jj.loved00 request

View previous topic View next topic Go down

jj.loved00 request

Post by demoncurrie on Sun Feb 19, 2012 1:01 pm

I am a Yahoo email user. When this is open (at work or at home) I get a request in a popup box as follows:
"jj.loved00 would like to add you to her Online Contacts List. Accept/Decline".
I always just close the box and ignore the request.

I presume this is some kind of virus request. How can I get rid of it?
Thanks.

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Mon Feb 20, 2012 2:08 am

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download [You must be registered and logged in to see this link.]
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from [You must be registered and logged in to see this link.]
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Download DDS from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.] and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control [You must be registered and logged in to see this link.].Then post your DDS logs. (DDS.txt and Attach.txt )

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Tue Feb 21, 2012 7:38 am

I downloaded and ran Superantispyware (NB The instructions weren't quite as you described)., but I have not run Malwarebytes. Please let me know if you recommend that I also do this.
The Log is:

SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 02/21/2012 at 02:24 AM

Application Version : 5.0.1144

Core Rules Database Version : 8260
Trace Rules Database Version: 6072

Scan type : Complete Scan
Total Scan Time : 01:54:05

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 520
Memory threats detected : 0
Registry items scanned : 34093
Registry threats detected : 3
File items scanned : 109346
File threats detected : 142

Malware.Trace
HKU\.DEFAULT\SOFTWARE\AVSolution
HKU\S-1-5-18\SOFTWARE\AVSolution
HKU\S-1-5-21-220523388-1275210071-725345543-1004\Software#7bde84a2-f58f-46ec-9eac-f1f90fead080

Adware.Tracking Cookie
69sexgalleries.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
acvs.mediaonenetwork.net [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
advprotraffic.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
broadcast.piximedia.fr [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
cdn-[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
ds.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
ec.atdmt.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
m1.emea.2mdn.net [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
macromedia.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
naiadsystems.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
s0.2mdn.net [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
serving-sys.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
static.2mdn.net [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
vidii.hardsextube.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
[You must be registered and logged in to see this link.] [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
wwwstatic.megaporn.com [ C:\DOCUMENTS AND SETTINGS\ARNIE YULE DELET\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D7C5528M ]
cdn5.specificclick.net [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NQQG7BC6 ]
media.heavy.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NQQG7BC6 ]
media.podaddies.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NQQG7BC6 ]
s0.2mdn.net [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NQQG7BC6 ]
static.2mdn.net [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NQQG7BC6 ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[10].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[11].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[2].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[3].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[4].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[5].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[6].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[7].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[8].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@AD.YIELDMANAGER[9].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADECN[1].TXT [ /ADECN ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.BIGHEALTHTREE[2].TXT [ /ADS.BIGHEALTHTREE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.CPXCENTER[2].TXT [ /ADS.CPXCENTER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.CTASNET[2].TXT [ /ADS.CTASNET ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.FINANCIALCONTENT[2].TXT [ /ADS.FINANCIALCONTENT ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.GOSSIPCENTER[1].TXT [ /ADS.GOSSIPCENTER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.GOSSIPCENTER[2].TXT [ /ADS.GOSSIPCENTER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.GOSSIPCENTER[3].TXT [ /ADS.GOSSIPCENTER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.MYADPLATFORM[2].TXT [ /ADS.MYADPLATFORM ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.PUBMATIC[2].TXT [ /ADS.PUBMATIC ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.PUBMATIC[3].TXT [ /ADS.PUBMATIC ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.PUBMATIC[4].TXT [ /ADS.PUBMATIC ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.PUBMATIC[5].TXT [ /ADS.PUBMATIC ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.PUBMATIC[6].TXT [ /ADS.PUBMATIC ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADS.SMARTADX[1].TXT [ /ADS.SMARTADX ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADSERVE.PODADDIES[1].TXT [ /ADSERVE.PODADDIES ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADTECH[1].TXT [ /ADTECH ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADTECH[2].TXT [ /ADTECH ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADTECH[3].TXT [ /ADTECH ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISE[10].TXT [ /ADVERTISE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISE[11].TXT [ /ADVERTISE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISE[1].TXT [ /ADVERTISE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISE[2].TXT [ /ADVERTISE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISE[3].TXT [ /ADVERTISE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISE[4].TXT [ /ADVERTISE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISE[5].TXT [ /ADVERTISE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISE[6].TXT [ /ADVERTISE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISE[7].TXT [ /ADVERTISE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISE[9].TXT [ /ADVERTISE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ADVIVA[2].TXT [ /ADVIVA ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ANALYTICS.ROIMEDIA.CO[1].TXT [ /ANALYTICS.ROIMEDIA.CO ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@APMEBF[1].TXT [ /APMEBF ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@APMEBF[2].TXT [ /APMEBF ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@APMEBF[3].TXT [ /APMEBF ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ATDMT[1].TXT [ /ATDMT ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ATDMT[2].TXT [ /ATDMT ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ATDMT[3].TXT [ /ATDMT ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ATDMT[4].TXT [ /ATDMT ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ATDMT[6].TXT [ /ATDMT ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@BIZZCLICK[1].TXT [ /BIZZCLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@BIZZCLICK[2].TXT [ /BIZZCLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@BIZZCLICK[3].TXT [ /BIZZCLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@BIZZCLICK[4].TXT [ /BIZZCLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@BIZZCLICK[5].TXT [ /BIZZCLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@BIZZCLICK[6].TXT [ /BIZZCLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@BIZZCLICK[7].TXT [ /BIZZCLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@BIZZCLICK[8].TXT [ /BIZZCLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@BS.SERVING-SYS[2].TXT [ /BS.SERVING-SYS ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CDN5.SPECIFICCLICK[1].TXT [ /CDN5.SPECIFICCLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CLICKPAYZ5.91456.BLUESEEK[1].TXT [ /CLICKPAYZ5.91456.BLUESEEK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CLICKPAYZ5.91469.BLUESEEK[1].TXT [ /CLICKPAYZ5.91469.BLUESEEK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CLICKPAYZ5.91469.BLUESEEK[2].TXT [ /CLICKPAYZ5.91469.BLUESEEK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CLICKPAYZ6.91469.BLUESEEK[1].TXT [ /CLICKPAYZ6.91469.BLUESEEK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CLICKPAYZ7.91469.BLUESEEK[1].TXT [ /CLICKPAYZ7.91469.BLUESEEK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CLICKPAYZ8.91455.BLUESEEK[1].TXT [ /CLICKPAYZ8.91455.BLUESEEK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CLICKPAYZ8.91469.BLUESEEK[1].TXT [ /CLICKPAYZ8.91469.BLUESEEK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CLICKPAYZ8.91469.BLUESEEK[2].TXT [ /CLICKPAYZ8.91469.BLUESEEK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CLICKPAYZ9.91423.BLUESEEK[1].TXT [ /CLICKPAYZ9.91423.BLUESEEK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CLICKPAYZ9.91469.BLUESEEK[1].TXT [ /CLICKPAYZ9.91469.BLUESEEK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[1].TXT [ /CONTENT.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[2].TXT [ /CONTENT.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[4].TXT [ /CONTENT.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[5].TXT [ /CONTENT.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[6].TXT [ /CONTENT.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[7].TXT [ /CONTENT.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@DOUBLECLICK[3].TXT [ /DOUBLECLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@DOUBLECLICK[4].TXT [ /DOUBLECLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@DOUBLECLICK[5].TXT [ /DOUBLECLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@DOUBLECLICK[6].TXT [ /DOUBLECLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@DOUBLECLICK[7].TXT [ /DOUBLECLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@EAS.APM.EMEDIATE[2].TXT [ /EAS.APM.EMEDIATE ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@INVITEMEDIA[2].TXT [ /INVITEMEDIA ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@INVITEMEDIA[3].TXT [ /INVITEMEDIA ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@INVITEMEDIA[5].TXT [ /INVITEMEDIA ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MEDIA6DEGREES[1].TXT [ /MEDIA6DEGREES ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MEDIA6DEGREES[2].TXT [ /MEDIA6DEGREES ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MEDIA6DEGREES[3].TXT [ /MEDIA6DEGREES ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MEDIA6DEGREES[4].TXT [ /MEDIA6DEGREES ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MEDIA6DEGREES[6].TXT [ /MEDIA6DEGREES ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MEDIAPLEX[1].TXT [ /MEDIAPLEX ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MEDIAPLEX[4].TXT [ /MEDIAPLEX ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MEDIATRAFFIC[1].TXT [ /MEDIATRAFFIC ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@MYROITRACKING[1].TXT [ /MYROITRACKING ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@REVSCI[1].TXT [ /REVSCI ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ROTATOR.ADJUGGLER[1].TXT [ /ROTATOR.ADJUGGLER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ROTATOR.ADJUGGLER[2].TXT [ /ROTATOR.ADJUGGLER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@SERVING-SYS[2].TXT [ /SERVING-SYS ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@SPECIFICCLICK[1].TXT [ /SPECIFICCLICK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@VIDEOEGG.ADBUREAU[2].TXT [ /VIDEOEGG.ADBUREAU ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@[You must be registered and logged in to see this link.] [ /WWW.DISCOVERFINDSEARCH ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@[You must be registered and logged in to see this link.] [ /WWW.INTELETRACK ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@[You must be registered and logged in to see this link.] [ /WWW.MEDIATRAFFIC ]
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE.NT AUTHORITY\COOKIES\SYSTEM@ZEDO[1].TXT [ /ZEDO ]

Trojan.Agent/Gen-Nullo[Short]
ZIP ARCHIVE( C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\_DAYI_.IME.ZIP )/DAYI.IME.1
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\_DAYI_.IME.ZIP
C:\SYSTEM VOLUME INFORMATION\_RESTORE{9B69DFF2-C9BB-4818-A3DF-C8BB77395A08}\RP372\A0072114.IME

END Of log.

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Tue Feb 21, 2012 6:54 pm

I downloaded and ran Superantispyware (NB The instructions weren't quite as you described)., but I have not run Malwarebytes. Please let me know if you recommend that I also do this.
Yes, please and also run DDS and post both DDS logs.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Wed Feb 22, 2012 7:41 am

here's the Malwarebytes dump - Ill do the DDS over the next 1-2 days.

Malwarebytes Anti-Malware 1.60.1.1000
[You must be registered and logged in to see this link.]

Database version: v2012.02.21.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Yule family :: YULES [administrator]

21/02/2012 22:40:14
mbam-log-2012-02-22 (07-37-02).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 389367
Time elapsed: 2 hour(s), 13 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE|24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Data: -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Wed Feb 22, 2012 11:51 pm

The DDS post - nb I did not disable McAfee saince DDS appared to run anyway!

The DDS.txt log:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Yule family at 23:47:29 on 2012-02-22
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.3006.1759 [GMT 0:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\Explorer.EXE
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\Program Files\Zune\ZuneBusEnum.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = [You must be registered and logged in to see this link.]
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111227104944.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [DSLSTATEXE] c:\program files\bt voyager 105 adsl modem\dslstat.exe icon
mRun: [DSLAGENTEXE] c:\program files\bt voyager 105 adsl modem\dslagent.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - [You must be registered and logged in to see this link.]
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - [You must be registered and logged in to see this link.]
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - [You must be registered and logged in to see this link.]
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [You must be registered and logged in to see this link.]
TCP: Interfaces\{BDFDCEE7-68BD-4CF4-8DF5-8A48D1A001D6} : NameServer = 194.72.0.114 194.74.65.69
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-13 464176]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2011-9-25 56336]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-5-30 89792]
R1 RapportCerberus_32029;RapportCerberus_32029;c:\documents and settings\all users.windows\application data\trusteer\rapport\store\exts\rapportcerberus\32029\RapportCerberus32_32029.sys [2011-11-10 227312]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-9-25 70416]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-9-25 161936]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-1-20 95200]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-10-9 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-10-9 214904]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-10-9 214904]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-10-9 166288]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-10-9 160608]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-10-9 150856]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2011-9-25 919352]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-5-30 57600]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-5-30 180816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-5-30 59456]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-5-30 338176]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-5-30 83856]
R3 RapportIaso;RapportIaso;c:\documents and settings\all users.windows\application data\trusteer\rapport\store\exts\rapportms\28896\RapportIaso.sys [2011-8-15 21520]
S1 MpKsl56ce2b3f;MpKsl56ce2b3f;\??\c:\windows\system32\mpenginestore\mpksl56ce2b3f.sys --> c:\windows\system32\mpenginestore\MpKsl56ce2b3f.sys [?]
S1 MpKsl8b16be60;MpKsl8b16be60;\??\c:\windows\system32\mpenginestore\mpksl8b16be60.sys --> c:\windows\system32\mpenginestore\MpKsl8b16be60.sys [?]
S1 MpKslfb1eeb2a;MpKslfb1eeb2a;\??\c:\windows\system32\mpenginestore\mpkslfb1eeb2a.sys --> c:\windows\system32\mpenginestore\MpKslfb1eeb2a.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-9-26 133104]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-9-26 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-5-30 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-5-30 87656]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-1-20 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-1-20 40552]
S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\system32\drivers\se46bus.sys [2010-2-22 61536]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2011-8-5 268512]
.
=============== Created Last 30 ================
.
2012-02-21 22:37:44 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-21 00:25:36 -------- d-----w- c:\documents and settings\yule family\application data\SUPERAntiSpyware.com
2012-02-21 00:23:38 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-02-21 00:23:38 -------- d-----w- c:\documents and settings\all users.windows\application data\SUPERAntiSpyware.com
2012-02-16 12:04:47 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-16 12:04:47 3072 ------w- c:\windows\system32\iacenc.dll
.
==================== Find3M ====================
.
2012-02-12 23:31:05 88 --sh--r- c:\windows\system32\57E1DD82AC.sys
2012-02-12 23:31:05 3350 --sha-w- c:\windows\system32\KGyGaAvL.sys
2012-02-05 09:48:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-12 16:53:24 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 19:46:36 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:46:36 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:46:36 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22:58 385024 ----a-w- c:\windows\system32\html.iec
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 23:48:22.57 ===============

The Attach log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 16/01/2010 16:47:54
System Uptime: 21/02/2012 16:34:44 (31 hours ago)
.
Motherboard: Dell Inc | | 0FP406
Processor: AMD Sempron(tm) Processor 3400+ | Socket M2 | 1803/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 109 GiB total, 60.177 GiB free.
D: is FIXED (NTFS) - 37 GiB total, 37.173 GiB free.
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP373: 25/11/2011 15:33:10 - System Checkpoint
RP374: 26/11/2011 15:47:38 - System Checkpoint
RP375: 27/11/2011 18:02:07 - System Checkpoint
RP376: 28/11/2011 22:04:54 - System Checkpoint
RP377: 29/11/2011 23:22:13 - System Checkpoint
RP378: 01/12/2011 08:32:30 - System Checkpoint
RP379: 02/12/2011 12:21:25 - System Checkpoint
RP380: 03/12/2011 12:42:22 - System Checkpoint
RP381: 04/12/2011 13:06:43 - System Checkpoint
RP382: 06/12/2011 07:53:57 - System Checkpoint
RP383: 07/12/2011 08:31:00 - System Checkpoint
RP384: 08/12/2011 09:32:05 - System Checkpoint
RP385: 09/12/2011 10:08:35 - System Checkpoint
RP386: 10/12/2011 11:28:49 - System Checkpoint
RP387: 11/12/2011 11:30:06 - System Checkpoint
RP388: 12/12/2011 12:17:16 - System Checkpoint
RP389: 13/12/2011 15:24:58 - System Checkpoint
RP390: 14/12/2011 09:08:26 - Software Distribution Service 3.0
RP391: 15/12/2011 16:23:42 - System Checkpoint
RP392: 16/12/2011 16:42:15 - System Checkpoint
RP393: 17/12/2011 17:38:03 - System Checkpoint
RP394: 18/12/2011 18:09:20 - System Checkpoint
RP395: 19/12/2011 18:10:40 - System Checkpoint
RP396: 20/12/2011 18:53:36 - System Checkpoint
RP397: 21/12/2011 19:11:57 - System Checkpoint
RP398: 22/12/2011 19:36:06 - System Checkpoint
RP399: 24/12/2011 13:22:02 - System Checkpoint
RP400: 25/12/2011 13:30:35 - System Checkpoint
RP401: 26/12/2011 10:23:03 - Installed Windows XP Wudf01009.
RP402: 26/12/2011 10:24:01 - Installed Windows XP winusb0100.
RP403: 26/12/2011 10:24:21 - Installed Windows XP Wdf01009.
RP404: 26/12/2011 10:27:57 - Installed Windows XP winusb0100.
RP405: 26/12/2011 10:39:38 - Software Distribution Service 3.0
RP406: 26/12/2011 10:43:53 - Installed Zune 4.8
RP407: 27/12/2011 00:01:14 - Installed Windows XP winusb0100.
RP408: 27/12/2011 00:02:47 - Installed Windows XP winusb0100.
RP409: 27/12/2011 00:22:01 - Installed Windows XP winusb0100.
RP410: 28/12/2011 06:46:47 - System Checkpoint
RP411: 28/12/2011 17:42:35 - Installed iTunes
RP412: 29/12/2011 17:48:20 - System Checkpoint
RP413: 30/12/2011 19:19:26 - System Checkpoint
RP414: 02/01/2012 07:19:16 - System Checkpoint
RP415: 03/01/2012 08:33:35 - System Checkpoint
RP416: 04/01/2012 08:48:19 - System Checkpoint
RP417: 05/01/2012 09:12:42 - System Checkpoint
RP418: 06/01/2012 09:30:20 - System Checkpoint
RP419: 07/01/2012 12:25:53 - System Checkpoint
RP420: 08/01/2012 13:13:27 - System Checkpoint
RP421: 09/01/2012 15:21:32 - System Checkpoint
RP422: 10/01/2012 15:54:13 - System Checkpoint
RP423: 11/01/2012 00:56:22 - Software Distribution Service 3.0
RP424: 12/01/2012 00:43:20 - Software Distribution Service 3.0
RP425: 13/01/2012 01:26:03 - System Checkpoint
RP426: 14/01/2012 11:57:52 - System Checkpoint
RP427: 15/01/2012 00:01:06 - Software Distribution Service 3.0
RP428: 16/01/2012 07:36:55 - System Checkpoint
RP429: 17/01/2012 08:00:43 - System Checkpoint
RP430: 18/01/2012 08:21:59 - System Checkpoint
RP431: 19/01/2012 09:07:45 - System Checkpoint
RP432: 20/01/2012 12:49:54 - System Checkpoint
RP433: 21/01/2012 16:57:19 - System Checkpoint
RP434: 22/01/2012 17:07:10 - System Checkpoint
RP435: 23/01/2012 21:22:38 - System Checkpoint
RP436: 24/01/2012 21:40:51 - System Checkpoint
RP437: 25/01/2012 22:06:51 - System Checkpoint
RP438: 27/01/2012 01:06:16 - System Checkpoint
RP439: 05/02/2012 10:58:32 - System Checkpoint
RP440: 06/02/2012 13:17:44 - System Checkpoint
RP441: 08/02/2012 18:36:12 - System Checkpoint
RP442: 09/02/2012 18:38:23 - System Checkpoint
RP443: 10/02/2012 19:04:21 - System Checkpoint
RP444: 12/02/2012 08:21:52 - System Checkpoint
RP445: 13/02/2012 09:18:51 - System Checkpoint
RP446: 14/02/2012 12:00:50 - System Checkpoint
RP447: 15/02/2012 14:02:17 - System Checkpoint
RP448: 16/02/2012 14:31:25 - System Checkpoint
RP449: 17/02/2012 00:28:21 - Software Distribution Service 3.0
RP450: 18/02/2012 08:05:19 - System Checkpoint
RP451: 19/02/2012 09:20:31 - System Checkpoint
RP452: 20/02/2012 10:02:37 - System Checkpoint
RP453: 21/02/2012 17:02:57 - System Checkpoint
RP454: 22/02/2012 17:48:38 - System Checkpoint
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.5
AiO_Scan_CDA
AiOSoftwareNPI
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Athlon 64 Processor Driver
Bonjour
Broadcom 440x 10/100 Integrated Controller
Broadcom Management Programs
BT Voyager 105 ADSL Modem
BufferChm
CCleaner
ClickArt Fonts 3
Corel MediaOne
CustomerResearchQFolder
Dell Resource CD
Destinations
DeviceManagementQFolder
eSupportQFolder
F300
F300_Help
Fax_CDA
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format 11 SDK (KB973442)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 7.0
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
HPPhotoSmartExpress
HPProductAssistant
InstantShareDevicesMFC
iPod for Windows 2005-02-07
iTunes
Java Auto Updater
Java(TM) 6 Update 29
K-Lite Codec Pack 3.2.5 Standard
Malwarebytes Anti-Malware version 1.60.1.1000
MarketResearch
McAfee Security Scan Plus
McAfee SecurityCenter
McAfee Virtual Technician
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2000 SR-1 Disc 2
Microsoft Office 2000 SR-1 Professional
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft WinUsb 1.0
Modem Diagnostic Tool
Moyea FLV Player version: 2.0.2.96
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NewCopy_CDA
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA nView Desktop Manager
PHOTOfunSTUDIO 4.0 HD Edition
ProductContextNPI
Quicken 2004
QuickTime
Rapport
Readme
Scan
ScannerCopy
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SigmaTel Audio
Skype Click to Call
Skype™ 5.5
SolutionCenter
Status
SUPERAntiSpyware
Toolbox
TrayApp
Try Corel Snapfire muvee autoProducer add on
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Mobile Device Updater Component
Windows XP Service Pack 3
Yahoo! Toolbar
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
15/02/2012 07:22:04, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cercsr6
.
==== End Of File ===========================

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Thu Feb 23, 2012 1:27 am

Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.


First [You must be registered and logged in to see this link.]

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the [You must be registered and logged in to see this link.].

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download [You must be registered and logged in to see this link.] and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: [You must be registered and logged in to see this link.] adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
*************************************************
Download Combofix from any of the links below, and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

To prevent your anti-virus application interfering with ComboFix we need to disable it. See [URL="http://www.pchelpforum.com/anti-virus/110194-how-disable-your-security-applications.html"]here[/URL] for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may call it to stall.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Sat Feb 25, 2012 11:38 pm

After STage 2, when running Combofix, rev.3XE crashed. The other stages then ran. The log is:

- 2010-06-12 11:11 . 2011-08-22 23:48 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-12 11:11 . 2011-12-17 19:46 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2004-08-04 10:00 . 2011-12-17 19:46 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-04 10:00 . 2011-08-22 23:48 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-04 10:00 . 2011-12-16 12:23 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-04 10:00 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-04 10:00 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2004-08-04 10:00 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
+ 2010-08-15 10:08 . 2012-02-17 09:23 262144 c:\windows\system32\config\systemprofile\IETldCache\index.dat
- 2010-08-15 10:08 . 2011-04-17 10:39 262144 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2011-12-25 03:49 . 2011-12-25 03:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2011-12-25 05:40 . 2011-12-25 05:40 819200 c:\windows\Installer\94a13.msp
+ 2011-12-26 10:44 . 2011-12-26 10:44 751616 c:\windows\Installer\3a5f51.msi
+ 2012-02-24 00:02 . 2012-02-24 00:02 203776 c:\windows\Installer\28c75ed.msi
+ 2012-02-24 00:00 . 2012-02-24 00:00 901120 c:\windows\Installer\28c75dd.msi
+ 2011-12-28 17:46 . 2011-12-28 17:46 380928 c:\windows\Installer\{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}\iTunesIco.exe
+ 2012-02-17 00:29 . 2011-11-04 19:20 916992 c:\windows\ie8updates\KB2647516-IE8\wininet.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 105984 c:\windows\ie8updates\KB2647516-IE8\url.dll
+ 2012-02-17 00:29 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2647516-IE8\spuninst\updspapi.dll
+ 2012-02-17 00:29 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2647516-IE8\spuninst\spuninst.exe
+ 2012-02-17 00:29 . 2011-11-04 19:20 206848 c:\windows\ie8updates\KB2647516-IE8\occache.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 611840 c:\windows\ie8updates\KB2647516-IE8\mstime.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 602112 c:\windows\ie8updates\KB2647516-IE8\msfeeds.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 247808 c:\windows\ie8updates\KB2647516-IE8\ieproxy.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 184320 c:\windows\ie8updates\KB2647516-IE8\iepeers.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 743424 c:\windows\ie8updates\KB2647516-IE8\iedvtool.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 387584 c:\windows\ie8updates\KB2647516-IE8\iedkcs32.dll
+ 2012-02-17 00:29 . 2011-11-04 11:24 174080 c:\windows\ie8updates\KB2647516-IE8\ie4uinit.exe
+ 2011-12-14 09:13 . 2011-08-22 23:48 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2011-12-14 09:13 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2011-12-14 09:13 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2011-12-14 09:13 . 2011-08-22 23:48 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2011-12-14 09:13 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2012-02-17 00:40 . 2012-02-17 00:40 897536 c:\windows\assembly\NativeImages_v2.0.50727_32\YTUploader\f25e0241119b0d1671d8403cfe3cccc7\YTUploader.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 136192 c:\windows\assembly\NativeImages_v2.0.50727_32\YouTubeUploaderMain\45409343f771a51bae5a38475b4a15c5\YouTubeUploaderMain.ni.exe
+ 2012-02-17 00:41 . 2012-02-17 00:41 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\edc5691acfb65ac37f49de2ec497083a\WsatConfig.ni.exe
+ 2012-02-17 00:37 . 2012-02-17 00:37 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\4ad8369d6a60765d7e9b43cdf9023f41\WindowsFormsIntegration.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\68f4157e570c77df653057c0583395bd\UIAutomationClient.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c2a12bd4056b44f8005a7eb3af161e6a\System.Xml.Linq.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\fc63b434b2f253cd27625487f7b02ac0\System.Web.Routing.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\67877f896b2b0e42286e838fe307f3fd\System.Web.RegularExpressions.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\86650d4fb220f94f25bb5da42a03d454\System.Web.Extensions.Design.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\654465871e547e131668874de7c60b8c\System.Web.Entity.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f0d6895f6e709d425cb5da6053c603d2\System.Web.Entity.Design.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3f3b7dc7208e302e39a2dfb5b2cb953b\System.Web.DynamicData.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\e9cddd213343f15d611b14620d649bb0\System.Web.Abstractions.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c14e58265386feb509cc61bb5e8dd296\System.Runtime.Remoting.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\a4b2b1ee81acd843970d9a81b281f1c1\System.Net.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e3436edde657a5111d39d5b2eecf9715\System.Management.Instrumentation.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\974ded7dd3bca225a1b90de778846c78\System.IO.Log.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\01eba24390736a59c39becd825b5756e\System.IdentityModel.Selectors.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.Wrapper.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e9ae7ae6d1e9edc7aaf819889cd1c692\System.Drawing.Design.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\78a370dc153011708dd9e4cb0e606bfc\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6e644fc7464d9fe23fc9cd6001296f2f\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 689664 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlServ#\acdadddbd126cbcc44f8a78fa02911f1\System.Data.SqlServerCe.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\bac39be66bb9f987c1948b766833f8e6\System.Data.Services.Client.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2b5ecd231320e57010043c408783d80b\System.Data.Services.Design.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4ac9ac2326720485aefd4d79d2024945\System.Data.Entity.Design.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\d504d550fd0a6994fcb1466ea7be92af\System.Data.DataSetExtensions.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\28637135c6939e74450bbbf110b12643\System.Configuration.Install.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\958b5c0114d664ab5ba72575c301e2ea\System.AddIn.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4dcff3b0e79fc27e31549bb2af00efb5\SMSvcHost.ni.exe
+ 2012-02-17 00:41 . 2012-02-17 00:41 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bd3bfd5b6ef659dac4d6cccb34577d33\SMDiagnostics.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\edec83be646eb52204c991371751a428\ServiceModelReg.ni.exe
+ 2012-02-17 00:36 . 2012-02-17 00:36 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\52015457bc28e7a9a563d9eab8ab0015\PresentationFramework.Royale.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a680814559114706a33282e9df4b7a\PresentationFramework.Classic.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2713754549b1114c9152d33efe5f72c7\PresentationFramework.Aero.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1552f18ca434c1dca6d082df476d089a\PresentationFramework.Luna.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 121856 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\a24a43d359e15dfa5d7a1279834fdd63\Panasonic.Framework.View.Util.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 308224 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\83db2fe60ef352d9a909650dffd4b6aa\Panasonic.Framework.Model.Command.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 184832 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\d043264cf7932b8fd9b87b3877fdf4b8\Panasonic.Core.Spec.Plugin.Base.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 196096 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\cfb2d284e0e90b8b9b42baabe9c8fb73\Panasonic.Core.Spec.Plugin.DCF.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 450560 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\9d390d4bd306f37eba647aaf293d0eeb\Panasonic.Core.Spec.ContentInformation.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 117248 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\870ff0c641ee9afec134973610fe00fb\Panasonic.Core.Spec.Plugin.Base.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 111104 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\01047e45fd1d95a3ff68a93832aaf24d\Panasonic.Core.Spec.Plugin.AVCHD.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 239104 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Face#\04c18ed3eb1d9ae2092dd50731d1b703\Panasonic.Core.FaceIdentifierCli.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7c51497b188c82e2ccbe6315549ce023\MSBuild.ni.exe
+ 2012-02-17 00:41 . 2012-02-17 00:41 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f0f6dd614d294295c5d8386cc4192034\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\fd1338828beec8737fed8f50f4fcc567\Microsoft.Build.Utilities.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\0d5f999c4b7e51151548c37c676c1b8e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\792168ce8fe03a3db43e12cf736cf91e\Microsoft.Build.Engine.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\0a5277c34ddc1f55df1defb4231e814f\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a8df37aadb089f1f34d3d2f103966fbc\ComSvcConfig.ni.exe
+ 2012-02-17 00:39 . 2012-02-17 00:39 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\25ce400b547f517258c8afb0480390ea\AspNetMMCExt.ni.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-12-26 10:22 . 2006-09-28 18:56 316416 c:\windows\$NtUninstallWudf01009$\wudfx.dll
+ 2011-12-26 10:22 . 2006-09-28 18:56 165376 c:\windows\$NtUninstallWudf01009$\wudfplatform.dll
+ 2011-12-26 10:22 . 2006-09-28 18:56 146432 c:\windows\$NtUninstallWudf01009$\wudfhost.exe
+ 2011-12-26 10:22 . 2008-11-07 18:55 382496 c:\windows\$NtUninstallWudf01009$\spuninst\updspapi.dll
+ 2011-12-26 10:22 . 2008-11-07 18:55 231456 c:\windows\$NtUninstallWudf01009$\spuninst\spuninst.exe
+ 2011-12-26 10:23 . 2006-10-08 21:53 379184 c:\windows\$NtUninstallwinusb0100$\spuninst\updspapi.dll
+ 2011-12-26 10:23 . 2006-10-08 21:53 221488 c:\windows\$NtUninstallwinusb0100$\spuninst\spuninst.exe
+ 2011-12-26 10:24 . 2008-11-07 18:55 382496 c:\windows\$NtUninstallWdf01009$\spuninst\updspapi.dll
+ 2011-12-26 10:24 . 2008-11-07 18:55 231456 c:\windows\$NtUninstallWdf01009$\spuninst\spuninst.exe
+ 2011-12-26 10:42 . 2007-07-27 10:41 382840 c:\windows\$NtUninstallKB973442_WM11$\spuninst\updspapi.dll
+ 2011-12-26 10:42 . 2007-07-27 10:41 231288 c:\windows\$NtUninstallKB973442_WM11$\spuninst\spuninst.exe
+ 2011-12-26 10:42 . 2007-11-30 11:18 382840 c:\windows\$NtUninstallKB932716-v2$\spuninst\updspapi.dll
+ 2011-12-26 10:42 . 2007-11-30 11:18 231288 c:\windows\$NtUninstallKB932716-v2$\spuninst\spuninst.exe
+ 2012-01-12 00:52 . 2011-06-20 17:44 293376 c:\windows\$NtUninstallKB2646524$\winsrv.dll
+ 2012-01-12 00:52 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2646524$\spuninst\updspapi.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2646524$\spuninst\spuninst.exe
+ 2011-12-14 09:14 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2639417$\spuninst\updspapi.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2639417$\spuninst\spuninst.exe
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2633952$\spuninst\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2633952$\spuninst\spuninst.exe
+ 2011-12-14 09:09 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2633171$\spuninst\updspapi.dll
+ 2011-12-14 09:09 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2633171$\spuninst\spuninst.exe
+ 2012-01-12 00:52 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2631813$\spuninst\updspapi.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2631813$\spuninst\spuninst.exe
+ 2012-01-12 00:52 . 2008-04-14 00:12 386048 c:\windows\$NtUninstallKB2631813$\qdvd.dll
+ 2011-12-14 09:14 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2624667$\spuninst\updspapi.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2624667$\spuninst\spuninst.exe
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2620712$\spuninst\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2620712$\spuninst\spuninst.exe
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2619339$\spuninst\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2619339$\spuninst\spuninst.exe
+ 2011-12-14 09:10 . 2011-02-09 13:53 186880 c:\windows\$NtUninstallKB2619339$\encdec.dll
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2618451$\spuninst\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2618451$\spuninst\spuninst.exe
+ 2012-01-12 00:44 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2603381$\spuninst\updspapi.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2603381$\spuninst\spuninst.exe
+ 2012-01-12 00:48 . 2008-04-14 00:12 176128 c:\windows\$NtUninstallKB2598479$\winmm.dll
+ 2012-01-12 00:48 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2598479$\spuninst\updspapi.dll
+ 2012-01-12 00:48 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2598479$\spuninst\spuninst.exe
+ 2012-01-15 00:02 . 2009-08-25 09:17 354816 c:\windows\$NtUninstallKB2585542$\winhttp.dll
+ 2012-01-15 00:02 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2585542$\spuninst\updspapi.dll
+ 2012-01-15 00:02 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2585542$\spuninst\spuninst.exe
+ 2012-01-15 00:02 . 2011-04-29 17:25 151552 c:\windows\$NtUninstallKB2585542$\schannel.dll
+ 2012-01-12 00:44 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2584146$\spuninst\updspapi.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2584146$\spuninst\spuninst.exe
+ 2012-01-12 00:52 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2646524\update\updspapi.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2646524\update\update.exe
+ 2012-01-12 00:52 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2646524\spuninst.exe
+ 2011-11-25 21:56 . 2011-11-25 21:56 293376 c:\windows\$hf_mig$\KB2646524\SP3QFE\winsrv.dll
+ 2011-12-14 09:14 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2639417\update\updspapi.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2639417\update\update.exe
+ 2011-12-14 09:14 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2639417\spuninst.exe
+ 2011-12-14 09:09 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2633171\update\updspapi.dll
+ 2011-12-14 09:09 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2633171\update\update.exe
+ 2011-12-14 09:09 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2633171\spuninst.exe
+ 2012-01-12 00:52 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2631813\update\updspapi.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2631813\update\update.exe
+ 2012-01-12 00:52 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2631813\spuninst.exe
+ 2011-11-03 15:27 . 2011-11-03 15:27 386048 c:\windows\$hf_mig$\KB2631813\SP3QFE\qdvd.dll
+ 2011-12-14 09:14 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2624667\update\updspapi.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2624667\update\update.exe
+ 2011-12-14 09:14 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2624667\spuninst.exe
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2620712\update\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2620712\update\update.exe
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2620712\spuninst.exe
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2619339\update\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2619339\update\update.exe
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2619339\spuninst.exe
+ 2011-10-18 11:12 . 2011-10-18 11:12 186880 c:\windows\$hf_mig$\KB2619339\SP3QFE\encdec.dll
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2618451\update\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2618451\update\update.exe
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2618451\spuninst.exe
+ 2011-12-14 09:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2618444-IE8\update\updspapi.dll
+ 2011-12-14 09:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2618444-IE8\update\update.exe
+ 2011-12-14 09:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2618444-IE8\spuninst.exe
+ 2011-12-14 07:43 . 2011-11-04 19:19 919552 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 105984 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\url.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 206848 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\occache.dll
+ 2011-12-14 07:44 . 2011-11-04 19:19 611840 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mstime.dll
+ 2011-12-14 07:44 . 2011-11-04 19:19 602112 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\msfeeds.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 247808 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ieproxy.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 184320 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iepeers.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 743424 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iedvtool.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 387584 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iedkcs32.dll
+ 2011-12-14 07:43 . 2011-10-25 12:01 174080 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ie4uinit.exe
+ 2012-01-12 00:44 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2603381\update\updspapi.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2603381\update\update.exe
+ 2012-01-12 00:44 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2603381\spuninst.exe
+ 2012-01-12 00:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2598479\update\updspapi.dll
+ 2012-01-12 00:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2598479\update\update.exe
+ 2012-01-12 00:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2598479\spuninst.exe
+ 2011-10-14 14:45 . 2011-10-14 14:45 176128 c:\windows\$hf_mig$\KB2598479\SP3QFE\winmm.dll
+ 2012-01-15 00:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2585542\update\updspapi.dll
+ 2012-01-15 00:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2585542\update\update.exe
+ 2012-01-15 00:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2585542\spuninst.exe
+ 2012-01-14 20:19 . 2011-11-16 14:20 354816 c:\windows\$hf_mig$\KB2585542\SP3QFE\winhttp.dll
+ 2012-01-14 20:19 . 2011-11-16 14:20 152064 c:\windows\$hf_mig$\KB2585542\SP3QFE\schannel.dll
+ 2012-01-12 00:44 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2584146\update\updspapi.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2584146\update\update.exe
+ 2012-01-12 00:44 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2584146\spuninst.exe
+ 2011-06-06 20:48 . 2011-06-06 20:48 1837296 c:\windows\system32\WUDFUpdate_01009.dll
+ 2006-10-18 21:47 . 2009-07-14 10:08 1543680 c:\windows\system32\wmvdecod.dll
- 2006-10-18 21:47 . 2006-10-18 21:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2011-06-06 20:48 . 2011-06-06 13:49 1461992 c:\windows\system32\WdfCoInstaller01009.dll
+ 2011-12-28 17:40 . 2011-08-02 17:38 4517664 c:\windows\system32\usbaaplrc.dll
+ 2006-03-18 11:09 . 2011-12-17 19:46 1212416 c:\windows\system32\urlmon.dll
- 2006-03-18 11:09 . 2011-08-22 23:48 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-04 10:00 . 2011-11-03 15:28 1292288 c:\windows\system32\quartz.dll
+ 2004-08-04 10:00 . 2011-11-01 16:07 1288704 c:\windows\system32\ole32.dll
- 2005-03-30 01:23 . 2010-12-09 13:38 2192768 c:\windows\system32\ntoskrnl.exe
+ 2005-03-30 01:23 . 2011-10-25 13:33 2192768 c:\windows\system32\ntoskrnl.exe
- 2005-03-30 01:01 . 2010-12-09 13:07 2069376 c:\windows\system32\ntkrnlpa.exe
+ 2005-03-30 01:01 . 2011-10-25 12:52 2069376 c:\windows\system32\ntkrnlpa.exe
+ 2006-03-23 17:32 . 2011-12-17 19:46 5979136 c:\windows\system32\mshtml.dll
- 2009-03-08 04:32 . 2011-08-22 23:48 2000384 c:\windows\system32\iertutil.dll
+ 2009-03-08 04:32 . 2011-12-17 19:46 2000384 c:\windows\system32\iertutil.dll
+ 2011-12-28 17:40 . 2011-08-02 17:38 4517664 c:\windows\system32\DRVSTORE\usbaapl_091115F4EDEB41DBA0EC91574CE905B4E0482482\usbaaplrc.dll
+ 2011-12-28 17:40 . 2011-08-02 17:38 1461992 c:\windows\system32\DRVSTORE\netaapl_63AA05C4700EB9CAF2D048DAC1D06D764A0D4C41\wdfcoinstaller01009.dll
+ 2004-08-04 10:00 . 2012-01-12 16:53 1859968 c:\windows\system32\dllcache\win32k.sys
+ 2006-03-18 11:09 . 2011-12-17 19:46 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2006-03-18 11:09 . 2011-08-22 23:48 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 10:00 . 2011-11-03 15:28 1292288 c:\windows\system32\dllcache\quartz.dll
+ 2004-08-04 10:00 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
+ 2005-03-30 01:23 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
- 2005-03-30 01:23 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-01-20 18:50 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2010-01-20 18:50 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2005-03-30 01:01 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2005-03-30 01:01 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2010-01-20 18:50 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2010-01-20 18:50 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2006-03-23 17:32 . 2011-12-17 19:46 5979136 c:\windows\system32\dllcache\mshtml.dll
- 2010-01-20 23:18 . 2011-08-22 23:48 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2010-01-20 23:18 . 2011-12-17 19:46 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-12-25 03:50 . 2011-12-25 03:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-10-26 03:39 . 2011-10-26 03:39 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-01-02 11:18 . 2012-01-02 11:18 1252864 c:\windows\Installer\f67328.msi
+ 2011-12-28 17:46 . 2011-12-28 17:46 5651456 c:\windows\Installer\37629d.msi
+ 2011-12-28 17:41 . 2011-12-28 17:41 1769984 c:\windows\Installer\375c8b.msi
+ 2011-12-28 17:41 . 2011-12-28 17:41 1717248 c:\windows\Installer\375c61.msi
+ 2011-12-28 17:39 . 2011-12-28 17:39 2002432 c:\windows\Installer\375c21.msi
+ 2011-12-28 17:39 . 2011-12-28 17:39 1530368 c:\windows\Installer\375c18.msi
+ 2011-10-30 22:54 . 2011-10-30 22:54 2748416 c:\windows\Installer\2b4f368.msp
+ 2011-12-26 09:59 . 2011-12-26 09:59 4368896 c:\windows\Installer\188747a.msp
+ 2012-02-17 00:29 . 2011-11-04 19:20 1212416 c:\windows\ie8updates\KB2647516-IE8\urlmon.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 5978112 c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 2000384 c:\windows\ie8updates\KB2647516-IE8\iertutil.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2011-12-14 09:13 . 2011-10-03 08:35 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
+ 2010-01-20 18:50 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2010-01-20 18:50 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-01-20 18:50 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2010-01-20 18:50 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-07 19:02 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-02-07 19:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2010-01-20 18:50 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-01-20 18:50 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2012-02-17 00:43 . 2012-02-17 00:43 4353536 c:\windows\assembly\NativeImages_v2.0.50727_32\ZuneShell\875b4de10ac0ee07fae0bd88cc8bf2dd\ZuneShell.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 2557440 c:\windows\assembly\NativeImages_v2.0.50727_32\ZuneDBApi\60e15758912837abe8b8f31253a73095\ZuneDBApi.ni.dll
+ 2012-02-17 00:35 . 2012-02-17 00:35 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\174c2f776741812aed02c337bbcd1dae\WindowsBase.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 4579328 c:\windows\assembly\NativeImages_v2.0.50727_32\UIX\b79115e5926aaf7a5915cc74b2b242f1\UIX.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 1832448 c:\windows\assembly\NativeImages_v2.0.50727_32\UIX.RenderApi\7c47bb4f7522ead5144b3ebd01a7387f\UIX.RenderApi.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\94f5164ff4f664c5e4e7fb4c3af1abad\UIAutomationClientsideProviders.ni.dll
+ 2012-02-17 00:35 . 2012-02-17 00:35 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c4c671c737b553db8e07664816475333\System.WorkflowServices.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\248ea47105ff4af6ee75e6fdd5b450a1\System.Workflow.Runtime.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\80a288b6611668160334668cc2608e4a\System.Workflow.ComponentModel.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\4c27548df5897320840ee0d65db38742\System.Workflow.Activities.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\030cde14924eefebc06c240dbfe093a4\System.Web.Mobile.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6379c8ca8ae11effb415139990923ff1\System.Web.Extensions.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e456140d5d6c43d7383bd36d3f9e12c6\System.Speech.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\285dfbf2380436e187cb624bd1cd4683\System.ServiceModel.Web.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d51e6bb07124a1d780d1e024858e0dc1\System.Printing.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\8ef05061cd205c4f2a8583d97f32a603\System.IdentityModel.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\77d0e93f024055d04c07cc2700b4c590\System.DirectoryServices.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\707a05a7d5a8d99dd56d1d50311a60d2\System.Deployment.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\857300fa64d09c69125451fd8894f3da\System.Data.SqlXml.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\e9d4a1fb13572c769ddd9b86e55baab4\System.Data.Services.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\3f2e74586111fb32d5edc059f709fa94\System.Data.OracleClient.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3d9c33f71d15a3e2e240092a244eba3\System.Data.Linq.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\424160369b301ccd1b6fd86265611955\System.Data.Entity.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\0a6d6717e76be12295711ff02c7aa1d4\System.Core.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 2318336 c:\windows\assembly\NativeImages_v2.0.50727_32\SceneCutEditorForPFS\e19b77a9c60a75298d91d91183802980\SceneCutEditorForPFS.ni.exe
+ 2012-02-17 00:36 . 2012-02-17 00:36 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\33cdfb4c322a528260016ac759230501\ReachFramework.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a6def83aee1aaf3336675ce58ac09013\PresentationUI.ni.dll
+ 2012-02-17 00:35 . 2012-02-17 00:35 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\59cd6ce5a254006179eee92952cd2272\PresentationBuildTasks.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 1900032 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\eac5db28fe8d54c701204a6c694e9d3f\Panasonic.Framework.View.Area.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 1177088 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\df3f3c94de5781587d60d1fa9be81482\Panasonic.Framework.View.Parts.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 2309120 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\c406b6923bc44b297b97528b9703dadb\Panasonic.Framework.Model.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 3987968 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\9bf67cf8cd5e36eb34e2d826fb49f935\Panasonic.Framework.View.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 3396096 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\434dfb8d6d6cfa389f00330eb8e0c0fe\Panasonic.Framework.View.Resource.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f7071f9a1c0523540f6aa7f11c302fb6\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\806b1d127ed3e906db972751e87585c4\Microsoft.JScript.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\912789fd859e0887e10a935cade08e72\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\6c1d3eec78906cc2a2ecffb013114c50\Microsoft.Build.Tasks.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d6edd4b4619a9052d3dfe50c3067d5e0\Microsoft.Build.Engine.ni.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-10-04 22:47 . 2010-10-04 22:47 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-01-11 00:57 . 2012-01-11 00:57 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-12-26 10:42 . 2006-10-18 21:47 1543680 c:\windows\$NtUninstallKB973442_WM11$\wmvdecod.dll
+ 2011-12-14 09:14 . 2011-09-06 13:20 1858944 c:\windows\$NtUninstallKB2639417$\win32k.sys
+ 2011-12-14 09:09 . 2010-12-09 13:38 2192768 c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
+ 2011-12-14 09:09 . 2010-12-09 13:07 2027008 c:\windows\$NtUninstallKB2633171$\ntkrpamp.exe
+ 2011-12-14 09:09 . 2010-12-09 13:07 2069376 c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
+ 2011-12-14 09:09 . 2010-12-09 13:42 2148864 c:\windows\$NtUninstallKB2633171$\ntkrnlmp.exe
+ 2012-01-12 00:52 . 2010-02-05 18:27 1291776 c:\windows\$NtUninstallKB2631813$\quartz.dll
+ 2011-12-14 09:14 . 2010-07-16 12:05 1288192 c:\windows\$NtUninstallKB2624667$\ole32.dll
+ 2011-11-23 13:29 . 2011-11-23 13:29 1868544 c:\windows\$hf_mig$\KB2639417\SP3QFE\win32k.sys
+ 2011-10-25 13:34 . 2011-10-25 13:34 2192768 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
+ 2011-10-25 12:52 . 2011-10-25 12:52 2027008 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrpamp.exe
+ 2011-10-25 12:52 . 2011-10-25 12:52 2069376 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
+ 2011-10-25 13:38 . 2011-10-25 13:38 2148864 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlmp.exe
+ 2011-11-03 15:27 . 2011-11-03 15:27 1292288 c:\windows\$hf_mig$\KB2631813\SP3QFE\quartz.dll
+ 2011-11-01 16:05 . 2011-11-01 16:05 1289216 c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 1214464 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\urlmon.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 5978624 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 2001408 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iertutil.dll
+ 2010-01-20 22:55 . 2012-02-17 00:30 52550552 c:\windows\system32\MRT.exe
+ 2009-03-08 04:39 . 2011-12-18 14:46 11082240 c:\windows\system32\ieframe.dll
+ 2010-01-20 23:18 . 2011-12-18 14:46 11082240 c:\windows\system32\dllcache\ieframe.dll
+ 2012-01-03 17:58 . 2012-01-03 17:58 15929344 c:\windows\Installer\df25be.msp
+ 2012-02-17 00:29 . 2011-11-04 19:20 11081728 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll
+ 2011-12-14 09:13 . 2011-08-23 16:48 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1cdcd6d97627d345d5ff446e6ec88b97\System.ServiceModel.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c8f8fb506c32500acc1b6190d054f26\System.Design.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5060105fb9e169399fe45600b1e9215e\PresentationFramework.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0665bba8c9962deadc418881eb3a2a2a\PresentationCore.ni.dll
+ 2011-11-05 14:19 . 2011-11-05 14:19 11083776 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ieframe.dll
.
Rest of log posted next.

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Sat Feb 25, 2012 11:45 pm

Rest of Combofix log:


-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-18 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 282624]
"DSLSTATEXE"="c:\program files\BT Voyager 105 ADSL Modem\dslstat.exe" [2007-01-25 1658965]
"DSLAGENTEXE"="c:\program files\BT Voyager 105 ADSL Modem\dslagent.exe" [2007-01-25 16384]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1318816]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^PHOTOfunSTUDIO 4.0 HD Edition.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\PHOTOfunSTUDIO 4.0 HD Edition.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO 4.0 HD Edition.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=c:\windows\pss\Quicken Scheduled Updates.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
2007-12-01 17:38 38400 ----a-r- c:\program files\Corel\Corel MediaOne\CorelIOMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-12-08 01:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-01-17 23:12 98304 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2011-08-05 12:29 159456 ----a-w- c:\program files\Zune\ZuneLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [25/09/2011 19:00 56336]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [30/05/2010 15:15 89792]
R1 RapportCerberus_32029;RapportCerberus_32029;c:\documents and settings\All Users.WINDOWS\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus32_32029.sys [10/11/2011 12:15 227312]
R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [25/09/2011 19:00 70416]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [25/09/2011 19:00 161936]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 16:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 21:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [11/08/2011 23:38 116608]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [20/01/2010 22:42 95200]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [09/10/2011 17:01 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [09/10/2011 17:01 214904]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [09/10/2011 17:02 160608]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [09/10/2011 16:49 150856]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [25/09/2011 18:59 919352]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [30/05/2010 15:15 57600]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [30/05/2010 15:15 338176]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [30/05/2010 15:15 83856]
R3 RapportIaso;RapportIaso;c:\documents and settings\All Users.WINDOWS\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys [15/08/2011 08:38 21520]
S1 MpKsl56ce2b3f;MpKsl56ce2b3f;\??\c:\windows\system32\MpEngineStore\MpKsl56ce2b3f.sys --> c:\windows\system32\MpEngineStore\MpKsl56ce2b3f.sys [?]
S1 MpKsl8b16be60;MpKsl8b16be60;\??\c:\windows\system32\MpEngineStore\MpKsl8b16be60.sys --> c:\windows\system32\MpEngineStore\MpKsl8b16be60.sys [?]
S1 MpKslfb1eeb2a;MpKslfb1eeb2a;\??\c:\windows\system32\MpEngineStore\MpKslfb1eeb2a.sys --> c:\windows\system32\MpEngineStore\MpKslfb1eeb2a.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26/09/2009 17:28 133104]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26/09/2009 17:28 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 12:49 227232]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [30/05/2010 15:15 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [30/05/2010 15:15 87656]
S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\system32\drivers\se46bus.sys [22/02/2010 11:55 61536]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [05/08/2011 12:30 268512]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 17:57]
.
2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-26 17:28]
.
2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-26 17:28]
.
2011-12-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-01-20 12:22]
.
2011-08-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-01-20 12:22]
.
2012-02-25 c:\windows\Tasks\User_Feed_Synchronization-{DF8E2BEC-7A9C-4D85-9DC0-FDC10DEDCB66}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 04:31]
.
2012-02-19 c:\windows\Tasks\vtscheduletask.job
- c:\program files\McAfee\Supportability\MVT\MvtApp.exe [2010-11-07 14:25]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: Interfaces\{BDFDCEE7-68BD-4CF4-8DF5-8A48D1A001D6}: NameServer = 194.72.0.114 194.74.65.69
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - [You must be registered and logged in to see this link.]
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2012-02-25 23:21
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1004)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
Completion time: 2012-02-25 23:23:20
ComboFix-quarantined-files.txt 2012-02-25 23:23
.
Pre-Run: 65,615,478,784 bytes free
Post-Run: 65,691,045,888 bytes free
.
- - End Of File - - F7A70038F9E7FF454386D47DBE960527

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Sun Feb 26, 2012 1:51 am

That was not the complete ComboFix log. Look in the C drive in the ComboFix folder and see if you can find it. If you can't find it, please run it again and post the entire log.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Sun Feb 26, 2012 9:41 am

Sorry - I tried to cut inot 2 halves, since it was too big to post. 2nd attempt!

ComboFix 12-02-23.02 - Yule family 25/02/2012 23:12:02.7.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.3006.2562 [GMT 0:00]
Running from: c:\documents and settings\Yule family\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Downloaded Installations\BMP
c:\windows\Downloaded Installations\BMP\{61C062D5-7A00-44BC-BC16-125BDF22EA65}\1033.MST
c:\windows\Downloaded Installations\BMP\{61C062D5-7A00-44BC-BC16-125BDF22EA65}\BACS.msi
c:\windows\system32\SET104.tmp
c:\windows\system32\SET145.tmp
c:\windows\system32\SETF8.tmp
c:\windows\system32\SETFC.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-01-25 to 2012-02-25 )))))))))))))))))))))))))))))))
.
.
2012-02-24 00:00 . 2012-02-24 00:00 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-02-21 22:37 . 2011-12-10 15:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-21 00:25 . 2012-02-21 00:25 -------- d-----w- c:\documents and settings\Yule family\Application Data\SUPERAntiSpyware.com
2012-02-21 00:23 . 2012-02-21 00:25 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-02-21 00:23 . 2012-02-21 00:23 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2012-02-16 12:04 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-16 12:04 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-24 00:00 . 2010-08-12 19:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-05 09:48 . 2011-06-06 18:05 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-12 16:53 . 2004-08-04 10:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 19:46 . 2006-03-04 03:33 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:46 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:46 . 2004-08-04 10:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-25 22:45 . 2012-02-25 22:45 16384 c:\windows\temp\Perflib_Perfdata_174.dat
+ 2011-08-05 19:26 . 2011-08-05 19:26 65024 c:\windows\system32\ZuneTcp2Udp.dll
+ 2011-08-05 19:26 . 2011-08-05 19:26 58368 c:\windows\system32\ZuneRegUtil.dll
+ 2011-08-05 19:26 . 2011-08-05 19:26 46080 c:\windows\system32\ZunePTDNS.dll
+ 2006-09-28 18:56 . 2009-07-13 18:16 64512 c:\windows\system32\WudfSvc.dll
+ 2006-09-28 20:13 . 2009-07-13 18:16 39936 c:\windows\system32\WUDFCoinstaller.dll
+ 2006-11-02 07:00 . 2006-11-02 07:00 24136 c:\windows\system32\winusb.dll
- 2010-01-20 18:53 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
+ 2010-01-20 18:53 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
- 2010-01-20 18:28 . 2009-01-07 18:21 26144 c:\windows\system32\spupdsvc.exe
+ 2010-01-20 18:28 . 2008-11-07 18:55 26144 c:\windows\system32\spupdsvc.exe
+ 2011-12-26 10:24 . 2008-11-07 18:55 16928 c:\windows\system32\spmsgXP_2k3.dll
+ 2010-02-18 11:26 . 2008-11-07 18:55 16928 c:\windows\system32\spmsg.dll
+ 2004-08-04 10:00 . 2012-02-17 00:35 67884 c:\windows\system32\perfc009.dat
+ 2004-08-04 10:00 . 2011-11-18 12:35 60416 c:\windows\system32\packager.exe
+ 2006-03-04 03:33 . 2011-12-17 19:46 66560 c:\windows\system32\mshtmled.dll
- 2006-03-04 03:33 . 2011-08-22 23:48 66560 c:\windows\system32\mshtmled.dll
- 2009-03-08 04:31 . 2011-08-22 23:48 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 04:31 . 2011-12-17 19:46 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-08-04 10:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll
- 2004-08-04 10:00 . 2008-04-14 00:11 23040 c:\windows\system32\mciseq.dll
+ 2004-08-04 10:00 . 2011-12-17 19:46 25600 c:\windows\system32\jsproxy.dll
- 2004-08-04 10:00 . 2011-08-22 23:48 25600 c:\windows\system32\jsproxy.dll
+ 2011-08-30 23:05 . 2011-08-30 23:05 50536 c:\windows\system32\jdns_sd.dll
+ 2011-12-28 17:40 . 2011-08-02 17:38 42496 c:\windows\system32\DRVSTORE\usbaapl_091115F4EDEB41DBA0EC91574CE905B4E0482482\usbaapl.sys
+ 2011-12-28 17:40 . 2011-08-02 17:38 18432 c:\windows\system32\DRVSTORE\netaapl_63AA05C4700EB9CAF2D048DAC1D06D764A0D4C41\netaapl.sys
+ 2011-12-28 17:45 . 2009-05-18 13:17 26600 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
+ 2011-08-05 12:12 . 2011-08-05 12:12 41472 c:\windows\system32\drivers\zumbus.sys
+ 2006-09-28 18:55 . 2009-07-13 16:50 91904 c:\windows\system32\drivers\WudfPf.sys
+ 2006-11-02 07:00 . 2006-11-02 07:00 39368 c:\windows\system32\drivers\winusb.sys
+ 2009-07-14 10:35 . 2009-07-14 10:35 37608 c:\windows\system32\drivers\wdfldr.sys
+ 2011-12-28 17:40 . 2011-08-02 17:38 42496 c:\windows\system32\drivers\usbaapl.sys
+ 2004-09-14 14:38 . 2009-05-18 13:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys
- 2004-08-04 10:00 . 2008-04-13 18:40 62976 c:\windows\system32\drivers\cdrom.sys
+ 2004-08-04 10:00 . 2008-05-02 10:49 62976 c:\windows\system32\drivers\cdrom.sys
+ 2011-08-30 23:05 . 2011-08-30 23:05 73064 c:\windows\system32\dnssd.dll
+ 2011-08-30 23:05 . 2011-08-30 23:05 83816 c:\windows\system32\dns-sd.exe
- 2010-01-20 23:18 . 2011-08-22 23:48 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-01-20 23:18 . 2011-12-17 19:46 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2011-11-18 12:35 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
+ 2006-03-04 03:33 . 2011-12-17 19:46 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2006-03-04 03:33 . 2011-08-22 23:48 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2010-01-20 23:18 . 2011-12-17 19:46 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2010-01-20 23:18 . 2011-08-22 23:48 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2004-08-04 10:00 . 2011-12-17 19:46 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-04 10:00 . 2011-08-22 23:48 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-04 10:00 . 2011-08-22 23:48 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 10:00 . 2011-12-17 19:46 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 10:00 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2004-08-04 10:00 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-12-26 10:39 . 2008-05-02 10:49 62976 c:\windows\system32\dllcache\cdrom.sys
- 2004-08-04 10:00 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll
+ 2004-08-04 10:00 . 2011-10-28 05:31 33280 c:\windows\system32\csrsrv.dll
+ 2010-08-16 17:28 . 2012-02-25 12:33 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2010-08-16 17:28 . 2011-11-24 19:17 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-16 16:49 . 2012-02-25 12:33 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-01-16 16:49 . 2011-11-24 19:17 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-08-24 19:57 . 2011-11-24 19:17 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-11-25 08:21 . 2012-02-25 12:33 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-12-25 03:49 . 2011-12-25 03:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5fdb.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5fd5.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5fcf.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5fc9.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5fc3.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5fbd.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5fb7.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5fb1.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5fab.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5fa5.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f9f.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f99.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f93.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f8d.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f87.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f81.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f7b.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f75.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f6f.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f69.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f63.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 29184 c:\windows\Installer\3a5f5d.msi
+ 2011-12-26 10:46 . 2011-12-26 10:46 74240 c:\windows\Installer\3a5f57.msi
+ 2012-02-04 12:36 . 2012-02-04 12:36 22016 c:\windows\Installer\343e68.msi
+ 2011-12-28 17:41 . 2011-12-28 17:41 27136 c:\windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
+ 2012-02-17 00:29 . 2011-11-04 19:20 12800 c:\windows\ie8updates\KB2647516-IE8\xpshims.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 66560 c:\windows\ie8updates\KB2647516-IE8\mshtmled.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 55296 c:\windows\ie8updates\KB2647516-IE8\msfeedsbs.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 43520 c:\windows\ie8updates\KB2647516-IE8\licmgr10.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 25600 c:\windows\ie8updates\KB2647516-IE8\jsproxy.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll

+ 2011-12-26 10:39 . 2008-05-02 10:49 62976 c:\windows\Driver Cache\i386\cdrom.sys
+ 2012-02-17 00:43 . 2012-02-17 00:43 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\UIXControls\1949a02cd69091283fb28af70665147d\UIXControls.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\dab766b18e6fe0a8f53a93c56be7b40e\System.Windows.Presentation.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\31b65443e56a470d199f293085576e05\System.Web.DynamicData.Design.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\89dfd3999ad1d72c59243d7b4bf40d5a\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3aa4296d4aa01fe0533de2c15f818d5f\PresentationFontCache.ni.exe
+ 2012-02-17 00:35 . 2012-02-17 00:35 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\820acb71782d9cd006800b3ac7e1ca53\PresentationCFFRasterizer.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 50176 c:\windows\assembly\NativeImages_v2.0.50727_32\PHOTOfunSTUDIO\a81282597cdc02d338ee9d42678776cd\PHOTOfunSTUDIO.ni.exe
+ 2012-02-17 00:39 . 2012-02-17 00:39 42496 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\8c4cc54ebe5bf3e9d48e4743e49e1357\Panasonic.Core.Spec.Plugin.Stream.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\d07f0222f62dbed7898a6e2e909d407a\Microsoft.Vsa.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 89600 c:\windows\assembly\NativeImages_v2.0.50727_32\CLicenseAgreementDlg\ff2c72e08bc6b5420a7af074ea930dfc\CLicenseAgreementDlg.ni.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-12-26 10:22 . 2006-09-28 18:56 55808 c:\windows\$NtUninstallWudf01009$\wudfsvc.dll
+ 2011-12-26 10:22 . 2006-09-28 19:00 82944 c:\windows\$NtUninstallWudf01009$\wudfrd.sys
+ 2011-12-26 10:22 . 2006-09-28 18:55 77568 c:\windows\$NtUninstallWudf01009$\wudfpf.sys
+ 2011-12-26 10:22 . 2006-09-28 20:13 95344 c:\windows\$NtUninstallWudf01009$\wudfcoinstaller.dll
+ 2011-12-26 10:22 . 2009-07-13 16:50 74752 c:\windows\$NtUninstallWudf01009$\spuninst\WudfCustom.dll
+ 2011-12-26 10:24 . 2009-07-13 16:49 47104 c:\windows\$NtUninstallWdf01009$\spuninst\KmdfCustom.dll
+ 2011-12-26 10:42 . 2008-04-13 18:40 62976 c:\windows\$NtUninstallKB932716-v2$\cdrom.sys
+ 2011-12-14 09:10 . 2011-07-08 13:49 46080 c:\windows\$NtUninstallKB2633952$\tzchange.exe
+ 2011-12-14 09:10 . 2011-11-08 14:58 16896 c:\windows\$NtUninstallKB2633952$\spuninst\tzchange.dll
+ 2011-12-14 09:10 . 2011-04-26 11:07 33280 c:\windows\$NtUninstallKB2620712$\csrsrv.dll
+ 2012-01-12 00:48 . 2008-04-14 00:11 23040 c:\windows\$NtUninstallKB2598479$\mciseq.dll
+ 2012-01-12 00:44 . 2008-04-14 00:12 58368 c:\windows\$NtUninstallKB2584146$\packager.exe
+ 2012-01-12 00:52 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2646524\update\spcustom.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2646524\spmsg.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2639417\update\spcustom.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2639417\spmsg.dll
+ 2011-12-14 09:09 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2633171\update\spcustom.dll
+ 2011-12-14 07:44 . 2011-10-26 10:50 16896 c:\windows\$hf_mig$\KB2633171\update\mpsyschk.dll
+ 2011-12-14 09:09 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2633171\spmsg.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2631813\update\spcustom.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2631813\spmsg.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2624667\update\spcustom.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2624667\spmsg.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2620712\update\spcustom.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2620712\spmsg.dll
+ 2011-10-28 05:31 . 2011-10-28 05:31 33280 c:\windows\$hf_mig$\KB2620712\SP3QFE\csrsrv.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2619339\update\spcustom.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2619339\spmsg.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2618451\update\spcustom.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2618451\spmsg.dll
+ 2011-12-14 09:13 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2618444-IE8\update\spcustom.dll
+ 2011-12-14 09:13 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2618444-IE8\spmsg.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 12800 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\xpshims.dll
+ 2011-12-14 07:44 . 2011-11-04 19:19 66560 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtmled.dll
+ 2011-12-14 07:44 . 2011-11-04 19:19 55296 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\msfeedsbs.dll
+ 2011-12-14 07:44 . 2011-11-04 19:19 43520 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\licmgr10.dll
+ 2011-12-14 07:44 . 2011-11-04 19:19 25600 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\jsproxy.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2603381\update\spcustom.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2603381\spmsg.dll
+ 2012-01-12 00:49 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2598479\update\spcustom.dll
+ 2012-01-12 00:49 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2598479\spmsg.dll
+ 2011-10-14 14:45 . 2011-10-14 14:45 23040 c:\windows\$hf_mig$\KB2598479\SP3QFE\mciseq.dll
+ 2012-01-15 00:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2585542\update\spcustom.dll
+ 2012-01-15 00:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2585542\spmsg.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2584146\update\spcustom.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2584146\spmsg.dll
+ 2011-11-18 12:41 . 2011-11-18 12:41 60416 c:\windows\$hf_mig$\KB2584146\SP3QFE\packager.exe
+ 2012-02-17 00:34 . 2012-02-17 00:34 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-02-18 10:57 . 2011-11-09 22:57 3350 c:\windows\system32\KGyGaAvL.sys
+ 2010-02-18 10:57 . 2012-02-12 23:31 3350 c:\windows\system32\KGyGaAvL.sys
- 2011-10-12 23:28 . 2011-10-12 23:28 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-12 23:28 . 2011-10-12 23:28 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-12 23:28 . 2011-10-12 23:28 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-01-11 06:41 . 2011-11-03 18:17 4608 c:\windows\$hf_mig$\KB2603381\update\customaddreg.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-05-14 01:17 . 2011-05-14 01:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 01:12 . 2011-05-14 01:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 01:11 . 2011-05-14 01:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
+ 2011-08-05 19:26 . 2011-08-05 19:26 130560 c:\windows\system32\ZuneUsbTransport.dll
+ 2011-08-05 19:26 . 2011-08-05 19:26 365056 c:\windows\system32\ZuneNetProxy.dll
+ 2011-08-05 19:26 . 2011-08-05 19:26 203776 c:\windows\system32\ZuneMTPZ.dll
+ 2011-08-05 19:26 . 2011-08-05 19:26 332800 c:\windows\system32\ZuneCoInst.dll
+ 2006-09-28 18:56 . 2009-07-13 18:16 567808 c:\windows\system32\WUDFx.dll
+ 2006-09-28 18:56 . 2009-07-13 16:50 148480 c:\windows\system32\WudfPlatform.dll
+ 2006-09-28 18:56 . 2009-07-13 18:14 195584 c:\windows\system32\WudfHost.exe
+ 2011-06-06 20:48 . 2011-06-06 20:48 581192 c:\windows\system32\WinUSBCoInstaller.dll
+ 2004-08-04 10:00 . 2011-11-25 21:57 293376 c:\windows\system32\winsrv.dll
- 2004-08-04 10:00 . 2011-06-20 17:44 293376 c:\windows\system32\winsrv.dll
+ 2004-08-04 10:00 . 2011-10-14 14:47 176128 c:\windows\system32\winmm.dll
- 2004-08-04 10:00 . 2008-04-14 00:12 176128 c:\windows\system32\winmm.dll
+ 2004-08-04 10:00 . 2011-11-16 14:21 354816 c:\windows\system32\winhttp.dll
- 2004-08-04 10:00 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll
- 2004-08-04 10:00 . 2011-08-22 23:48 105984 c:\windows\system32\url.dll
+ 2004-08-04 10:00 . 2011-12-17 19:46 105984 c:\windows\system32\url.dll
+ 2004-08-04 10:00 . 2011-11-16 14:21 152064 c:\windows\system32\schannel.dll
+ 2004-08-04 10:00 . 2011-11-03 15:28 386048 c:\windows\system32\qdvd.dll
- 2004-08-04 10:00 . 2008-04-14 00:12 386048 c:\windows\system32\qdvd.dll
+ 2004-08-04 10:00 . 2012-02-17 00:35 432928 c:\windows\system32\perfh009.dat
- 2004-08-04 10:00 . 2011-08-22 23:48 206848 c:\windows\system32\occache.dll
+ 2004-08-04 10:00 . 2011-12-17 19:46 206848 c:\windows\system32\occache.dll
- 2006-03-04 03:33 . 2011-08-22 23:48 611840 c:\windows\system32\mstime.dll
+ 2006-03-04 03:33 . 2011-12-17 19:46 611840 c:\windows\system32\mstime.dll
+ 2009-03-08 04:32 . 2011-12-17 19:46 602112 c:\windows\system32\msfeeds.dll
- 2009-03-08 04:32 . 2011-08-22 23:48 602112 c:\windows\system32\msfeeds.dll
+ 2012-02-05 09:48 . 2012-02-05 09:48 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
+ 2012-02-05 09:48 . 2012-02-05 09:48 335520 c:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.dll
- 2011-10-19 20:25 . 2011-10-03 04:06 157472 c:\windows\system32\javaws.exe
+ 2012-02-24 00:00 . 2012-02-24 00:00 157472 c:\windows\system32\javaws.exe
+ 2012-02-24 00:00 . 2012-02-24 00:00 149280 c:\windows\system32\javaw.exe
+ 2012-02-24 00:00 . 2012-02-24 00:00 149280 c:\windows\system32\java.exe
+ 2011-12-26 10:39 . 2008-05-02 13:25 465920 c:\windows\system32\imapi2fs.dll
+ 2011-12-26 10:39 . 2008-05-02 13:25 317952 c:\windows\system32\imapi2.dll
+ 2006-03-04 03:33 . 2011-12-17 19:46 184320 c:\windows\system32\iepeers.dll
- 2006-03-04 03:33 . 2011-08-22 23:48 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 10:00 . 2011-08-22 23:48 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 10:00 . 2011-12-17 19:46 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-04 10:00 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe
+ 2004-08-04 10:00 . 2011-12-16 12:23 174080 c:\windows\system32\ie4uinit.exe
+ 2004-09-14 14:38 . 2008-04-17 12:12 107368 c:\windows\system32\GEARAspi.dll
+ 2010-01-16 16:29 . 2012-02-17 03:15 289296 c:\windows\system32\FNTCACHE.DAT
- 2004-08-04 10:00 . 2011-02-09 13:53 186880 c:\windows\system32\encdec.dll
+ 2004-08-04 10:00 . 2011-10-18 11:13 186880 c:\windows\system32\encdec.dll
+ 2011-12-28 17:45 . 2008-04-17 12:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspi.dll
+ 2006-09-28 19:00 . 2009-07-13 16:50 132224 c:\windows\system32\drivers\WudfRd.sys
+ 2009-07-14 10:35 . 2009-07-14 10:35 444136 c:\windows\system32\drivers\wdf01000.sys
+ 2011-08-05 19:26 . 2011-08-05 19:26 796672 c:\windows\system32\drivers\UMDF\ZuneDriver.dll
+ 2011-08-30 23:05 . 2011-08-30 23:05 178536 c:\windows\system32\dnssdX.dll
- 2004-08-04 10:00 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2004-08-04 10:00 . 2011-11-25 21:57 293376 c:\windows\system32\dllcache\winsrv.dll
- 2004-08-04 10:00 . 2008-04-14 00:12 176128 c:\windows\system32\dllcache\winmm.dll
+ 2004-08-04 10:00 . 2011-10-14 14:47 176128 c:\windows\system32\dllcache\winmm.dll
+ 2006-03-04 03:33 . 2011-12-17 19:46 916992 c:\windows\system32\dllcache\wininet.dll
- 2004-08-04 10:00 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-04 10:00 . 2011-11-16 14:21 354816 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-04 10:00 . 2011-12-17 19:46 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-04 10:00 . 2011-08-22 23:48 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-04 10:00 . 2011-11-16 14:21 152064 c:\windows\system32\dllcache\schannel.dll
+ 2011-11-03 15:28 . 2011-11-03 15:28 386048 c:\windows\system32\dllcache\qdvd.dll
- 2004-08-04 10:00 . 2011-08-22 23:48 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-04 10:00 . 2011-12-17 19:46 206848 c:\windows\system32\dllcache\occache.dll
+ 2006-03-04 03:33 . 2011-12-17 19:46 611840 c:\windows\system32\dllcache\mstime.dll
- 2006-03-04 03:33 . 2011-08-22 23:48 611840 c:\windows\system32\dllcache\mstime.dll
- 2010-01-20 23:18 . 2011-08-22 23:48 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-01-20 23:18 . 2011-12-17 19:46 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2011-12-26 10:39 . 2008-05-02 13:25 465920 c:\windows\system32\dllcache\imapi2fs.dll
+ 2011-12-26 10:39 . 2008-05-02 13:25 317952 c:\windows\system32\dllcache\imapi2.dll
- 2010-01-20 23:18 . 2011-08-22 23:48 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2010-01-20 23:18 . 2011-12-17 19:46 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2006-03-04 03:33 . 2011-12-17 19:46 184320 c:\windows\system32\dllcache\iepeers.dll
- 2006-03-04 03:33 . 2011-08-22 23:48 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-06-12 11:11 . 2011-08-22 23:48 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-12 11:11 . 2011-12-17 19:46 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2004-08-04 10:00 . 2011-12-17 19:46 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-04 10:00 . 2011-08-22 23:48 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-04 10:00 . 2011-12-16 12:23 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-04 10:00 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-04 10:00 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2004-08-04 10:00 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
+ 2010-08-15 10:08 . 2012-02-17 09:23 262144 c:\windows\system32\config\systemprofile\IETldCache\index.dat
- 2010-08-15 10:08 . 2011-04-17 10:39 262144 c:\windows\system32\config\systemprofile\IETldCache\index.dat

+ 2011-12-25 03:49 . 2011-12-25 03:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2011-12-25 05:40 . 2011-12-25 05:40 819200 c:\windows\Installer\94a13.msp
+ 2011-12-26 10:44 . 2011-12-26 10:44 751616 c:\windows\Installer\3a5f51.msi
+ 2012-02-24 00:02 . 2012-02-24 00:02 203776 c:\windows\Installer\28c75ed.msi
+ 2012-02-24 00:00 . 2012-02-24 00:00 901120 c:\windows\Installer\28c75dd.msi
+ 2011-12-28 17:46 . 2011-12-28 17:46 380928 c:\windows\Installer\{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}\iTunesIco.exe
+ 2012-02-17 00:29 . 2011-11-04 19:20 916992 c:\windows\ie8updates\KB2647516-IE8\wininet.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 105984 c:\windows\ie8updates\KB2647516-IE8\url.dll
+ 2012-02-17 00:29 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2647516-IE8\spuninst\updspapi.dll
+ 2012-02-17 00:29 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2647516-IE8\spuninst\spuninst.exe
+ 2012-02-17 00:29 . 2011-11-04 19:20 206848 c:\windows\ie8updates\KB2647516-IE8\occache.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 611840 c:\windows\ie8updates\KB2647516-IE8\mstime.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 602112 c:\windows\ie8updates\KB2647516-IE8\msfeeds.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 247808 c:\windows\ie8updates\KB2647516-IE8\ieproxy.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 184320 c:\windows\ie8updates\KB2647516-IE8\iepeers.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 743424 c:\windows\ie8updates\KB2647516-IE8\iedvtool.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 387584 c:\windows\ie8updates\KB2647516-IE8\iedkcs32.dll
+ 2012-02-17 00:29 . 2011-11-04 11:24 174080 c:\windows\ie8updates\KB2647516-IE8\ie4uinit.exe
+ 2011-12-14 09:13 . 2011-08-22 23:48 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2011-12-14 09:13 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2011-12-14 09:13 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2011-12-14 09:13 . 2011-08-22 23:48 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2011-12-14 09:13 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2012-02-17 00:40 . 2012-02-17 00:40 897536 c:\windows\assembly\NativeImages_v2.0.50727_32\YTUploader\f25e0241119b0d1671d8403cfe3cccc7\YTUploader.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 136192 c:\windows\assembly\NativeImages_v2.0.50727_32\YouTubeUploaderMain\45409343f771a51bae5a38475b4a15c5\YouTubeUploaderMain.ni.exe
+ 2012-02-17 00:41 . 2012-02-17 00:41 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\edc5691acfb65ac37f49de2ec497083a\WsatConfig.ni.exe
+ 2012-02-17 00:37 . 2012-02-17 00:37 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\4ad8369d6a60765d7e9b43cdf9023f41\WindowsFormsIntegration.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\68f4157e570c77df653057c0583395bd\UIAutomationClient.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c2a12bd4056b44f8005a7eb3af161e6a\System.Xml.Linq.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\fc63b434b2f253cd27625487f7b02ac0\System.Web.Routing.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\67877f896b2b0e42286e838fe307f3fd\System.Web.RegularExpressions.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\86650d4fb220f94f25bb5da42a03d454\System.Web.Extensions.Design.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\654465871e547e131668874de7c60b8c\System.Web.Entity.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f0d6895f6e709d425cb5da6053c603d2\System.Web.Entity.Design.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3f3b7dc7208e302e39a2dfb5b2cb953b\System.Web.DynamicData.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\e9cddd213343f15d611b14620d649bb0\System.Web.Abstractions.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c14e58265386feb509cc61bb5e8dd296\System.Runtime.Remoting.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\a4b2b1ee81acd843970d9a81b281f1c1\System.Net.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e3436edde657a5111d39d5b2eecf9715\System.Management.Instrumentation.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\974ded7dd3bca225a1b90de778846c78\System.IO.Log.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\01eba24390736a59c39becd825b5756e\System.IdentityModel.Selectors.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.Wrapper.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e9ae7ae6d1e9edc7aaf819889cd1c692\System.Drawing.Design.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\78a370dc153011708dd9e4cb0e606bfc\System.DirectoryServices.Protocols.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6e644fc7464d9fe23fc9cd6001296f2f\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 689664 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlServ#\acdadddbd126cbcc44f8a78fa02911f1\System.Data.SqlServerCe.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\bac39be66bb9f987c1948b766833f8e6\System.Data.Services.Client.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2b5ecd231320e57010043c408783d80b\System.Data.Services.Design.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4ac9ac2326720485aefd4d79d2024945\System.Data.Entity.Design.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\d504d550fd0a6994fcb1466ea7be92af\System.Data.DataSetExtensions.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\28637135c6939e74450bbbf110b12643\System.Configuration.Install.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\958b5c0114d664ab5ba72575c301e2ea\System.AddIn.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4dcff3b0e79fc27e31549bb2af00efb5\SMSvcHost.ni.exe
+ 2012-02-17 00:41 . 2012-02-17 00:41 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bd3bfd5b6ef659dac4d6cccb34577d33\SMDiagnostics.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\edec83be646eb52204c991371751a428\ServiceModelReg.ni.exe
+ 2012-02-17 00:36 . 2012-02-17 00:36 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\52015457bc28e7a9a563d9eab8ab0015\PresentationFramework.Royale.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a680814559114706a33282e9df4b7a\PresentationFramework.Classic.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2713754549b1114c9152d33efe5f72c7\PresentationFramework.Aero.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1552f18ca434c1dca6d082df476d089a\PresentationFramework.Luna.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 121856 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\a24a43d359e15dfa5d7a1279834fdd63\Panasonic.Framework.View.Util.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 308224 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\83db2fe60ef352d9a909650dffd4b6aa\Panasonic.Framework.Model.Command.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 184832 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\d043264cf7932b8fd9b87b3877fdf4b8\Panasonic.Core.Spec.Plugin.Base.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 196096 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\cfb2d284e0e90b8b9b42baabe9c8fb73\Panasonic.Core.Spec.Plugin.DCF.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 450560 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\9d390d4bd306f37eba647aaf293d0eeb\Panasonic.Core.Spec.ContentInformation.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 117248 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\870ff0c641ee9afec134973610fe00fb\Panasonic.Core.Spec.Plugin.Base.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 111104 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\01047e45fd1d95a3ff68a93832aaf24d\Panasonic.Core.Spec.Plugin.AVCHD.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 239104 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Face#\04c18ed3eb1d9ae2092dd50731d1b703\Panasonic.Core.FaceIdentifierCli.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7c51497b188c82e2ccbe6315549ce023\MSBuild.ni.exe
+ 2012-02-17 00:41 . 2012-02-17 00:41 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f0f6dd614d294295c5d8386cc4192034\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\fd1338828beec8737fed8f50f4fcc567\Microsoft.Build.Utilities.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\0d5f999c4b7e51151548c37c676c1b8e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\792168ce8fe03a3db43e12cf736cf91e\Microsoft.Build.Engine.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\0a5277c34ddc1f55df1defb4231e814f\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a8df37aadb089f1f34d3d2f103966fbc\ComSvcConfig.ni.exe
+ 2012-02-17 00:39 . 2012-02-17 00:39 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\25ce400b547f517258c8afb0480390ea\AspNetMMCExt.ni.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-12-26 10:22 . 2006-09-28 18:56 316416 c:\windows\$NtUninstallWudf01009$\wudfx.dll
+ 2011-12-26 10:22 . 2006-09-28 18:56 165376 c:\windows\$NtUninstallWudf01009$\wudfplatform.dll
+ 2011-12-26 10:22 . 2006-09-28 18:56 146432 c:\windows\$NtUninstallWudf01009$\wudfhost.exe
+ 2011-12-26 10:22 . 2008-11-07 18:55 382496 c:\windows\$NtUninstallWudf01009$\spuninst\updspapi.dll
+ 2011-12-26 10:22 . 2008-11-07 18:55 231456 c:\windows\$NtUninstallWudf01009$\spuninst\spuninst.exe
+ 2011-12-26 10:23 . 2006-10-08 21:53 379184 c:\windows\$NtUninstallwinusb0100$\spuninst\updspapi.dll
+ 2011-12-26 10:23 . 2006-10-08 21:53 221488 c:\windows\$NtUninstallwinusb0100$\spuninst\spuninst.exe
+ 2011-12-26 10:24 . 2008-11-07 18:55 382496 c:\windows\$NtUninstallWdf01009$\spuninst\updspapi.dll
+ 2011-12-26 10:24 . 2008-11-07 18:55 231456 c:\windows\$NtUninstallWdf01009$\spuninst\spuninst.exe
+ 2011-12-26 10:42 . 2007-07-27 10:41 382840 c:\windows\$NtUninstallKB973442_WM11$\spuninst\updspapi.dll
+ 2011-12-26 10:42 . 2007-07-27 10:41 231288 c:\windows\$NtUninstallKB973442_WM11$\spuninst\spuninst.exe
+ 2011-12-26 10:42 . 2007-11-30 11:18 382840 c:\windows\$NtUninstallKB932716-v2$\spuninst\updspapi.dll
+ 2011-12-26 10:42 . 2007-11-30 11:18 231288 c:\windows\$NtUninstallKB932716-v2$\spuninst\spuninst.exe
+ 2012-01-12 00:52 . 2011-06-20 17:44 293376 c:\windows\$NtUninstallKB2646524$\winsrv.dll
+ 2012-01-12 00:52 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2646524$\spuninst\updspapi.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2646524$\spuninst\spuninst.exe
+ 2011-12-14 09:14 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2639417$\spuninst\updspapi.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2639417$\spuninst\spuninst.exe
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2633952$\spuninst\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2633952$\spuninst\spuninst.exe
+ 2011-12-14 09:09 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2633171$\spuninst\updspapi.dll
+ 2011-12-14 09:09 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2633171$\spuninst\spuninst.exe
+ 2012-01-12 00:52 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2631813$\spuninst\updspapi.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2631813$\spuninst\spuninst.exe
+ 2012-01-12 00:52 . 2008-04-14 00:12 386048 c:\windows\$NtUninstallKB2631813$\qdvd.dll
+ 2011-12-14 09:14 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2624667$\spuninst\updspapi.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2624667$\spuninst\spuninst.exe
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2620712$\spuninst\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2620712$\spuninst\spuninst.exe
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2619339$\spuninst\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2619339$\spuninst\spuninst.exe
+ 2011-12-14 09:10 . 2011-02-09 13:53 186880 c:\windows\$NtUninstallKB2619339$\encdec.dll
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2618451$\spuninst\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2618451$\spuninst\spuninst.exe
+ 2012-01-12 00:44 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2603381$\spuninst\updspapi.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2603381$\spuninst\spuninst.exe
+ 2012-01-12 00:48 . 2008-04-14 00:12 176128 c:\windows\$NtUninstallKB2598479$\winmm.dll
+ 2012-01-12 00:48 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2598479$\spuninst\updspapi.dll
+ 2012-01-12 00:48 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2598479$\spuninst\spuninst.exe
+ 2012-01-15 00:02 . 2009-08-25 09:17 354816 c:\windows\$NtUninstallKB2585542$\winhttp.dll
+ 2012-01-15 00:02 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2585542$\spuninst\updspapi.dll
+ 2012-01-15 00:02 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2585542$\spuninst\spuninst.exe
+ 2012-01-15 00:02 . 2011-04-29 17:25 151552 c:\windows\$NtUninstallKB2585542$\schannel.dll
+ 2012-01-12 00:44 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2584146$\spuninst\updspapi.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2584146$\spuninst\spuninst.exe


demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Sun Feb 26, 2012 9:42 am

2nd instalment


+ 2012-01-12 00:52 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2646524\update\updspapi.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2646524\update\update.exe
+ 2012-01-12 00:52 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2646524\spuninst.exe
+ 2011-11-25 21:56 . 2011-11-25 21:56 293376 c:\windows\$hf_mig$\KB2646524\SP3QFE\winsrv.dll
+ 2011-12-14 09:14 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2639417\update\updspapi.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2639417\update\update.exe
+ 2011-12-14 09:14 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2639417\spuninst.exe
+ 2011-12-14 09:09 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2633171\update\updspapi.dll
+ 2011-12-14 09:09 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2633171\update\update.exe
+ 2011-12-14 09:09 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2633171\spuninst.exe
+ 2012-01-12 00:52 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2631813\update\updspapi.dll
+ 2012-01-12 00:52 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2631813\update\update.exe
+ 2012-01-12 00:52 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2631813\spuninst.exe
+ 2011-11-03 15:27 . 2011-11-03 15:27 386048 c:\windows\$hf_mig$\KB2631813\SP3QFE\qdvd.dll
+ 2011-12-14 09:14 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2624667\update\updspapi.dll
+ 2011-12-14 09:14 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2624667\update\update.exe
+ 2011-12-14 09:14 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2624667\spuninst.exe
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2620712\update\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2620712\update\update.exe
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2620712\spuninst.exe
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2619339\update\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2619339\update\update.exe
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2619339\spuninst.exe
+ 2011-10-18 11:12 . 2011-10-18 11:12 186880 c:\windows\$hf_mig$\KB2619339\SP3QFE\encdec.dll
+ 2011-12-14 09:10 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2618451\update\updspapi.dll
+ 2011-12-14 09:10 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2618451\update\update.exe
+ 2011-12-14 09:10 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2618451\spuninst.exe
+ 2011-12-14 09:13 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2618444-IE8\update\updspapi.dll
+ 2011-12-14 09:13 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2618444-IE8\update\update.exe
+ 2011-12-14 09:13 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2618444-IE8\spuninst.exe
+ 2011-12-14 07:43 . 2011-11-04 19:19 919552 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 105984 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\url.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 206848 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\occache.dll
+ 2011-12-14 07:44 . 2011-11-04 19:19 611840 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mstime.dll
+ 2011-12-14 07:44 . 2011-11-04 19:19 602112 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\msfeeds.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 247808 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ieproxy.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 184320 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iepeers.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 743424 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iedvtool.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 387584 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iedkcs32.dll
+ 2011-12-14 07:43 . 2011-10-25 12:01 174080 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ie4uinit.exe
+ 2012-01-12 00:44 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2603381\update\updspapi.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2603381\update\update.exe
+ 2012-01-12 00:44 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2603381\spuninst.exe
+ 2012-01-12 00:49 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2598479\update\updspapi.dll
+ 2012-01-12 00:49 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2598479\update\update.exe
+ 2012-01-12 00:49 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2598479\spuninst.exe
+ 2011-10-14 14:45 . 2011-10-14 14:45 176128 c:\windows\$hf_mig$\KB2598479\SP3QFE\winmm.dll
+ 2012-01-15 00:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2585542\update\updspapi.dll
+ 2012-01-15 00:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2585542\update\update.exe
+ 2012-01-15 00:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2585542\spuninst.exe
+ 2012-01-14 20:19 . 2011-11-16 14:20 354816 c:\windows\$hf_mig$\KB2585542\SP3QFE\winhttp.dll
+ 2012-01-14 20:19 . 2011-11-16 14:20 152064 c:\windows\$hf_mig$\KB2585542\SP3QFE\schannel.dll
+ 2012-01-12 00:44 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2584146\update\updspapi.dll
+ 2012-01-12 00:44 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2584146\update\update.exe
+ 2012-01-12 00:44 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2584146\spuninst.exe
+ 2011-06-06 20:48 . 2011-06-06 20:48 1837296 c:\windows\system32\WUDFUpdate_01009.dll
+ 2006-10-18 21:47 . 2009-07-14 10:08 1543680 c:\windows\system32\wmvdecod.dll
- 2006-10-18 21:47 . 2006-10-18 21:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2011-06-06 20:48 . 2011-06-06 13:49 1461992 c:\windows\system32\WdfCoInstaller01009.dll
+ 2011-12-28 17:40 . 2011-08-02 17:38 4517664 c:\windows\system32\usbaaplrc.dll
+ 2006-03-18 11:09 . 2011-12-17 19:46 1212416 c:\windows\system32\urlmon.dll
- 2006-03-18 11:09 . 2011-08-22 23:48 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-04 10:00 . 2011-11-03 15:28 1292288 c:\windows\system32\quartz.dll
+ 2004-08-04 10:00 . 2011-11-01 16:07 1288704 c:\windows\system32\ole32.dll
- 2005-03-30 01:23 . 2010-12-09 13:38 2192768 c:\windows\system32\ntoskrnl.exe
+ 2005-03-30 01:23 . 2011-10-25 13:33 2192768 c:\windows\system32\ntoskrnl.exe
- 2005-03-30 01:01 . 2010-12-09 13:07 2069376 c:\windows\system32\ntkrnlpa.exe
+ 2005-03-30 01:01 . 2011-10-25 12:52 2069376 c:\windows\system32\ntkrnlpa.exe
+ 2006-03-23 17:32 . 2011-12-17 19:46 5979136 c:\windows\system32\mshtml.dll
- 2009-03-08 04:32 . 2011-08-22 23:48 2000384 c:\windows\system32\iertutil.dll
+ 2009-03-08 04:32 . 2011-12-17 19:46 2000384 c:\windows\system32\iertutil.dll
+ 2011-12-28 17:40 . 2011-08-02 17:38 4517664 c:\windows\system32\DRVSTORE\usbaapl_091115F4EDEB41DBA0EC91574CE905B4E0482482\usbaaplrc.dll
+ 2011-12-28 17:40 . 2011-08-02 17:38 1461992 c:\windows\system32\DRVSTORE\netaapl_63AA05C4700EB9CAF2D048DAC1D06D764A0D4C41\wdfcoinstaller01009.dll
+ 2004-08-04 10:00 . 2012-01-12 16:53 1859968 c:\windows\system32\dllcache\win32k.sys
+ 2006-03-18 11:09 . 2011-12-17 19:46 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2006-03-18 11:09 . 2011-08-22 23:48 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 10:00 . 2011-11-03 15:28 1292288 c:\windows\system32\dllcache\quartz.dll
+ 2004-08-04 10:00 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
+ 2005-03-30 01:23 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
- 2005-03-30 01:23 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-01-20 18:50 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2010-01-20 18:50 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2005-03-30 01:01 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2005-03-30 01:01 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2010-01-20 18:50 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2010-01-20 18:50 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2006-03-23 17:32 . 2011-12-17 19:46 5979136 c:\windows\system32\dllcache\mshtml.dll
- 2010-01-20 23:18 . 2011-08-22 23:48 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2010-01-20 23:18 . 2011-12-17 19:46 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-12-25 03:50 . 2011-12-25 03:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-10-26 03:39 . 2011-10-26 03:39 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-01-02 11:18 . 2012-01-02 11:18 1252864 c:\windows\Installer\f67328.msi
+ 2011-12-28 17:46 . 2011-12-28 17:46 5651456 c:\windows\Installer\37629d.msi
+ 2011-12-28 17:41 . 2011-12-28 17:41 1769984 c:\windows\Installer\375c8b.msi
+ 2011-12-28 17:41 . 2011-12-28 17:41 1717248 c:\windows\Installer\375c61.msi
+ 2011-12-28 17:39 . 2011-12-28 17:39 2002432 c:\windows\Installer\375c21.msi
+ 2011-12-28 17:39 . 2011-12-28 17:39 1530368 c:\windows\Installer\375c18.msi
+ 2011-10-30 22:54 . 2011-10-30 22:54 2748416 c:\windows\Installer\2b4f368.msp
+ 2011-12-26 09:59 . 2011-12-26 09:59 4368896 c:\windows\Installer\188747a.msp
+ 2012-02-17 00:29 . 2011-11-04 19:20 1212416 c:\windows\ie8updates\KB2647516-IE8\urlmon.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 5978112 c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
+ 2012-02-17 00:29 . 2011-11-04 19:20 2000384 c:\windows\ie8updates\KB2647516-IE8\iertutil.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2011-12-14 09:13 . 2011-10-03 08:35 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2011-12-14 09:13 . 2011-08-22 23:48 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
+ 2010-01-20 18:50 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2010-01-20 18:50 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-01-20 18:50 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2010-01-20 18:50 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-07 19:02 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-02-07 19:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2010-01-20 18:50 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-01-20 18:50 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2012-02-17 00:43 . 2012-02-17 00:43 4353536 c:\windows\assembly\NativeImages_v2.0.50727_32\ZuneShell\875b4de10ac0ee07fae0bd88cc8bf2dd\ZuneShell.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 2557440 c:\windows\assembly\NativeImages_v2.0.50727_32\ZuneDBApi\60e15758912837abe8b8f31253a73095\ZuneDBApi.ni.dll
+ 2012-02-17 00:35 . 2012-02-17 00:35 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\174c2f776741812aed02c337bbcd1dae\WindowsBase.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 4579328 c:\windows\assembly\NativeImages_v2.0.50727_32\UIX\b79115e5926aaf7a5915cc74b2b242f1\UIX.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 1832448 c:\windows\assembly\NativeImages_v2.0.50727_32\UIX.RenderApi\7c47bb4f7522ead5144b3ebd01a7387f\UIX.RenderApi.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\94f5164ff4f664c5e4e7fb4c3af1abad\UIAutomationClientsideProviders.ni.dll
+ 2012-02-17 00:35 . 2012-02-17 00:35 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c4c671c737b553db8e07664816475333\System.WorkflowServices.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\248ea47105ff4af6ee75e6fdd5b450a1\System.Workflow.Runtime.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\80a288b6611668160334668cc2608e4a\System.Workflow.ComponentModel.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\4c27548df5897320840ee0d65db38742\System.Workflow.Activities.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\030cde14924eefebc06c240dbfe093a4\System.Web.Mobile.ni.dll
+ 2012-02-17 00:43 . 2012-02-17 00:43 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6379c8ca8ae11effb415139990923ff1\System.Web.Extensions.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e456140d5d6c43d7383bd36d3f9e12c6\System.Speech.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\285dfbf2380436e187cb624bd1cd4683\System.ServiceModel.Web.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d51e6bb07124a1d780d1e024858e0dc1\System.Printing.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\8ef05061cd205c4f2a8583d97f32a603\System.IdentityModel.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\77d0e93f024055d04c07cc2700b4c590\System.DirectoryServices.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\707a05a7d5a8d99dd56d1d50311a60d2\System.Deployment.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\857300fa64d09c69125451fd8894f3da\System.Data.SqlXml.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\e9d4a1fb13572c769ddd9b86e55baab4\System.Data.Services.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\3f2e74586111fb32d5edc059f709fa94\System.Data.OracleClient.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3d9c33f71d15a3e2e240092a244eba3\System.Data.Linq.ni.dll
+ 2012-02-17 00:42 . 2012-02-17 00:42 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\424160369b301ccd1b6fd86265611955\System.Data.Entity.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\0a6d6717e76be12295711ff02c7aa1d4\System.Core.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 2318336 c:\windows\assembly\NativeImages_v2.0.50727_32\SceneCutEditorForPFS\e19b77a9c60a75298d91d91183802980\SceneCutEditorForPFS.ni.exe
+ 2012-02-17 00:36 . 2012-02-17 00:36 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\33cdfb4c322a528260016ac759230501\ReachFramework.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a6def83aee1aaf3336675ce58ac09013\PresentationUI.ni.dll
+ 2012-02-17 00:35 . 2012-02-17 00:35 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\59cd6ce5a254006179eee92952cd2272\PresentationBuildTasks.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 1900032 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\eac5db28fe8d54c701204a6c694e9d3f\Panasonic.Framework.View.Area.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 1177088 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\df3f3c94de5781587d60d1fa9be81482\Panasonic.Framework.View.Parts.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 2309120 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\c406b6923bc44b297b97528b9703dadb\Panasonic.Framework.Model.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 3987968 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\9bf67cf8cd5e36eb34e2d826fb49f935\Panasonic.Framework.View.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 3396096 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\434dfb8d6d6cfa389f00330eb8e0c0fe\Panasonic.Framework.View.Resource.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f7071f9a1c0523540f6aa7f11c302fb6\Microsoft.Transactions.Bridge.ni.dll
+ 2012-02-17 00:40 . 2012-02-17 00:40 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\806b1d127ed3e906db972751e87585c4\Microsoft.JScript.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\912789fd859e0887e10a935cade08e72\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\6c1d3eec78906cc2a2ecffb013114c50\Microsoft.Build.Tasks.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d6edd4b4619a9052d3dfe50c3067d5e0\Microsoft.Build.Engine.ni.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-10-04 22:47 . 2010-10-04 22:47 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-01-11 00:57 . 2012-01-11 00:57 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-12 23:28 . 2011-10-12 23:28 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-02-17 00:34 . 2012-02-17 00:34 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-12-26 10:42 . 2006-10-18 21:47 1543680 c:\windows\$NtUninstallKB973442_WM11$\wmvdecod.dll
+ 2011-12-14 09:14 . 2011-09-06 13:20 1858944 c:\windows\$NtUninstallKB2639417$\win32k.sys
+ 2011-12-14 09:09 . 2010-12-09 13:38 2192768 c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
+ 2011-12-14 09:09 . 2010-12-09 13:07 2027008 c:\windows\$NtUninstallKB2633171$\ntkrpamp.exe
+ 2011-12-14 09:09 . 2010-12-09 13:07 2069376 c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
+ 2011-12-14 09:09 . 2010-12-09 13:42 2148864 c:\windows\$NtUninstallKB2633171$\ntkrnlmp.exe
+ 2012-01-12 00:52 . 2010-02-05 18:27 1291776 c:\windows\$NtUninstallKB2631813$\quartz.dll
+ 2011-12-14 09:14 . 2010-07-16 12:05 1288192 c:\windows\$NtUninstallKB2624667$\ole32.dll
+ 2011-11-23 13:29 . 2011-11-23 13:29 1868544 c:\windows\$hf_mig$\KB2639417\SP3QFE\win32k.sys
+ 2011-10-25 13:34 . 2011-10-25 13:34 2192768 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
+ 2011-10-25 12:52 . 2011-10-25 12:52 2027008 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrpamp.exe
+ 2011-10-25 12:52 . 2011-10-25 12:52 2069376 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
+ 2011-10-25 13:38 . 2011-10-25 13:38 2148864 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlmp.exe
+ 2011-11-03 15:27 . 2011-11-03 15:27 1292288 c:\windows\$hf_mig$\KB2631813\SP3QFE\quartz.dll
+ 2011-11-01 16:05 . 2011-11-01 16:05 1289216 c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 1214464 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\urlmon.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 5978624 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
+ 2011-12-14 07:43 . 2011-11-04 19:19 2001408 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iertutil.dll
+ 2010-01-20 22:55 . 2012-02-17 00:30 52550552 c:\windows\system32\MRT.exe
+ 2009-03-08 04:39 . 2011-12-18 14:46 11082240 c:\windows\system32\ieframe.dll
+ 2010-01-20 23:18 . 2011-12-18 14:46 11082240 c:\windows\system32\dllcache\ieframe.dll
+ 2012-01-03 17:58 . 2012-01-03 17:58 15929344 c:\windows\Installer\df25be.msp
+ 2012-02-17 00:29 . 2011-11-04 19:20 11081728 c:\windows\ie8updates\KB2647516-IE8\ieframe.dll
+ 2011-12-14 09:13 . 2011-08-23 16:48 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
+ 2012-02-17 00:39 . 2012-02-17 00:39 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
+ 2012-02-17 00:41 . 2012-02-17 00:41 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1cdcd6d97627d345d5ff446e6ec88b97\System.ServiceModel.ni.dll
+ 2012-02-17 00:37 . 2012-02-17 00:37 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c8f8fb506c32500acc1b6190d054f26\System.Design.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5060105fb9e169399fe45600b1e9215e\PresentationFramework.ni.dll
+ 2012-02-17 00:36 . 2012-02-17 00:36 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0665bba8c9962deadc418881eb3a2a2a\PresentationCore.ni.dll
+ 2011-11-05 14:19 . 2011-11-05 14:19 11083776 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-18 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 282624]
"DSLSTATEXE"="c:\program files\BT Voyager 105 ADSL Modem\dslstat.exe" [2007-01-25 1658965]
"DSLAGENTEXE"="c:\program files\BT Voyager 105 ADSL Modem\dslagent.exe" [2007-01-25 16384]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1318816]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^PHOTOfunSTUDIO 4.0 HD Edition.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\PHOTOfunSTUDIO 4.0 HD Edition.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO 4.0 HD Edition.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=c:\windows\pss\Quicken Scheduled Updates.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
2007-12-01 17:38 38400 ----a-r- c:\program files\Corel\Corel MediaOne\CorelIOMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-12-08 01:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-01-17 23:12 98304 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2011-08-05 12:29 159456 ----a-w- c:\program files\Zune\ZuneLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [25/09/2011 19:00 56336]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [30/05/2010 15:15 89792]
R1 RapportCerberus_32029;RapportCerberus_32029;c:\documents and settings\All Users.WINDOWS\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus32_32029.sys [10/11/2011 12:15 227312]
R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [25/09/2011 19:00 70416]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [25/09/2011 19:00 161936]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 16:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 21:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [11/08/2011 23:38 116608]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [20/01/2010 22:42 95200]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [09/10/2011 17:01 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [09/10/2011 17:01 214904]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [09/10/2011 17:02 160608]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [09/10/2011 16:49 150856]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [25/09/2011 18:59 919352]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [30/05/2010 15:15 57600]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [30/05/2010 15:15 338176]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [30/05/2010 15:15 83856]
R3 RapportIaso;RapportIaso;c:\documents and settings\All Users.WINDOWS\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys [15/08/2011 08:38 21520]
S1 MpKsl56ce2b3f;MpKsl56ce2b3f;\??\c:\windows\system32\MpEngineStore\MpKsl56ce2b3f.sys --> c:\windows\system32\MpEngineStore\MpKsl56ce2b3f.sys [?]
S1 MpKsl8b16be60;MpKsl8b16be60;\??\c:\windows\system32\MpEngineStore\MpKsl8b16be60.sys --> c:\windows\system32\MpEngineStore\MpKsl8b16be60.sys [?]
S1 MpKslfb1eeb2a;MpKslfb1eeb2a;\??\c:\windows\system32\MpEngineStore\MpKslfb1eeb2a.sys --> c:\windows\system32\MpEngineStore\MpKslfb1eeb2a.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26/09/2009 17:28 133104]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26/09/2009 17:28 133104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 12:49 227232]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [30/05/2010 15:15 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [30/05/2010 15:15 87656]
S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\system32\drivers\se46bus.sys [22/02/2010 11:55 61536]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [05/08/2011 12:30 268512]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 17:57]
.
2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-26 17:28]
.
2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-26 17:28]
.
2011-12-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-01-20 12:22]
.
2011-08-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-01-20 12:22]
.
2012-02-25 c:\windows\Tasks\User_Feed_Synchronization-{DF8E2BEC-7A9C-4D85-9DC0-FDC10DEDCB66}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 04:31]
.
2012-02-19 c:\windows\Tasks\vtscheduletask.job
- c:\program files\McAfee\Supportability\MVT\MvtApp.exe [2010-11-07 14:25]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: Interfaces\{BDFDCEE7-68BD-4CF4-8DF5-8A48D1A001D6}: NameServer = 194.72.0.114 194.74.65.69
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - [You must be registered and logged in to see this link.]
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2012-02-25 23:21
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1004)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
Completion time: 2012-02-25 23:23:20
ComboFix-quarantined-files.txt 2012-02-25 23:23
.
Pre-Run: 65,615,478,784 bytes free
Post-Run: 65,691,045,888 bytes free
.
- - End Of File - - F7A70038F9E7FF454386D47DBE960527

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Sun Feb 26, 2012 6:41 pm

Re-running ComboFix to remove infections:


  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the quotebox below into it:

    KillAll::

    FireFox::
    Trusted Zone: internet
    Trusted Zone: mcafee.com

    DDS::
    Trusted Zone: internet
    Trusted Zone: mcafee.com

  • Save this as CFScript.txt, in the same location as ComboFix.exe



  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • I don't need to see the log from this script.

**********************************************************
SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

[You must be registered and logged in to see this link.]

Unzip it into a folder on your desktop.
[list]
[*]Double click Sysprot.exe to start the program.
[*]Click on the Log tab.
[*]In the Write to log box select the following items.

  • Process << Selected
  • Kernel Modules << Selected
  • SSDT << Selected
  • Kernel Hooks << Selected
  • IRP Hooks << NOT Selected
  • Ports << NOT Selected
  • Hidden Files << Selected

[*]At the bottom of the page

  • Hidden Objects Only << Selected

[*]Click on the Create Log button on the bottom right.
[*]After a few seconds a new window should appear.
[*]Select Scan Root Drive. Click on the Start button.
[*]When it is complete a new window will appear to indicate that the scan is finished.
[*]The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.
[/list

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Sun Feb 26, 2012 9:15 pm

NB When ComboFix ran , it again produced an error "pev.3XE failed", after Stage 2. When not reported the other 50 stages ran.
The SysProt log is:
SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: Combo-Fix.sys
Service Name: ---
Module Base: B8108000
Module End: B8117000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: B45CA000
Module End: B45E2000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS
Service Name: ---
Module Base: B8634000
Module End: B8636000
Hidden: Yes

Module Name: \??\C:\ComboFix\catchme.sys
Service Name: catchme
Module Base: B83C8000
Module End: B83D0000
Hidden: Yes

Module Name: \??\C:\WINDOWS\system32\Drivers\PROCEXP113.SYS
Service Name: ---
Module Base: B85C8000
Module End: B85CA000
Hidden: Yes

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwAssignProcessToJobObject
Address: B4765FC0
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwCreateFile
Address: B4766A56
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwCreateThread
Address: B495C5C0
Driver Base: B4938000
Driver End: B496E000
Driver Name: \??\C:\Documents and Settings\All Users.WINDOWS\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus32_32029.sys

Function Name: ZwDeleteFile
Address: B4766BD4
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwDeleteKey
Address: B476A27C
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwDeleteValueKey
Address: B476A2AE
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwLoadKey
Address: B476A410
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwOpenFile
Address: B4766B2C
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwOpenProcess
Address: B4766104
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwOpenThread
Address: B47662F6
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwProtectVirtualMemory
Address: B4766428
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwQueryValueKey
Address: B476A386
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwRenameKey
Address: B476A2F0
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwReplaceKey
Address: B476A322
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwRestoreKey
Address: B476A354
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwSetContextThread
Address: B4765F66
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwSetInformationFile
Address: B4766C40
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwSetValueKey
Address: B476A214
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwSuspendThread
Address: B4765F02
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwTerminateProcess
Address: B4765E56
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

Function Name: ZwTerminateThread
Address: B4765E9E
Driver Base: B4765000
Driver End: B478B000
Driver Name: \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

******************************************************************************************
******************************************************************************************
Kernel Hooks:
Hooked Function: ZwYieldExecution
At Address: 8050225C
Jump To: B7EB853C
Module Name: C:\WINDOWS\system32\drivers\mfehidk.sys

Hooked Function: ZwUnmapViewOfSection
At Address: 805A83DA
Jump To: B7EB8568
Module Name: C:\WINDOWS\system32\drivers\mfehidk.sys

Hooked Function: ZwSetSecurityObject
At Address: 805B6114
Jump To: B7EB8528
Module Name: C:\WINDOWS\system32\drivers\mfehidk.sys

Hooked Function: ZwOpenThread
At Address: 805C1684
Jump To: B7EB849C
Module Name: C:\WINDOWS\system32\drivers\mfehidk.sys

Hooked Function: ZwOpenProcess
At Address: 805C13F8
Jump To: B7EB8488
Module Name: C:\WINDOWS\system32\drivers\mfehidk.sys

Hooked Function: ZwOpenKey
At Address: 8061C0CA
Jump To: B7EB84B0
Module Name: C:\WINDOWS\system32\drivers\mfehidk.sys

Hooked Function: ZwMapViewOfSection
At Address: 805A75C4
Jump To: B7EB8552
Module Name: C:\WINDOWS\system32\drivers\mfehidk.sys

Hooked Function: ZwCreateKey
At Address: 8061ACEC
Jump To: B7EB84C4
Module Name: C:\WINDOWS\system32\drivers\mfehidk.sys

******************************************************************************************
******************************************************************************************
IRP Hooks:
Hooked Module: C:\WINDOWS\system32\DRIVERS\kbdhid.sys
Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL
Jump To: B811C810
Hooking Module: C:\WINDOWS\system32\drivers\RapportKELL.sys

******************************************************************************************
******************************************************************************************
Ports:
Local Address: YULES:27015
Remote Address: LOCALHOST:1035
Type: TCP
Process: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
State: ESTABLISHED

Local Address: YULES:27015
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
State: LISTENING

Local Address: YULES:5354
Remote Address: LOCALHOST:1027
Type: TCP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: ESTABLISHED

Local Address: YULES:5354
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: LISTENING

Local Address: YULES:5152
Remote Address: LOCALHOST:1608
Type: TCP
Process: C:\Program Files\Java\jre6\bin\jqs.exe
State: CLOSE_WAIT

Local Address: YULES:5152
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Java\jre6\bin\jqs.exe
State: LISTENING

Local Address: YULES:1035
Remote Address: LOCALHOST:27015
Type: TCP
Process: C:\Program Files\iTunes\iTunesHelper.exe
State: ESTABLISHED

Local Address: YULES:1031
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\alg.exe
State: LISTENING

Local Address: YULES:1027
Remote Address: LOCALHOST:5354
Type: TCP
Process: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
State: ESTABLISHED

Local Address: YULES:NETBIOS-SSN
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\svchost.exe
State: LISTENING

Local Address: YULES:6646
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
State: LISTENING

Local Address: YULES:3389
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\svchost.exe
State: LISTENING

Local Address: YULES:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: System
State: LISTENING

Local Address: YULES:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\svchost.exe
State: LISTENING

Local Address: YULES:5353
Remote Address: NA
Type: UDP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: NA

Local Address: YULES:1900
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: YULES:1192
Remote Address: NA
Type: UDP
Process: C:\Program Files\Internet Explorer\iexplore.exe
State: NA

Local Address: YULES:1129
Remote Address: NA
Type: UDP
Process: C:\Program Files\Internet Explorer\iexplore.exe
State: NA

Local Address: YULES:1039
Remote Address: NA
Type: UDP
Process: C:\Program Files\Internet Explorer\iexplore.exe
State: NA

Local Address: YULES:1037
Remote Address: NA
Type: UDP
Process: C:\Program Files\iTunes\iTunesHelper.exe
State: NA

Local Address: YULES:1036
Remote Address: NA
Type: UDP
Process: C:\Program Files\iTunes\iTunesHelper.exe
State: NA

Local Address: YULES:1026
Remote Address: NA
Type: UDP
Process: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
State: NA

Local Address: YULES:1025
Remote Address: NA
Type: UDP
Process: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
State: NA

Local Address: YULES:123
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: YULES:1900
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: YULES:138
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: YULES:NETBIOS-NS
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: YULES:123
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: YULES:4500
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\lsass.exe
State: NA

Local Address: YULES:1900
Remote Address: NA
Type: UDP
Process: C:\Program Files\Zune\ZuneBusEnum.exe
State: NA

Local Address: YULES:1028
Remote Address: NA
Type: UDP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: NA

Local Address: YULES:500
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\lsass.exe
State: NA

Local Address: YULES:MICROSOFT-DS
Remote Address: NA
Type: UDP
Process: System
State: NA

******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\76260bf9437e;ord=07JWR9002B9G0PZ4JBQT;s=173;s=85;s=82;s=36;s=96;s=199;s=25;s=196;s=104;s=k85;s=k96;s=k25;s=k196;s=k104;s=m4;s=m1;z=912;z=905;z=896;tile
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAAAAADEjwIAAAAAAAIAAgAAAAAAlBWZpyUBAAAAAAAAAABHcpYESXgzAAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfANJeDMAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAAAAADEjwIAAAAAAAIAAgAAAAAAlokrriUBAAAAAAAAAABHcpYEqREzAAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAOpETMAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAA.uTgqyUBAAAAAAAAADE0NzI2MmJhLWVkNWMtMTFkZS1iZTVjLTAwMWQwOTYzZWM2MwDDZgAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAA.YyDmSUBAAAAAAAAAGI2MzRjNzllLWVhOGUtMTFkZS1hNmJkLTAwMWQwOTYzZjJiZQBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAA1YYgriUBAAAAAAAAAGVhMTQzZTk2LWVkYjMtMTFkZS04ZDFiLTAwMWUwYjVhMDQzOABllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAA4Q8AmSUBAAAAAAAAAGE1ZWRhMTllLWVhN2EtMTFkZS04MTNiLTAwMWNjNGZhY2UzYQBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAA7EJWmSUBAAAAAAAAAGNkMTc5MTAwLWVhODctMTFkZS1iMzk4LTAwMWNjNGZhY2U5YwBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAa2fFmSUBAAAAAAAAAGMyOTkyMWE2LWVhOTgtMTFkZS05NWMyLTAwMWQwOTYzZWU1ZAAQwisAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAfBcepiUBAAAAAAAAADBhZjZhMzE4LWVjN2ItMTFkZS05NDE4LTAwMWNjNDNjOWViYQBBUAAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAfzPfniUBAAAAAAAAADAyNGNkYjY4LWViNjAtMTFkZS04ZWI0LTAwMWUwYjVhMjBmZgCgICsAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAGMuGmSUBAAAAAAAAADM0ZGVhNzQwLWVhOGYtMTFkZS1hNzFiLTAwMWQwOTYzZWIxOQBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAM6nvqyUBAAAAAAAAADU1NDJhZjc4LWVkNWUtMTFkZS04M2EwLTAwMWQwOTYzZjc2ZgCAvisAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAqh0dmSUBAAAAAAAAADE0ZDgwNmMyLWVhN2YtMTFkZS05NjBiLTAwMWQwOTYzZWIxOQBiXQAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAqnnWniUBAAAAAAAAAGFkNzFkYjMwLWViNWUtMTFkZS1iNTg0LTAwMWQwOTYzZWZjYQBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAqTm.mSUBAAAAAAAAAGQxM2RhZGE0LWVhOTctMTFkZS04MTRiLTAwMWQwOTYzZWE3NACCVgAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAARGzAmSUBAAAAAAAAADAwMDY4MjE0LWVhOTgtMTFkZS1iMDkzLTAwMWUwYjVhMzIwYQBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAARNCnmSUBAAAAAAAAADNlYjhiM2M4LWVhOTQtMTFkZS05ODMwLTAwMWNjNGZiOTBmYQBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAT4C9mSUBAAAAAAAAADhkZTU3MmU0LWVhOTctMTFkZS1iZjhmLTAwMWQwOTYzZWRmNgBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAUjSmrCUBAAAAAAAAADJmZGQxZTgyLWVkN2EtMTFkZS05YWI4LTAwMWVjOWI0MWZiNwBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAVAfbpiUBAAAAAAAAAGRmNGY5YmU0LWVjOTctMTFkZS1hMjJmLTAwMWUwYjVhMjBiMQBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAVEzkqyUBAAAAAAAAADk5NjZmYjdhLWVkNWMtMTFkZS05ODQ0LTAwMWUwYjVhMDQxYQBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\AAAIAAgAAAAAAW1BdpyUBAAAAAAAAAGMwOTQ0YzcyLWVjYWItMTFkZS04OTE5LTAwMWQwOTYzZTk3MABARgAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\dP.mCUBAAAAAAAAADljYzA1MDk0LWVhN2EtMTFkZS05MWZmLTAwMWUwYjVhMDRmOABllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3Dcp1252,;ord=1
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\ote%2013];u15=[P%20Quote%2014];u16=[P%20Quote%2015];u17=[P%20Quote%2016];u18=[P%20Quote%2017];u19=[P%20Quote%2018];u20=[P%20Quote%2019];ord=62440602516
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\0QW00AP0\st&18=manchester&24=europe&25=medium&26=PVT&erightsid=null&tile=1261077967656&ind=undefined&wrap=null&leaderserved=1&rsi=,J07717_10555,&asset=story&ref
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\1K33BUMV\AAAAAAADEjwIAAAAAAAIAAgAAAAAAabx7DSYBAAAAAAAAAABP2pYEeVs9AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAN5Wz0AAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\1K33BUMV\AAAAAAADEjwIAAAAAAAIAAgAAAAAAar.PDSYBAAAAAAAAAABP2pYESSo1AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfANJKjUAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\1K33BUMV\AAAAAAADEjwIAAAAAAAIAAgAAAAAAFy8qDSYBAAAAAAAAAABP2pYESY02AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfANJjTYAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\1K33BUMV\AAAIAAgAAAAAAK6W6DCYBAAAAAAAAADRlNTUyY2E4LWZjMjMtMTFkZS04Yjc5LTAwMWUwYjVhMDFkZAACXgAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\1K33BUMV\AAAIAAgAAAAAAwNB5DSYBAAAAAAAAADc5ZWJhYzQ0LWZjNDAtMTFkZS05NTg2LTAwMWQwOTYzZDkwOQBQyysAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\1K33BUMV\QKCDSYBAAAAAAAAAGI5ZjgyNmQ2LWZjNDEtMTFkZS1hZWY4LTAwMWVjOWIzYjU0YwAQfSsAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3Dcp1252,;ord=1
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\1Q9VB64H\AAAIAAgAAAAAAEeo-DSYBAAAAAAAAADdkMTg5MWQ4LWZjMzctMTFkZS04NDUyLTAwMWQwOTYzZWYyMABllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\1Q9VB64H\AAAIAAgAAAAAASg74DiYBAAAAAAAAAGNkMmY4ZTIyLWZjN2EtMTFkZS1hM2M2LTAwMWQwOTYzZTg3NgBhTgAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\1Q9VB64H\AAAIAAgAAAAAAvTMrDSYBAAAAAAAAADdiMTY1OWE0LWZjMzQtMTFkZS04Yzk4LTAwMWNjNDEwYzk4ZgAiVwAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\1Q9VB64H\B6CDSYBAAAAAAAAAGJlM2YwM2E0LWZjNDEtMTFkZS1iNmQ3LTAwMWUwYjVhMDE4YgBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3Dcp1252,;ord=1
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\29T2HB2X\AAAAAAADEjwIAAAAAAAIAAgAAAAAAnMXODSYBAAAAAAAAAABP2pYEeTE-AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAN5MT4AAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\29T2HB2X\AAAIAAgAAAAAAbIqiDiYBAAAAAAAAAGMwYzA3MTcyLWZjNmQtMTFkZS1iZmQxLTAwMWNjNDEwOWE4ZQDEawAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\29T2HB2X\ZeBDSYBAAAAAAAAAGE5YTIwYTRhLWZjNDEtMTFkZS05MTMwLTAwMWI3OGQyY2M2YwDiWgAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3Dcp1252,;ord=1
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\3EVMCX3A\AAAAAAADEjwIAAAAAAAIAAgAAAAAACMkLDSYBAAAAAAAAAABP2pYE-VQ7AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAP5VDsAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\3EVMCX3A\AAAIAAgAAAAAAWqB5DSYBAAAAAAAAADcyODkyNTU4LWZjNDAtMTFkZS1iYjZkLTAwMWNjNDEwZjcxMADwvysAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\3EVMCX3A\AAAIAAgAAAAAAX9wBDSYBAAAAAAAAADJjMzE5ZDg2LWZjMmUtMTFkZS1iODdiLTAwMWQwOTYzZTNhNwBCWgAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\3EVMCX3A\AAAIAAgAAAAAAyz8eDSYBAAAAAAAAADgxMWQzMTllLWZjMzItMTFkZS1hYWRmLTAwMWVjOWIzODJlYwDjZAAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\4DXHH5TX\AAAAAAADEjwIAAAAAAAIAAgAAAAAAiNZ7DSYBAAAAAAAAAABP2pYEqbo-AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAOpuj4AAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\4DXHH5TX\AAAAAAADEjwIAAAAAAAIAAgAAAAAAMEOtDCYBAAAAAAAAAABP2pYEuQg0AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAO5CDQAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\4DXHH5TX\AAAAAAADEjwIAAAAAAAIAAgAAAAAAP.cBDSYBAAAAAAAAAAAAAK59XQAAAAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAMJUzUAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\D5OXPMBV\AAAAAAADEjwIAAAAAAAIAAgAAAAAAphu6DSYBAAAAAAAAAABP2pYECb87AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAMJvzsAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\D5OXPMBV\AAAIAAgAAAAAAbBzPDSYBAAAAAAAAADdkYzc5ZDY2LWZjNGQtMTFkZS04MzdhLTAwMWQwOTYzZjE5ZQCAwisAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\D5OXPMBV\AAAIAAgAAAAAAdZAWDSYBAAAAAAAAADU0ZWMzNDg2LWZjMzEtMTFkZS1iMmZjLTAwMWUwYjVhMjA3YgBjZwAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\D5OXPMBV\AAAIAAgAAAAAAOL8rDSYBAAAAAAAAADkwNWVjODgyLWZjMzQtMTFkZS04YTQ4LTAwMWNjNDEwZDY4NgCBUQAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\GL5C3FB9\AAAAAAADEjwIAAAAAAAIAAgAAAAAAeO55DiYBAAAAAAAAAABP2pYEKRs1AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAMpGzUAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\GL5C3FB9\AAAIAAgAAAAAA5il6DSYBAAAAAAAAADg3ODVmNjcwLWZjNDAtMTFkZS1iMjlhLTAwMWQwOTYzZjBkYgBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\GL5C3FB9\AAAIAAgAAAAAAdF6tDCYBAAAAAAAAADQ3YmFkYzUwLWZjMjEtMTFkZS1hZjA0LTAwMWNjNDEwY2E2ZABllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\GL5C3FB9\AAAIAAgAAAAAAKT74DiYBAAAAAAAAAGQ0N2Q3OGUyLWZjN2EtMTFkZS1iZTUxLTAwMWVjOWI0MjgxMwCAeCsAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\GL5C3FB9\D6ADSYBAAAAAAAAADc1MDg2MWU0LWZjNDEtMTFkZS04OTZjLTAwMWNjNGZhNmViOADEawAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3Dcp1252,;ord=1
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\GL5C3FB9\dJ.DSYBAAAAAAAAADY0OWJkMDY2LWZjNDEtMTFkZS05NWVmLTAwMWNjNGZiNTBiMgBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3Dcp1252,;ord=1
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\H1XZ6KH2\AAAAAAADEjwIAAAAAAAIAAgAAAAAA8s71DiYBAAAAAAAAAABP2pZ01ZYqAAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfHPVlioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\H1XZ6KH2\AAAAAAADEjwIAAAAAAAIAAgAAAAAAltJ5DSYBAAAAAAAAAABP2pYEyew6AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAPJ7DoAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\H1XZ6KH2\AAAIAAgAAAAAAL.YBDSYBAAAAAAAAADMwMjFlMDkwLWZjMmUtMTFkZS05OGY1LTAwMWNjNGZhY2U5YwCEagAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\MN1DW8WX\AAAAAAADEjwIAAAAAAAIAAgAAAAAAI5yrDCYBAAAAAAAAAABP2pYESXgzAAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfANJeDMAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\MN1DW8WX\AAAAAAADEjwIAAAAAAAIAAgAAAAAAuMErDSYBAAAAAAAAAABP2pYEGVM7AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAMZUzsAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\MN1DW8WX\AAAAAAADEjwIAAAAAAAIAAgAAAAAAUR7PDSYBAAAAAAAAAABP2pYEyeg-AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAPJ6D4AAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\POKSWDT2\AAAAAAADEjwIAAAAAAAIAAgAAAAAAfwGADSYBAAAAAAAAAABP2pYEuT83AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAO5PzcAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\POKSWDT2\AAAAAAADEjwIAAAAAAAIAAgAAAAAArugVDSYBAAAAAAAAAABP2pYEuT83AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAO5PzcAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\POKSWDT2\AAAIAAgAAAAAA2LvPDSYBAAAAAAAAADk2MWIwMGQ4LWZjNGQtMTFkZS04NTRhLTAwMWNjNDNjOWVkYQBllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\POKSWDT2\AAAIAAgAAAAAA5L0VDSYBAAAAAAAAADM0Y2FmZjhlLWZjMzEtMTFkZS1hZmQ5LTAwMWQwOTYzZTNiMQAARQAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\POKSWDT2\AAAIAAgAAAAAA7bl7DSYBAAAAAAAAAGM0OTAxN2VlLWZjNDAtMTFkZS1hNjAxLTAwMWUwYjg0M2ZkOABllioAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\POKSWDT2\AAAIAAgAAAAAADUEtDSYBAAAAAAAAAGNiM2U2YzVhLWZjMzQtMTFkZS05ZmVmLTAwMWQwOTYzZWJhYQACWQAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\XS7LWWH2\AAAAAAADEjwIAAAAAAAIAAgAAAAAA.eJ-DSYBAAAAAAAAAABP2pYEOWg2AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAM5aDYAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\XS7LWWH2\AAAAAAADEjwIAAAAAAAIAAgAAAAAAAjN.DSYBAAAAAAAAAABP2pYEeX0yAAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAN5fTIAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\XS7LWWH2\AAAAAAADEjwIAAAAAAAIAAgAAAAAAC0IeDSYBAAAAAAAAAABP2pYEuU8yAAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAO5TzIAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\XS7LWWH2\AAAAAAADEjwIAAAAAAAIAAgAAAAAAiKJ5DSYBAAAAAAAAAABP2pYE2Tc0AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAPZNzQAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\XS7LWWH2\AAAAAAADEjwIAAAAAAAIAAgAAAAAAw94BDSYBAAAAAAAAAABP2pYEudk3AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAO52TcAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\XS7LWWH2\AAAIAAgAAAAAAFucVDSYBAAAAAAAAADNiMTQxYmM4LWZjMzEtMTFkZS1hZTUyLTAwMWUwYjVhMDQyOADgRgAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\XS7LWWH2\AAAIAAgAAAAAAqB8DDSYBAAAAAAAAADVkODVlODFhLWZjMmUtMTFkZS05ZTFmLTAwMWNjNGZiYzA0MgBCXwAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\XS7LWWH2\AAAIAAgAAAAAAzIWtDCYBAAAAAAAAADRkYmJkNzhhLWZjMjEtMTFkZS04Yzk1LTAwMWQwOTYzZTE2YwAhTQAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\ZVXABFTT\AAAAAAADEjwIAAAAAAAIAAgAAAAAA.B-CDSYBAAAAAAAAAABP2pYEaUQ4AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfANpRDgAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\ZVXABFTT\AAAAAAADEjwIAAAAAAAIAAgAAAAAAJxD4DiYBAAAAAAAAAAAAAK59XQAAAAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfANZ.D4AAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\ZVXABFTT\AAAAAAADEjwIAAAAAAAIAAgAAAAAAtDUrDSYBAAAAAAAAAAAAAJYE6a03AAAAAAIAAAAAAAAgzqQAAAAAAAAAAAAAAAAAfAPprTcAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2F
Status: Hidden

Object: C:\Documents and Settings\Arnie Yule delet\Local Settings\Temporary Internet Files\Content.IE5\ZVXABFTT\AAAIAAgAAAAAADWAWDSYBAAAAAAAAADRkODk2MmE0LWZjMzEtMTFkZS05ZGM2LTAwMWUwYjVhMDM1ZQCjaAAAAAA=,,http%3A%2F%2Fuk.mc263.mail.yahoo.com%2Fmc%2Fmd[1].php%3Fen%3
Status: Hidden

Object: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\History.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Music.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SetPath.bat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SysPath.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\VikPev00
Status: Access denied

END_______

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Sun Feb 26, 2012 10:59 pm

How's your computer working now?

Clean out your temporary internet files and temp files.

Download [You must be registered and logged in to see this link.] to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
*******************************************************
I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
[You must be registered and logged in to see this link.]
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Mon Feb 27, 2012 11:47 pm

fyi, I ran CCleaner last night before OTC.
I have not had the initial virus since the first scan at the start of this process. But today we got 2 "delicious.aurella would like to add you to his or her online contact list".
OTC cleared lots of files, before the last of the 3 requersts todfay.
ESET ran and found zero; there is no log to enter here..

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Tue Feb 28, 2012 12:24 am

Please update and run SAS and MBAM again and post the logs.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Thu Mar 01, 2012 8:47 am

The SAS log is:
SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 02/29/2012 at 00:30 AM

Application Version : 5.0.1144

Core Rules Database Version : 8286
Trace Rules Database Version: 6098

Scan type : Complete Scan
Total Scan Time : 01:51:55

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 518
Memory threats detected : 0
Registry items scanned : 34128
Registry threats detected : 0
File items scanned : 107691
File threats detected : 1

Adware.Tracking Cookie
C:\Documents and Settings\Yule family\Cookies\TRXFEEKN.txt [ /adserver2.pitchero.com
NB I know the pitchero site.

After completing SAS, I got a messsage from delicious.janella. NB I also got one on my work PC - separate location / network entirely.

The MBAM log is:
Malwarebytes Anti-Malware 1.60.1.1000
[You must be registered and logged in to see this link.]

Database version: v2012.02.29.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Yule family :: YULES [administrator]

29/02/2012 23:38:11
mbam-log-2012-02-29 (23-38-11).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 385951
Time elapsed: 2 hour(s), 2 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE|24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Thu Mar 01, 2012 7:14 pm

Could you please run the ESET scan and post the log?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Sun Mar 04, 2012 8:46 am

I ran ESET, and found zero threats.
And afterwards got a "delicious.janella request"!
How can this occur on two different machines, without being related to a common factor, and that most likely would be Yahoo?

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Sun Mar 04, 2012 7:39 pm

All those requests you're receiving on Yahoo mail do not look like a virus. If it is, it's a new one to me.
And afterwards got a "delicious.janella request"!
How can this occur on two different machines, without being related to a common factor, and that most likely would be Yahoo?.
I believe the problem is with Yahoo mail. Why don't you block them?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Mon Mar 05, 2012 8:45 pm

Hi
I have - I think - blocked them.
And I believe that you have de-virused my PC; so it is unlikely to be the source of the problem.
The request has not re-appeared in the last 24 hours. So I am happy to close this thread . If it does reappear and I can't resolve it via Yahoo, I guess I'll have to come back for some other advice!
thanks for your efforts. and assitance.

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Mon Mar 05, 2012 11:41 pm

We should do some cleanup before you go.

To uninstall ComboFix


  • Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  • In the field, type in ComboFix /uninstall




(Note: Make sure there's a space between the word ComboFix and the forward-slash.)


  • Then, press Enter, or click OK.
  • This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.

*************************************************
Use the [You must be registered and logged in to see this link.] to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to [You must be registered and logged in to see this link.] and get all critical updates.

----------

I suggest using [You must be registered and logged in to see this link.]. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

[You must be registered and logged in to see this link.]- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* [You must be registered and logged in to see this link.] from Spyware and Malware
* If you don't know what ActiveX controls are, see [You must be registered and logged in to see this link.]

Protect yourself against spyware using the Immunize feature in [You must be registered and logged in to see this link.] Guide: [You must be registered and logged in to see this link.] to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. [You must be registered and logged in to see this link.]

Check out [You must be registered and logged in to see this link.] for tips and free tools to help keep you safe in the future.

Also see [You must be registered and logged in to see this link.] for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Sun Mar 11, 2012 11:03 am

Thannks for these suggestions. I am working my way through them. Specifically, I have uninstalled Combofix, and run Secunia (several times) and Microsoft Windows.

As a result I have some queries:

1 Secunia continually finds the need to do 3 updates:
- Macromedia Floash v4.0.7.0 upgrade to v10
- Macromedia Flash v7.0.11.0 to v10.x
- a whole series of Windows upgrades.
But I have run Microsoft Upgrade, and fully upgraded; so now, MS Upgrade shows that my system is uptodate. And I have tried to upgrade Flash 2 or 3 times.
Can Secunia be out of sync? And why does it find 2 versions of Flash?

2 In amongst these upgrades, I was prompted by Adobe to check my system. This ran SCUDownloader, which found 296 Registry problems (even after I had run Ccleaner), and some other issues. I didn't take their automatic correction. Should I trust SCU Downloader? And/or should I wait until after I had followed all your earlier suggestions.

3 My wife was prompted by McAfee that they had blocked a "risky connection", IP address 91.217.1784, program system. Does that mean anything , or do I just be grateful that they have blocked something and move on?!

4 "madam_lovey" is now sending me online contact requests!! So I will add her to my blocking list! But is there something that additional that I should be doing, eg with Yahoo?

Thanks, as ever.

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Mon Mar 12, 2012 1:42 am

Can Secunia be out of sync?
Yes, that's possible. It's just to make sure that all your programs are up-to-date. Malware just loves out-of-date programs.
In amongst these upgrades, I was prompted by Adobe to check my system. This ran SCUDownloader, which found 296 Registry problems (even after I had run Ccleaner), and some other issues. I didn't take their automatic correction. Should I trust SCU Downloader? And/or should I wait until after I had followed all your earlier suggestions.
SCU could be a malicious program. Don't trust it.
My wife was prompted by McAfee that they had blocked a "risky connection", IP address 91.217.1784, program system. Does that mean anything , or do I just be grateful that they have blocked something and move on?!
It's doing what you paid for.
madam_lovey" is now sending me online contact requests!! So I will add her to my blocking list! But is there something that additional that I should be doing, eg with Yahoo?
The only thing I can think of is to keep blocking them. Are you using WOT?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Tue Mar 13, 2012 11:16 pm

I have not yet downloaded WOT, Spywareblaster or Spybots. Do any of them interfere with McAfee (or vice versa)? If so, what do you recommend? Is McAfee worth paying for?!

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Wed Mar 14, 2012 2:00 am

I have not yet downloaded WOT, Spywareblaster or Spybots. Do any of them interfere with McAfee (or vice versa)? If so, what do you recommend? Is McAfee worth paying for?!
No. They won't interfere. As for McAfee, keep it until your subscription runs out then download and install MicroSoft Security Essentials.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Mon Apr 16, 2012 10:22 pm

Hi again! I had some McAfee problems, viz, MCShield was hogging all my CPU. Eventually McAfee appear to have solved that problem (although it happened once yeaterday - hopefully a one off.
In checking for that problem, I had removed all the tools that you recommended here.
In trying to re-install, I am failing to install WOT. It gets stuck after the wizrd has run, displaying Connect and then [You must be registered and logged in to see this link.]
When I subsequently remove WOT, it displays what might be text, but gets displayed as a series of vertical rectangles.
WOT - sorry for pun - should I do?

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Tue Apr 17, 2012 12:36 am

WOT - sorry for pun - should I do?
I know WOT I would do; contact them and tell them about your problem.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by demoncurrie on Wed May 23, 2012 11:23 pm

Hi again; apologies for teh long dealy. I did manage to get WOT installed eventually. It did appear to impact on performance; so I've disabled it for the moment. But I think I should close this thread until I check things out.
Thanks for all the help again!

demoncurrie
Intermediate
Intermediate

Posts Posts : 123
Joined Joined : 2010-05-14
OS OS : Windows XP Home
Points Points : 25787
# Likes # Likes : 0

View user profile

Back to top Go down

Re: jj.loved00 request

Post by Superdave on Thu May 24, 2012 12:26 am

[You must be registered and logged in to see this link.] wrote:Hi again; apologies for teh long dealy. I did manage to get WOT installed eventually. It did appear to impact on performance; so I've disabled it for the moment. But I think I should close this thread until I check things out.
Thanks for all the help again!

You're welcome.Good luck

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83171
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum