Mebroot and Norton Internet Security 2011

View previous topic View next topic Go down

Mebroot and Norton Internet Security 2011

Post by GoFigure on Tue Dec 21, 2010 3:02 pm

My wifes computer is running Windows XP SP3 and using Norton Internet Security 2011. Last week she started getting alerts from NIS that she had a mbr infection Mebroot and it was unable to remove it. Since that time I have ran Malwarebytes, Super AntiSpyware, Mebroot Fixtool, Kaspersky AV Tool Kit, and Combofix (includes catchme and gmer). None of those programs even found mebroot on the system, or anything else. I have used recovery console to run fixmbr and have even gone as far as doing a repair reinstall of windows xp. And still I get the popup notifying me that it is infected with mebroot.

Any suggestions?

GoFigure
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-05
OS OS : Windows 7
Points Points : 25993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by Belahzur on Wed Dec 22, 2010 12:38 am

Hello.

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by GoFigure on Thu Dec 23, 2010 7:46 am

OTL logfile created on: 12/23/2010 1:16:20 AM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\dendeb\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 81.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 18.27 Gb Free Space | 49.04% Space Free | Partition Type: NTFS
Drive D: | 149.05 Gb Total Space | 123.12 Gb Free Space | 82.60% Space Free | Partition Type: NTFS
Drive E: | 55.90 Gb Total Space | 45.57 Gb Free Space | 81.52% Space Free | Partition Type: NTFS

Computer Name: TOBECHANGED | User Name: dendeb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/23 01:07:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dendeb\My Documents\Downloads\OTL.com
PRC - [2010/11/23 20:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccsvchst.exe
PRC - [2008/04/14 03:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/06/01 10:34:56 | 000,017,920 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\CTHELPER.EXE
PRC - [2001/11/29 13:44:05 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe


========== Modules (SafeList) ==========

MOD - [2010/12/23 01:07:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dendeb\My Documents\Downloads\OTL.com
MOD - [2010/12/04 00:58:45 | 000,413,112 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\asoehook.dll
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 01:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 01:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\microsoft.vc90.crt\msvcp90.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/11/23 20:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe -- (NIS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\dendeb\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/12/16 16:34:14 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20101222.018\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/16 16:34:14 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20101222.018\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/30 23:24:00 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1205000.07D\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/11/22 22:08:31 | 000,509,560 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1205000.07D\SRTSP.SYS -- (SRTSP)
DRV - [2010/11/22 22:08:31 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/11/22 20:20:07 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20101123.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/11/17 20:59:55 | 000,652,336 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\SYMEFA.SYS -- (SymEFA)
DRV - [2010/11/15 19:45:33 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\Ironx86.SYS -- (SymIRON)
DRV - [2010/11/08 18:50:31 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20101222.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/10/20 20:28:36 | 000,340,016 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1205000.07D\SYMDS.SYS -- (SymDS)
DRV - [2010/09/11 22:47:13 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/09/08 16:36:32 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/09/08 00:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/01/15 07:19:00 | 006,301,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/08/01 10:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 10:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/06/01 10:19:00 | 000,499,584 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2006/06/01 10:19:00 | 000,007,168 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/06/01 10:18:46 | 001,107,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2006/06/01 10:18:20 | 000,116,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/06/01 10:18:14 | 000,143,872 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/06/01 10:18:12 | 000,078,336 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/06/01 10:18:08 | 000,502,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2005/11/10 16:06:04 | 000,340,704 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2005/05/05 05:01:52 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2005/03/30 07:24:00 | 000,230,400 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Safe Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2010/12/13 20:10:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn\ [2010/12/09 13:49:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/20 18:31:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/20 18:31:30 | 000,000,000 | ---D | M]

[2009/10/04 02:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dendeb\Application Data\Mozilla\Extensions
[2009/10/04 02:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dendeb\Application Data\Mozilla\Firefox\Profiles\ghcfzy9p.default\extensions
[2009/10/04 02:37:53 | 000,001,549 | ---- | M] () -- C:\Documents and Settings\dendeb\Application Data\Mozilla\Firefox\Profiles\ghcfzy9p.default\searchplugins\scroogle-ssl-search.xml
[2010/09/08 16:20:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/06/18 00:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll

O1 HOSTS File: ([2010/12/13 23:23:07 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (no name) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220 12.160.140.10
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\dendeb\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\dendeb\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/03 22:48:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2010/12/22 07:01:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/12/22 03:02:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/21 17:42:36 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/12/21 17:42:36 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/12/21 17:42:36 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/12/21 17:42:35 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2010/12/21 17:42:35 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2010/12/21 17:42:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2010/12/21 17:42:34 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2010/12/21 17:42:34 | 000,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2010/12/21 17:42:33 | 006,075,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/12/21 10:13:21 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/12/21 10:12:36 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/12/21 10:08:56 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/12/21 10:08:56 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/12/21 10:08:55 | 002,066,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010/12/21 10:08:55 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/12/20 18:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dendeb\Application Data\Malwarebytes
[2010/12/20 18:53:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:53:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/12/20 18:53:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/20 18:53:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/20 18:26:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/12/20 18:24:11 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010/12/20 18:24:10 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010/12/20 18:24:10 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010/12/20 18:24:10 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010/12/20 18:24:09 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010/12/20 18:24:09 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010/12/20 18:24:08 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/12/20 18:24:08 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/12/20 18:24:07 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2010/12/20 18:24:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2010/12/20 18:24:07 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/12/20 18:24:07 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2010/12/20 18:24:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/12/20 18:24:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/12/20 18:24:06 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010/12/20 18:24:06 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010/12/20 18:24:06 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/12/20 18:24:06 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/12/20 18:24:03 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2010/12/20 18:24:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010/12/20 18:24:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010/12/20 18:24:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/12/20 18:24:01 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010/12/20 18:24:01 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010/12/20 18:24:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2010/12/20 18:24:01 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010/12/20 18:24:00 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010/12/20 18:24:00 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/12/20 18:24:00 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/12/20 18:24:00 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/12/20 18:24:00 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/12/20 18:23:57 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2010/12/20 18:23:57 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2010/12/20 18:23:57 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/12/20 18:23:56 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/12/20 18:23:56 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2010/12/20 18:23:55 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/12/20 18:23:54 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2010/12/20 18:23:54 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2010/12/20 18:23:54 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2010/12/20 18:23:54 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2010/12/20 18:23:54 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2010/12/20 18:23:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2010/12/20 18:23:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/12/20 18:23:54 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2010/12/20 18:23:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/12/20 18:23:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2010/12/20 18:23:53 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2010/12/20 18:23:53 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/12/20 18:23:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/12/20 18:23:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/12/20 18:23:53 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/12/20 18:23:53 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/12/20 18:23:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/12/20 18:23:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/12/20 18:23:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/12/20 18:23:52 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/12/20 18:23:52 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/12/20 18:23:52 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/12/20 18:23:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/12/20 18:23:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/12/20 18:23:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/12/20 18:23:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/12/20 18:23:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/12/20 18:23:52 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/12/20 18:23:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/12/20 18:23:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/12/20 18:23:46 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/12/20 18:23:45 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/12/20 18:23:45 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/12/20 18:23:45 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2010/12/20 18:23:44 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2010/12/20 18:23:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010/12/20 18:23:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2010/12/20 18:23:43 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/12/20 18:23:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/12/20 18:23:41 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2010/12/20 18:23:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/12/20 18:23:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010/12/20 18:23:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/12/20 18:23:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2010/12/20 18:23:39 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/12/20 18:23:38 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010/12/20 18:23:38 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010/12/20 18:23:38 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010/12/20 18:23:38 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010/12/20 18:23:38 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010/12/20 18:23:38 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/12/20 18:23:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/12/20 18:23:37 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/12/20 18:23:36 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/12/20 18:23:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/12/20 18:23:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010/12/20 18:23:36 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010/12/20 18:23:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/12/20 18:23:33 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/12/20 18:23:32 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2010/12/20 18:23:31 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/12/20 18:23:29 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/12/20 18:23:27 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010/12/20 18:23:23 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/12/20 18:23:23 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/12/20 18:23:14 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/12/20 18:23:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2010/12/20 18:23:13 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/12/20 18:23:13 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2010/12/20 18:23:13 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2010/12/20 18:23:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/12/20 18:23:12 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/12/20 18:23:11 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2010/12/20 18:23:11 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/12/20 18:23:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2010/12/20 18:23:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2010/12/20 18:23:10 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2010/12/20 18:23:09 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/12/20 18:23:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/12/20 18:23:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/12/20 18:23:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/12/20 18:23:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/12/20 18:23:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/12/20 18:23:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/12/20 18:23:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/12/20 18:23:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/12/20 18:23:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/12/20 18:23:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/12/20 18:23:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/12/20 18:23:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/12/20 18:23:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/12/20 18:23:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/12/20 18:23:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/12/20 18:23:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/12/20 18:23:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/12/20 18:23:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/12/20 18:23:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/12/20 18:23:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/12/20 18:23:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/12/20 18:23:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/12/20 18:23:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/12/20 18:23:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/12/20 18:23:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/12/20 18:23:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/12/20 18:23:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/12/20 18:23:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/12/20 18:23:05 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/12/20 18:23:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/12/20 18:23:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/12/20 18:23:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/12/20 18:23:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/12/20 18:23:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/12/20 18:23:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/12/20 18:23:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/12/20 18:23:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/12/20 18:23:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/12/20 18:23:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2010/12/20 18:23:04 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/12/20 18:23:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/12/20 18:23:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2010/12/20 18:23:02 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/12/20 18:23:02 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010/12/20 18:23:02 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2010/12/20 18:23:02 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2010/12/20 18:23:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/12/20 18:23:01 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010/12/20 18:23:01 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010/12/20 18:23:01 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2010/12/20 18:23:01 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010/12/20 18:23:01 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010/12/20 18:23:01 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010/12/20 18:23:01 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010/12/20 18:23:01 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/12/20 18:23:01 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/12/20 18:23:00 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010/12/20 18:23:00 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010/12/20 18:23:00 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010/12/20 18:23:00 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010/12/20 18:23:00 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/12/20 18:23:00 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/12/20 18:23:00 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010/12/20 18:23:00 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/12/20 18:22:59 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2010/12/20 18:22:59 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010/12/20 18:22:59 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010/12/20 18:22:59 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010/12/20 18:22:59 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2010/12/20 18:22:59 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/12/20 18:22:59 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/12/20 18:22:59 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/12/20 18:22:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2010/12/20 18:22:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/12/20 18:22:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/12/20 18:22:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2010/12/20 18:22:55 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/12/20 18:22:49 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/12/20 18:22:49 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2010/12/20 18:22:49 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2010/12/20 18:22:49 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2010/12/20 18:22:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2010/12/20 18:22:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/12/20 18:22:47 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2010/12/20 18:22:46 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/12/20 18:22:46 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/12/20 18:22:46 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/12/20 18:22:46 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010/12/20 18:22:46 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/12/20 18:22:46 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010/12/20 18:22:45 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010/12/20 18:22:45 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/12/20 18:22:45 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010/12/20 18:22:45 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/12/20 18:22:45 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010/12/20 18:22:45 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/12/20 18:22:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/12/20 18:22:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/12/20 18:22:45 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/12/20 18:22:45 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/12/20 18:22:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/12/20 18:22:45 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/12/20 18:22:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010/12/20 18:22:44 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010/12/20 18:22:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/12/20 18:22:44 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2010/12/20 18:22:44 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/12/20 18:22:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/12/20 18:22:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2010/12/20 18:22:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/12/20 18:22:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/12/20 18:22:43 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2010/12/20 18:22:43 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2010/12/20 18:22:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/12/20 18:22:42 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2010/12/20 18:22:42 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2010/12/20 18:22:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2010/12/20 18:22:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2010/12/20 18:22:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/12/20 18:22:41 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/12/20 18:22:41 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/12/20 18:22:41 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/12/20 18:22:41 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/12/20 18:22:32 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/12/20 18:22:32 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2010/12/20 18:22:30 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010/12/20 18:22:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/12/20 18:22:29 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/12/20 18:22:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/12/20 18:22:29 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2010/12/20 18:22:29 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/12/20 18:22:27 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010/12/20 18:22:27 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010/12/20 18:22:27 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010/12/20 18:22:27 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010/12/20 18:22:27 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010/12/20 18:22:26 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/12/20 18:22:26 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/12/20 18:22:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/12/20 18:22:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/12/20 18:22:25 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010/12/20 18:22:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/12/20 18:22:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/12/20 18:22:24 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/12/20 18:22:24 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/12/20 18:22:24 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/12/20 18:22:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/12/20 18:22:18 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/12/20 18:22:17 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/12/20 18:22:15 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2010/12/20 18:22:15 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/12/20 18:22:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/12/20 18:22:14 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2010/12/20 18:22:14 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2010/12/20 18:22:14 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/12/20 18:22:14 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/12/20 18:22:14 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/12/20 18:22:13 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/12/20 18:22:13 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010/12/20 18:22:13 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/12/20 18:22:13 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010/12/20 18:22:12 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/12/20 18:22:12 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2010/12/20 18:22:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/12/20 18:22:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/12/20 18:22:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/12/20 18:22:06 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010/12/20 18:22:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010/12/20 18:22:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2010/12/20 18:22:05 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010/12/20 18:22:05 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010/12/20 18:21:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2010/12/20 18:21:58 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2010/12/20 18:21:58 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2010/12/20 18:21:58 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/12/20 18:21:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2010/12/20 18:21:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/12/20 18:21:57 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/12/20 18:21:57 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2010/12/20 18:21:57 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2010/12/20 18:21:57 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2010/12/20 18:21:57 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2010/12/20 18:21:57 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010/12/20 18:21:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/12/20 18:21:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/12/20 18:21:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/12/20 18:21:56 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010/12/20 18:21:56 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010/12/20 18:21:56 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010/12/20 18:21:56 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010/12/20 18:21:56 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010/12/20 18:21:56 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010/12/20 18:21:56 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010/12/20 18:21:56 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010/12/20 18:21:56 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010/12/20 18:21:55 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010/12/20 18:21:55 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010/12/20 18:21:55 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010/12/20 18:21:55 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010/12/20 18:21:55 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010/12/20 18:21:55 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010/12/20 18:21:54 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2010/12/20 18:21:54 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010/12/20 18:21:54 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/12/20 18:21:54 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2010/12/20 18:21:54 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2010/12/20 18:21:54 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010/12/20 18:21:54 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010/12/20 18:21:53 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2010/12/20 18:21:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2010/12/20 18:21:53 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010/12/20 18:21:52 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010/12/20 18:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\HighMAT CD Writing Wizard
[2010/12/20 18:21:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/12/20 18:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Journal Viewer
[2010/12/20 18:20:26 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010/12/20 18:20:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010/12/20 18:20:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2010/12/20 17:59:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\8AAB4176A747493AA42CB63CFADFD8E3.TMP
[2010/12/20 17:54:15 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/12/20 17:54:15 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010/12/20 17:54:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/12/20 17:54:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010/12/13 23:17:16 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/12/13 23:09:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/12/13 23:09:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/12/13 23:09:00 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/12/13 23:09:00 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/12/13 23:08:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/12/13 23:08:14 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/12/12 18:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\Bejeweled 3
[2010/12/04 13:54:41 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2010/12/04 13:54:40 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010/12/04 13:54:39 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2010/12/04 13:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2006/06/01 10:38:44 | 000,033,792 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\dendeb\My Documents\*.tmp files -> C:\Documents and Settings\dendeb\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

