632 c:\windows\system32\msconf.dll
+ 1980-01-01 07:00 . 2008-06-24 16:43 74240 c:\windows\system32\mscms.dll
+ 1980-01-01 07:00 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 86016 c:\windows\system32\msapsspc.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 71680 c:\windows\system32\msacm32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 49152 c:\windows\system32\mqupgrd.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 95744 c:\windows\system32\mqsec.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 89088 c:\windows\system32\mqlogmgr.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 16896 c:\windows\system32\mqise.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 47616 c:\windows\system32\mqdscli.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 19968 c:\windows\system32\mqbkup.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 53248 c:\windows\system32\mprdim.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 87040 c:\windows\system32\mprapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 59904 c:\windows\system32\mpr.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 16896 c:\windows\system32\more.com
- 2005-05-27 23:10 . 2001-08-18 12:00 32768 c:\windows\system32\mnmsrvc.exe
+ 2005-05-27 23:10 . 2008-04-14 13:42 32768 c:\windows\system32\mnmsrvc.exe
+ 2005-05-27 23:10 . 2008-04-14 13:41 34560 c:\windows\system32\mnmdd.dll
+ 1980-01-01 07:00 . 2004-08-04 06:51 68768 c:\windows\system32\mmsystem.dll
+ 2005-05-27 23:08 . 2008-04-14 13:41 17408 c:\windows\system32\mmfutil.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 61440 c:\windows\system32\mmcshext.dll
+ 2010-03-30 18:40 . 2008-04-14 13:42 33792 c:\windows\system32\mmcperf.exe
+ 2010-04-04 03:17 . 2010-04-04 03:17 29404 c:\windows\system32\mlfcache.dat
+ 1980-01-01 07:00 . 2008-04-14 13:41 29696 c:\windows\system32\mimefilt.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 60928 c:\windows\system32\miglibnt.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 18944 c:\windows\system32\midimap.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 14848 c:\windows\system32\mgmtapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 22528 c:\windows\system32\mfcsubs.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 40960 c:\windows\system32\mf3216.dll
+ 2010-03-30 04:44 . 2008-04-14 13:41 86016 c:\windows\system32\mdmxsdk.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 23552 c:\windows\system32\mciwave.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 23040 c:\windows\system32\mciseq.dll
+ 2005-11-10 16:06 . 2008-04-14 13:41 35328 c:\windows\system32\mciqtz32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 84480 c:\windows\system32\mciavi32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 14336 c:\windows\system32\mcastmib.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 57344 c:\windows\system32\makecab.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 72704 c:\windows\system32\magnify.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 10240 c:\windows\system32\lprhelp.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 59392 c:\windows\system32\logman.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 75264 c:\windows\system32\locator.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 11776 c:\windows\system32\localui.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 97280 c:\windows\system32\loadperf.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 13824 c:\windows\system32\lmhsvc.dll
+ 2005-05-27 23:08 . 2008-04-14 13:41 58880 c:\windows\system32\licwmi.dll
+ 1980-01-01 07:00 . 2010-09-10 05:58 43520 c:\windows\system32\licmgr10.dll
+ 2005-11-10 16:06 . 2006-10-19 05:47 11264 c:\windows\system32\LAPRXY.dll
+ 2010-03-30 18:40 . 2008-04-14 13:41 37376 c:\windows\system32\l2gpstore.dll
+ 1980-01-01 07:00 . 2004-08-04 06:49 92224 c:\windows\system32\krnl386.exe
+ 2010-03-30 18:40 . 2008-04-14 13:41 61440 c:\windows\system32\kmsvc.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 42537 c:\windows\system32\keyboard.sys
+ 1980-01-01 07:00 . 2004-08-04 06:46 42537 c:\windows\system32\keyboard.sys
+ 1980-01-01 07:00 . 2010-09-10 05:58 25600 c:\windows\system32\jsproxy.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 27648 c:\windows\system32\jgpl400.dll
+ 2007-01-03 19:02 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 54272 c:\windows\system32\ixsso.dll
+ 2005-05-27 23:10 . 2008-04-14 13:41 32768 c:\windows\system32\isrdbg32.dll
+ 2005-05-27 23:10 . 2008-04-14 13:41 81920 c:\windows\system32\isign32.dll
+ 2005-05-27 23:05 . 2008-04-14 13:41 28160 c:\windows\system32\irmon.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 22016 c:\windows\system32\ipxwan.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 23552 c:\windows\system32\ipxroute.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 59904 c:\windows\system32\ipv6mon.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 53248 c:\windows\system32\ipv6.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 94720 c:\windows\system32\iphlpapi.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 55808 c:\windows\system32\ipconfig.exe
+ 1980-01-01 07:00 . 2009-03-08 12:32 94720 c:\windows\system32\inseng.dll
+ 2008-07-30 03:24 . 2008-07-30 03:24 97800 c:\windows\system32\infocardapi.dll
+ 2005-05-27 23:10 . 2008-04-14 05:52 48128 c:\windows\system32\inetres.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 15872 c:\windows\system32\inetppui.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 75264 c:\windows\system32\inetpp.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 32768 c:\windows\system32\inetmib1.dll
+ 1980-01-01 07:00 . 2009-03-08 12:31 34816 c:\windows\system32\imgutil.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 36921 c:\windows\system32\imeshare.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 36921 c:\windows\system32\imeshare.dll
+ 2005-05-27 23:10 . 2008-04-14 13:41 81920 c:\windows\system32\ils.dll
+ 2009-03-08 12:32 . 2009-03-08 12:32 36864 c:\windows\system32\ieudinit.exe
+ 1980-01-01 07:00 . 2009-03-08 12:32 71680 c:\windows\system32\iesetup.dll
+ 1980-01-01 07:00 . 2009-03-08 12:32 55808 c:\windows\system32\iernonce.dll
+ 2010-02-26 05:43 . 2010-02-26 05:43 81920 c:\windows\system32\ieencode.dll
+ 2009-01-08 02:20 . 2009-01-08 02:20 26112 c:\windows\system32\idndl.dll
+ 2005-05-27 23:10 . 2008-04-14 13:41 65536 c:\windows\system32\icwphbk.dll
+ 2005-05-27 23:10 . 2008-04-14 13:41 73728 c:\windows\system32\icwdial.dll
+ 1980-01-01 07:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
+ 2008-07-30 03:24 . 2008-07-30 03:24 11264 c:\windows\system32\icardres.dll
+ 2009-03-08 12:31 . 2009-03-08 12:31 59904 c:\windows\system32\icardie.dll
+ 2005-05-27 23:08 . 2008-04-14 13:41 11264 c:\windows\system32\icaapi.dll
+ 1980-01-01 07:00 . 2003-07-03 08:25 57344 c:\windows\system32\ibmpmsvc.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 41984 c:\windows\system32\htui.dll
+ 2010-03-30 04:44 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll
+ 2010-03-30 04:44 . 2008-04-14 13:41 32285 c:\windows\system32\hsfcisp2.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 72704 c:\windows\system32\hlink.dll
+ 2010-03-29 23:20 . 2008-04-14 13:41 21504 c:\windows\system32\hidserv.dll
+ 2001-08-18 05:36 . 2008-04-14 13:41 20992 c:\windows\system32\hid.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 41472 c:\windows\system32\hhsetup.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 15872 c:\windows\system32\help.exe
+ 2002-03-13 01:36 . 2008-04-14 08:01 81152 c:\windows\system32\HAL.DLL
+ 1980-01-01 07:00 . 2008-04-14 13:42 39424 c:\windows\system32\grpconv.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 59904 c:\windows\system32\getmac.exe
+ 2010-03-30 04:44 . 2008-04-14 13:41 60416 c:\windows\system32\fwcfg.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 42496 c:\windows\system32\ftp.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 29696 c:\windows\system32\format.com
+ 1980-01-01 07:00 . 2008-04-14 13:42 20992 c:\windows\system32\fontview.exe
+ 1980-01-01 07:00 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
+ 2010-03-30 04:44 . 2008-04-14 13:42 23040 c:\windows\system32\fltmc.exe
+ 2010-03-30 04:44 . 2008-04-14 13:41 16896 c:\windows\system32\fltlib.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 87552 c:\windows\system32\fldrclnr.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 27136 c:\windows\system32\findstr.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 21504 c:\windows\system32\feclient.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 73728 c:\windows\system32\fdeploy.dll
+ 2004-08-04 08:56 . 2008-04-14 13:42 20992 c:\windows\system32\faxpatch.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 80384 c:\windows\system32\faultrep.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 24064 c:\windows\system32\extrac32.exe
+ 2010-03-30 04:44 . 2008-04-14 13:41 55808 c:\windows\system32\extmgr.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 82944 c:\windows\system32\eventtriggers.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 50688 c:\windows\system32\eventcreate.exe
+ 1980-01-01 07:00 . 2008-04-14 13:41 23040 c:\windows\system32\ersvc.dll
+ 2005-11-10 16:06 . 2008-04-14 13:41 20480 c:\windows\system32\encapi.dll
+ 2010-03-30 18:39 . 2008-04-14 13:41 40960 c:\windows\system32\en\mmcex.resources.dll
+ 2010-03-30 18:39 . 2008-04-14 13:41 28672 c:\windows\system32\en\microsoft.managementconsole.resources.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 26624 c:\windows\system32\efsadu.dll
+ 2010-03-30 18:40 . 2008-04-14 13:41 33792 c:\windows\system32\eapsvc.dll
+ 2010-03-30 18:40 . 2008-04-14 13:41 59392 c:\windows\system32\eapqec.dll
+ 2010-03-30 18:40 . 2008-04-14 13:41 40960 c:\windows\system32\eappprxy.dll
+ 2010-03-30 18:40 . 2008-04-14 13:41 94208 c:\windows\system32\eappgnui.dll
+ 2010-03-30 18:40 . 2008-04-14 13:41 30720 c:\windows\system32\eapolqec.dll
+ 2008-07-30 05:10 . 2008-07-30 05:10 73720 c:\windows\system32\dxva2.dll
+ 1980-01-01 07:00 . 2008-04-14 13:42 17920 c:\windows\system32\dvdupgrd.exe
+ 1980-01-01 07:00 . 2008-04-14 13:42 10752 c:\windows\system32\dumprep.exe
+ 2005-11-10 16:06 . 2008-04-14 13:41 19456 c:\windows\system32\dswave.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 51200 c:\windows\system32\dssec.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 92672 c:\windows\system32\dskquota.dll
+ 2005-11-10 16:06 . 2008-04-14 13:41 71680 c:\windows\system32\dsdmoprp.dll
+ 1980-01-01 07:00 . 2008-04-14 13:41 16384 c:\windows\system32\ds32gt.dll
- 1980-01-01 07:00 . 2001-08-18 12:00 16384 c:\windows\system32\ds32gt.dll
+ 2010-04-04 02:20 . 2009-10-16 09:33 41472 c:\windows\system32\DRVSTORE\usbaapl_E0F497D6C8B1C59AEB6422181BF0AFABD8356D47\usbaapl.sys
+ 2010-05-03 03:09 . 2009-09-10 22:58 29328 c:\windows\system32\DRVSTORE\olycamcomm_443826FC96EF44DB802C7D7FD82451DA7A0ABB86\OlyClsInstCC.dll
+ 2010-05-03 03:09 . 2009-09-10 22:58 21648 c:\windows\system32\DRVSTORE\olycamcomm_443826FC96EF44DB802C7D7FD82451DA7A0ABB86\OlyCamComm.sys
+ 2010-04-04 02:20 . 2010-03-17 02:53 17408 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\netaapl.sys
+ 2010-04-04 02:37 . 2009-05-18 20:17 26600 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
+ 1980-01-01 07:00 . 2008-04-14 13:41 14336 c:\windows\system32\drprov.dll
+ 2005-11-10 16:06 . 2008-04-14 13:41 87040 c:\windows\system32\drmstor.dll
+ 2006-09-29 03:00 . 2006-09-29 03:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-09-29 02:55 . 2006-09-29 02:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2005-11-10 16:06 . 2008-04-14 08:16 19200 c:\windows\system32\drivers\wstcodec.sys
+ 2006-10-19 04:00 . 2006-10-19 04:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2005-05-27 23:06 . 2008-04-14 08:47 83072 c:\windows\system32\drivers\wdmaud.sys
+ 2006-11-02 15:22 . 2006-11-02 15:22 32224 c:\windows\system32\drivers\wdfldr.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 25471 c:\windows\system32\drivers\watv10nt.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 22271 c:\windows\system32\drivers\watv06nt.sys
+ 1980-01-01 07:00 . 2008-04-14 08:27 34560 c:\windows\system32\drivers\wanarp.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 11935 c:\windows\system32\drivers\wadv11nt.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 11871 c:\windows\system32\drivers\wadv09nt.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 11295 c:\windows\system32\drivers\wadv08nt.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 11807 c:\windows\system32\drivers\wadv07nt.sys
+ 2010-03-30 04:44 . 2008-04-14 08:13 14208 c:\windows\system32\drivers\wacompen.sys
+ 1980-01-01 07:00 . 2008-04-14 08:11 52352 c:\windows\system32\drivers\volsnap.sys
+ 1980-01-01 07:00 . 2008-04-14 08:14 81664 c:\windows\system32\drivers\videoprt.sys
+ 2010-03-30 04:44 . 2008-04-14 08:06 42240 c:\windows\system32\drivers\viaagp.sys
+ 1980-01-01 07:00 . 2008-04-14 08:14 20992 c:\windows\system32\drivers\vga.sys
+ 2010-03-30 04:44 . 2008-04-14 13:42 11325 c:\windows\system32\drivers\vchnt5.dll
+ 2005-05-27 23:04 . 2008-04-14 08:15 20608 c:\windows\system32\drivers\usbuhci.sys
+ 2005-11-23 04:28 . 2008-04-14 08:15 26368 c:\windows\system32\drivers\usbstor.sys
+ 2006-05-11 05:18 . 2008-04-14 08:15 15104 c:\windows\system32\drivers\usbscan.sys
+ 2006-09-29 03:25 . 2008-04-14 08:17 25856 c:\windows\system32\drivers\usbprint.sys
+ 2001-08-17 21:03 . 2008-04-14 08:15 15872 c:\windows\system32\drivers\usbintel.sys
+ 2005-05-27 23:04 . 2008-04-14 08:15 59520 c:\windows\system32\drivers\usbhub.sys
+ 2010-03-30 04:44 . 2008-04-14 08:15 30208 c:\windows\system32\drivers\usbehci.sys
+ 2008-04-08 15:11 . 2008-04-14 08:15 32128 c:\windows\system32\drivers\usbccgp.sys
+ 2001-08-17 21:03 . 2008-04-14 08:15 25728 c:\windows\system32\drivers\usbcamd2.sys
+ 2001-08-17 21:03 . 2008-04-14 08:15 25600 c:\windows\system32\drivers\usbcamd.sys
+ 2008-05-04 10:40 . 2008-04-14 08:15 60032 c:\windows\system32\drivers\usbaudio.sys
+ 2010-03-30 04:44 . 2008-04-14 08:26 12800 c:\windows\system32\drivers\usb8023x.sys
+ 1980-01-01 07:00 . 2008-04-14 08:26 12800 c:\windows\system32\drivers\usb8023.sys
+ 1980-01-01 07:00 . 2008-04-14 08:02 66048 c:\windows\system32\drivers\udfs.sys
+ 2010-03-30 04:44 . 2008-04-14 08:06 44672 c:\windows\system32\drivers\uagp35.sys
+ 2010-03-30 04:44 . 2008-04-14 08:26 12288 c:\windows\system32\drivers\tunmp.sys
+ 2005-05-27 23:08 . 2008-04-14 13:43 40840 c:\windows\system32\drivers\termdd.sys
+ 2005-05-27 23:08 . 2008-04-14 13:43 21896 c:\windows\system32\drivers\tdtcp.sys
+ 2005-05-27 23:08 . 2008-04-14 13:43 12040 c:\windows\system32\drivers\tdpipe.sys
+ 1980-01-01 07:00 . 2008-04-14 08:30 19072 c:\windows\system32\drivers\tdi.sys
+ 1980-01-01 07:00 . 2008-04-14 08:10 14976 c:\windows\system32\drivers\tape.sys
+ 2005-05-27 23:06 . 2008-04-14 08:45 60800 c:\windows\system32\drivers\sysaudio.sys
+ 2005-05-27 23:06 . 2008-04-14 08:15 56576 c:\windows\system32\drivers\swmidi.sys
+ 2005-11-10 16:06 . 2008-04-14 08:16 15232 c:\windows\system32\drivers\streamip.sys
+ 2005-11-10 16:06 . 2008-04-14 08:15 49408 c:\windows\system32\drivers\stream.sys
+ 2005-05-27 23:10 . 2008-04-14 08:06 73472 c:\windows\system32\drivers\sr.sys
+ 2001-08-17 21:06 . 2008-04-14 08:16 25344 c:\windows\system32\drivers\sonydcam.sys
+ 2010-03-30 04:44 . 2004-08-04 06:41 13240 c:\windows\system32\drivers\slwdmsup.sys
+ 2010-03-30 04:44 . 2004-08-04 06:41 95424 c:\windows\system32\drivers\slnthal.sys
+ 2005-11-10 16:06 . 2008-04-14 08:16 11136 c:\windows\system32\drivers\slip.sys
+ 2010-03-30 04:44 . 2008-04-14 08:06 40960 c:\windows\system32\drivers\sisagp.sys
+ 2001-08-17 20:52 . 2008-04-14 08:10 11392 c:\windows\system32\drivers\sfloppy.sys
+ 2010-03-30 04:44 . 2008-04-14 08:10 11008 c:\windows\system32\drivers\sffp_sd.sys
+ 2010-03-30 18:27 . 2008-04-14 08:10 10240 c:\windows\system32\drivers\sffp_mmc.sys
+ 2010-03-30 04:44 . 2008-04-14 08:10 11904 c:\windows\system32\drivers\sffdisk.sys
+ 2001-08-18 05:24 . 2008-04-14 08:45 64512 c:\windows\system32\drivers\serial.sys
+ 2001-08-17 20:50 . 2008-04-14 08:10 15744 c:\windows\system32\drivers\serenum.sys
+ 1980-01-01 07:00 . 2008-04-14 06:09 20480 c:\windows\system32\drivers\secdrv.sys
+ 2010-03-30 04:44 . 2008-04-14 08:06 79232 c:\windows\system32\drivers\sdbus.sys
+ 1980-01-01 07:00 . 2008-04-14 08:10 96384 c:\windows\system32\drivers\scsiport.sys
+ 2010-03-30 04:44 . 2008-04-14 08:26 30592 c:\windows\system32\drivers\rndismpx.sys
+ 1980-01-01 07:00 . 2008-04-14 08:26 30592 c:\windows\system32\drivers\rndismp.sys
+ 2010-03-30 04:44 . 2008-04-14 08:16 59136 c:\windows\system32\drivers\rfcomm.sys
+ 2005-05-27 23:06 . 2008-04-14 08:10 57600 c:\windows\system32\drivers\redbook.sys
+ 2010-03-30 04:44 . 2004-08-04 06:41 13776 c:\windows\system32\drivers\recagent.sys
+ 1980-01-01 07:00 . 2008-04-14 08:49 48384 c:\windows\system32\drivers\raspptp.sys
+ 1980-01-01 07:00 . 2008-04-14 08:27 41472 c:\windows\system32\drivers\raspppoe.sys
+ 1980-01-01 07:00 . 2008-04-14 08:49 51328 c:\windows\system32\drivers\rasl2tp.sys
+ 1980-01-01 07:00 . 2008-04-14 08:26 69120 c:\windows\system32\drivers\psched.sys
+ 2001-08-17 20:48 . 2008-04-14 08:01 35840 c:\windows\system32\drivers\processr.sys
+ 1980-01-01 07:00 . 2003-02-14 23:16 96256 c:\windows\system32\drivers\PCX504.sys
+ 2001-08-17 20:51 . 2008-04-14 08:10 24960 c:\windows\system32\drivers\pciidex.sys
+ 2001-08-17 20:58 . 2008-04-14 08:06 68224 c:\windows\system32\drivers\pci.sys
+ 1980-01-01 07:00 . 2008-04-14 08:10 19712 c:\windows\system32\drivers\partmgr.sys
+ 2001-08-17 20:50 . 2008-04-14 08:10 80128 c:\windows\system32\drivers\parport.sys
+ 2001-08-17 20:48 . 2008-04-14 08:01 42752 c:\windows\system32\drivers\p3.sys
+ 2010-05-03 03:09 . 2009-09-10 22:58 21648 c:\windows\system32\drivers\OlyCamComm.sys
+ 1980-01-01 07:00 . 2008-04-14 08:26 88320 c:\windows\system32\drivers\nwlnkipx.sys
+ 2009-05-09 09:14 . 2009-05-09 09:14 14736 c:\windows\system32\drivers\nuidfltr.sys
+ 2005-05-27 23:05 . 2008-04-14 08:24 28672 c:\windows\system32\drivers\nscirda.sys
+ 1980-01-01 07:00 . 2008-04-14 08:02 30848 c:\windows\system32\drivers\npfs.sys
+ 1980-01-01 07:00 . 2008-04-14 08:23 40320 c:\windows\system32\drivers\nmnt.sys
+ 2001-08-17 20:46 . 2008-04-14 08:21 61824 c:\windows\system32\drivers\nic1394.sys
+ 1980-01-01 07:00 . 2008-04-14 08:26 34688 c:\windows\system32\drivers\netbios.sys
+ 1980-01-01 07:00 . 2008-04-14 08:27 40576 c:\windows\system32\drivers\ndproxy.sys
+ 1980-01-01 07:00 . 2008-04-14 08:50 91520 c:\windows\system32\drivers\ndiswan.sys
+ 2001-08-17 20:53 . 2008-04-14 08:26 14592 c:\windows\system32\drivers\ndisuio.sys
+ 1980-01-01 07:00 . 2008-04-14 08:27 10112 c:\windows\system32\drivers\ndistapi.sys
+ 2005-11-10 16:06 . 2008-04-14 08:16 10880 c:\windows\system32\drivers\ndisip.sys
+ 2005-11-10 16:06 . 2008-04-14 08:16 85248 c:\windows\system32\drivers\nabtsfec.sys
+ 2010-03-30 04:44 . 2008-04-14 08:13 12672 c:\windows\system32\drivers\mutohpen.sys
+ 2010-03-30 04:44 . 2008-04-14 08:06 15488 c:\windows\system32\drivers\mssmbios.sys
+ 1980-01-01 07:00 . 2008-04-14 08:26 35072 c:\windows\system32\drivers\msgpc.sys
+ 1980-01-01 07:00 . 2008-04-14 08:02 19072 c:\windows\system32\drivers\msfs.sys
+ 2005-11-10 16:06 . 2008-04-14 08:16 51200 c:\windows\system32\drivers\msdv.sys
+ 1980-01-01 07:00 . 2008-04-14 08:09 92544 c:\windows\system32\drivers\mqac.sys
+ 2005-11-10 16:06 . 2008-04-14 08:16 15232 c:\windows\system32\drivers\mpe.sys
+ 1980-01-01 07:00 . 2008-04-14 08:09 42368 c:\windows\system32\drivers\mountmgr.sys
+ 2001-08-17 20:47 . 2008-04-14 08:09 23040 c:\windows\system32\drivers\mouclass.sys
+ 2001-08-17 20:57 . 2008-04-14 08:30 30080 c:\windows\system32\drivers\modem.sys
+ 2001-08-17 20:58 . 2008-04-14 08:06 63744 c:\windows\system32\drivers\mf.sys
+ 2010-03-30 04:44 . 2004-08-04 06:41 11868 c:\windows\system32\drivers\mdmxsdk.sys
+ 1980-01-01 07:00 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2001-08-17 20:58 . 2008-04-14 08:06 37248 c:\windows\system32\drivers\isapnp.sys
+ 2005-05-27 23:03 . 2008-04-14 08:24 11264 c:\windows\system32\drivers\irenum.sys
+ 2005-05-27 23:05 . 2008-04-14 08:24 88192 c:\windows\system32\drivers\irda.sys
+ 2010-03-30 04:45 . 2008-04-14 08:15 46592 c:\windows\system32\drivers\irbus.sys
+ 1980-01-01 07:00 . 2008-04-14 08:49 75264 c:\windows\system32\drivers\ipsec.sys
+ 1980-01-01 07:00 . 2008-04-14 08:27 20864 c:\windows\system32\drivers\ipinip.sys
+ 2010-03-30 04:44 . 2008-04-14 08:01 36352 c:\windows\system32\drivers\intelppm.sys
+ 1980-01-01 07:00 . 2008-04-14 08:11 42112 c:\windows\system32\drivers\imapi.sys
+ 1980-01-01 07:00 . 2003-07-03 08:25 11344 c:\windows\system32\drivers\ibmpmdrv.sys
+ 2001-08-18 05:24 . 2008-04-14 08:48 52480 c:\windows\system32\drivers\i8042prt.sys
+ 2010-03-29 23:20 . 2008-04-14 08:15 10368 c:\windows\system32\drivers\hidusb.sys
+ 2010-03-30 19:24 . 2008-04-14 13:41 21504 c:\windows\system32\drivers\hidserv.dll
+ 2001-08-17 21:02 . 2008-04-14 08:15 24960 c:\windows\system32\drivers\hidparse.sys
+ 2010-03-30 04:44 . 2008-04-14 08:15 19200 c:\windows\system32\drivers\hidir.sys
+ 2001-08-17 21:02 . 2008-04-14 08:15 36864 c:\windows\system32\drivers\hidclass.sys
+ 2010-03-30 04:44 . 2008-04-14 08:16 25600 c:\windows\system32\drivers\hidbth.sys
+ 2006-09-19 13:44 . 2009-05-18 20:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2010-03-30 04:44 . 2008-04-14 08:06 46464 c:\windows\system32\drivers\gagp30kx.sys
+ 2001-08-17 20:51 . 2008-04-14 08:10 20480 c:\windows\system32\drivers\flpydisk.sys
+ 1980-01-01 07:00 . 2008-04-14 08:03 44544 c:\windows\system32\drivers\fips.sys
+ 2001-08-17 20:51 . 2008-04-14 08:10 27392 c:\windows\system32\drivers\fdc.sys
+ 1980-01-01 07:00 . 2008-04-14 08:08 71168 c:\windows\system32\drivers\dxg.sys
+ 2005-05-27 23:04 . 2008-04-14 08:15 60160 c:\windows\system32\drivers\drmk.sys
+ 2005-05-27 23:06 . 2008-04-14 08:15 52864 c:\windows\system32\drivers\dmusic.sys
+ 1980-01-01 07:00 . 2008-04-14 08:10 14208 c:\windows\system32\drivers\diskdump.sys
+ 2001-08-17 20:52 . 2008-04-14 08:10 36352 c:\windows\system32\drivers\disk.sys
+ 2001-08-17 20:48 . 2008-04-14 08:01 36736 c:\windows\system32\drivers\crusoe.sys
+ 2005-05-27 23:06 . 2008-04-14 08:06 10240 c:\windows\system32\drivers\compbatt.sys
+ 2005-05-27 23:06 . 2008-04-14 08:06 13952 c:\windows\system32\drivers\cmbatt.sys
+ 1980-01-01 07:00 . 2008-04-14 08:46 49536 c:\windows\system32\drivers\classpnp.sys
+ 2010-03-30 04:44 . 2008-04-14 13:41 15423 c:\windows\system32\drivers\ch7xxnt5.dll
+ 2001-08-17 20:52 . 2008-04-14 08:10 62976 c:\windows\system32\drivers\cdrom.sys
+ 1980-01-01 07:00 . 2008-04-14 08:44 63744 c:\windows\system32\drivers\cdfs.sys
+ 2005-11-10 16:06 . 2008-04-14 08:16 17024 c:\windows\system32\drivers\ccdecode.sys
+ 2010-03-30 04:44 . 2008-04-14 08:16 18944 c:\windows\system32\drivers\bthusb.sys
+ 2010-03-30 04:44 . 2008-04-14 08:16 36480 c:\windows\system32\drivers\bthprint.sys
+ 2010-03-30 04:44 . 2008-04-14 08:16 37888 c:\windows\system32\drivers\bthmodem.sys
+ 2010-03-30 04:44 . 2008-04-14 08:16 17024 c:\windows\system32\drivers\bthenum.sys
+ 1980-01-01 07:00 . 2008-04-14 08:23 71552 c:\windows\system32\drivers\bridge.sys
+ 2005-11-10 16:06 . 2008-04-14 08:16 11776 c:\windows\system32\drivers\bdasup.sys
+ 2005-05-27 23:06 . 2008-04-14 08:06 14208 c:\windows\system32\drivers\battc.sys
+ 2010-03-30 04:44 . 2008-04-14 13:41 17279 c:\windows\system32\drivers\atv10nt5.dll
+ 2010-03-30 04:44 . 2008-04-14 13:41 14143 c:\windows\system32\drivers\atv06nt5.dll
+ 2010-03-30 04:44 . 2008-04-14 13:41 25471 c:\windows\system32\drivers\atv04nt5.dll
+ 2010-03-30 04:44 . 2008-04-14 13:41 11359 c:\windows\system32\drivers\atv02nt5.dll
+ 2010-03-30 04:44 . 2008-04-14 13:41 21183 c:\windows\system32\drivers\atv01nt5.dll
+ 1980-01-01 07:00 . 2008-04-14 08:21 55808 c:\windows\system32\drivers\atmlane.sys
+ 1980-01-01 07:00 . 2008-04-14 08:21 59904 c:\windows\system32\drivers\atmarpc.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 63488 c:\windows\system32\drivers\atinxsxx.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 31744 c:\windows\system32\drivers\atinxbxx.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 73216 c:\windows\system32\drivers\atintuxx.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 13824 c:\windows\system32\drivers\atinttxx.sys
+ 2010-03-30 04:44 . 2004-08-04 06:29 28672 c:\windows\system32\drivers\atinsnxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 52224 c:\windows\system32\drivers\atinraxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 14336 c:\windows\system32\drivers\atinpdxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 13824 c:\windows\system32\drivers\atinmdxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 57856 c:\windows\system32\drivers\atinbtxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 34735 c:\windows\system32\drivers\ati1xsxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 29455 c:\windows\system32\drivers\ati1xbxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 36463 c:\windows\system32\drivers\ati1tuxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 21343 c:\windows\system32\drivers\ati1ttxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 26367 c:\windows\system32\drivers\ati1snxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 63663 c:\windows\system32\drivers\ati1rvxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 30671 c:\windows\system32\drivers\ati1raxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 12047 c:\windows\system32\drivers\ati1pdxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 11615 c:\windows\system32\drivers\ati1mdxx.sys
+ 2010-03-30 04:45 . 2004-08-04 06:29 56623 c:\windows\system32\drivers\ati1btxx.sys
+ 2001-08-17 20:46 . 2008-04-14 08:21 60800 c:\windows\system32\drivers\arp1394.sys
+ 2010-03-30 04:45 . 2008-04-14 08:01 37760 c:\windows\system32\drivers\amdk7.sys
+ 2001-08-17 20:48 . 2008-04-14 08:01 37376 c:\windows\system32\drivers\amdk6.sys
+ 2010-03-30 04:45 . 2008-04-14 08:06 43008 c:\windows\system32\drivers\amdagp.sys
+ 2010-03-30 04:45 . 2008-04-14 08:06 42752 c:\windows\system32\drivers\alim1541.sys
+ 2010-03-30 04:45 . 2008-04-14 08:06 44928 c:\windows\system32\drivers\agpcpq.sys
+ 1980-01-01 07:00 . 2008-04-14 13:42 62976 c:\windows\system32\driverquery.exe