GoFigure
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-05
OS OS : Windows 7
Points Points : 25993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by GoFigure on Thu Dec 23, 2010 7:46 am


========== Files - Modified Within 30 Days ==========

[2010/12/22 23:43:06 | 000,000,016 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2010/12/22 11:47:45 | 000,000,134 | ---- | M] () -- C:\Documents and Settings\dendeb\Desktop\About Cosmetic Dentistry Discussion.url
[2010/12/22 07:50:45 | 000,380,350 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/22 07:50:45 | 000,052,764 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/22 07:49:40 | 000,200,828 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/12/22 07:49:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/22 07:02:59 | 000,684,410 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\Cat.DB
[2010/12/22 03:30:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/22 03:30:16 | 000,116,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/22 03:29:03 | 000,064,980 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2010/12/22 03:29:03 | 000,054,320 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2010/12/22 03:29:03 | 000,054,320 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2010/12/22 03:29:03 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010/12/22 03:29:03 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010/12/22 03:13:25 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/21 13:09:46 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\dendeb\Desktop\Calculator.lnk
[2010/12/21 03:26:24 | 000,000,624 | -HS- | M] () -- C:\WINDOWS\setup_9.0.0.722_21.12.2010_02-26drv.spi
[2010/12/20 18:53:59 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/20 18:24:44 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/12/20 18:19:28 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/12/20 18:19:27 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/12/20 18:19:27 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/12/20 18:19:14 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/20 18:16:42 | 000,022,720 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/20 18:15:04 | 000,000,282 | -HS- | M] () -- C:\boot.ini
[2010/12/20 18:12:09 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/12/20 06:40:24 | 000,001,004 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/12/19 23:37:29 | 000,034,850 | ---- | M] () -- C:\Documents and Settings\dendeb\Desktop\mebroot removal.pdf
[2010/12/19 23:20:27 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\dendeb\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/19 18:39:19 | 000,403,013 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2010/12/13 23:23:07 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/12/13 20:09:37 | 000,001,990 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2010/12/12 18:02:41 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\dendeb\Desktop\Bejeweled 3.lnk
[2010/12/09 23:56:09 | 000,161,466 | ---- | M] () -- C:\Documents and Settings\dendeb\Desktop\Insulin Injection Demonstration.mht
[2010/12/09 23:55:10 | 000,169,555 | ---- | M] () -- C:\Documents and Settings\dendeb\Desktop\Pet Diabetes - How to Prepare a Single Dose of Insulin.mht
[2010/12/04 13:55:47 | 000,020,278 | ---- | M] () -- C:\Documents and Settings\dendeb\My Documents\landsend order 101204.pdf
[2010/12/04 04:53:10 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\isolate.ini
[2010/12/01 21:15:10 | 000,007,877 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\symnetv.cat
[2010/12/01 21:15:10 | 000,007,458 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\symnet.cat
[2010/11/30 23:24:00 | 000,368,248 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\symtdi.sys
[2010/11/30 23:24:00 | 000,295,032 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\symnets.sys
[2010/11/30 23:23:59 | 000,330,360 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\symtdiv.sys
[2010/11/30 23:23:53 | 000,001,474 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\symnetv.inf
[2010/11/30 23:23:53 | 000,001,446 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1205000.07D\symnet.inf
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\dendeb\My Documents\*.tmp files -> C:\Documents and Settings\dendeb\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/21 02:14:14 | 000,000,624 | -HS- | C] () -- C:\WINDOWS\setup_9.0.0.722_21.12.2010_02-26drv.spi
[2010/12/20 18:53:59 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/20 18:23:38 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010/12/20 18:23:09 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/12/20 18:23:02 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010/12/20 18:23:01 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010/12/20 18:22:59 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/12/20 18:22:52 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010/12/20 18:22:47 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/12/20 18:22:44 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010/12/20 18:22:27 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010/12/20 18:12:09 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/12/20 17:59:18 | 000,206,793 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2010/12/20 17:53:56 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010/12/20 17:53:56 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010/12/20 17:53:56 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010/12/20 17:53:56 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010/12/20 17:53:56 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010/12/20 17:53:56 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010/12/20 17:53:56 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010/12/20 17:53:56 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010/12/20 17:53:56 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2010/12/20 17:53:56 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010/12/20 17:53:56 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2010/12/20 17:53:56 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010/12/20 17:53:56 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010/12/20 17:53:56 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010/12/20 17:53:56 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010/12/20 17:53:56 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010/12/20 17:53:55 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010/12/20 17:53:55 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010/12/19 23:37:25 | 000,034,850 | ---- | C] () -- C:\Documents and Settings\dendeb\Desktop\mebroot removal.pdf
[2010/12/13 23:17:22 | 000,000,211 | -HS- | C] () -- C:\Boot.bak
[2010/12/13 23:17:18 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/12/13 23:09:00 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/13 23:09:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/13 23:09:00 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/13 23:09:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/13 23:09:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/12 18:02:41 | 000,001,635 | ---- | C] () -- C:\Documents and Settings\dendeb\Desktop\Bejeweled 3.lnk
[2010/12/09 23:56:06 | 000,161,466 | ---- | C] () -- C:\Documents and Settings\dendeb\Desktop\Insulin Injection Demonstration.mht
[2010/12/09 23:55:09 | 000,169,555 | ---- | C] () -- C:\Documents and Settings\dendeb\Desktop\Pet Diabetes - How to Prepare a Single Dose of Insulin.mht
[2010/12/04 13:55:45 | 000,020,278 | ---- | C] () -- C:\Documents and Settings\dendeb\My Documents\landsend order 101204.pdf
[2010/12/04 13:54:40 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010/04/05 16:39:14 | 000,548,864 | R--- | C] () -- C:\WINDOWS\System32\hpgt4850.dll
[2009/10/04 21:04:51 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\dendeb\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/04 01:42:03 | 000,001,004 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/10/04 00:35:22 | 000,081,447 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2009/10/04 00:35:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2009/10/04 00:35:22 | 000,000,191 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/10/03 23:54:35 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2009/10/03 23:29:46 | 000,061,440 | ---- | C] () -- C:\WINDOWS\ContextMenuExt.dll
[2009/10/03 22:45:19 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll
[2009/10/03 22:45:19 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ContextMenuExt.dll
[2009/10/03 17:40:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/15 07:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/01/15 07:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/01/15 07:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/01/15 07:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006/06/01 10:43:48 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2006/05/18 14:04:18 | 000,000,269 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2005/06/07 20:10:50 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2010/12/20 18:18:50 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/12/20 18:19:34 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/10/03 23:21:45 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\dendeb\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/10/03 22:58:05 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\dendeb\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/12/20 18:31:23 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/12/20 18:31:23 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/12/20 18:31:26 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2010/12/20 18:31:27 | 000,245,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/10/03 23:21:45 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\dendeb\Favorites\Desktop.ini
[2001/09/17 16:46:42 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\dendeb\Favorites\Search Results.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/12/20 11:51:12 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010/12/20 17:37:23 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2010/12/20 11:51:12 | 014,942,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010/12/20 11:51:12 | 005,767,168 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2001/08/23 06:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2001/08/23 06:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2001/08/23 06:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2001/08/23 06:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2008/04/13 20:20:56 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2010/12/20 06:40:24 | 000,001,004 | -HS- | M] () -- C:\WINDOWS\system32\KGyGaAvL.sys
[2001/08/23 06:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2001/08/23 06:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2001/08/23 06:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2001/08/23 06:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2001/08/23 06:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2008/04/13 20:19:40 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2008/04/13 20:19:44 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2008/04/13 20:19:40 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2008/04/13 20:19:44 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2008/04/13 20:19:42 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/13 22:15:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/10/26 07:25:00 | 001,853,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2008/04/14 04:41:50 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/14 04:41:50 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/14 04:41:50 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/14 04:41:50 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/14 04:41:50 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/14 04:41:50 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/14 04:41:50 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008/04/14 04:41:52 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/14 04:41:52 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/14 04:41:52 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/14 04:41:52 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/14 04:41:52 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/14 04:41:52 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2008/04/14 04:42:06 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008/04/14 04:42:10 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %SYSTEMDRIVE%\*.* >
[2009/10/03 22:48:39 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/10/03 22:43:49 | 000,000,211 | -HS- | M] () -- C:\Boot.bak
[2010/12/20 18:15:04 | 000,000,282 | -HS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2010/12/20 18:44:15 | 000,489,064 | ---- | M] () -- C:\ComboFix.txt
[2009/10/03 22:48:39 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/10/03 22:48:39 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/03 22:48:39 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/13 20:13:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/13 22:01:44 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/12/22 03:30:12 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

< %PROGRAMFILES%\*. >
[2009/10/03 23:47:17 | 000,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies
[2009/10/18 12:08:05 | 000,000,000 | ---D | M] -- C:\Program Files\Avery Dennison
[2010/12/12 23:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Bejeweled 3
[2010/12/20 18:40:38 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/10/03 22:45:41 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/10/04 01:41:09 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2009/10/27 13:08:17 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2009/10/04 00:36:58 | 000,000,000 | ---D | M] -- C:\Program Files\Creative
[2009/10/18 12:29:54 | 000,000,000 | ---D | M] -- C:\Program Files\DesignPro
[2010/04/05 16:39:26 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2009/10/04 00:34:12 | 000,000,000 | ---D | M] -- C:\Program Files\Foxit Software
[2009/10/04 03:24:43 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2010/12/20 18:21:46 | 000,000,000 | ---D | M] -- C:\Program Files\HighMAT CD Writing Wizard
[2009/10/04 03:25:25 | 000,000,000 | ---D | M] -- C:\Program Files\hp deskjet 970c series
[2009/10/18 12:29:50 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/12/22 03:02:48 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/12/20 18:54:00 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/03 23:54:09 | 000,000,000 | ---D | M] -- C:\Program Files\Marvell
[2009/10/03 23:30:00 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/10/03 23:29:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2009/10/03 22:48:56 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2010/12/22 03:04:44 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/12/20 18:31:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/10/03 22:44:50 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2009/10/03 22:45:15 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2009/10/04 02:24:50 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/10/03 23:13:24 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2010/09/08 16:36:00 | 000,000,000 | ---D | M] -- C:\Program Files\Norton Internet Security
[2010/09/08 16:34:38 | 000,000,000 | ---D | M] -- C:\Program Files\NortonInstaller
[2009/10/03 22:45:27 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/22 03:05:24 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/12/04 13:55:00 | 000,000,000 | ---D | M] -- C:\Program Files\PDFCreator
[2010/11/17 15:41:24 | 000,000,000 | ---D | M] -- C:\Program Files\PopCap Games
[2009/10/04 00:29:38 | 000,000,000 | ---D | M] -- C:\Program Files\Qualcomm
[2010/09/08 16:36:32 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2010/12/21 09:17:51 | 000,000,000 | ---D | M] -- C:\Program Files\Thumbs7
[2009/10/03 22:53:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/03/07 11:16:16 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2010/12/20 18:21:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal Viewer
[2009/10/03 23:14:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/10/03 23:13:22 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/10/04 00:01:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2009/10/03 22:47:20 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/10/04 00:33:29 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2009/10/03 22:48:56 | 000,000,000 | ---D | M] -- C:\Program Files\xerox

< %appdata%\*.* >
[2009/10/03 17:40:34 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\dendeb\Application Data\desktop.ini


< MD5 for: AGP440.SYS >
[2008/04/14 03:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2008/04/14 03:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 22:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: DISK.SYS >
[2008/04/14 03:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/04/13 22:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 04:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/14 03:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 03:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 04:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/14 03:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 03:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVGTS.SYS >
[2008/08/18 17:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=37954CD1D0AFC11BECD149F7C3EC88C2 -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sataraid\nvgts.sys
[2008/08/18 17:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sata_ide\nvgts.sys

< MD5 for: NVRD32.SYS >
[2008/08/18 17:54:00 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=BEF704AA9E17D176A46DDF77C6A52194 -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sataraid\nvrd32.sys

< MD5 for: SCECLI.DLL >
[2008/04/14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/14 03:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 03:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2008/04/14 03:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2008/04/13 22:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-12-22 09:13:33

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dendeb\My Documents\kelbday.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dendeb\My Documents\jr2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dendeb\My Documents\jr1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dendeb\My Documents\geico.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dendeb\My Documents\easter.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dendeb\My Documents\Computer comic1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dendeb\My Documents\Computer comic.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dendeb\My Documents\bonk.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\dendeb\My Documents\4th%20spotlight%20copy.jpg:Roxio EMC Stream

< End of report >

GoFigure
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-05
OS OS : Windows 7
Points Points : 25993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by GoFigure on Thu Dec 23, 2010 7:48 am

OTL Extras logfile created on: 12/23/2010 1:16:20 AM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\dendeb\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 81.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 18.27 Gb Free Space | 49.04% Space Free | Partition Type: NTFS
Drive D: | 149.05 Gb Total Space | 123.12 Gb Free Space | 82.60% Space Free | Partition Type: NTFS
Drive E: | 55.90 Gb Total Space | 45.57 Gb Free Space | 81.52% Space Free | Partition Type: NTFS

Computer Name: TOBECHANGED | User Name: dendeb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{54DE5937-499F-4151-8022-A9C779A242AE}" = Eudora
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{97AE00A8-1336-410F-B467-1C6623127BD6}" = DesignPro 5.0 Limited Edition
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1E44702-21F5-4918-B8A3-6D126D5BD33C}" = Windows Messenger 5.1
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"A86F74A8853ED6B1102811674C7B366AF1B276BB" = Windows Driver Package - Hewlett-Packard Image (12/27/2006 8.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AudioCS" = Creative Audio Console
"Bejeweled 2 Deluxe 1.0" = Bejeweled 2 Deluxe 1.0
"Bejeweled 31.0.8.6128" = Bejeweled 3
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Foxit Reader" = Foxit Reader
"hp deskjet 970c series" = hp deskjet 970c series (Remove only)
"hp deskjet 970c series_Driver" = hp deskjet 970c series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{97AE00A8-1336-410F-B467-1C6623127BD6}" = DesignPro 5.0 Limited Edition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"ThumbsPlus7" = ThumbsPlus version 7.0sp1
"VLC media player" = VLC media player 1.0.5
"VueScan" = VueScan
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/25/2010 7:57:50 PM | Computer Name = TOBECHANGED | Source = Application Error | ID = 1000
Description = Faulting application eudora.exe, version 7.0.1.0, faulting module
paige32.dll, version 7.0.0.1, fault address 0x00017b4f.

Error - 1/25/2010 7:59:20 PM | Computer Name = TOBECHANGED | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 1/25/2010 8:08:57 PM | Computer Name = TOBECHANGED | Source = Application Hang | ID = 1002
Description = Hanging application Eudora.exe, version 7.0.1.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 12/18/2010 1:43:48 AM | Computer Name = TOBECHANGED | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/18/2010 1:43:50 AM | Computer Name = TOBECHANGED | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/18/2010 1:43:52 AM | Computer Name = TOBECHANGED | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/18/2010 1:43:54 AM | Computer Name = TOBECHANGED | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/18/2010 1:43:56 AM | Computer Name = TOBECHANGED | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/18/2010 1:43:58 AM | Computer Name = TOBECHANGED | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/18/2010 1:44:00 AM | Computer Name = TOBECHANGED | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/18/2010 2:14:02 AM | Computer Name = TOBECHANGED | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.108 for the Network Card with network
address 0015F2E6ABF9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 12/18/2010 10:04:12 AM | Computer Name = TOBECHANGED | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058

Error - 12/18/2010 11:46:45 AM | Computer Name = TOBECHANGED | Source = Service Control Manager | ID = 7001
Description = The Remote Access Connection Manager service depends on the Telephony
service which failed to start because of the following error: %%1058


< End of report >

GoFigure
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-05
OS OS : Windows 7
Points Points : 25993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by Belahzur on Thu Dec 23, 2010 8:35 pm

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by GoFigure on Fri Dec 24, 2010 5:01 am

ComboFix 10-12-23.05 - dendeb 12/23/2010 22:45:00.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2536 [GMT -6:00]
Running from: c:\documents and settings\dendeb\Desktop\Combo-Fix.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((( Files Created from 2010-11-24 to 2010-12-24 )))))))))))))))))))))))))))))))
.

2010-12-23 07:51 . 2010-12-23 07:52 -------- d-----w- c:\documents and settings\dendeb\Local Settings\Application Data\ApplicationHistory
2010-12-21 23:42 . 2010-11-06 00:34 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-12-21 23:42 . 2010-11-06 00:34 468480 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-12-21 23:42 . 2010-11-06 00:34 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-12-21 23:42 . 2010-11-06 00:34 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2010-12-21 23:42 . 2010-11-06 00:34 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2010-12-21 23:42 . 2010-10-21 12:11 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2010-12-21 23:42 . 2010-02-22 22:04 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2010-12-21 23:42 . 2010-11-06 00:34 6075904 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-12-21 16:13 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-12-21 16:12 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-12-21 16:08 . 2010-04-28 02:25 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-12-21 16:08 . 2010-04-27 13:59 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-12-21 16:08 . 2010-04-27 13:05 2066816 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-12-21 16:08 . 2010-04-27 13:05 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-12-21 00:54 . 2010-12-21 00:54 -------- d-----w- c:\documents and settings\dendeb\Application Data\Malwarebytes
2010-12-21 00:53 . 2010-12-21 00:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-12-21 00:53 . 2010-11-29 23:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-21 00:53 . 2010-12-21 00:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-21 00:53 . 2010-11-29 23:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-21 00:23 . 2008-04-14 09:42 46592 -c--a-w- c:\windows\system32\dllcache\svcext51.dll
2010-12-21 00:22 . 2008-04-14 09:41 79872 -c--a-w- c:\windows\system32\dllcache\iislog51.dll
2010-12-21 00:21 . 2008-04-14 09:41 829440 -c--a-w- c:\windows\system32\dllcache\inetmgr.dll
2010-12-21 00:20 . 2010-12-21 00:20 -------- d-----w- c:\windows\system32\URTTemp
2010-12-20 23:59 . 2010-12-20 23:59 -------- d-----w- c:\windows\8AAB4176A747493AA42CB63CFADFD8E3.TMP
2010-12-20 23:54 . 2001-08-23 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-12-20 23:54 . 2001-08-23 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-12-20 23:54 . 2001-08-23 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-12-20 23:54 . 2001-08-23 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2010-12-20 23:53 . 2008-04-14 11:34 16535 ----a-r- c:\windows\SETCE.tmp
2010-12-20 23:53 . 2008-04-14 11:34 1088840 ----a-r- c:\windows\SETC2.tmp
2010-12-20 23:53 . 2008-04-14 11:40 1296669 ----a-r- c:\windows\SETBF.tmp
2010-12-13 00:02 . 2010-12-13 05:35 -------- d-----w- c:\program files\Bejeweled 3
2010-12-09 19:49 . 2010-12-14 02:08 -------- d-----w- c:\windows\system32\drivers\NIS\1205000.07D
2010-12-04 19:54 . 1998-06-24 06:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2010-12-04 19:54 . 2004-03-09 06:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2010-12-04 19:54 . 2001-10-28 22:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2010-12-04 19:54 . 2010-12-04 19:55 -------- d-----w- c:\program files\PDFCreator
2010-12-04 19:54 . 1998-07-06 06:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2009-10-04 04:46 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:34 . 2008-04-14 09:42 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34 . 2008-04-14 09:42 1830912 ------w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34 . 2008-04-14 09:41 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34 . 2008-04-14 09:41 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-02 15:17 . 2008-04-14 04:27 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2008-04-14 09:39 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2008-04-14 05:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-21 12:12 . 2008-04-14 04:07 389120 ----a-w- c:\windows\system32\html.iec
.

((((((((((((((((((((((((((((( SnapShot_2010-12-21_00.42.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-12-23 08:01 . 2010-12-23 08:01 16384 c:\windows\Temp\Perflib_Perfdata_648.dat
+ 2009-08-07 01:24 . 2009-08-07 01:24 44768 c:\windows\system32\wups2.dll
+ 2009-10-04 04:46 . 2009-08-07 00:24 35552 c:\windows\system32\wups.dll
+ 2009-10-04 04:46 . 2009-08-07 01:24 53472 c:\windows\system32\wuauclt.exe
- 2008-04-14 09:42 . 2008-04-14 09:42 90112 c:\windows\system32\wshext.dll
+ 2008-04-14 09:42 . 2008-05-09 10:53 90112 c:\windows\system32\wshext.dll
+ 2008-04-14 09:42 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2008-04-14 09:42 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 09:42 . 2009-06-12 12:31 80896 c:\windows\system32\tlntsess.exe
+ 2008-04-14 09:42 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe
- 2008-04-14 09:42 . 2008-04-14 09:42 75776 c:\windows\system32\strmfilt.dll
+ 2008-04-14 09:42 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll
+ 2008-04-14 09:42 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll
- 2009-10-04 05:11 . 2007-07-28 04:11 26488 c:\windows\system32\spupdsvc.exe
+ 2009-10-04 05:11 . 2007-07-28 05:11 26488 c:\windows\system32\spupdsvc.exe
+ 2008-04-14 09:42 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2009-10-04 05:11 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
- 2009-10-04 05:11 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2008-04-14 09:42 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
+ 2001-08-23 12:00 . 2009-02-06 10:39 35328 c:\windows\system32\sc.exe
- 2008-04-14 09:42 . 2008-04-14 09:42 79872 c:\windows\system32\raschap.dll
+ 2008-04-14 09:42 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 44544 c:\windows\system32\pngfilt.dll
+ 2001-08-23 12:00 . 2010-12-23 13:50 52764 c:\windows\system32\perfc009.dat
- 2001-08-23 12:00 . 2010-12-21 00:30 52764 c:\windows\system32\perfc009.dat
+ 2009-11-06 04:17 . 2009-11-06 04:17 11600 c:\windows\system32\mui\0409\mscorees.dll
- 2009-10-04 04:44 . 2008-04-14 09:42 91648 c:\windows\system32\mtxoci.dll
+ 2009-10-04 04:44 . 2008-06-12 14:23 91648 c:\windows\system32\mtxoci.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 66560 c:\windows\system32\mtxclu.dll
+ 2008-04-14 09:42 . 2008-06-12 14:23 66560 c:\windows\system32\mtxclu.dll
+ 2008-04-14 05:42 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2001-08-23 12:00 . 2009-11-27 16:07 28672 c:\windows\system32\msvidc32.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 11264 c:\windows\system32\msrle32.dll
+ 2008-04-14 09:42 . 2009-11-27 16:07 11264 c:\windows\system32\msrle32.dll
+ 2008-04-14 01:56 . 2007-08-14 00:01 48128 c:\windows\system32\mshtmler.dll
+ 2008-04-14 09:42 . 2007-08-14 00:32 45568 c:\windows\system32\mshta.exe
+ 2009-10-04 04:44 . 2008-06-12 14:23 58880 c:\windows\system32\msdtclog.dll
- 2009-10-04 04:44 . 2008-04-14 09:42 58880 c:\windows\system32\msdtclog.dll
+ 2004-07-15 05:34 . 2004-07-15 05:34 16896 c:\windows\system32\mscorier.dll
- 2003-02-21 00:43 . 2003-02-21 00:43 16896 c:\windows\system32\mscorier.dll
+ 2008-04-14 09:42 . 2008-06-24 16:43 74240 c:\windows\system32\mscms.dll
+ 2008-04-14 09:42 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll
+ 2008-04-14 09:41 . 2007-08-14 00:44 40960 c:\windows\system32\licmgr10.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 27648 c:\windows\system32\jsproxy.dll
+ 2008-04-14 05:41 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll
+ 2008-04-14 09:41 . 2007-08-14 00:39 92672 c:\windows\system32\inseng.dll
+ 2008-04-14 09:41 . 2007-08-14 00:36 36352 c:\windows\system32\imgutil.dll
- 2007-08-13 23:39 . 2010-11-03 12:24 13824 c:\windows\system32\ieudinit.exe
+ 2007-08-13 23:39 . 2010-10-21 12:11 13824 c:\windows\system32\ieudinit.exe
+ 2008-04-14 09:41 . 2007-08-14 00:39 55296 c:\windows\system32\iesetup.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 44544 c:\windows\system32\iernonce.dll
+ 2008-04-14 09:42 . 2010-11-03 12:24 70656 c:\windows\system32\ie4uinit.exe
+ 2008-04-14 09:41 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 80384 c:\windows\system32\iccvid.dll
+ 2008-04-14 09:41 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll
+ 2008-04-14 09:41 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
+ 2008-04-14 04:01 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2009-10-04 04:46 . 2009-08-07 00:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2009-10-04 04:46 . 2009-08-07 01:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2008-04-14 09:42 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 90112 c:\windows\system32\dllcache\wshext.dll
+ 2008-04-14 09:42 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2009-10-04 04:46 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
+ 2008-04-14 09:42 . 2009-06-12 12:31 80896 c:\windows\system32\dllcache\tlntsess.exe
+ 2008-04-14 09:42 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
+ 2008-04-14 09:42 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2008-04-14 09:42 . 2010-08-27 05:57 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2008-04-14 09:42 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2008-04-14 09:42 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
+ 2001-08-23 12:00 . 2009-02-06 10:39 35328 c:\windows\system32\dllcache\sc.exe
- 2008-04-14 09:42 . 2008-04-14 09:42 79872 c:\windows\system32\dllcache\raschap.dll
+ 2008-04-14 09:42 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-04-14 04:27 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
- 2009-10-04 04:44 . 2008-04-14 09:42 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2009-10-04 04:44 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2008-04-14 09:42 . 2008-06-12 14:23 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2001-08-23 12:00 . 2009-11-27 16:07 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2008-04-14 09:42 . 2009-11-27 16:07 11264 c:\windows\system32\dllcache\msrle32.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2008-04-14 01:56 . 2007-08-14 00:01 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2008-04-14 09:42 . 2007-08-14 00:32 45568 c:\windows\system32\dllcache\mshta.exe
+ 2009-10-04 04:44 . 2008-06-12 14:23 58880 c:\windows\system32\dllcache\msdtclog.dll
- 2009-10-04 04:44 . 2008-04-14 09:42 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2008-04-14 09:42 . 2008-06-24 16:43 74240 c:\windows\system32\dllcache\mscms.dll
+ 2008-04-14 09:42 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2008-04-14 09:41 . 2007-08-14 00:44 40960 c:\windows\system32\dllcache\licmgr10.dll
+ 2008-04-14 04:01 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2008-04-14 09:41 . 2010-11-06 00:34 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
- 2009-10-04 04:46 . 2008-04-14 09:41 81920 c:\windows\system32\dllcache\isign32.dll
+ 2009-10-04 04:46 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
+ 2008-04-14 09:41 . 2007-08-14 00:39 92672 c:\windows\system32\dllcache\inseng.dll
+ 2008-04-14 09:41 . 2007-08-14 00:36 36352 c:\windows\system32\dllcache\imgutil.dll
+ 2008-04-14 09:41 . 2007-08-14 00:39 55296 c:\windows\system32\dllcache\iesetup.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2009-10-04 04:46 . 2007-08-14 00:44 69120 c:\windows\system32\dllcache\iedw.exe
+ 2008-04-14 09:42 . 2010-11-03 12:24 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-04-14 09:41 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2009-10-04 04:46 . 2007-08-14 00:18 60416 c:\windows\system32\dllcache\hmmapi.dll
+ 2008-04-14 09:41 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-10-04 04:46 . 2007-08-14 00:54 33792 c:\windows\system32\dllcache\custsat.dll
- 2009-10-04 04:46 . 2008-04-14 10:41 33792 c:\windows\system32\dllcache\custsat.dll
+ 2008-04-14 09:41 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 17408 c:\windows\system32\dllcache\corpol.dll
+ 2008-04-14 09:41 . 2009-08-07 01:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2008-04-14 09:41 . 2010-01-13 14:01 86016 c:\windows\system32\dllcache\cabview.dll
+ 2008-04-14 09:41 . 2009-11-27 16:07 84992 c:\windows\system32\dllcache\avifil32.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2008-04-14 09:41 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 58880 c:\windows\system32\dllcache\atl.dll
+ 2008-04-14 09:41 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2008-04-14 09:41 . 2007-08-14 00:39 71680 c:\windows\system32\dllcache\admparse.dll
+ 2008-04-14 09:41 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
+ 2008-04-14 09:41 . 2009-08-07 01:24 96480 c:\windows\system32\cdm.dll
+ 2008-04-14 09:41 . 2010-01-13 14:01 86016 c:\windows\system32\cabview.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 84992 c:\windows\system32\avifil32.dll
+ 2008-04-14 09:41 . 2009-11-27 16:07 84992 c:\windows\system32\avifil32.dll
+ 2008-04-14 09:41 . 2009-07-17 19:01 58880 c:\windows\system32\atl.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 58880 c:\windows\system32\atl.dll
+ 2008-04-14 09:41 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
+ 2008-04-14 09:41 . 2007-08-14 00:39 71680 c:\windows\system32\admparse.dll
- 2010-12-15 06:22 . 2009-05-26 11:40 26488 c:\windows\SoftwareDistribution\Download\e5c5fc9bd7a4957f0a45c6db2957c5c9\update\spcustom.dll
- 2010-12-15 06:22 . 2009-05-26 11:40 17272 c:\windows\SoftwareDistribution\Download\e5c5fc9bd7a4957f0a45c6db2957c5c9\spmsg.dll
- 2010-12-15 06:22 . 2010-11-03 05:55 40960 c:\windows\SoftwareDistribution\Download\e5c5fc9bd7a4957f0a45c6db2957c5c9\SP3QFE\ndproxy.sys
- 2010-12-15 06:22 . 2010-11-02 15:17 40960 c:\windows\SoftwareDistribution\Download\e5c5fc9bd7a4957f0a45c6db2957c5c9\SP3GDR\ndproxy.sys
- 2010-12-15 06:28 . 2009-05-26 11:40 26488 c:\windows\SoftwareDistribution\Download\b3e2b981cbf5eb9576dda59d70b8957f\update\spcustom.dll
- 2010-12-15 06:28 . 2009-05-26 11:40 17272 c:\windows\SoftwareDistribution\Download\b3e2b981cbf5eb9576dda59d70b8957f\spmsg.dll
- 2010-12-15 06:21 . 2010-11-05 05:57 16896 c:\windows\SoftwareDistribution\Download\a42ddcfeecc05b004b4bec0f90709c0a\update\tzchange.dll
- 2010-12-15 06:21 . 2009-05-26 11:40 26488 c:\windows\SoftwareDistribution\Download\a42ddcfeecc05b004b4bec0f90709c0a\update\spcustom.dll
- 2010-12-15 06:21 . 2010-11-03 13:12 46080 c:\windows\SoftwareDistribution\Download\a42ddcfeecc05b004b4bec0f90709c0a\tzchange.exe
- 2010-12-15 06:21 . 2010-11-05 05:57 16896 c:\windows\SoftwareDistribution\Download\a42ddcfeecc05b004b4bec0f90709c0a\tzchange.dll
- 2010-12-15 06:21 . 2009-05-26 11:40 17272 c:\windows\SoftwareDistribution\Download\a42ddcfeecc05b004b4bec0f90709c0a\spmsg.dll
- 2010-12-15 06:19 . 2010-02-22 14:23 26488 c:\windows\SoftwareDistribution\Download\84b4d4a812b6609f4743b50cc13b603a\update\spcustom.dll
- 2010-12-15 06:19 . 2010-02-22 14:23 17272 c:\windows\SoftwareDistribution\Download\84b4d4a812b6609f4743b50cc13b603a\spmsg.dll
- 2010-12-15 06:19 . 2010-10-11 14:55 45568 c:\windows\SoftwareDistribution\Download\84b4d4a812b6609f4743b50cc13b603a\SP3QFE\wab.exe
- 2010-12-15 06:19 . 2010-10-11 14:59 45568 c:\windows\SoftwareDistribution\Download\84b4d4a812b6609f4743b50cc13b603a\SP3GDR\wab.exe
- 2010-12-15 06:20 . 2010-02-22 14:23 26488 c:\windows\SoftwareDistribution\Download\834e1dc3631bc51ff79c0b62ec3e2ba7\update\spcustom.dll
- 2010-12-15 06:20 . 2010-02-22 14:23 17272 c:\windows\SoftwareDistribution\Download\834e1dc3631bc51ff79c0b62ec3e2ba7\spmsg.dll
- 2010-12-15 06:28 . 2010-02-22 14:23 26488 c:\windows\SoftwareDistribution\Download\6482b73e551a94e4c78c8d847c4bb10c\update\spcustom.dll
- 2010-12-15 06:28 . 2010-02-22 14:23 17272 c:\windows\SoftwareDistribution\Download\6482b73e551a94e4c78c8d847c4bb10c\spmsg.dll
- 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\SoftwareDistribution\Download\6482b73e551a94e4c78c8d847c4bb10c\sp3qfe\isign32.dll
- 2010-11-18 18:12 . 2010-11-18 18:12 81920 c:\windows\SoftwareDistribution\Download\6482b73e551a94e4c78c8d847c4bb10c\sp3gdr\isign32.dll
- 2010-12-15 06:28 . 2010-10-26 14:07 30208 c:\windows\SoftwareDistribution\Download\21a3e2112d908724f259ac8570ee5ae9\update\w32ksign.dll
- 2010-12-15 06:28 . 2009-05-26 11:40 26488 c:\windows\SoftwareDistribution\Download\21a3e2112d908724f259ac8570ee5ae9\update\spcustom.dll
- 2010-12-15 06:28 . 2009-05-26 11:40 17272 c:\windows\SoftwareDistribution\Download\21a3e2112d908724f259ac8570ee5ae9\spmsg.dll
+ 2004-07-15 08:11 . 2004-07-15 08:11 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
- 2003-02-21 02:10 . 2003-02-21 02:10 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2009-06-25 01:56 . 2009-06-25 01:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2003-02-21 13:24 . 2003-02-21 13:24 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2010-09-23 21:55 . 2010-09-23 21:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2004-07-15 06:35 . 2004-07-15 06:35 66560 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
- 2003-02-21 13:26 . 2003-02-21 13:26 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 06:34 . 2004-07-15 06:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
- 2003-02-21 01:09 . 2003-02-21 01:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-09-23 08:26 . 2010-09-23 08:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2004-07-15 06:33 . 2004-07-15 06:33 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
- 2003-02-21 01:09 . 2003-02-21 01:09 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2010-09-23 08:26 . 2010-09-23 08:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2003-02-21 01:09 . 2003-02-21 01:09 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2004-07-15 06:32 . 2004-07-15 06:32 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
- 2003-02-21 13:25 . 2003-02-21 13:25 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
- 2003-02-21 13:25 . 2003-02-21 13:25 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2004-07-15 20:28 . 2004-07-15 20:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
- 2003-02-21 13:24 . 2003-02-21 13:24 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2003-10-08 20:30 . 2003-10-08 20:30 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
- 2003-02-21 16:20 . 2003-02-21 16:20 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2004-07-15 17:23 . 2004-07-15 17:23 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2010-09-23 08:26 . 2010-09-23 08:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-09-23 09:17 . 2010-09-23 09:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-21 01:19 . 2003-02-21 01:19 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2004-07-15 07:49 . 2004-07-15 07:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
- 2003-02-21 01:19 . 2003-02-21 01:19 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
- 2003-02-21 01:19 . 2003-02-21 01:19 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2004-07-15 07:49 . 2004-07-15 07:49 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
- 2003-02-21 01:19 . 2003-02-21 01:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-09-23 09:17 . 2010-09-23 09:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-12-21 23:50 . 2007-08-14 00:36 44544 c:\windows\ie7updates\KB982381-IE7\pngfilt.dll
+ 2010-12-21 23:50 . 2007-08-14 00:54 27136 c:\windows\ie7updates\KB982381-IE7\jsproxy.dll
+ 2010-12-21 23:50 . 2007-08-14 00:39 13312 c:\windows\ie7updates\KB982381-IE7\ieudinit.exe
+ 2010-12-21 23:50 . 2007-08-14 00:39 43008 c:\windows\ie7updates\KB982381-IE7\iernonce.dll
+ 2010-12-21 23:50 . 2008-04-14 09:41 81920 c:\windows\ie7updates\KB982381-IE7\ieencode.dll
+ 2010-12-21 23:50 . 2007-08-14 00:39 54784 c:\windows\ie7updates\KB982381-IE7\ie4uinit.exe
+ 2010-12-21 23:50 . 2008-04-14 09:41 35328 c:\windows\ie7updates\KB982381-IE7\corpol.dll
+ 2010-12-23 07:51 . 2007-03-06 01:22 14048 c:\windows\ie7updates\KB938127-v2-IE7\spmsg.dll
+ 2010-12-23 07:51 . 2007-03-06 01:22 22752 c:\windows\ie7updates\KB938127-v2-IE7\spcustom.dll
+ 2010-12-21 23:51 . 2010-02-22 14:23 17272 c:\windows\ie7updates\KB2416400-IE7\spmsg.dll
+ 2010-12-21 23:51 . 2010-02-22 14:23 26488 c:\windows\ie7updates\KB2416400-IE7\spcustom.dll
- 2010-12-20 00:16 . 2010-09-08 15:57 13824 c:\windows\ie7updates\KB2416400-IE7\ieudinit.exe
+ 2010-12-20 00:16 . 2010-08-31 12:09 13824 c:\windows\ie7updates\KB2416400-IE7\ieudinit.exe
+ 2010-12-21 23:51 . 2010-02-22 14:23 17272 c:\windows\ie7updates\KB2360131-IE7\spmsg.dll
+ 2010-12-21 23:51 . 2010-02-22 14:23 26488 c:\windows\ie7updates\KB2360131-IE7\spcustom.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 44544 c:\windows\ie7updates\KB2360131-IE7\pngfilt.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 44544 c:\windows\ie7updates\KB2360131-IE7\pngfilt.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 52224 c:\windows\ie7updates\KB2360131-IE7\msfeedsbs.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 52224 c:\windows\ie7updates\KB2360131-IE7\msfeedsbs.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 27648 c:\windows\ie7updates\KB2360131-IE7\jsproxy.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 27648 c:\windows\ie7updates\KB2360131-IE7\jsproxy.dll
+ 2010-12-01 10:13 . 2010-04-16 13:24 13824 c:\windows\ie7updates\KB2360131-IE7\ieudinit.exe
- 2010-12-01 10:13 . 2010-06-23 12:06 13824 c:\windows\ie7updates\KB2360131-IE7\ieudinit.exe
- 2010-12-01 10:13 . 2010-06-24 12:15 44544 c:\windows\ie7updates\KB2360131-IE7\iernonce.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 44544 c:\windows\ie7updates\KB2360131-IE7\iernonce.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 78336 c:\windows\ie7updates\KB2360131-IE7\ieencode.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 78336 c:\windows\ie7updates\KB2360131-IE7\ieencode.dll
+ 2010-12-01 10:13 . 2010-04-16 13:24 70656 c:\windows\ie7updates\KB2360131-IE7\ie4uinit.exe
- 2010-12-01 10:13 . 2010-06-23 12:06 70656 c:\windows\ie7updates\KB2360131-IE7\ie4uinit.exe
- 2010-12-01 10:13 . 2010-06-24 12:15 63488 c:\windows\ie7updates\KB2360131-IE7\icardie.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 63488 c:\windows\ie7updates\KB2360131-IE7\icardie.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 17408 c:\windows\ie7updates\KB2360131-IE7\corpol.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 17408 c:\windows\ie7updates\KB2360131-IE7\corpol.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 37888 c:\windows\ie7\url.dll
+ 2009-10-04 05:28 . 2008-04-14 09:42 37888 c:\windows\ie7\url.dll
- 2009-10-04 05:29 . 2007-08-13 23:52 66048 c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2009-10-04 05:29 . 2007-08-14 00:52 66048 c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2009-10-04 05:29 . 2007-08-14 00:54 32960 c:\windows\ie7\spuninst\iecustom.dll
- 2009-10-04 05:29 . 2007-08-13 23:54 32960 c:\windows\ie7\spuninst\iecustom.dll
+ 2010-12-21 23:48 . 2008-04-14 09:42 39424 c:\windows\ie7\pngfilt.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 39424 c:\windows\ie7\pngfilt.dll
+ 2010-12-21 23:48 . 2008-04-14 09:42 96256 c:\windows\ie7\occache.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 96256 c:\windows\ie7\occache.dll
+ 2010-12-21 23:48 . 2008-04-14 01:56 56832 c:\windows\ie7\mshtmler.dll
- 2009-10-04 05:28 . 2008-04-14 02:56 56832 c:\windows\ie7\mshtmler.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 29184 c:\windows\ie7\mshta.exe
+ 2010-12-21 23:48 . 2008-04-14 09:42 29184 c:\windows\ie7\mshta.exe
+ 2010-12-21 23:48 . 2008-04-14 09:41 22016 c:\windows\ie7\licmgr10.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 22016 c:\windows\ie7\licmgr10.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 15872 c:\windows\ie7\jsproxy.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 15872 c:\windows\ie7\jsproxy.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 96256 c:\windows\ie7\inseng.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 96256 c:\windows\ie7\inseng.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 35840 c:\windows\ie7\imgutil.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 35840 c:\windows\ie7\imgutil.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 93184 c:\windows\ie7\iexplore.exe
+ 2010-12-21 23:48 . 2008-04-14 09:42 93184 c:\windows\ie7\iexplore.exe
+ 2010-12-21 23:48 . 2008-04-14 09:41 62976 c:\windows\ie7\iesetup.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 62976 c:\windows\ie7\iesetup.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 48640 c:\windows\ie7\iernonce.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 48640 c:\windows\ie7\iernonce.dll
+ 2010-12-21 23:48 . 2008-04-14 09:42 18432 c:\windows\ie7\iedw.exe
- 2009-10-04 05:28 . 2008-04-14 10:42 18432 c:\windows\ie7\iedw.exe
- 2009-10-04 05:28 . 2008-04-14 10:42 34304 c:\windows\ie7\ie4uinit.exe
+ 2010-12-21 23:48 . 2008-04-14 09:42 34304 c:\windows\ie7\ie4uinit.exe
- 2009-10-04 05:28 . 2008-04-14 10:41 38912 c:\windows\ie7\hmmapi.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 38912 c:\windows\ie7\hmmapi.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 55808 c:\windows\ie7\extmgr.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 55808 c:\windows\ie7\extmgr.dll
+ 2010-12-21 23:48 . 2008-04-14 10:41 33792 c:\windows\ie7\custsat.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 33792 c:\windows\ie7\custsat.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 99840 c:\windows\ie7\advpack.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 99840 c:\windows\ie7\advpack.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 61440 c:\windows\ie7\admparse.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 61440 c:\windows\ie7\admparse.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-12-23 07:51 . 2010-12-23 07:51 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_4c9ebcc0\System.Drawing.Design.dll
+ 2010-12-23 07:51 . 2010-12-23 07:51 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_76df93e7\CustomMarshalers.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 57344 c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 57344 c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-12-23 07:51 . 2010-12-23 07:51 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 66560 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 90112 c:\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 32768 c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 32768 c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 32768 c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 32768 c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-12-21 23:50 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB982381-IE7\update\spcustom.dll
+ 2010-12-21 23:50 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB982381-IE7\spmsg.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 44544 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\pngfilt.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 52224 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msfeedsbs.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 27648 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\jsproxy.dll
+ 2010-12-21 23:42 . 2010-04-16 13:20 13824 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieudinit.exe
+ 2010-12-21 23:42 . 2010-05-04 17:20 44544 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iernonce.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 78336 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieencode.dll
+ 2010-12-21 23:42 . 2010-05-04 13:19 70656 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ie4uinit.exe
+ 2010-12-21 23:42 . 2010-05-04 17:20 63488 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\icardie.dll
+ 2010-12-21 23:42 . 2010-05-04 17:19 17408 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\corpol.dll
+ 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\tsbyuv.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 8192 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2009-11-27 16:07 . 2009-11-27 16:07 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 8192 c:\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-10-04 04:46 . 2009-08-07 01:24 209632 c:\windows\system32\wuweb.dll
+ 2009-10-04 04:46 . 2009-08-07 01:24 327896 c:\windows\system32\wucltui.dll
+ 2009-10-04 04:46 . 2009-08-07 01:23 575704 c:\windows\system32\wuapi.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 155648 c:\windows\system32\wscript.exe
+ 2008-04-14 09:42 . 2008-05-08 11:24 155648 c:\windows\system32\wscript.exe
- 2008-04-14 09:42 . 2008-04-14 09:42 485376 c:\windows\system32\wmspdmod.dll
+ 2008-04-14 09:42 . 2009-04-03 18:15 485376 c:\windows\system32\wmspdmod.dll
+ 2008-04-14 09:42 . 2009-07-12 18:21 233472 c:\windows\system32\wmpdxm.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 233472 c:\windows\system32\wmpdxm.dll
+ 2008-04-14 09:42 . 2009-06-10 06:14 132096 c:\windows\system32\wkssvc.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 132096 c:\windows\system32\wkssvc.dll
+ 2008-04-14 09:42 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 293376 c:\windows\system32\winsrv.dll
+ 2008-04-14 09:42 . 2010-06-18 17:45 293376 c:\windows\system32\winsrv.dll
+ 2008-04-14 09:42 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 233472 c:\windows\system32\webcheck.dll
+ 2009-10-04 04:44 . 2009-02-06 10:10 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2009-10-04 04:44 . 2009-02-09 12:10 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2009-10-04 04:44 . 2009-02-09 12:10 473600 c:\windows\system32\wbem\fastprox.dll
+ 2008-04-14 09:42 . 2010-03-09 11:09 430080 c:\windows\system32\vbscript.dll
+ 2008-04-14 09:42 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 406016 c:\windows\system32\usp10.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 105984 c:\windows\system32\url.dll
+ 2008-04-14 09:42 . 2010-08-27 08:02 119808 c:\windows\system32\t2embed.dll
+ 2008-04-14 09:42 . 2009-08-26 08:00 247326 c:\windows\system32\strmdll.dll
+ 2008-04-14 09:42 . 2009-12-08 09:23 474112 c:\windows\system32\shlwapi.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 474112 c:\windows\system32\shlwapi.dll
+ 2008-04-14 09:42 . 2009-02-06 11:11 110592 c:\windows\system32\services.exe
- 2008-04-14 09:42 . 2008-04-14 09:42 172032 c:\windows\system32\scrrun.dll
+ 2008-04-14 09:42 . 2008-05-09 10:53 172032 c:\windows\system32\scrrun.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 180224 c:\windows\system32\scrobj.dll
+ 2008-04-14 09:42 . 2008-05-09 10:53 180224 c:\windows\system32\scrobj.dll
+ 2008-04-14 09:42 . 2010-06-30 12:31 149504 c:\windows\system32\schannel.dll
+ 2008-04-14 09:42 . 2009-02-09 12:10 401408 c:\windows\system32\rpcss.dll
+ 2008-04-14 09:42 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll
+ 2008-04-14 09:42 . 2009-10-12 13:38 149504 c:\windows\system32\rastls.dll
+ 2001-08-23 12:00 . 2010-12-23 13:50 380350 c:\windows\system32\perfh009.dat
- 2001-08-23 12:00 . 2010-12-21 00:30 380350 c:\windows\system32\perfh009.dat
- 2008-04-14 09:42 . 2008-04-14 09:42 284160 c:\windows\system32\pdh.dll
+ 2008-04-14 09:42 . 2009-03-06 14:22 284160 c:\windows\system32\pdh.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 102912 c:\windows\system32\occache.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 270336 c:\windows\system32\oakley.dll
+ 2008-04-14 09:42 . 2009-10-13 10:30 270336 c:\windows\system32\oakley.dll
+ 2008-04-14 09:41 . 2009-02-09 12:10 714752 c:\windows\system32\ntdll.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 337408 c:\windows\system32\netapi32.dll
+ 2008-04-14 09:42 . 2008-10-15 16:34 337408 c:\windows\system32\netapi32.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 245248 c:\windows\system32\mswsock.dll
+ 2008-04-14 09:42 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2008-04-14 09:42 . 2009-08-05 09:01 204800 c:\windows\system32\mswebdvd.dll
+ 2008-04-14 09:42 . 2009-09-11 14:18 136192 c:\windows\system32\msv1_0.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 671232 c:\windows\system32\mstime.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 193024 c:\windows\system32\msrating.dll
+ 2009-10-04 04:44 . 2009-12-16 18:43 343040 c:\windows\system32\mspaint.exe
- 2009-10-04 04:44 . 2008-04-14 09:42 343040 c:\windows\system32\mspaint.exe
+ 2001-08-23 12:00 . 2007-08-14 00:54 156160 c:\windows\system32\msls31.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 478208 c:\windows\system32\mshtmled.dll
- 2009-10-04 04:44 . 2008-04-14 09:42 161792 c:\windows\system32\msdtcuiu.dll
+ 2009-10-04 04:44 . 2008-06-12 14:23 161792 c:\windows\system32\msdtcuiu.dll
+ 2009-10-04 04:44 . 2008-06-12 14:23 956928 c:\windows\system32\msdtctm.dll
- 2009-10-04 04:44 . 2008-04-14 09:42 956928 c:\windows\system32\msdtctm.dll
+ 2009-10-04 04:44 . 2008-06-12 14:23 428032 c:\windows\system32\msdtcprx.dll
+ 2009-11-06 04:17 . 2009-11-06 04:17 297808 c:\windows\system32\mscoree.dll
+ 2008-04-14 09:41 . 2010-04-05 17:54 384512 c:\windows\system32\mp4sdmod.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 384512 c:\windows\system32\mp4sdmod.dll
+ 2007-04-03 12:44 . 2010-09-18 18:23 974848 c:\windows\system32\mfc42u.dll
+ 2008-04-14 09:41 . 2010-09-18 06:53 974848 c:\windows\system32\mfc42.dll
+ 2008-04-14 09:41 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll
+ 2001-08-23 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll
+ 2008-04-14 09:41 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2008-04-14 09:42 . 2008-06-10 09:11 103936 c:\windows\system32\logagent.exe
- 2008-04-14 09:42 . 2008-04-14 09:42 103936 c:\windows\system32\logagent.exe
+ 2008-04-14 09:41 . 2009-05-07 15:32 345600 c:\windows\system32\localspl.dll
+ 2008-04-14 09:41 . 2009-03-21 14:06 989696 c:\windows\system32\kernel32.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 989696 c:\windows\system32\kernel32.dll
+ 2008-04-14 09:41 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
+ 2008-04-14 09:41 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 512000 c:\windows\system32\jscript.dll
+ 2009-10-04 04:46 . 2010-06-09 07:43 692736 c:\windows\system32\inetcomm.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 192512 c:\windows\system32\iepeers.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 384512 c:\windows\system32\iedkcs32.dll
+ 2001-08-23 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\ieakui.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 230400 c:\windows\system32\ieaksie.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 153088 c:\windows\system32\ieakeng.dll
+ 2008-04-14 09:41 . 2008-10-23 12:36 286720 c:\windows\system32\gdi32.dll
- 2009-10-03 23:38 . 2010-12-21 00:26 116560 c:\windows\system32\FNTCACHE.DAT
+ 2009-10-03 23:38 . 2010-12-22 09:30 116560 c:\windows\system32\FNTCACHE.DAT
+ 2008-04-14 09:41 . 2010-11-06 00:34 133120 c:\windows\system32\extmgr.dll
+ 2008-04-14 09:41 . 2008-07-07 20:26 253952 c:\windows\system32\es.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 214528 c:\windows\system32\dxtrans.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 347136 c:\windows\system32\dxtmsft.dll
+ 2008-04-14 04:30 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2008-04-14 04:50 . 2008-06-20 11:51 361600 c:\windows\system32\drivers\tcpip.sys
+ 2008-04-14 04:45 . 2010-08-26 13:39 357248 c:\windows\system32\drivers\srv.sys
+ 2008-04-14 04:25 . 2008-05-08 14:02 203136 c:\windows\system32\drivers\rmcast.sys
+ 2008-04-14 04:47 . 2010-02-24 13:11 455680 c:\windows\system32\drivers\mrxsmb.sys
+ 2008-04-14 04:23 . 2009-10-20 16:20 265728 c:\windows\system32\drivers\http.sys
+ 2008-04-14 04:16 . 2008-06-13 11:05 272128 c:\windows\system32\drivers\bthport.sys
+ 2008-04-14 04:49 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
- 2008-04-14 09:41 . 2008-04-14 09:41 147968 c:\windows\system32\dnsapi.dll
+ 2008-04-14 09:41 . 2008-06-20 17:46 147968 c:\windows\system32\dnsapi.dll
+ 2009-10-04 04:46 . 2009-08-07 01:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2009-10-04 04:46 . 2009-08-07 01:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2009-10-04 04:46 . 2009-08-07 01:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2008-04-14 09:42 . 2008-05-08 11:24 155648 c:\windows\system32\dllcache\wscript.exe
- 2008-04-14 09:42 . 2008-04-14 09:42 155648 c:\windows\system32\dllcache\wscript.exe
+ 2009-10-04 04:44 . 2010-07-12 12:55 218112 c:\windows\system32\dllcache\wordpad.exe
+ 2008-04-14 09:42 . 2009-04-03 18:15 485376 c:\windows\system32\dllcache\wmspdmod.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 485376 c:\windows\system32\dllcache\wmspdmod.dll
+ 2008-04-14 09:42 . 2009-07-12 18:21 233472 c:\windows\system32\dllcache\wmpdxm.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2009-10-04 04:44 . 2009-02-06 10:10 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2009-10-04 04:44 . 2009-02-09 12:10 453120 c:\windows\system32\dllcache\wmiprvsd.dll
+ 2008-04-14 09:42 . 2009-06-10 06:14 132096 c:\windows\system32\dllcache\wkssvc.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2008-04-14 09:42 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2008-04-14 09:42 . 2010-06-18 17:45 293376 c:\windows\system32\dllcache\winsrv.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 09:42 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2009-10-04 04:46 . 2008-05-27 17:23 765952 c:\windows\system32\dllcache\vgx.dll
+ 2008-04-14 09:42 . 2010-03-09 11:09 430080 c:\windows\system32\dllcache\vbscript.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-04-14 09:42 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 105984 c:\windows\system32\dllcache\url.dll
+ 2009-10-04 04:46 . 2009-06-21 21:44 153088 c:\windows\system32\dllcache\triedit.dll
- 2009-10-04 04:46 . 2008-04-14 09:42 153088 c:\windows\system32\dllcache\triedit.dll
+ 2008-04-14 04:30 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2008-04-14 04:50 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\tcpip.sys
+ 2008-04-14 09:42 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2008-04-14 09:42 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-04-14 04:45 . 2010-08-26 13:39 357248 c:\windows\system32\dllcache\srv.sys
- 2008-04-14 09:42 . 2008-04-14 09:42 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2008-04-14 09:42 . 2009-12-08 09:23 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2008-04-14 09:42 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\services.exe
+ 2008-04-14 09:42 . 2008-05-09 10:53 172032 c:\windows\system32\dllcache\scrrun.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 172032 c:\windows\system32\dllcache\scrrun.dll
+ 2008-04-14 09:42 . 2008-05-09 10:53 180224 c:\windows\system32\dllcache\scrobj.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 180224 c:\windows\system32\dllcache\scrobj.dll
+ 2008-04-14 09:42 . 2010-06-30 12:31 149504 c:\windows\system32\dllcache\schannel.dll
+ 2008-04-14 09:42 . 2009-02-09 12:10 401408 c:\windows\system32\dllcache\rpcss.dll
+ 2008-04-14 09:42 . 2010-08-16 08:45 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2008-04-14 04:25 . 2008-05-08 14:02 203136 c:\windows\system32\dllcache\rmcast.sys
+ 2008-04-14 09:42 . 2009-10-12 13:38 149504 c:\windows\system32\dllcache\rastls.dll
+ 2008-04-14 09:42 . 2009-03-06 14:22 284160 c:\windows\system32\dllcache\pdh.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 284160 c:\windows\system32\dllcache\pdh.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 102912 c:\windows\system32\dllcache\occache.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 270336 c:\windows\system32\dllcache\oakley.dll
+ 2008-04-14 09:42 . 2009-10-13 10:30 270336 c:\windows\system32\dllcache\oakley.dll
+ 2008-04-14 09:41 . 2009-02-09 12:10 714752 c:\windows\system32\dllcache\ntdll.dll
+ 2008-04-14 09:42 . 2008-10-15 16:34 337408 c:\windows\system32\dllcache\netapi32.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 337408 c:\windows\system32\dllcache\netapi32.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2008-04-14 09:42 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2008-04-14 09:42 . 2009-08-05 09:01 204800 c:\windows\system32\dllcache\mswebdvd.dll
+ 2008-04-14 09:42 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 671232 c:\windows\system32\dllcache\mstime.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 193024 c:\windows\system32\dllcache\msrating.dll
+ 2009-10-04 04:44 . 2009-12-16 18:43 343040 c:\windows\system32\dllcache\mspaint.exe
- 2009-10-04 04:44 . 2008-04-14 09:42 343040 c:\windows\system32\dllcache\mspaint.exe
+ 2001-08-23 12:00 . 2007-08-14 00:54 156160 c:\windows\system32\dllcache\msls31.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 478208 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-10-04 04:44 . 2008-06-12 14:23 161792 c:\windows\system32\dllcache\msdtcuiu.dll
- 2009-10-04 04:44 . 2008-04-14 09:42 161792 c:\windows\system32\dllcache\msdtcuiu.dll
- 2009-10-04 04:44 . 2008-04-14 09:42 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2009-10-04 04:44 . 2008-06-12 14:23 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2009-10-04 04:44 . 2008-06-12 14:23 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2009-10-04 04:46 . 2008-05-01 14:33 331776 c:\windows\system32\dllcache\msadce.dll
- 2009-10-04 04:46 . 2008-04-14 09:42 331776 c:\windows\system32\dllcache\msadce.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 384512 c:\windows\system32\dllcache\mp4sdmod.dll
+ 2008-04-14 09:41 . 2010-04-05 17:54 384512 c:\windows\system32\dllcache\mp4sdmod.dll
+ 2007-04-03 12:44 . 2010-09-18 18:23 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2008-04-14 09:41 . 2010-09-18 06:53 974848 c:\windows\system32\dllcache\mfc42.dll
+ 2008-04-14 09:41 . 2010-09-18 06:53 953856 c:\windows\system32\dllcache\mfc40u.dll
+ 2001-08-23 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
+ 2008-04-14 09:41 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2008-04-14 09:42 . 2008-06-10 09:11 103936 c:\windows\system32\dllcache\logagent.exe
- 2008-04-14 09:42 . 2008-04-14 09:42 103936 c:\windows\system32\dllcache\logagent.exe
+ 2008-04-14 09:41 . 2009-05-07 15:32 345600 c:\windows\system32\dllcache\localspl.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 989696 c:\windows\system32\dllcache\kernel32.dll
+ 2008-04-14 09:41 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\kernel32.dll
+ 2008-04-14 09:41 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 512000 c:\windows\system32\dllcache\jscript.dll
+ 2008-04-14 09:41 . 2009-08-13 15:16 512000 c:\windows\system32\dllcache\jscript.dll
+ 2009-10-04 04:46 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-10-04 04:46 . 2010-10-18 11:07 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2008-04-14 09:41 . 2010-11-06 00:34 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2001-08-23 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
- 2009-10-04 04:46 . 2008-04-14 09:42 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2009-10-04 04:46 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2008-04-14 09:41 . 2008-10-23 12:36 286720 c:\windows\system32\dllcache\gdi32.dll
+ 2009-10-04 04:44 . 2009-02-09 12:10 473600 c:\windows\system32\dllcache\fastprox.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-04-14 09:41 . 2008-07-07 20:26 253952 c:\windows\system32\dllcache\es.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-04-14 09:41 . 2008-06-20 17:46 147968 c:\windows\system32\dllcache\dnsapi.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 147968 c:\windows\system32\dllcache\dnsapi.dll
+ 2008-04-14 09:42 . 2008-05-07 09:07 135168 c:\windows\system32\dllcache\cscript.exe
+ 2008-04-14 09:41 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2008-04-14 09:39 . 2010-10-28 13:13 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2008-04-14 04:49 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2008-04-14 09:41 . 2010-11-06 00:34 124928 c:\windows\system32\dllcache\advpack.dll
+ 2008-04-14 09:41 . 2009-02-09 12:10 617472 c:\windows\system32\dllcache\advapi32.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 617472 c:\windows\system32\dllcache\advapi32.dll
+ 2008-04-14 09:41 . 2009-11-21 15:51 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2008-04-14 09:41 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2008-04-14 09:42 . 2008-05-07 09:07 135168 c:\windows\system32\cscript.exe
+ 2008-04-14 09:41 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 617472 c:\windows\system32\comctl32.dll
+ 2008-04-14 09:41 . 2010-11-06 00:34 124928 c:\windows\system32\advpack.dll
+ 2008-04-14 09:41 . 2009-02-09 12:10 617472 c:\windows\system32\advapi32.dll
- 2008-04-14 09:41 . 2008-04-14 09:41 617472 c:\windows\system32\advapi32.dll
+ 2008-04-14 09:41 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll
- 2010-12-15 06:22 . 2009-05-26 11:40 382840 c:\windows\SoftwareDistribution\Download\e5c5fc9bd7a4957f0a45c6db2957c5c9\update\updspapi.dll
- 2010-12-15 06:22 . 2009-05-26 11:40 755576 c:\windows\SoftwareDistribution\Download\e5c5fc9bd7a4957f0a45c6db2957c5c9\update\update.exe
- 2010-12-15 06:22 . 2009-05-26 11:40 231288 c:\windows\SoftwareDistribution\Download\e5c5fc9bd7a4957f0a45c6db2957c5c9\spuninst.exe
- 2010-12-15 06:28 . 2009-05-26 11:40 382840 c:\windows\SoftwareDistribution\Download\b3e2b981cbf5eb9576dda59d70b8957f\update\updspapi.dll
- 2010-12-15 06:28 . 2009-05-26 11:40 755576 c:\windows\SoftwareDistribution\Download\b3e2b981cbf5eb9576dda59d70b8957f\update\update.exe
- 2010-12-15 06:28 . 2009-05-26 11:40 231288 c:\windows\SoftwareDistribution\Download\b3e2b981cbf5eb9576dda59d70b8957f\spuninst.exe
- 2010-10-28 13:08 . 2010-10-28 13:08 290048 c:\windows\SoftwareDistribution\Download\b3e2b981cbf5eb9576dda59d70b8957f\sp3qfe\atmfd.dll
- 2010-10-28 13:13 . 2010-10-28 13:13 290048 c:\windows\SoftwareDistribution\Download\b3e2b981cbf5eb9576dda59d70b8957f\sp3gdr\atmfd.dll
- 2010-12-15 06:21 . 2009-05-26 11:40 382840 c:\windows\SoftwareDistribution\Download\a42ddcfeecc05b004b4bec0f90709c0a\update\updspapi.dll
- 2010-12-15 06:21 . 2009-05-26 11:40 755576 c:\windows\SoftwareDistribution\Download\a42ddcfeecc05b004b4bec0f90709c0a\update\update.exe
- 2010-12-15 06:21 . 2009-05-26 11:40 231288 c:\windows\SoftwareDistribution\Download\a42ddcfeecc05b004b4bec0f90709c0a\spuninst.exe
- 2010-12-15 06:19 . 2010-02-22 14:23 382840 c:\windows\SoftwareDistribution\Download\84b4d4a812b6609f4743b50cc13b603a\update\updspapi.dll
- 2010-12-15 06:19 . 2010-02-22 14:23 755576 c:\windows\SoftwareDistribution\Download\84b4d4a812b6609f4743b50cc13b603a\update\update.exe
- 2010-12-15 06:19 . 2010-02-22 14:23 231288 c:\windows\SoftwareDistribution\Download\84b4d4a812b6609f4743b50cc13b603a\spuninst.exe
- 2010-12-15 06:20 . 2010-02-22 14:23 382840 c:\windows\SoftwareDistribution\Download\834e1dc3631bc51ff79c0b62ec3e2ba7\update\updspapi.dll
- 2010-12-15 06:20 . 2010-02-22 14:23 755576 c:\windows\SoftwareDistribution\Download\834e1dc3631bc51ff79c0b62ec3e2ba7\update\update.exe
- 2010-12-15 06:20 . 2010-02-22 14:23 231288 c:\windows\SoftwareDistribution\Download\834e1dc3631bc51ff79c0b62ec3e2ba7\spuninst.exe
- 2010-12-15 06:28 . 2010-02-22 14:23 382840 c:\windows\SoftwareDistribution\Download\6482b73e551a94e4c78c8d847c4bb10c\update\updspapi.dll
- 2010-12-15 06:28 . 2010-02-22 14:23 755576 c:\windows\SoftwareDistribution\Download\6482b73e551a94e4c78c8d847c4bb10c\update\update.exe
- 2010-12-15 06:28 . 2010-02-22 14:23 231288 c:\windows\SoftwareDistribution\Download\6482b73e551a94e4c78c8d847c4bb10c\spuninst.exe
- 2010-12-15 06:28 . 2009-05-26 11:40 382840 c:\windows\SoftwareDistribution\Download\21a3e2112d908724f259ac8570ee5ae9\update\updspapi.dll
- 2010-12-15 06:28 . 2009-05-26 11:40 755576 c:\windows\SoftwareDistribution\Download\21a3e2112d908724f259ac8570ee5ae9\update\update.exe
- 2010-12-15 06:28 . 2009-05-26 11:40 231288 c:\windows\SoftwareDistribution\Download\21a3e2112d908724f259ac8570ee5ae9\spuninst.exe
- 2009-10-04 04:46 . 2008-04-14 09:42 744448 c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
+ 2009-10-04 04:46 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe


GoFigure
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-05
OS OS : Windows 7
Points Points : 25993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by GoFigure on Fri Dec 24, 2010 5:01 am

- 2003-02-21 16:20 . 2003-02-21 16:20 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 17:23 . 2004-07-15 17:23 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 20:31 . 2004-07-15 20:31 573440 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
- 2003-02-21 13:27 . 2003-02-21 13:27 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
- 2003-02-21 13:27 . 2003-02-21 13:27 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
- 2003-02-21 13:26 . 2003-02-21 13:26 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
- 2003-02-21 13:26 . 2003-02-21 13:26 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
- 2003-02-21 13:26 . 2003-02-21 13:26 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 372736 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
- 2003-02-21 13:26 . 2003-02-21 13:26 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 466944 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
- 2003-02-21 13:26 . 2003-02-21 13:26 466944 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2004-07-15 20:31 . 2004-07-15 20:31 303104 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
+ 2004-07-15 06:35 . 2004-07-15 06:35 319488 c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll
- 2003-02-21 01:09 . 2003-02-21 01:09 319488 c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2004-08-10 22:20 . 2004-08-10 22:20 106496 c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2004-07-15 06:33 . 2004-07-15 06:33 143360 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
- 2003-02-21 01:09 . 2003-02-21 01:09 143360 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2010-09-23 08:26 . 2010-09-23 08:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 08:25 . 2010-09-23 08:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2003-02-21 01:09 . 2003-02-21 01:09 233472 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-15 06:32 . 2004-07-15 06:32 233472 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
- 2003-02-21 13:26 . 2003-02-21 13:26 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2004-07-15 20:28 . 2004-07-15 20:28 720896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
- 2003-02-21 01:09 . 2003-02-21 01:09 196608 c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2004-07-15 06:35 . 2004-07-15 06:35 196608 c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2004-07-15 06:24 . 2004-07-15 06:24 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll
- 2003-02-21 01:06 . 2003-02-21 01:06 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2004-07-15 17:23 . 2004-07-15 17:23 626688 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
- 2003-02-21 16:21 . 2003-02-21 16:21 626688 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2010-09-23 09:17 . 2010-09-23 09:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-12-21 23:50 . 2007-08-14 00:54 818688 c:\windows\ie7updates\KB982381-IE7\wininet.dll
+ 2010-12-21 23:50 . 2007-08-14 00:54 231424 c:\windows\ie7updates\KB982381-IE7\webcheck.dll
+ 2010-12-21 23:50 . 2007-08-14 00:44 105984 c:\windows\ie7updates\KB982381-IE7\url.dll
+ 2010-12-21 23:50 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB982381-IE7\spuninst\updspapi.dll
+ 2010-12-21 23:50 . 2008-07-08 13:02 231288 c:\windows\ie7updates\KB982381-IE7\spuninst\spuninst.exe
+ 2010-12-21 23:50 . 2007-08-14 00:44 101376 c:\windows\ie7updates\KB982381-IE7\occache.dll
+ 2010-12-21 23:50 . 2007-08-14 00:54 670720 c:\windows\ie7updates\KB982381-IE7\mstime.dll
+ 2010-12-21 23:50 . 2007-08-14 00:44 192000 c:\windows\ie7updates\KB982381-IE7\msrating.dll
+ 2010-12-21 23:50 . 2007-08-14 00:54 475648 c:\windows\ie7updates\KB982381-IE7\mshtmled.dll
+ 2010-12-21 23:50 . 2007-08-14 00:43 622080 c:\windows\ie7updates\KB982381-IE7\iexplore.exe
+ 2010-12-21 23:50 . 2007-08-14 00:54 191488 c:\windows\ie7updates\KB982381-IE7\iepeers.dll
+ 2010-12-21 23:50 . 2007-08-14 00:39 382976 c:\windows\ie7updates\KB982381-IE7\iedkcs32.dll
+ 2010-12-21 23:50 . 2010-11-06 00:34 380928 c:\windows\ie7updates\KB982381-IE7\ieapfltr.dll
+ 2010-12-21 23:50 . 2007-08-13 23:56 161792 c:\windows\ie7updates\KB982381-IE7\ieakui.dll
+ 2010-12-21 23:50 . 2007-08-14 00:39 229376 c:\windows\ie7updates\KB982381-IE7\ieaksie.dll
+ 2010-12-21 23:50 . 2007-08-14 00:39 152064 c:\windows\ie7updates\KB982381-IE7\ieakeng.dll
+ 2010-12-21 23:50 . 2007-08-14 00:54 131584 c:\windows\ie7updates\KB982381-IE7\extmgr.dll
+ 2010-12-21 23:50 . 2007-08-14 00:35 214528 c:\windows\ie7updates\KB982381-IE7\dxtrans.dll
+ 2010-12-21 23:50 . 2007-08-14 00:35 346624 c:\windows\ie7updates\KB982381-IE7\dxtmsft.dll
+ 2010-12-21 23:50 . 2007-08-14 00:39 123904 c:\windows\ie7updates\KB982381-IE7\advpack.dll
- 2009-10-04 08:29 . 2007-08-13 23:54 765952 c:\windows\ie7updates\KB938127-v2-IE7\vgx.dll
+ 2009-10-04 08:29 . 2007-08-14 00:54 765952 c:\windows\ie7updates\KB938127-v2-IE7\vgx.dll
+ 2010-12-23 07:51 . 2007-03-06 01:23 371424 c:\windows\ie7updates\KB938127-v2-IE7\updspapi.dll
+ 2010-12-23 07:51 . 2007-03-06 01:22 716000 c:\windows\ie7updates\KB938127-v2-IE7\update.exe
+ 2010-12-23 07:51 . 2007-03-06 01:22 213216 c:\windows\ie7updates\KB938127-v2-IE7\spuninst.exe
+ 2010-12-21 23:51 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB2416400-IE7\updspapi.dll
+ 2010-12-21 23:51 . 2010-02-22 14:23 755576 c:\windows\ie7updates\KB2416400-IE7\update.exe
- 2010-12-20 00:16 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB2416400-IE7\spuninst\updspapi.dll
+ 2010-12-20 00:16 . 2010-07-05 13:16 382840 c:\windows\ie7updates\KB2416400-IE7\spuninst\updspapi.dll
+ 2010-12-21 23:51 . 2010-02-22 14:23 231288 c:\windows\ie7updates\KB2416400-IE7\spuninst.exe
- 2010-12-01 10:13 . 2010-06-24 12:15 832512 c:\windows\ie7updates\KB2360131-IE7\wininet.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 832512 c:\windows\ie7updates\KB2360131-IE7\wininet.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 233472 c:\windows\ie7updates\KB2360131-IE7\webcheck.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 233472 c:\windows\ie7updates\KB2360131-IE7\webcheck.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 105984 c:\windows\ie7updates\KB2360131-IE7\url.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 105984 c:\windows\ie7updates\KB2360131-IE7\url.dll
+ 2010-12-21 23:51 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB2360131-IE7\updspapi.dll
+ 2010-12-21 23:51 . 2010-02-22 14:23 755576 c:\windows\ie7updates\KB2360131-IE7\update.exe
+ 2010-12-01 10:13 . 2010-07-05 13:16 382840 c:\windows\ie7updates\KB2360131-IE7\spuninst\updspapi.dll
- 2010-12-01 10:13 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB2360131-IE7\spuninst\updspapi.dll
+ 2010-12-21 23:51 . 2010-02-22 14:23 231288 c:\windows\ie7updates\KB2360131-IE7\spuninst.exe
- 2010-12-01 10:13 . 2010-06-24 12:15 102912 c:\windows\ie7updates\KB2360131-IE7\occache.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 102912 c:\windows\ie7updates\KB2360131-IE7\occache.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 671232 c:\windows\ie7updates\KB2360131-IE7\mstime.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 671232 c:\windows\ie7updates\KB2360131-IE7\mstime.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 193024 c:\windows\ie7updates\KB2360131-IE7\msrating.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 193024 c:\windows\ie7updates\KB2360131-IE7\msrating.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 477696 c:\windows\ie7updates\KB2360131-IE7\mshtmled.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 477696 c:\windows\ie7updates\KB2360131-IE7\mshtmled.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 459264 c:\windows\ie7updates\KB2360131-IE7\msfeeds.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 459264 c:\windows\ie7updates\KB2360131-IE7\msfeeds.dll
- 2010-12-01 10:13 . 2010-06-17 15:12 634656 c:\windows\ie7updates\KB2360131-IE7\iexplore.exe
+ 2010-12-01 10:13 . 2010-04-16 11:43 634656 c:\windows\ie7updates\KB2360131-IE7\iexplore.exe
- 2010-12-01 10:13 . 2010-06-24 12:15 268288 c:\windows\ie7updates\KB2360131-IE7\iertutil.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 268288 c:\windows\ie7updates\KB2360131-IE7\iertutil.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 192512 c:\windows\ie7updates\KB2360131-IE7\iepeers.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 192512 c:\windows\ie7updates\KB2360131-IE7\iepeers.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 385024 c:\windows\ie7updates\KB2360131-IE7\iedkcs32.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 385024 c:\windows\ie7updates\KB2360131-IE7\iedkcs32.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 380928 c:\windows\ie7updates\KB2360131-IE7\ieapfltr.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 380928 c:\windows\ie7updates\KB2360131-IE7\ieapfltr.dll
- 2010-12-01 10:13 . 2010-06-17 15:11 161792 c:\windows\ie7updates\KB2360131-IE7\ieakui.dll
+ 2010-12-01 10:13 . 2010-04-16 11:43 161792 c:\windows\ie7updates\KB2360131-IE7\ieakui.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 230400 c:\windows\ie7updates\KB2360131-IE7\ieaksie.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 230400 c:\windows\ie7updates\KB2360131-IE7\ieaksie.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 153088 c:\windows\ie7updates\KB2360131-IE7\ieakeng.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 153088 c:\windows\ie7updates\KB2360131-IE7\ieakeng.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 133120 c:\windows\ie7updates\KB2360131-IE7\extmgr.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 133120 c:\windows\ie7updates\KB2360131-IE7\extmgr.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 214528 c:\windows\ie7updates\KB2360131-IE7\dxtrans.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 214528 c:\windows\ie7updates\KB2360131-IE7\dxtrans.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 347136 c:\windows\ie7updates\KB2360131-IE7\dxtmsft.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 347136 c:\windows\ie7updates\KB2360131-IE7\dxtmsft.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 124928 c:\windows\ie7updates\KB2360131-IE7\advpack.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 124928 c:\windows\ie7updates\KB2360131-IE7\advpack.dll
+ 2009-10-04 05:28 . 2008-04-14 09:42 666112 c:\windows\ie7\wininet.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 666112 c:\windows\ie7\wininet.dll
+ 2009-10-04 05:28 . 2008-04-14 09:42 276480 c:\windows\ie7\webcheck.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 276480 c:\windows\ie7\webcheck.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 851968 c:\windows\ie7\vgx.dll
+ 2009-10-04 05:28 . 2008-04-14 09:42 851968 c:\windows\ie7\vgx.dll
+ 2009-10-04 05:28 . 2008-04-14 09:42 619520 c:\windows\ie7\urlmon.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 619520 c:\windows\ie7\urlmon.dll
- 2009-10-04 05:29 . 2006-09-06 22:43 371424 c:\windows\ie7\spuninst\updspapi.dll
+ 2009-10-04 05:29 . 2006-09-06 23:43 371424 c:\windows\ie7\spuninst\updspapi.dll
+ 2009-10-04 05:29 . 2006-09-06 23:43 213216 c:\windows\ie7\spuninst\spuninst.exe
- 2009-10-04 05:29 . 2006-09-06 22:43 213216 c:\windows\ie7\spuninst\spuninst.exe
+ 2010-12-21 23:48 . 2008-04-14 09:42 532480 c:\windows\ie7\mstime.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 532480 c:\windows\ie7\mstime.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 146432 c:\windows\ie7\msrating.dll
+ 2010-12-21 23:48 . 2008-04-14 09:42 146432 c:\windows\ie7\msrating.dll
+ 2010-12-21 23:48 . 2001-08-23 12:00 146432 c:\windows\ie7\msls31.dll
- 2009-10-04 05:28 . 2001-08-23 12:00 146432 c:\windows\ie7\msls31.dll
+ 2010-12-21 23:48 . 2008-04-14 09:42 449024 c:\windows\ie7\mshtmled.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 449024 c:\windows\ie7\mshtmled.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 251904 c:\windows\ie7\iepeers.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 251904 c:\windows\ie7\iepeers.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 323584 c:\windows\ie7\iedkcs32.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 323584 c:\windows\ie7\iedkcs32.dll
+ 2010-12-21 23:48 . 2001-08-23 12:00 221184 c:\windows\ie7\ieakui.dll
- 2009-10-04 05:28 . 2001-08-23 12:00 221184 c:\windows\ie7\ieakui.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 216576 c:\windows\ie7\ieaksie.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 216576 c:\windows\ie7\ieaksie.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 143360 c:\windows\ie7\ieakeng.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 143360 c:\windows\ie7\ieakeng.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 205312 c:\windows\ie7\dxtrans.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 205312 c:\windows\ie7\dxtrans.dll
- 2009-10-04 05:28 . 2008-04-14 10:41 357888 c:\windows\ie7\dxtmsft.dll
+ 2010-12-21 23:48 . 2008-04-14 09:41 357888 c:\windows\ie7\dxtmsft.dll
+ 2010-12-21 16:12 . 2010-02-24 13:11 455680 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\Driver Cache\i386\http.sys
+ 2010-12-21 16:13 . 2008-06-13 11:05 272128 c:\windows\Driver Cache\i386\bthport.sys
+ 2010-12-23 07:52 . 2010-12-23 07:52 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_8dbcf4d4\System.Drawing.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 573440 c:\windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 819200 c:\windows\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 819200 c:\windows\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 126976 c:\windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 126976 c:\windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 131072 c:\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 131072 c:\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 323584 c:\windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 323584 c:\windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 241664 c:\windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 241664 c:\windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 372736 c:\windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 241664 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 241664 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 466944 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 466944 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 303104 c:\windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 299008 c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-12-21 00:20 . 2010-12-21 00:20 299008 c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 720896 c:\windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-04-14 09:41 . 2009-11-21 15:51 471552 c:\windows\AppPatch\aclayers.dll
+ 2009-10-04 05:28 . 2006-05-24 18:32 371424 c:\windows\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\updspapi.dll
- 2009-10-04 05:28 . 2006-05-24 17:32 371424 c:\windows\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\updspapi.dll
+ 2009-10-04 05:28 . 2006-05-24 18:32 213216 c:\windows\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe
- 2009-10-04 05:28 . 2006-05-24 17:32 213216 c:\windows\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe
- 2009-10-04 05:28 . 2006-05-25 15:29 371424 c:\windows\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\updspapi.dll
+ 2009-10-04 05:28 . 2006-05-25 16:29 371424 c:\windows\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\updspapi.dll
- 2009-10-04 05:28 . 2006-05-25 15:29 213216 c:\windows\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe
+ 2009-10-04 05:28 . 2006-05-25 16:29 213216 c:\windows\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe
+ 2010-12-21 23:50 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982381-IE7\update\updspapi.dll
+ 2010-12-21 23:50 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB982381-IE7\update\update.exe
+ 2010-12-21 23:50 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB982381-IE7\spuninst.exe
+ 2010-12-21 23:42 . 2010-05-04 17:20 841216 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\wininet.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 233472 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\webcheck.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 105984 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\url.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 102912 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\occache.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 671232 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mstime.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 193024 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msrating.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 477696 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mshtmled.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 459264 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msfeeds.dll
+ 2010-12-21 23:42 . 2010-04-16 11:08 634648 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
+ 2010-12-21 23:42 . 2010-05-04 17:20 268288 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iertutil.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 193024 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iepeers.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 388608 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iedkcs32.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 380928 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieapfltr.dll
+ 2010-12-21 23:42 . 2010-04-16 11:06 161792 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieakui.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 230400 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieaksie.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 153088 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieakeng.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 132608 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\extmgr.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 214528 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\dxtrans.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 347136 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\dxtmsft.dll
+ 2010-12-21 23:42 . 2010-05-04 17:19 124928 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\advpack.dll
+ 2009-10-04 05:39 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971657\update\updspapi.dll
- 2009-10-04 05:39 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB971657\update\updspapi.dll
+ 2009-10-04 05:39 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971657\update\update.exe
- 2009-10-04 05:39 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB971657\update\update.exe
- 2009-10-04 05:37 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB968389\update\updspapi.dll
+ 2009-10-04 05:37 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB968389\update\updspapi.dll
+ 2009-10-04 05:33 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB967715\update\updspapi.dll
- 2009-10-04 05:33 . 2008-07-09 18:08 382840 c:\windows\$hf_mig$\KB967715\update\updspapi.dll
- 2009-10-04 05:35 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB961501\update\update.exe
+ 2009-10-04 05:35 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB961501\update\update.exe
+ 2009-10-04 05:37 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB960859\update\updspapi.dll
- 2009-10-04 05:37 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB960859\update\updspapi.dll
- 2009-10-04 05:37 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB960859\update\update.exe
+ 2009-10-04 05:37 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB960859\update\update.exe
+ 2009-10-04 05:35 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB960803\update\updspapi.dll
- 2009-10-04 05:35 . 2007-11-30 11:18 382840 c:\windows\$hf_mig$\KB960803\update\updspapi.dll
+ 2009-10-04 05:35 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB960803\update\update.exe
- 2009-10-04 05:35 . 2007-11-30 11:18 755576 c:\windows\$hf_mig$\KB960803\update\update.exe
+ 2009-10-04 05:34 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB959426\update\updspapi.dll
- 2009-10-04 05:34 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB959426\update\updspapi.dll
+ 2009-10-04 05:34 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB959426\update\update.exe
- 2009-10-04 05:34 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB959426\update\update.exe
+ 2009-10-04 05:32 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB956802\update\updspapi.dll
- 2009-10-04 05:32 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956802\update\updspapi.dll
- 2009-10-04 05:32 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2009-10-04 05:32 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2009-10-04 05:31 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB954459\update\updspapi.dll
- 2009-10-04 05:31 . 2007-11-30 11:18 382840 c:\windows\$hf_mig$\KB954459\update\updspapi.dll
- 2009-10-04 05:31 . 2007-11-30 11:18 755576 c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2009-10-04 05:31 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2009-10-04 05:31 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB952954\update\updspapi.dll
- 2009-10-04 05:31 . 2007-11-30 11:18 382840 c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2009-10-04 05:31 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB952954\update\update.exe
- 2009-10-04 05:31 . 2007-11-30 11:18 755576 c:\windows\$hf_mig$\KB952954\update\update.exe
- 2009-10-04 05:34 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB952004\update\updspapi.dll
+ 2009-10-04 05:34 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB952004\update\updspapi.dll
- 2009-10-04 05:34 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB952004\update\update.exe
+ 2009-10-04 05:34 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB952004\update\update.exe
- 2009-10-04 05:30 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2009-10-04 05:30 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB951748\update\updspapi.dll
- 2009-10-04 05:30 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2009-10-04 05:30 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB951748\update\update.exe
- 2009-10-04 05:30 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2009-10-04 05:30 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2009-10-04 05:30 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB950974\update\update.exe
- 2009-10-04 05:30 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB950974\update\update.exe
- 2010-12-20 00:16 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2416400-IE7\update\updspapi.dll
+ 2010-12-01 10:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2360131-IE7\update\updspapi.dll
- 2010-12-01 10:13 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2360131-IE7\update\updspapi.dll
+ 2010-08-21 19:03 . 2010-02-23 01:53 382840 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
- 2010-08-21 19:03 . 2010-02-23 00:53 382840 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
- 2009-10-14 13:50 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2010-12-21 16:12 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2010-12-21 16:12 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
- 2010-11-06 04:15 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2009-10-14 13:50 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\InstallTemp\11330111\GdiPlus.dll
+ 2010-11-06 04:15 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\InstallTemp\11272697\comctl32.dll
+ 2009-10-04 04:46 . 2009-08-07 01:23 1929952 c:\windows\system32\wuaueng.dll
+ 2008-04-14 09:43 . 2010-04-08 20:03 2113536 c:\windows\system32\WMVCore.dll
+ 2008-04-14 09:42 . 2010-08-26 23:16 4886528 c:\windows\system32\wmp.dll
+ 2008-04-14 09:42 . 2008-06-10 12:11 1053696 c:\windows\system32\WMNetmgr.dll
+ 2008-04-14 09:42 . 2010-11-06 00:34 1168384 c:\windows\system32\urlmon.dll
+ 2008-04-14 09:42 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 1435648 c:\windows\system32\query.dll
+ 2008-04-14 09:42 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
+ 2008-04-14 09:42 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll
+ 2008-04-14 09:42 . 2010-07-16 12:05 1288192 c:\windows\system32\ole32.dll
+ 2008-04-14 04:54 . 2010-04-27 13:59 2146304 c:\windows\system32\ntoskrnl.exe
+ 2008-04-14 00:01 . 2010-04-27 13:05 2024448 c:\windows\system32\ntkrnlpa.exe
+ 2008-04-14 09:42 . 2009-07-31 16:05 1372672 c:\windows\system32\msxml6.dll
+ 2008-04-14 09:42 . 2010-06-14 07:41 1172480 c:\windows\system32\msxml3.dll
+ 2009-10-04 04:44 . 2009-06-10 15:19 2066432 c:\windows\system32\mstscax.dll
+ 2008-04-14 09:42 . 2010-11-06 12:04 3604480 c:\windows\system32\mshtml.dll
+ 2009-10-04 04:46 . 2009-08-07 01:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2008-04-14 09:43 . 2010-04-08 20:03 2113536 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-04-14 09:42 . 2010-08-26 23:16 4886528 c:\windows\system32\dllcache\wmp.dll
+ 2008-04-14 09:42 . 2008-06-10 12:11 1053696 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2008-04-14 05:00 . 2010-10-26 13:25 1853312 c:\windows\system32\dllcache\win32k.sys
+ 2008-04-14 09:42 . 2010-11-06 00:34 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-14 09:42 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
- 2008-04-14 09:42 . 2008-04-14 09:42 1435648 c:\windows\system32\dllcache\query.dll
+ 2008-04-14 09:42 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2008-04-14 09:42 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2008-04-14 09:42 . 2010-07-16 12:05 1288192 c:\windows\system32\dllcache\ole32.dll
+ 2008-04-14 09:42 . 2009-07-31 16:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2008-04-14 09:42 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-06-10 15:19 . 2009-06-10 15:19 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2009-10-04 04:46 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-04-14 09:42 . 2010-11-06 12:04 3604480 c:\windows\system32\dllcache\mshtml.dll
- 2009-10-04 04:46 . 2008-04-14 09:42 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2009-10-04 04:46 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2010-10-26 13:27 . 2010-10-26 13:27 1862272 c:\windows\SoftwareDistribution\Download\21a3e2112d908724f259ac8570ee5ae9\sp3qfe\win32k.sys
- 2010-10-26 13:25 . 2010-10-26 13:25 1853312 c:\windows\SoftwareDistribution\Download\21a3e2112d908724f259ac8570ee5ae9\sp3gdr\win32k.sys
- 2003-02-21 11:04 . 2003-02-21 11:04 1032192 c:\windows\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2004-07-15 14:15 . 2004-07-15 14:15 1032192 c:\windows\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2004-07-15 20:29 . 2004-07-15 20:29 1339392 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2004-07-15 20:32 . 2004-07-15 20:32 2052096 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2010-09-23 21:55 . 2010-09-23 21:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 21:55 . 2010-09-23 21:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2004-07-15 20:29 . 2004-07-15 20:29 1703936 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
+ 2004-07-15 20:32 . 2004-07-15 20:32 1294336 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
+ 2010-09-23 08:26 . 2010-09-23 08:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-09-23 08:25 . 2010-09-23 08:25 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-09-23 21:55 . 2010-09-23 21:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-12-21 23:50 . 2007-08-14 00:54 1162240 c:\windows\ie7updates\KB982381-IE7\urlmon.dll
+ 2010-12-21 23:50 . 2007-08-14 00:54 3578368 c:\windows\ie7updates\KB982381-IE7\mshtml.dll
- 2010-12-20 00:16 . 2010-09-09 13:38 3601920 c:\windows\ie7updates\KB2416400-IE7\mshtml.dll
+ 2010-12-20 00:16 . 2010-09-10 01:08 3601920 c:\windows\ie7updates\KB2416400-IE7\mshtml.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 1168384 c:\windows\ie7updates\KB2360131-IE7\urlmon.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 1168384 c:\windows\ie7updates\KB2360131-IE7\urlmon.dll
+ 2010-12-01 10:13 . 2010-05-05 04:50 3600384 c:\windows\ie7updates\KB2360131-IE7\mshtml.dll
+ 2010-12-01 10:13 . 2010-05-04 17:20 6067200 c:\windows\ie7updates\KB2360131-IE7\ieframe.dll
- 2010-12-01 10:13 . 2010-06-24 12:15 6067200 c:\windows\ie7updates\KB2360131-IE7\ieframe.dll
- 2009-10-04 05:28 . 2008-04-14 10:42 3066880 c:\windows\ie7\mshtml.dll
+ 2010-12-21 23:48 . 2008-04-14 09:42 3066880 c:\windows\ie7\mshtml.dll
+ 2010-12-21 16:08 . 2010-04-28 02:25 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-12-21 16:08 . 2010-04-27 13:05 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2010-12-21 16:08 . 2010-04-27 13:05 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-12-21 16:08 . 2010-04-27 13:59 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-12-23 07:51 . 2010-12-23 07:51 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_234d504d\System.dll
+ 2010-12-23 07:51 . 2010-12-23 07:51 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_a5de4d39\System.Xml.dll
+ 2010-12-23 07:51 . 2010-12-23 07:51 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_6acfd121\System.Windows.Forms.dll
+ 2010-12-23 07:52 . 2010-12-23 07:52 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_58c40723\System.Design.dll
+ 2010-12-23 07:52 . 2010-12-23 07:52 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_727c6f8d\mscorlib.dll
+ 2010-12-23 07:51 . 2010-12-23 07:51 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 1339392 c:\windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 2052096 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-12-23 07:51 . 2010-12-23 07:51 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 1703936 c:\windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-12-22 09:03 . 2010-12-22 09:03 1294336 c:\windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 1171968 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\urlmon.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 3603456 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mshtml.dll
+ 2010-12-21 23:42 . 2010-05-04 17:20 6071296 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieframe.dll
+ 2010-12-21 23:42 . 2010-02-22 22:04 2452872 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieapfltr.dat
+ 2010-09-24 20:08 . 2010-09-24 20:08 11430400 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp
+ 2010-09-24 13:08 . 2010-09-24 13:08 17518080 c:\windows\Installer\4cbd78d.msp
+ 2010-12-22 09:02 . 2010-12-22 09:02 19210240 c:\windows\Installer\1f5c48f.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="nwiz.exe" [2009-01-15 1657376]
"CTHelper"="CTHELPER.EXE" [2006-06-01 17920]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-06-01 18944]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-29 196608]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1205000.07D\symds.sys [12/9/2010 1:50 PM 340016]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1205000.07D\symefa.sys [12/9/2010 1:50 PM 652336]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20101123.003\BHDrvx86.sys [11/22/2010 8:20 PM 691248]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1205000.07D\ironx86.sys [12/9/2010 1:50 PM 136312]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.5.0.125\ccsvchst.exe [12/9/2010 1:50 PM 130000]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/15/2010 5:17 PM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20101223.002\IDSXpx86.sys [12/23/2010 6:08 PM 341944]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
FF - ProfilePath - c:\documents and settings\dendeb\Application Data\Mozilla\Firefox\Profiles\ghcfzy9p.default\
FF - prefs.js: browser.search.selectedEngine - Safe Search
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-12-23 22:48
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"=""c:\program files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe" /s "NIS" /m "c:\program files\Norton Internet Security\Engine\18.5.0.125\diMaster.dll" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(232)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
Completion time: 2010-12-23 22:50:39
ComboFix-quarantined-files.txt 2010-12-24 04:50
ComboFix2.txt 2010-12-14 05:24

Pre-Run: 19,523,371,008 bytes free
Post-Run: 19,532,189,696 bytes free

- - End Of File - - 3C81BD4218A79B08B937807315039B3B

GoFigure
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-05
OS OS : Windows 7
Points Points : 25993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by Belahzur on Fri Dec 24, 2010 11:33 pm

Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

Run ESET Online Scan
Please do an online scan with [You must be registered and logged in to see this link.]. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by GoFigure on Sat Dec 25, 2010 7:06 am

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=8bf3ba12f7568b4ea488cb52e7892721
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-12-25 07:00:32
# local_time=2010-12-25 01:00:32 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=3588 16777190 85 82 48467 2362457 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=79387
# found=0
# cleaned=0
# scan_time=1339

NOTE: The online scanner didn't function as described in your instructions. It downloaded and installed a program to c:\program files\eset\onlinescanner and then scanned the system and put the log file in this same folder. Then uninstalls when finished. Just thought you might want to know they changed the way it works.

GoFigure
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-05
OS OS : Windows 7
Points Points : 25993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by Belahzur on Mon Dec 27, 2010 9:32 pm

Looks good.

Your VLC Player needs updating, so do that now.

Download and install [You must be registered and logged in to see this link.]
When installing, it will ask if you want to uninstall the old version first before it can install the new version, so please select yes and allow it to install.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by GoFigure on Tue Dec 28, 2010 2:41 pm

Still get the popup from Norton Internet Security that the MBR is infected with mebroot.

GoFigure
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-05
OS OS : Windows 7
Points Points : 25993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by Belahzur on Tue Dec 28, 2010 10:23 pm

Hello.

Download [You must be registered and logged in to see this link.] to your desktop.

  • Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
  • It will show a black screen with some data on it.
  • A report called MBRcheckxxxx.txt will be on your desktop
  • Open this report and post its content in your next reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by GoFigure on Fri Dec 31, 2010 7:00 pm

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000003d

Kernel Drivers (total 127):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F79000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F68000 pci.sys
0xBA0A8000 isapnp.sys
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA0B8000 MountMgr.sys
0xB9F49000 ftdisk.sys
0xBA5AC000 dmload.sys
0xB9F23000 dmio.sys
0xBA330000 PartMgr.sys
0xBA0C8000 VolSnap.sys
0xB9F0B000 atapi.sys
0xBA0D8000 disk.sys
0xBA0E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9EEB000 fltmgr.sys
0xB9E94000 SYMDS.SYS
0xB9E82000 sr.sys
0xB9DDE000 SYMEFA.SYS
0xB9DC7000 KSecDD.sys
0xB9D3A000 Ntfs.sys
0xB9D0D000 NDIS.sys
0xB9CF3000 Mup.sys
0xB9C72000 \SystemRoot\system32\DRIVERS\yk51x86.sys
0xB966F000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB965B000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xBA3D8000 \SystemRoot\system32\DRIVERS\fdc.sys
0xB9647000 \SystemRoot\system32\DRIVERS\parport.sys
0xBA727000 \SystemRoot\system32\drivers\msmpu401.sys
0xB9623000 \SystemRoot\system32\drivers\portcls.sys
0xBA1D8000 \SystemRoot\system32\drivers\drmk.sys
0xB9600000 \SystemRoot\system32\drivers\ks.sys
0xBA1E8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xBA3E0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA3E8000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xB95DC000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA3F0000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xBA1F8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA208000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA218000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB9562000 \SystemRoot\system32\drivers\ctaud2k.sys
0xB952F000 \SystemRoot\system32\drivers\ctoss2k.sys
0xBA3F8000 \SystemRoot\system32\drivers\ctprxy2k.sys
0xBA228000 \SystemRoot\system32\DRIVERS\nvnetbus.sys
0xB9445000 \SystemRoot\system32\DRIVERS\NVNRM.SYS
0xBA238000 \SystemRoot\system32\DRIVERS\processr.sys
0xBA73F000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA248000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA574000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB942E000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA258000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA268000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xBA400000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB941D000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA278000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA408000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA410000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB93ED000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xBA288000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA418000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA5CA000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB9367000 \SystemRoot\system32\DRIVERS\update.sys
0xBA58C000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA298000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA2B8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xBA5CC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB2DCE000 \SystemRoot\system32\drivers\ha20x2k.sys
0xB2DA1000 \SystemRoot\system32\drivers\emupia2k.sys
0xB2D7A000 \SystemRoot\system32\drivers\ctsfm2k.sys
0xB2CDE000 \SystemRoot\system32\drivers\ctac32k.sys
0xBA428000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xBA5D2000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA7CA000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5D4000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA438000 \SystemRoot\System32\drivers\vga.sys
0xBA5D6000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5D8000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA440000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA448000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB9CBF000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB2CAB000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB2C52000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB2BF9000 \SystemRoot\System32\Drivers\NIS\1205000.07D\SYMTDI.SYS
0xB2BD3000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xBA2D8000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB2BAD000 \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
0xBA558000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xBA308000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xBA450000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB2B2D000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB2B0B000 \SystemRoot\System32\drivers\afd.sys
0xBA318000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB2AE7000 \SystemRoot\system32\drivers\NIS\1205000.07D\Ironx86.SYS
0xBA198000 \SystemRoot\system32\drivers\NIS\1205000.07D\SRTSPX.SYS
0xB2ABC000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB2A4C000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xBA128000 \SystemRoot\System32\Drivers\Fips.SYS
0xB29EE000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0xBA54C000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB29A9000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0xB28FD000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20101123.003\BHDrvx86.sys
0xBA158000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB28E5000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA60A000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB923A000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA488000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA7E8000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xB2529000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB2348000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xBA5BE000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB21D8000 \SystemRoot\system32\DRIVERS\srv.sys
0xB1EFB000 \SystemRoot\System32\Drivers\NIS\1205000.07D\SRTSP.SYS
0xB1D5F000 \SystemRoot\system32\drivers\wdmaud.sys
0xB2278000 \SystemRoot\system32\drivers\sysaudio.sys
0xB1750000 \SystemRoot\System32\Drivers\HTTP.sys
0xB09E2000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20101229.002\IDSxpx86.sys
0xB07CF000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20101231.002\NAVEX15.SYS
0xB07BB000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20101231.002\NAVENG.SYS
0xAE1D6000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 28):
0 System Idle Process
4 System
560 C:\WINDOWS\system32\smss.exe
632 csrss.exe
656 C:\WINDOWS\system32\winlogon.exe
700 C:\WINDOWS\system32\services.exe
712 C:\WINDOWS\system32\lsass.exe
884 C:\WINDOWS\system32\svchost.exe
952 svchost.exe
1048 C:\WINDOWS\system32\svchost.exe
1168 svchost.exe
1244 svchost.exe
1392 C:\WINDOWS\system32\spoolsv.exe
1504 svchost.exe
1568 C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccsvchst.exe
1608 C:\WINDOWS\system32\nvsvc32.exe
1676 C:\WINDOWS\system32\svchost.exe
1140 alg.exe
140 C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccsvchst.exe
1008 C:\WINDOWS\explorer.exe
3300 C:\WINDOWS\CTHELPER.EXE
3304 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
3356 C:\WINDOWS\system32\rundll32.exe
3396 C:\WINDOWS\system32\ctfmon.exe
2012 C:\WINDOWS\system32\wuauclt.exe
2532 C:\Program Files\Mozilla Firefox\firefox.exe
2392 C:\Program Files\Mozilla Firefox\plugin-container.exe
2512 C:\Documents and Settings\dendeb\My Documents\Downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive1 at offset 0x00000000`00004000 (NTFS)
\\.\E: --> \\.\PhysicalDrive2 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: WDCWD400BB-32CLB0, Rev: 05.04E05
PhysicalDrive1 Model Number: ST3160812A, Rev: 3.AAE
PhysicalDrive2 Model Number: WDCWD600BB-00CAA1, Rev: 17.07W17

Size Device Name MBR Status
--------------------------------------------
37 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
149 GB \\.\PhysicalDrive1 Legit MBR code detected
SHA1: 317A49A9E93F077F2D004734D2A7B6CA7E7B9495
55 GB \\.\PhysicalDrive2 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

GoFigure
Novice
Novice

Posts Posts : 9
Joined Joined : 2009-11-05
OS OS : Windows 7
Points Points : 25993
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Mebroot and Norton Internet Security 2011

Post by Belahzur on Sat Jan 01, 2011 1:00 am

Hello.
the problem is in the Norton cache.



Remove any old threat in there, see if it still detects Mebroot now.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum