HiJack This Log

T

TryingToProve

New Member
+ 2011-06-11 03:09 . 2004-08-04 10:00 325632 c:\windows\$NtServicePackUninstall$\wmm2fxb.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 502272 c:\windows\$NtServicePackUninstall$\wmm2fxa.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 402432 c:\windows\$NtServicePackUninstall$\wmm2filt.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 167936 c:\windows\$NtServicePackUninstall$\wmm2ae.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 144896 c:\windows\$NtServicePackUninstall$\wmisvc.dll
+ 2011-06-11 03:09 . 2009-02-06 09:41 227840 c:\windows\$NtServicePackUninstall$\wmiprvse.exe
+ 2011-06-11 03:09 . 2009-02-11 00:31 453120 c:\windows\$NtServicePackUninstall$\wmiprvsd.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 144896 c:\windows\$NtServicePackUninstall$\wmiprov.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 132096 c:\windows\$NtServicePackUninstall$\wmipdskq.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 156672 c:\windows\$NtServicePackUninstall$\wmipcima.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 140800 c:\windows\$NtServicePackUninstall$\wmidcprv.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 126464 c:\windows\$NtServicePackUninstall$\wmiapsrv.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 196608 c:\windows\$NtServicePackUninstall$\wmiadap.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 172032 c:\windows\$NtServicePackUninstall$\wldap32.dll
+ 2011-06-11 03:08 . 2009-06-10 06:32 132096 c:\windows\$NtServicePackUninstall$\wkssvc.dll
+ 2011-06-11 03:08 . 2009-12-24 07:05 177664 c:\windows\$NtServicePackUninstall$\wintrust.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 290816 c:\windows\$NtServicePackUninstall$\winsrv.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 146432 c:\windows\$NtServicePackUninstall$\winspool.drv
+ 2011-06-11 03:08 . 2004-08-04 10:00 764928 c:\windows\$NtServicePackUninstall$\winntbbu.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 176128 c:\windows\$NtServicePackUninstall$\winmm.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 502272 c:\windows\$NtServicePackUninstall$\winlogon.exe
+ 2011-06-11 03:09 . 2009-08-25 09:47 352256 c:\windows\$NtServicePackUninstall$\winhttp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 283648 c:\windows\$NtServicePackUninstall$\winhlp32.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 937984 c:\windows\$NtServicePackUninstall$\winbrand.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 101888 c:\windows\$NtServicePackUninstall$\win32spl.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 111104 c:\windows\$NtServicePackUninstall$\wiavideo.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 589312 c:\windows\$NtServicePackUninstall$\wiashext.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 333312 c:\windows\$NtServicePackUninstall$\wiaservc.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 124416 c:\windows\$NtServicePackUninstall$\wiadss.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 463360 c:\windows\$NtServicePackUninstall$\wiadefui.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 433664 c:\windows\$NtServicePackUninstall$\wiaacmgr.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 135680 c:\windows\$NtServicePackUninstall$\webvw.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 197120 c:\windows\$NtServicePackUninstall$\wbemupgd.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 116224 c:\windows\$NtServicePackUninstall$\wbemtest.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 273920 c:\windows\$NtServicePackUninstall$\wbemess.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 178176 c:\windows\$NtServicePackUninstall$\wbemdisp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 530944 c:\windows\$NtServicePackUninstall$\wbemcore.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 214528 c:\windows\$NtServicePackUninstall$\wbemcomn.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 196608 c:\windows\$NtServicePackUninstall$\wbemcntl.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 208896 c:\windows\$NtServicePackUninstall$\wavemsp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 249856 c:\windows\$NtServicePackUninstall$\wab32res.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 504832 c:\windows\$NtServicePackUninstall$\wab32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 174592 c:\windows\$NtServicePackUninstall$\w32time.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 289792 c:\windows\$NtServicePackUninstall$\vssvc.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 430592 c:\windows\$NtServicePackUninstall$\vssapi.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 426041 c:\windows\$NtServicePackUninstall$\voicepad.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 131584 c:\windows\$NtServicePackUninstall$\viewprov.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 218624 c:\windows\$NtServicePackUninstall$\uxtheme.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 406528 c:\windows\$NtServicePackUninstall$\usp10.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 723456 c:\windows\$NtServicePackUninstall$\userenv.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 577024 c:\windows\$NtServicePackUninstall$\user32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 142976 c:\windows\$NtServicePackUninstall$\usbport.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 239616 c:\windows\$NtServicePackUninstall$\upnpui.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 185344 c:\windows\$NtServicePackUninstall$\upnphost.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 132608 c:\windows\$NtServicePackUninstall$\upnp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 150528 c:\windows\$NtServicePackUninstall$\uploadm.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 209408 c:\windows\$NtServicePackUninstall$\update.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 316416 c:\windows\$NtServicePackUninstall$\untfs.dll
+ 2011-06-11 03:09 . 2010-06-14 19:51 740864 c:\windows\$NtServicePackUninstall$\unidrvui.dll
+ 2011-06-11 03:09 . 2010-06-14 19:51 372736 c:\windows\$NtServicePackUninstall$\unidrv.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 118272 c:\windows\$NtServicePackUninstall$\umpnpmgr.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 275456 c:\windows\$NtServicePackUninstall$\ulib.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 101376 c:\windows\$NtServicePackUninstall$\txflog.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 121856 c:\windows\$NtServicePackUninstall$\tsoc.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 279040 c:\windows\$NtServicePackUninstall$\tshoot.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 347136 c:\windows\$NtServicePackUninstall$\tourstrt.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 347136 c:\windows\$NtServicePackUninstall$\tourstart.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 385536 c:\windows\$NtServicePackUninstall$\themeui.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 295424 c:\windows\$NtServicePackUninstall$\termsrv.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 358400 c:\windows\$NtServicePackUninstall$\termmgr.dll
+ 2011-06-11 03:08 . 2010-02-11 12:01 226880 c:\windows\$NtServicePackUninstall$\tcpip6.sys
+ 2011-06-11 03:08 . 2008-06-20 10:45 360320 c:\windows\$NtServicePackUninstall$\tcpip.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 135680 c:\windows\$NtServicePackUninstall$\taskmgr.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 246272 c:\windows\$NtServicePackUninstall$\tapisrv.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 181760 c:\windows\$NtServicePackUninstall$\tapi32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 858624 c:\windows\$NtServicePackUninstall$\tapi3.dll
+ 2011-06-11 03:08 . 2009-10-16 04:51 119808 c:\windows\$NtServicePackUninstall$\t2embed.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 984576 c:\windows\$NtServicePackUninstall$\syssetup.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 105984 c:\windows\$NtServicePackUninstall$\sysocmgr.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 168960 c:\windows\$NtServicePackUninstall$\sysmod.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 191488 c:\windows\$NtServicePackUninstall$\syncui.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 713216 c:\windows\$NtServicePackUninstall$\sxs.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 121856 c:\windows\$NtServicePackUninstall$\stobject.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 136704 c:\windows\$NtServicePackUninstall$\sti_ci.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 679936 c:\windows\$NtServicePackUninstall$\sstext3d.scr
+ 2011-06-11 03:08 . 2004-08-04 10:00 610304 c:\windows\$NtServicePackUninstall$\sspipes.scr
+ 2011-06-11 03:08 . 2004-08-04 10:00 393216 c:\windows\$NtServicePackUninstall$\ssflwbox.scr
+ 2011-06-11 03:08 . 2004-08-04 10:00 704512 c:\windows\$NtServicePackUninstall$\ss3dfo.scr
+ 2011-06-11 03:08 . 2009-12-31 16:14 352640 c:\windows\$NtServicePackUninstall$\srv.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 170496 c:\windows\$NtServicePackUninstall$\srsvc.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 239104 c:\windows\$NtServicePackUninstall$\srrstr.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 725566 c:\windows\$NtServicePackUninstall$\srchui.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 217088 c:\windows\$NtServicePackUninstall$\sqlxmlx.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 180800 c:\windows\$NtServicePackUninstall$\sqlunirl.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 442368 c:\windows\$NtServicePackUninstall$\sqlsrv32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 110592 c:\windows\$NtServicePackUninstall$\sqlse20.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 462848 c:\windows\$NtServicePackUninstall$\sqlqp20.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 528384 c:\windows\$NtServicePackUninstall$\sqloledb.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 151552 c:\windows\$NtServicePackUninstall$\sqldb20.dll
+ 2011-06-11 03:10 . 2007-08-11 02:46 382840 c:\windows\$NtServicePackUninstall$\spuninst\updspapi.dll
+ 2011-06-11 03:10 . 2007-08-11 02:46 231288 c:\windows\$NtServicePackUninstall$\spuninst\spuninst.exe
+ 2011-06-11 03:10 . 2008-04-14 11:42 438272 c:\windows\$NtServicePackUninstall$\spuninst\spcompat.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 250880 c:\windows\$NtServicePackUninstall$\sptip.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 732160 c:\windows\$NtServicePackUninstall$\sprb0424.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 757248 c:\windows\$NtServicePackUninstall$\sprb041b.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 192512 c:\windows\$NtServicePackUninstall$\spra0424.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 193024 c:\windows\$NtServicePackUninstall$\spra041b.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 538624 c:\windows\$NtServicePackUninstall$\spider.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 130048 c:\windows\$NtServicePackUninstall$\softkbd.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 182272 c:\windows\$NtServicePackUninstall$\snmpsnap.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 188416 c:\windows\$NtServicePackUninstall$\snmpsmir.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 358400 c:\windows\$NtServicePackUninstall$\snmpincl.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 259072 c:\windows\$NtServicePackUninstall$\snmpcl.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 131584 c:\windows\$NtServicePackUninstall$\sndrec32.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 456704 c:\windows\$NtServicePackUninstall$\smtpsvc.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 363008 c:\windows\$NtServicePackUninstall$\smlogcfg.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 236544 c:\windows\$NtServicePackUninstall$\smi2smir.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 134656 c:\windows\$NtServicePackUninstall$\shsvcs.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 151552 c:\windows\$NtServicePackUninstall$\shmedia.dll
+ 2011-06-11 03:08 . 2009-12-08 08:59 474112 c:\windows\$NtServicePackUninstall$\shlwapi.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 438272 c:\windows\$NtServicePackUninstall$\shimgvw.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 549376 c:\windows\$NtServicePackUninstall$\shdoclc.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 140288 c:\windows\$NtServicePackUninstall$\sfc_os.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 101376 c:\windows\$NtServicePackUninstall$\setupqry.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 983552 c:\windows\$NtServicePackUninstall$\setupapi.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 140800 c:\windows\$NtServicePackUninstall$\sessmgr.exe
+ 2011-06-11 03:08 . 2009-02-06 10:22 110592 c:\windows\$NtServicePackUninstall$\services.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 151552 c:\windows\$NtServicePackUninstall$\scrrun.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 159744 c:\windows\$NtServicePackUninstall$\scrobj.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 202752 c:\windows\$NtServicePackUninstall$\script.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 190976 c:\windows\$NtServicePackUninstall$\schedsvc.dll
+ 2011-06-11 03:08 . 2009-06-25 08:17 168448 c:\windows\$NtServicePackUninstall$\schannel.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 313856 c:\windows\$NtServicePackUninstall$\scesrv.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 180224 c:\windows\$NtServicePackUninstall$\scecli.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 171008 c:\windows\$NtServicePackUninstall$\sccsccp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 159232 c:\windows\$NtServicePackUninstall$\sbeio.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 270848 c:\windows\$NtServicePackUninstall$\sbe.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 741376 c:\windows\$NtServicePackUninstall$\sapi.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 415744 c:\windows\$NtServicePackUninstall$\samsrv.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 380416 c:\windows\$NtServicePackUninstall$\rstrui.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 152576 c:\windows\$NtServicePackUninstall$\rsaenh.dll
+ 2011-06-11 03:08 . 2009-02-09 10:01 401408 c:\windows\$NtServicePackUninstall$\rpcss.dll
+ 2011-06-11 03:08 . 2009-04-15 15:11 584192 c:\windows\$NtServicePackUninstall$\rpcrt4.dll
+ 2011-06-11 03:08 . 2008-05-08 12:28 202752 c:\windows\$NtServicePackUninstall$\rmcast.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 431616 c:\windows\$NtServicePackUninstall$\riched20.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 177152 c:\windows\$NtServicePackUninstall$\repdrvfs.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 397824 c:\windows\$NtServicePackUninstall$\regwizc.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 146432 c:\windows\$NtServicePackUninstall$\regedit.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 139400 c:\windows\$NtServicePackUninstall$\rdpwd.sys
+ 2011-06-11 03:08 . 2004-08-04 05:01 196864 c:\windows\$NtServicePackUninstall$\rdpdr.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 147968 c:\windows\$NtServicePackUninstall$\rdchost.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 176512 c:\windows\$NtServicePackUninstall$\rdbss.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 102400 c:\windows\$NtServicePackUninstall$\rcbdyctl.dll
+ 2011-06-11 03:08 . 2009-10-12 13:54 112128 c:\windows\$NtServicePackUninstall$\rastls.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 206336 c:\windows\$NtServicePackUninstall$\rasppp.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 174080 c:\windows\$NtServicePackUninstall$\rasmans.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 657920 c:\windows\$NtServicePackUninstall$\rasdlg.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 236544 c:\windows\$NtServicePackUninstall$\rasapi32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 382464 c:\windows\$NtServicePackUninstall$\qmgr.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 733696 c:\windows\$NtServicePackUninstall$\qedwipes.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 562176 c:\windows\$NtServicePackUninstall$\qedit.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 385024 c:\windows\$NtServicePackUninstall$\qdvd.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 279040 c:\windows\$NtServicePackUninstall$\qdv.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 192512 c:\windows\$NtServicePackUninstall$\qcap.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 237056 c:\windows\$NtServicePackUninstall$\provthrd.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 109568 c:\windows\$NtServicePackUninstall$\progman.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 560640 c:\windows\$NtServicePackUninstall$\printui.dll
+ 2011-06-11 03:08 . 2004-03-16 16:58 136960 c:\windows\$NtServicePackUninstall$\portcls.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 105472 c:\windows\$NtServicePackUninstall$\polstore.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 175104 c:\windows\$NtServicePackUninstall$\pintlcsa.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 281088 c:\windows\$NtServicePackUninstall$\pinball.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 176128 c:\windows\$NtServicePackUninstall$\photowiz.dll
+ 2011-06-11 03:08 . 2009-03-06 14:00 284160 c:\windows\$NtServicePackUninstall$\pdh.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 119936 c:\windows\$NtServicePackUninstall$\pcmcia.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 102400 c:\windows\$NtServicePackUninstall$\pchshell.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 526848 c:\windows\$NtServicePackUninstall$\p2psvc.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 312320 c:\windows\$NtServicePackUninstall$\p2pgraph.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 116224 c:\windows\$NtServicePackUninstall$\p2p.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 215552 c:\windows\$NtServicePackUninstall$\osk.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 713728 c:\windows\$NtServicePackUninstall$\opengl32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 107008 c:\windows\$NtServicePackUninstall$\oleprn.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 117760 c:\windows\$NtServicePackUninstall$\oledlg.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 487424 c:\windows\$NtServicePackUninstall$\oledb32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 553472 c:\windows\$NtServicePackUninstall$\oleaut32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 120832 c:\windows\$NtServicePackUninstall$\offfilt.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 104448 c:\windows\$NtServicePackUninstall$\oeimport.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 147456 c:\windows\$NtServicePackUninstall$\odbctrac.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 278559 c:\windows\$NtServicePackUninstall$\odbcjt32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 106496 c:\windows\$NtServicePackUninstall$\odbccp32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 135168 c:\windows\$NtServicePackUninstall$\odbcconf.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 249856 c:\windows\$NtServicePackUninstall$\odbc32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 408576 c:\windows\$NtServicePackUninstall$\obrb0424.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 405504 c:\windows\$NtServicePackUninstall$\obrb041b.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 285696 c:\windows\$NtServicePackUninstall$\objsel.dll
+ 2011-06-11 03:08 . 2009-10-13 10:53 266752 c:\windows\$NtServicePackUninstall$\oakley.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 144384 c:\windows\$NtServicePackUninstall$\nwprovau.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 419840 c:\windows\$NtServicePackUninstall$\ntvdm.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 143872 c:\windows\$NtServicePackUninstall$\ntshrui.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 435200 c:\windows\$NtServicePackUninstall$\ntmssvc.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 488448 c:\windows\$NtServicePackUninstall$\ntmsmgr.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 179712 c:\windows\$NtServicePackUninstall$\ntmsdba.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 118784 c:\windows\$NtServicePackUninstall$\ntmarta.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 574592 c:\windows\$NtServicePackUninstall$\ntfs.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 212992 c:\windows\$NtServicePackUninstall$\ntevt.dll
+ 2011-06-11 03:08 . 2009-02-09 10:01 715264 c:\windows\$NtServicePackUninstall$\ntdll.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 364544 c:\windows\$NtServicePackUninstall$\npdsplay.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 226816 c:\windows\$NtServicePackUninstall$\npdrmv2.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 188416 c:\windows\$NtServicePackUninstall$\nmwb.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 172032 c:\windows\$NtServicePackUninstall$\nmoldwb.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 151552 c:\windows\$NtServicePackUninstall$\nmft.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 229376 c:\windows\$NtServicePackUninstall$\nmas.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 103936 c:\windows\$NtServicePackUninstall$\nlhtml.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 248832 c:\windows\$NtServicePackUninstall$\newdev.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 245760 c:\windows\$NtServicePackUninstall$\netui1.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 329728 c:\windows\$NtServicePackUninstall$\netsetup.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 875008 c:\windows\$NtServicePackUninstall$\netplwiz.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 198144 c:\windows\$NtServicePackUninstall$\netman.dll
+ 2011-06-11 03:08 . 2009-02-06 18:46 408064 c:\windows\$NtServicePackUninstall$\netlogon.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 139264 c:\windows\$NtServicePackUninstall$\netid.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 111104 c:\windows\$NtServicePackUninstall$\netdde.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 622080 c:\windows\$NtServicePackUninstall$\netcfgx.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 162816 c:\windows\$NtServicePackUninstall$\netbt.sys
+ 2011-06-11 03:08 . 2008-10-15 16:57 332800 c:\windows\$NtServicePackUninstall$\netapi32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 124928 c:\windows\$NtServicePackUninstall$\net1.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 182912 c:\windows\$NtServicePackUninstall$\ndis.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 221184 c:\windows\$NtServicePackUninstall$\nac.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 107904 c:\windows\$NtServicePackUninstall$\mup.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 111104 c:\windows\$NtServicePackUninstall$\mtstocom.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 701440 c:\windows\$NtServicePackUninstall$\msxml2.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 506368 c:\windows\$NtServicePackUninstall$\msxml.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 348189 c:\windows\$NtServicePackUninstall$\msxbde40.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 614429 c:\windows\$NtServicePackUninstall$\mswstr10.dll
+ 2011-06-11 03:08 . 2008-06-20 17:41 245248 c:\windows\$NtServicePackUninstall$\mswsock.dll
+ 2011-06-11 03:08 . 2009-08-05 09:11 204800 c:\windows\$NtServicePackUninstall$\mswebdvd.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 831519 c:\windows\$NtServicePackUninstall$\mswdat10.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 120832 c:\windows\$NtServicePackUninstall$\msvfw32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 343040 c:\windows\$NtServicePackUninstall$\msvcrt.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 413696 c:\windows\$NtServicePackUninstall$\msvcp60.dll
+ 2011-06-11 03:08 . 2009-09-11 14:03 136192 c:\windows\$NtServicePackUninstall$\msv1_0.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 195072 c:\windows\$NtServicePackUninstall$\msutb.dll
+ 2011-06-11 03:09 . 2009-06-05 07:42 655872 c:\windows\$NtServicePackUninstall$\mstscax.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 407552 c:\windows\$NtServicePackUninstall$\mstsc.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 115712 c:\windows\$NtServicePackUninstall$\mstlsapi.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 258077 c:\windows\$NtServicePackUninstall$\mstext40.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 274944 c:\windows\$NtServicePackUninstall$\mstask.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 274432 c:\windows\$NtServicePackUninstall$\mst120.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 134656 c:\windows\$NtServicePackUninstall$\mssap.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 552989 c:\windows\$NtServicePackUninstall$\msrepl40.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 315423 c:\windows\$NtServicePackUninstall$\msrd3x40.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 421919 c:\windows\$NtServicePackUninstall$\msrd2x40.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 348189 c:\windows\$NtServicePackUninstall$\mspbde40.dll
+ 2011-06-11 03:08 . 2009-12-16 12:58 343040 c:\windows\$NtServicePackUninstall$\mspaint.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 143360 c:\windows\$NtServicePackUninstall$\msorcl32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 105984 c:\windows\$NtServicePackUninstall$\msoert2.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 252928 c:\windows\$NtServicePackUninstall$\msoeacct.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 561664 c:\windows\$NtServicePackUninstall$\msobmain.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 122368 c:\windows\$NtServicePackUninstall$\msobcomm.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 290816 c:\windows\$NtServicePackUninstall$\msnsspc.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 213023 c:\windows\$NtServicePackUninstall$\msltus40.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 241693 c:\windows\$NtServicePackUninstall$\msjtes40.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 102400 c:\windows\$NtServicePackUninstall$\msjro.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 151583 c:\windows\$NtServicePackUninstall$\msjint40.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 358976 c:\windows\$NtServicePackUninstall$\msjetoledb40.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 358976 c:\windows\$NtServicePackUninstall$\msjetol1.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 376320 c:\windows\$NtServicePackUninstall$\msinfo.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 159232 c:\windows\$NtServicePackUninstall$\msimtf.dll
+ 2011-06-11 03:08 . 2005-05-04 20:45 884736 c:\windows\$NtServicePackUninstall$\msimsg.dll
+ 2011-06-11 03:08 . 2005-05-04 20:45 271360 c:\windows\$NtServicePackUninstall$\msihnd.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 248832 c:\windows\$NtServicePackUninstall$\msieftp.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 294912 c:\windows\$NtServicePackUninstall$\msh263.drv
+ 2011-06-11 03:08 . 2004-08-04 10:00 188416 c:\windows\$NtServicePackUninstall$\msh261.drv
+ 2011-06-11 03:09 . 2004-08-04 07:06 180224 c:\windows\$NtServicePackUninstall$\msgslang.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 994304 c:\windows\$NtServicePackUninstall$\msgina.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 537088 c:\windows\$NtServicePackUninstall$\msftedit.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 319517 c:\windows\$NtServicePackUninstall$\msexcl40.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 512029 c:\windows\$NtServicePackUninstall$\msexch40.dll
+ 2011-06-11 03:08 . 2008-06-12 14:16 161792 c:\windows\$NtServicePackUninstall$\msdtcuiu.dll
+ 2011-06-11 03:08 . 2008-06-12 14:16 956928 c:\windows\$NtServicePackUninstall$\msdtctm.dll
+ 2011-06-11 03:08 . 2008-06-12 14:16 428032 c:\windows\$NtServicePackUninstall$\msdtcprx.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 315392 c:\windows\$NtServicePackUninstall$\msdasql.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 151552 c:\windows\$NtServicePackUninstall$\msdart.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 118784 c:\windows\$NtServicePackUninstall$\msdarem.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 204800 c:\windows\$NtServicePackUninstall$\msdaps.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 200704 c:\windows\$NtServicePackUninstall$\msdaprst.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 233472 c:\windows\$NtServicePackUninstall$\msdaora.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 118784 c:\windows\$NtServicePackUninstall$\msdadiag.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 294400 c:\windows\$NtServicePackUninstall$\msctf.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 158208 c:\windows\$NtServicePackUninstall$\msconfig.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 220160 c:\windows\$NtServicePackUninstall$\mscandui.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 200704 c:\windows\$NtServicePackUninstall$\msadox.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 180224 c:\windows\$NtServicePackUninstall$\msadomd.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 536576 c:\windows\$NtServicePackUninstall$\msado15.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 155648 c:\windows\$NtServicePackUninstall$\msadds.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 143360 c:\windows\$NtServicePackUninstall$\msadco.dll
+ 2011-06-11 03:08 . 2010-02-24 12:31 454016 c:\windows\$NtServicePackUninstall$\mrxsmb.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 181248 c:\windows\$NtServicePackUninstall$\mrxdav.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 123392 c:\windows\$NtServicePackUninstall$\mplay32.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 216064 c:\windows\$NtServicePackUninstall$\moricons.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 123904 c:\windows\$NtServicePackUninstall$\mofd.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 153600 c:\windows\$NtServicePackUninstall$\modemui.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 143360 c:\windows\$NtServicePackUninstall$\mobsync.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 207360 c:\windows\$NtServicePackUninstall$\mobsync.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 815104 c:\windows\$NtServicePackUninstall$\mmc.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 586240 c:\windows\$NtServicePackUninstall$\mlang.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 240128 c:\windows\$NtServicePackUninstall$\migwiz.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 103424 c:\windows\$NtServicePackUninstall$\migload.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 201216 c:\windows\$NtServicePackUninstall$\migism.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 924432 c:\windows\$NtServicePackUninstall$\mfc40u.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 118272 c:\windows\$NtServicePackUninstall$\mdminst.dll
+ 2011-06-11 03:08 . 2009-06-25 08:17 729600 c:\windows\$NtServicePackUninstall$\lsasrv.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 514560 c:\windows\$NtServicePackUninstall$\logonui.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 220672 c:\windows\$NtServicePackUninstall$\logon.scr
+ 2011-06-11 03:08 . 2009-05-07 15:44 344064 c:\windows\$NtServicePackUninstall$\localspl.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 221696 c:\windows\$NtServicePackUninstall$\localsec.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 399872 c:\windows\$NtServicePackUninstall$\lmrt.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 423936 c:\windows\$NtServicePackUninstall$\licdll.dll
+ 2011-06-11 03:08 . 2004-08-04 05:15 140928 c:\windows\$NtServicePackUninstall$\ks.sys
+ 2011-06-11 03:08 . 2004-08-04 05:07 171776 c:\windows\$NtServicePackUninstall$\kmixer.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 150528 c:\windows\$NtServicePackUninstall$\keymgr.dll
+ 2011-06-11 03:08 . 2009-03-21 14:18 986112 c:\windows\$NtServicePackUninstall$\kernel32.dll
+ 2011-06-11 03:09 . 2009-06-25 08:17 301568 c:\windows\$NtServicePackUninstall$\kerberos.dll
+ 2011-06-11 03:09 . 2009-10-28 14:38 163840 c:\windows\$NtServicePackUninstall$\jgdw400.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 192000 c:\windows\$NtServicePackUninstall$\iuengine.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 134144 c:\windows\$NtServicePackUninstall$\itss.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 143872 c:\windows\$NtServicePackUninstall$\itircl.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 183808 c:\windows\$NtServicePackUninstall$\ir50_qcx.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 200192 c:\windows\$NtServicePackUninstall$\ir50_qc.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 755200 c:\windows\$NtServicePackUninstall$\ir50_32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 338432 c:\windows\$NtServicePackUninstall$\ir41_qcx.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 120320 c:\windows\$NtServicePackUninstall$\ir41_qc.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 384000 c:\windows\$NtServicePackUninstall$\ipsmsnap.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 182784 c:\windows\$NtServicePackUninstall$\ipsecsvc.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 349696 c:\windows\$NtServicePackUninstall$\ipsecsnp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 169984 c:\windows\$NtServicePackUninstall$\iprtrmgr.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 330752 c:\windows\$NtServicePackUninstall$\ippromon.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 331264 c:\windows\$NtServicePackUninstall$\ipnathlp.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 134912 c:\windows\$NtServicePackUninstall$\ipnat.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 154112 c:\windows\$NtServicePackUninstall$\ipmontr.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 123392 c:\windows\$NtServicePackUninstall$\input.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 147456 c:\windows\$NtServicePackUninstall$\initpki.dll
+ 2011-06-11 03:09 . 2010-01-29 15:08 683520 c:\windows\$NtServicePackUninstall$\inetcomm.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 274432 c:\windows\$NtServicePackUninstall$\inetcfg.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 315452 c:\windows\$NtServicePackUninstall$\imskf.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 115712 c:\windows\$NtServicePackUninstall$\imsinsnt.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 110080 c:\windows\$NtServicePackUninstall$\imm32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 102456 c:\windows\$NtServicePackUninstall$\imlang.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 274489 c:\windows\$NtServicePackUninstall$\imjputyc.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 716856 c:\windows\$NtServicePackUninstall$\imjpcus.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 368696 c:\windows\$NtServicePackUninstall$\imjpcic.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 811064 c:\windows\$NtServicePackUninstall$\imjp81k.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 106496 c:\windows\$NtServicePackUninstall$\imekrcic.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 150016 c:\windows\$NtServicePackUninstall$\imapi.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 144384 c:\windows\$NtServicePackUninstall$\imagehlp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 505344 c:\windows\$NtServicePackUninstall$\iis.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 135680 c:\windows\$NtServicePackUninstall$\ifmon.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 114688 c:\windows\$NtServicePackUninstall$\iexpress.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 120832 c:\windows\$NtServicePackUninstall$\idq.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 172032 c:\windows\$NtServicePackUninstall$\icwhelp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 214528 c:\windows\$NtServicePackUninstall$\icwconn1.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 253952 c:\windows\$NtServicePackUninstall$\icm32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 119808 c:\windows\$NtServicePackUninstall$\iasrad.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 345088 c:\windows\$NtServicePackUninstall$\hypertrm.dll
+ 2011-06-11 03:09 . 2009-10-20 14:58 263552 c:\windows\$NtServicePackUninstall$\http.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 144896 c:\windows\$NtServicePackUninstall$\hotplug.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 330752 c:\windows\$NtServicePackUninstall$\hnetwiz.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 344064 c:\windows\$NtServicePackUninstall$\hnetcfg.dll
+ 2011-06-11 03:09 . 2010-06-14 14:30 743936 c:\windows\$NtServicePackUninstall$\helpsvc.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 768512 c:\windows\$NtServicePackUninstall$\helpctr.exe
+ 2011-06-11 03:09 . 2005-01-07 23:07 138752 c:\windows\$NtServicePackUninstall$\hdaudbus.sys
+ 2011-06-11 03:08 . 2004-08-04 10:00 131968 c:\windows\$NtServicePackUninstall$\hal.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 614912 c:\windows\$NtServicePackUninstall$\h323msp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 123904 c:\windows\$NtServicePackUninstall$\guitrn.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 122880 c:\windows\$NtServicePackUninstall$\glu32.dll
+ 2011-06-11 03:09 . 2008-10-23 13:01 283648 c:\windows\$NtServicePackUninstall$\gdi32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 400384 c:\windows\$NtServicePackUninstall$\fxsxp32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 192512 c:\windows\$NtServicePackUninstall$\fxswzrd.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 154112 c:\windows\$NtServicePackUninstall$\fxsui.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 397312 c:\windows\$NtServicePackUninstall$\fxstiff.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 246272 c:\windows\$NtServicePackUninstall$\fxst30.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 267776 c:\windows\$NtServicePackUninstall$\fxssvc.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 562176 c:\windows\$NtServicePackUninstall$\fxsst.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 132608 c:\windows\$NtServicePackUninstall$\fxsocm.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 229376 c:\windows\$NtServicePackUninstall$\fxscover.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 285184 c:\windows\$NtServicePackUninstall$\fxscomex.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 143360 c:\windows\$NtServicePackUninstall$\fxsclnt.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 452096 c:\windows\$NtServicePackUninstall$\fxsapi.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 193024 c:\windows\$NtServicePackUninstall$\fsquirt.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 185856 c:\windows\$NtServicePackUninstall$\framedyn.dll
+ 2011-06-11 03:09 . 2003-03-24 22:52 208896 c:\windows\$NtServicePackUninstall$\fpmmcsat.dll
+ 2011-06-11 03:09 . 2004-05-13 06:39 598071 c:\windows\$NtServicePackUninstall$\fpmmc.dll
+ 2011-06-11 03:09 . 2003-03-24 22:52 188494 c:\windows\$NtServicePackUninstall$\fpcount.exe
+ 2011-06-11 03:09 . 2003-03-24 22:52 109328 c:\windows\$NtServicePackUninstall$\fp98swin.exe
+ 2011-06-11 03:09 . 2004-05-13 06:39 876653 c:\windows\$NtServicePackUninstall$\fp4awel.dll
+ 2011-06-11 03:09 . 2003-03-24 22:52 618605 c:\windows\$NtServicePackUninstall$\fp4autl.dll
+ 2011-06-11 03:09 . 2003-03-24 22:52 102509 c:\windows\$NtServicePackUninstall$\fp4atxt.dll
+ 2011-06-11 03:09 . 2003-03-24 22:52 147513 c:\windows\$NtServicePackUninstall$\fp4apws.dll
+ 2011-06-11 03:09 . 2004-05-13 06:39 184435 c:\windows\$NtServicePackUninstall$\fp4amsft.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 382976 c:\windows\$NtServicePackUninstall$\fontext.dll
+ 2011-06-11 03:09 . 2006-02-21 03:01 128896 c:\windows\$NtServicePackUninstall$\fltmgr.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 337920 c:\windows\$NtServicePackUninstall$\filemgmt.dll
+ 2011-06-11 03:09 . 2009-02-09 10:01 473088 c:\windows\$NtServicePackUninstall$\fastprox.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 143360 c:\windows\$NtServicePackUninstall$\fastfat.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 121856 c:\windows\$NtServicePackUninstall$\exts.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 380957 c:\windows\$NtServicePackUninstall$\expsrv.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 101888 c:\windows\$NtServicePackUninstall$\evntagnt.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 193024 c:\windows\$NtServicePackUninstall$\eudcedit.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 247808 c:\windows\$NtServicePackUninstall$\esscli.dll
+ 2011-06-11 03:09 . 2008-07-07 20:32 253952 c:\windows\$NtServicePackUninstall$\es.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 186368 c:\windows\$NtServicePackUninstall$\encdec.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 183296 c:\windows\$NtServicePackUninstall$\els.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 498205 c:\windows\$NtServicePackUninstall$\dxmasf.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 619008 c:\windows\$NtServicePackUninstall$\dx7vb.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 180224 c:\windows\$NtServicePackUninstall$\dwwin.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 304128 c:\windows\$NtServicePackUninstall$\duser.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 113152 c:\windows\$NtServicePackUninstall$\dsuiext.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 137216 c:\windows\$NtServicePackUninstall$\dssenh.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 239104 c:\windows\$NtServicePackUninstall$\dsquery.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 142336 c:\windows\$NtServicePackUninstall$\dsprop.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 367616 c:\windows\$NtServicePackUninstall$\dsound.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 144384 c:\windows\$NtServicePackUninstall$\dskquoui.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 181760 c:\windows\$NtServicePackUninstall$\dsdmo.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 299520 c:\windows\$NtServicePackUninstall$\drmclien.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 116736 c:\windows\$NtServicePackUninstall$\dpvvox.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 212480 c:\windows\$NtServicePackUninstall$\dpvoice.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 375296 c:\windows\$NtServicePackUninstall$\dpnet.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 229888 c:\windows\$NtServicePackUninstall$\dplayx.dll
+ 2011-06-11 03:09 . 2008-06-20 17:41 148992 c:\windows\$NtServicePackUninstall$\dnsapi.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 104448 c:\windows\$NtServicePackUninstall$\dmusic.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 103424 c:\windows\$NtServicePackUninstall$\dmsynth.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 105984 c:\windows\$NtServicePackUninstall$\dmstyle.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 153344 c:\windows\$NtServicePackUninstall$\dmio.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 181248 c:\windows\$NtServicePackUninstall$\dmime.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 200704 c:\windows\$NtServicePackUninstall$\dmdskmgr.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 273920 c:\windows\$NtServicePackUninstall$\dmdlgs.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 799744 c:\windows\$NtServicePackUninstall$\dmboot.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 224768 c:\windows\$NtServicePackUninstall$\dmadmin.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 163840 c:\windows\$NtServicePackUninstall$\diskpart.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 181760 c:\windows\$NtServicePackUninstall$\dinput8.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 159232 c:\windows\$NtServicePackUninstall$\dinput.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 539136 c:\windows\$NtServicePackUninstall$\dialer.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 370176 c:\windows\$NtServicePackUninstall$\dhcpmon.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 111104 c:\windows\$NtServicePackUninstall$\dhcpcsvc.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 111104 c:\windows\$NtServicePackUninstall$\dgnet.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 123904 c:\windows\$NtServicePackUninstall$\dfrgui.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 104960 c:\windows\$NtServicePackUninstall$\dfrgntfs.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 282624 c:\windows\$NtServicePackUninstall$\devmgr.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 266240 c:\windows\$NtServicePackUninstall$\ddraw.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 110592 c:\windows\$NtServicePackUninstall$\dbnetlib.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 640000 c:\windows\$NtServicePackUninstall$\dbghelp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 152064 c:\windows\$NtServicePackUninstall$\datime.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 561179 c:\windows\$NtServicePackUninstall$\dao360.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 825344 c:\windows\$NtServicePackUninstall$\d3dim700.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 326656 c:\windows\$NtServicePackUninstall$\cscui.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 101888 c:\windows\$NtServicePackUninstall$\cscdll.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 512512 c:\windows\$NtServicePackUninstall$\cryptui.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 597504 c:\windows\$NtServicePackUninstall$\crypt32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 163840 c:\windows\$NtServicePackUninstall$\credui.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 345600 c:\windows\$NtServicePackUninstall$\confmsp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 540160 c:\windows\$NtServicePackUninstall$\comuid.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 147456 c:\windows\$NtServicePackUninstall$\comsnap.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 259584 c:\windows\$NtServicePackUninstall$\comsetup.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 792064 c:\windows\$NtServicePackUninstall$\comres.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 229376 c:\windows\$NtServicePackUninstall$\compstui.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 252928 c:\windows\$NtServicePackUninstall$\compatui.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 276992 c:\windows\$NtServicePackUninstall$\comdlg32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 611328 c:\windows\$NtServicePackUninstall$\comctl32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 195584 c:\windows\$NtServicePackUninstall$\comadmin.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 185344 c:\windows\$NtServicePackUninstall$\cmprops.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 343040 c:\windows\$NtServicePackUninstall$\cmdial32.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 388608 c:\windows\$NtServicePackUninstall$\cmd.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 102912 c:\windows\$NtServicePackUninstall$\clipbrd.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 501248 c:\windows\$NtServicePackUninstall$\clbcatq.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 110080 c:\windows\$NtServicePackUninstall$\clbcatex.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 198656 c:\windows\$NtServicePackUninstall$\cintime.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 109568 c:\windows\$NtServicePackUninstall$\cic.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 173568 c:\windows\$NtServicePackUninstall$\chtskf.dll
+ 2011-06-11 03:09 . 2003-03-24 22:52 188480 c:\windows\$NtServicePackUninstall$\cfgwiz.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 457728 c:\windows\$NtServicePackUninstall$\certmgr.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 194560 c:\windows\$NtServicePackUninstall$\certcli.dll
+ 2011-06-11 03:09 . 2006-03-04 03:33 151040 c:\windows\$NtServicePackUninstall$\cdfview.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 628224 c:\windows\$NtServicePackUninstall$\catsrvut.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 229888 c:\windows\$NtServicePackUninstall$\catsrv.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 142848 c:\windows\$NtServicePackUninstall$\capesnpn.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 385024 c:\windows\$NtServicePackUninstall$\callcont.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 218112 c:\windows\$NtServicePackUninstall$\c_g18030.dll
+ 2011-06-11 03:09 . 2008-06-13 13:10 272128 c:\windows\$NtServicePackUninstall$\bthport.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 580608 c:\windows\$NtServicePackUninstall$\autofmt.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 602624 c:\windows\$NtServicePackUninstall$\autoconv.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 588800 c:\windows\$NtServicePackUninstall$\autochk.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 331264 c:\windows\$NtServicePackUninstall$\aqueue.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 126976 c:\windows\$NtServicePackUninstall$\apphelp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 256512 c:\windows\$NtServicePackUninstall$\agentsvr.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 214016 c:\windows\$NtServicePackUninstall$\agentctl.dll
+ 2011-06-11 03:08 . 2008-08-14 09:51 138368 c:\windows\$NtServicePackUninstall$\afd.sys
+ 2011-06-11 03:08 . 2004-08-04 04:39 142464 c:\windows\$NtServicePackUninstall$\aec.sys
+ 2011-06-11 03:08 . 2009-02-09 10:01 617984 c:\windows\$NtServicePackUninstall$\advapi32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 263680 c:\windows\$NtServicePackUninstall$\adsnt.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 143360 c:\windows\$NtServicePackUninstall$\adsldpc.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 175616 c:\windows\$NtServicePackUninstall$\adsldp.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 116224 c:\windows\$NtServicePackUninstall$\acxtrnal.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 101888 c:\windows\$NtServicePackUninstall$\actxprxy.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 194048 c:\windows\$NtServicePackUninstall$\activeds.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 244736 c:\windows\$NtServicePackUninstall$\acspecfc.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 187776 c:\windows\$NtServicePackUninstall$\acpi.sys
+ 2011-06-11 03:09 . 2004-08-04 10:00 114688 c:\windows\$NtServicePackUninstall$\aclui.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 137728 c:\windows\$NtServicePackUninstall$\aclua.dll
+ 2011-06-11 03:08 . 2009-11-21 16:36 470528 c:\windows\$NtServicePackUninstall$\aclayers.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 183808 c:\windows\$NtServicePackUninstall$\accwiz.exe
+ 2011-06-11 03:09 . 2010-02-12 04:47 100864 c:\windows\$NtServicePackUninstall$\6to4svc.dll
+ 2011-06-11 08:01 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB982665\update\updspapi.dll
+ 2011-06-11 08:01 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB982665\update\update.exe
+ 2011-06-11 08:01 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB982665\spuninst.exe
+ 2011-06-11 08:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB982132\update\updspapi.dll
+ 2011-06-11 08:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB982132\update\update.exe
+ 2011-06-11 08:05 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB982132\spuninst.exe
+ 2010-08-27 08:01 . 2010-08-27 08:01 119808 c:\windows\$hf_mig$\KB982132\SP3QFE\t2embed.dll
+ 2011-06-11 08:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981997\update\updspapi.dll
+ 2011-06-11 08:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981997\update\update.exe
+ 2011-06-11 08:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981997\spuninst.exe
 
T

TryingToProve

New Member
+ 2011-06-11 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981322\update\updspapi.dll
+ 2011-06-11 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981322\update\update.exe
+ 2011-06-11 08:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981322\spuninst.exe
+ 2010-04-16 15:29 . 2010-04-16 15:29 406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
+ 2011-06-11 08:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB980436\update\updspapi.dll
+ 2011-06-11 08:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB980436\update\update.exe
+ 2011-06-11 08:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB980436\spuninst.exe
+ 2010-06-30 12:23 . 2010-06-30 12:23 149504 c:\windows\$hf_mig$\KB980436\SP3QFE\schannel.dll
+ 2011-06-11 08:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB979687\update\updspapi.dll
+ 2011-06-11 08:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB979687\update\update.exe
+ 2011-06-11 08:04 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB979687\spuninst.exe
+ 2010-07-12 13:02 . 2010-07-12 13:02 218112 c:\windows\$hf_mig$\KB979687\SP3QFE\wordpad.exe
+ 2011-06-11 08:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-06-11 08:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-06-11 08:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2009-07-27 22:13 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2011-06-11 08:05 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956744\update\updspapi.dll
+ 2011-06-11 08:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB956744\update\update.exe
+ 2011-06-11 08:05 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956744\spuninst.exe
+ 2011-06-11 08:05 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB951978\update\updspapi.dll
+ 2011-06-11 08:05 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB951978\update\update.exe
+ 2011-06-11 08:05 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB951978\spuninst.exe
+ 2008-05-08 11:24 . 2008-05-08 11:24 155648 c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2008-05-09 10:45 . 2008-05-09 10:45 430080 c:\windows\$hf_mig$\KB951978\SP3QFE\vbscript.dll
+ 2008-05-09 10:45 . 2008-05-09 10:45 172032 c:\windows\$hf_mig$\KB951978\SP3QFE\scrrun.dll
+ 2008-05-09 10:45 . 2008-05-09 10:45 180224 c:\windows\$hf_mig$\KB951978\SP3QFE\scrobj.dll
+ 2008-05-09 10:45 . 2008-05-09 10:45 512000 c:\windows\$hf_mig$\KB951978\SP3QFE\jscript.dll
+ 2008-05-07 09:07 . 2008-05-07 09:07 135168 c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2011-09-16 08:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2616676\update\updspapi.dll
+ 2011-09-16 08:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2616676\update\update.exe
+ 2011-09-16 08:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2616676\spuninst.exe
+ 2011-09-09 09:11 . 2011-09-09 09:11 599552 c:\windows\$hf_mig$\KB2616676\SP3QFE\crypt32.dll
+ 2011-09-07 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2607712\update\updspapi.dll
+ 2011-09-07 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2607712\update\update.exe
+ 2011-09-07 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2607712\spuninst.exe
+ 2011-09-03 10:16 . 2011-09-03 10:16 599552 c:\windows\$hf_mig$\KB2607712\SP3QFE\crypt32.dll
+ 2011-09-16 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570947\update\updspapi.dll
+ 2011-09-16 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570947\update\update.exe
+ 2011-09-16 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570947\spuninst.exe
+ 2011-08-10 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2570222\update\updspapi.dll
+ 2011-08-10 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2570222\update\update.exe
+ 2011-08-10 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2570222\spuninst.exe
+ 2011-08-10 00:31 . 2011-06-24 14:09 139656 c:\windows\$hf_mig$\KB2570222\SP3QFE\rdpwd.sys
+ 2011-08-10 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2567680\update\updspapi.dll
+ 2011-08-10 08:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2567680\update\update.exe
+ 2011-08-10 08:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2567680\spuninst.exe
+ 2011-06-20 17:43 . 2011-06-20 17:43 293376 c:\windows\$hf_mig$\KB2567680\SP3QFE\winsrv.dll
+ 2011-08-10 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2566454\update\updspapi.dll
+ 2011-08-10 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2566454\update\update.exe
+ 2011-08-10 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2566454\spuninst.exe
+ 2011-08-10 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2562937\update\updspapi.dll
+ 2011-08-10 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2562937\update\update.exe
+ 2011-08-10 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2562937\spuninst.exe
+ 2011-08-10 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2559049-IE8\update\updspapi.dll
+ 2011-08-10 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2559049-IE8\update\update.exe
+ 2011-08-10 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2559049-IE8\spuninst.exe
+ 2011-08-10 00:31 . 2011-06-23 18:33 919552 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
+ 2011-08-10 00:31 . 2011-06-23 18:33 105984 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\url.dll
+ 2011-08-10 00:31 . 2011-06-23 18:33 206848 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\occache.dll
+ 2011-08-10 00:31 . 2011-06-23 18:33 611840 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mstime.dll
+ 2011-08-10 00:31 . 2011-06-23 18:33 602112 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\msfeeds.dll
+ 2011-08-10 00:31 . 2011-06-23 18:33 247808 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieproxy.dll
+ 2011-08-10 00:31 . 2011-06-23 18:33 184320 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iepeers.dll
+ 2011-08-10 00:31 . 2011-06-23 18:33 743424 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedvtool.dll
+ 2011-08-10 00:31 . 2011-06-23 18:33 387584 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iedkcs32.dll
+ 2011-08-10 00:31 . 2011-06-23 12:19 173568 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ie4uinit.exe
+ 2011-07-13 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll
+ 2011-07-13 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2555917\update\update.exe
+ 2011-07-13 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2555917\spuninst.exe
+ 2011-06-18 08:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544893\update\updspapi.dll
+ 2011-06-18 08:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544893\update\update.exe
+ 2011-06-18 08:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544893\spuninst.exe
+ 2011-06-17 13:30 . 2011-05-02 15:30 692736 c:\windows\$hf_mig$\KB2544893\SP3QFE\inetcomm.dll
+ 2011-06-18 08:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544521-IE8\update\updspapi.dll
+ 2011-06-18 08:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544521-IE8\update\update.exe
+ 2011-06-18 08:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544521-IE8\spuninst.exe
+ 2011-06-17 13:30 . 2011-04-30 02:59 758784 c:\windows\$hf_mig$\KB2544521-IE8\SP3QFE\vgx.dll
+ 2011-06-29 09:31 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2541763\update\updspapi.dll
+ 2011-06-29 09:31 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2541763\update\update.exe
+ 2011-06-29 09:31 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2541763\spuninst.exe
+ 2011-04-29 17:23 . 2011-04-29 17:23 151552 c:\windows\$hf_mig$\KB2541763\SP3QFE\schannel.dll
+ 2011-06-18 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276\update\updspapi.dll
+ 2011-06-18 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276\update\update.exe
+ 2011-06-18 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276\spuninst.exe
+ 2011-06-17 13:31 . 2011-04-29 16:47 457856 c:\windows\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys
+ 2011-08-10 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2536276-v2\update\updspapi.dll
+ 2011-08-10 08:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2536276-v2\update\update.exe
+ 2011-08-10 08:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2536276-v2\spuninst.exe
+ 2011-08-10 00:31 . 2011-07-15 13:29 457856 c:\windows\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys
+ 2011-06-18 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2535512\update\updspapi.dll
+ 2011-06-18 08:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2535512\update\update.exe
+ 2011-06-18 08:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2535512\spuninst.exe
+ 2011-06-17 13:31 . 2011-04-21 13:52 105472 c:\windows\$hf_mig$\KB2535512\SP3QFE\mup.sys
+ 2011-06-18 08:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2530548-IE8\update\updspapi.dll
+ 2011-06-18 08:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2530548-IE8\update\update.exe
+ 2011-06-18 08:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2530548-IE8\spuninst.exe
+ 2011-06-17 13:31 . 2011-04-25 16:09 919552 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
+ 2011-06-17 13:31 . 2011-04-25 16:09 206848 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\occache.dll
+ 2011-06-17 13:31 . 2011-04-25 16:09 611840 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mstime.dll
+ 2011-06-17 13:31 . 2011-04-25 16:09 602112 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeeds.dll
+ 2011-06-17 13:31 . 2011-04-25 16:09 247808 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieproxy.dll
+ 2011-06-17 13:31 . 2011-04-25 16:09 184320 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iepeers.dll
+ 2011-06-17 13:31 . 2011-04-25 16:09 743424 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedvtool.dll
+ 2011-06-17 13:31 . 2011-04-25 16:09 387584 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedkcs32.dll
+ 2011-06-17 13:31 . 2011-04-25 11:37 173568 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ie4uinit.exe
+ 2011-06-11 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2524375\update\updspapi.dll
+ 2011-06-11 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2524375\update\update.exe
+ 2011-06-11 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2524375\spuninst.exe
+ 2011-06-11 08:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2511455\update\updspapi.dll
+ 2011-06-11 08:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2511455\update\update.exe
+ 2011-06-11 08:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2511455\spuninst.exe
+ 2011-06-11 07:21 . 2011-02-17 13:19 457472 c:\windows\$hf_mig$\KB2511455\SP3QFE\mrxsmb.sys
+ 2011-06-11 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2510531-IE8\update\updspapi.dll
+ 2011-06-11 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2510531-IE8\update\update.exe
+ 2011-06-11 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2510531-IE8\spuninst.exe
+ 2011-06-11 07:21 . 2011-03-04 06:35 420864 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\vbscript.dll
+ 2011-06-11 07:21 . 2011-03-04 06:35 726528 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\jscript.dll
+ 2011-06-11 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2509553\update\updspapi.dll
+ 2011-06-11 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2509553\update\update.exe
+ 2011-06-11 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2509553\spuninst.exe
+ 2008-06-20 11:16 . 2008-06-20 11:16 225856 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys
+ 2008-06-20 11:59 . 2008-06-20 11:59 361600 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
+ 2008-06-20 17:43 . 2008-06-20 17:43 245248 c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
+ 2011-03-03 06:53 . 2011-03-03 06:53 149504 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsapi.dll
+ 2008-10-16 15:07 . 2008-10-16 15:07 138496 c:\windows\$hf_mig$\KB2509553\SP3QFE\afd.sys
+ 2011-06-11 08:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508429\update\updspapi.dll
+ 2011-06-11 08:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508429\update\update.exe
+ 2011-06-11 08:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508429\spuninst.exe
+ 2011-02-17 13:19 . 2011-02-17 13:19 357888 c:\windows\$hf_mig$\KB2508429\SP3QFE\srv.sys
+ 2011-06-11 08:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508272\update\updspapi.dll
+ 2011-06-11 08:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508272\update\update.exe
+ 2011-06-11 08:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508272\spuninst.exe
+ 2011-07-13 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll
+ 2011-07-13 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507938\update\update.exe
+ 2011-07-13 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507938\spuninst.exe
+ 2011-04-26 11:02 . 2011-04-26 11:02 293376 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll
+ 2011-06-11 08:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2507618\update\updspapi.dll
+ 2011-06-11 08:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2507618\update\update.exe
+ 2011-06-11 08:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2507618\spuninst.exe
+ 2011-02-15 13:05 . 2011-02-15 13:05 290432 c:\windows\$hf_mig$\KB2507618\SP3QFE\atmfd.dll
+ 2011-06-11 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506223\update\updspapi.dll
+ 2011-06-11 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506223\update\update.exe
+ 2011-06-11 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506223\spuninst.exe
+ 2011-06-11 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506212\update\updspapi.dll
+ 2011-06-11 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506212\update\update.exe
+ 2011-06-11 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506212\spuninst.exe
+ 2011-02-08 13:32 . 2011-02-08 13:32 974848 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42u.dll
+ 2011-02-08 13:32 . 2011-02-08 13:32 978944 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42.dll
+ 2011-06-18 08:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503665\update\updspapi.dll
+ 2011-06-18 08:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503665\update\update.exe
+ 2011-06-18 08:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503665\spuninst.exe
+ 2011-06-17 13:32 . 2011-02-16 13:25 138496 c:\windows\$hf_mig$\KB2503665\SP3QFE\afd.sys
+ 2011-06-11 08:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2503658\update\updspapi.dll
+ 2011-06-11 08:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2503658\update\update.exe
+ 2011-06-11 08:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2503658\spuninst.exe
+ 2011-03-07 05:31 . 2011-03-07 05:31 692736 c:\windows\$hf_mig$\KB2503658\SP3QFE\inetcomm.dll
+ 2011-06-11 08:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2497640-IE8\update\updspapi.dll
+ 2011-06-11 08:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2497640-IE8\update\update.exe
+ 2011-06-11 08:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2497640-IE8\spuninst.exe
+ 2011-06-11 07:23 . 2011-02-22 23:27 919552 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
+ 2011-06-11 07:23 . 2011-02-22 23:27 206848 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\occache.dll
+ 2011-06-11 07:23 . 2011-02-22 23:27 611840 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mstime.dll
+ 2011-06-11 07:23 . 2011-02-22 23:27 602112 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeeds.dll
+ 2011-06-11 07:23 . 2011-02-22 23:27 247808 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieproxy.dll
+ 2011-06-11 07:23 . 2011-02-22 23:27 184320 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iepeers.dll
+ 2011-06-11 07:23 . 2011-02-22 23:27 743424 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedvtool.dll
+ 2011-06-11 07:23 . 2011-02-22 23:27 387584 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedkcs32.dll
+ 2011-06-11 07:23 . 2011-02-22 12:08 173568 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ie4uinit.exe
+ 2011-06-11 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2485663\update\updspapi.dll
+ 2011-06-11 08:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2485663\update\update.exe
+ 2011-06-11 08:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2485663\spuninst.exe
+ 2011-06-11 08:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2483185\update\updspapi.dll
+ 2011-06-11 08:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2483185\update\update.exe
+ 2011-06-11 08:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2483185\spuninst.exe
+ 2011-01-21 14:42 . 2011-01-21 14:42 439808 c:\windows\$hf_mig$\KB2483185\SP3QFE\shimgvw.dll
+ 2011-06-11 08:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-06-11 08:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-06-11 08:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-06-11 08:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-06-11 08:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-06-11 08:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-06-11 08:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478971\update\updspapi.dll
+ 2011-06-11 08:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478971\update\update.exe
+ 2011-06-11 08:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478971\spuninst.exe
+ 2010-12-22 12:32 . 2010-12-22 12:32 301568 c:\windows\$hf_mig$\KB2478971\SP3QFE\kerberos.dll
+ 2011-06-11 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2478960\update\updspapi.dll
+ 2011-06-11 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2478960\update\update.exe
+ 2011-06-11 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2478960\spuninst.exe
+ 2010-12-20 17:24 . 2010-12-20 17:24 730112 c:\windows\$hf_mig$\KB2478960\SP3QFE\lsasrv.dll
+ 2011-06-11 08:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476687\update\updspapi.dll
+ 2011-06-11 08:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476687\update\update.exe
+ 2011-06-11 08:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476687\spuninst.exe
+ 2011-06-18 08:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
+ 2011-06-18 08:07 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
+ 2011-06-18 08:07 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
+ 2010-12-20 17:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
+ 2011-06-11 08:05 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2443105\update\updspapi.dll
+ 2011-06-11 08:05 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2443105\update\update.exe
+ 2011-06-11 08:05 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2443105\spuninst.exe
+ 2011-06-11 08:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2440591\update\updspapi.dll
+ 2011-06-11 08:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2440591\update\update.exe
+ 2011-06-11 08:05 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2440591\spuninst.exe
+ 2011-06-11 08:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2423089\update\updspapi.dll
+ 2011-06-11 08:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2423089\update\update.exe
+ 2011-06-11 08:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2423089\spuninst.exe
+ 2011-06-11 08:02 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2419632\update\updspapi.dll
+ 2011-06-11 08:02 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2419632\update\update.exe
+ 2011-06-11 08:02 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2419632\spuninst.exe
+ 2010-11-09 14:50 . 2010-11-09 14:50 253952 c:\windows\$hf_mig$\KB2419632\SP3QFE\odbc32.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 102400 c:\windows\$hf_mig$\KB2419632\SP3QFE\msjro.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 200704 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadox.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 180224 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadomd.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 565248 c:\windows\$hf_mig$\KB2419632\SP3QFE\msado15.dll
+ 2010-11-09 14:50 . 2010-11-09 14:50 143360 c:\windows\$hf_mig$\KB2419632\SP3QFE\msadco.dll
+ 2011-06-11 08:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2393802\update\updspapi.dll
+ 2011-06-11 08:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2393802\update\update.exe
+ 2011-06-11 08:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2393802\spuninst.exe
+ 2011-06-11 07:21 . 2010-12-09 15:15 718336 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
+ 2011-06-11 08:06 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2387149\update\updspapi.dll
+ 2011-06-11 08:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2387149\update\update.exe
+ 2011-06-11 08:06 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2387149\spuninst.exe
+ 2011-06-11 07:24 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42u.dll
+ 2011-06-11 07:24 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42.dll
+ 2011-06-11 07:24 . 2010-09-18 07:18 953856 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
+ 2011-06-11 07:24 . 2010-09-18 07:18 954368 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40.dll
+ 2011-06-11 08:00 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2360937\update\updspapi.dll
+ 2011-06-11 08:00 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2360937\update\update.exe
+ 2011-06-11 08:00 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2360937\spuninst.exe
+ 2011-06-11 07:20 . 2010-08-16 08:43 590848 c:\windows\$hf_mig$\KB2360937\SP3QFE\rpcrt4.dll
+ 2011-06-11 08:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll
+ 2011-06-11 08:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2347290\update\update.exe
+ 2011-06-11 08:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2347290\spuninst.exe
+ 2011-06-11 08:06 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2345886\update\updspapi.dll
+ 2011-06-11 08:06 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2345886\update\update.exe
+ 2011-06-11 08:06 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2345886\spuninst.exe
+ 2010-08-26 13:37 . 2010-08-26 13:37 357248 c:\windows\$hf_mig$\KB2345886\SP3QFE\srv.sys
+ 2011-06-11 08:04 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2121546\update\updspapi.dll
+ 2011-06-11 08:04 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2121546\update\update.exe
+ 2011-06-11 08:04 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2121546\spuninst.exe
+ 2010-06-18 17:43 . 2010-06-18 17:43 293376 c:\windows\$hf_mig$\KB2121546\SP3QFE\winsrv.dll
+ 2011-06-11 08:06 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2115168\update\updspapi.dll
+ 2011-06-11 08:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2115168\update\update.exe
+ 2011-06-11 08:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2115168\spuninst.exe
+ 2011-06-11 08:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2079403\update\updspapi.dll
+ 2011-06-11 08:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2079403\update\update.exe
+ 2011-06-11 08:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2079403\spuninst.exe
+ 2011-06-11 07:22 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1724416 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
+ 2011-06-11 07:23 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2011-05-14 01:04 . 2011-05-14 01:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
 
T

TryingToProve

New Member
+ 2011-05-14 01:04 . 2011-05-14 01:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
+ 2011-01-11 03:50 . 2011-01-11 03:50 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80u.dll
+ 2011-01-11 03:50 . 2011-01-11 03:50 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_e87e0bcd\mfc80.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1011774 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2004-08-04 10:00 . 2004-08-04 10:00 2897920 c:\windows\system32\xpsp2res.dll
+ 2004-08-04 10:00 . 2008-04-13 17:39 2897920 c:\windows\system32\xpsp2res.dll
+ 2004-08-04 10:00 . 2008-04-13 16:48 1647616 c:\windows\system32\winbrand.dll
+ 2009-12-03 23:14 . 2008-04-14 00:11 1358848 c:\windows\system32\wbem\cimwin32.dll
+ 2006-03-18 11:09 . 2011-08-22 23:48 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-04 10:00 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
+ 2006-03-30 09:16 . 2008-04-14 00:12 1499136 c:\windows\system32\shdocvw.dll
+ 2004-08-04 10:00 . 2008-04-14 00:12 1614848 c:\windows\system32\sfcfiles.dll
+ 2010-05-30 01:27 . 2011-06-11 04:09 9359756 c:\windows\system32\Restore\rstrlog.dat
- 2004-08-04 10:00 . 2009-07-17 16:27 1435648 c:\windows\system32\query.dll
+ 2004-08-04 10:00 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
+ 2004-08-04 10:00 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll
+ 2004-08-04 10:00 . 2010-07-16 12:05 1288192 c:\windows\system32\ole32.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 4274816 c:\windows\system32\nv4_disp.dll
+ 2005-03-30 01:23 . 2010-12-09 13:38 2192768 c:\windows\system32\ntoskrnl.exe
+ 2005-03-30 01:01 . 2010-12-09 13:07 2069376 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-04 10:00 . 2008-04-14 00:12 1703936 c:\windows\system32\netshell.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1737856 c:\windows\system32\mtxparhd.dll
+ 2008-04-14 00:12 . 2009-07-31 16:05 1372672 c:\windows\system32\msxml6.dll
+ 2004-08-04 10:00 . 2010-06-14 07:41 1172480 c:\windows\system32\msxml3.dll
- 2004-08-04 10:00 . 2009-07-31 04:57 1172480 c:\windows\system32\msxml3.dll
+ 2004-08-04 10:00 . 2008-04-14 00:12 1428992 c:\windows\system32\msvidctl.dll
+ 2008-09-05 08:09 . 2008-04-14 00:12 1384479 c:\windows\system32\msvbvm60.dll
+ 2009-12-03 23:14 . 2011-02-02 07:58 2067456 c:\windows\system32\mstscax.dll
+ 2004-08-04 10:00 . 2007-10-22 09:30 1516568 c:\windows\system32\msjet40.dll
+ 2004-08-04 10:00 . 2008-04-14 00:11 2843136 c:\windows\system32\msi.dll
+ 2006-03-23 17:32 . 2011-10-03 08:35 5971456 c:\windows\system32\mshtml.dll
+ 2004-08-04 10:00 . 2008-04-14 00:11 1872896 c:\windows\system32\mmcndmgr.dll
+ 2004-08-04 10:00 . 2008-04-14 00:12 1414656 c:\windows\system32\mmc.exe
+ 2009-07-18 03:21 . 2011-10-30 15:47 8522400 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-03-08 10:32 . 2011-08-22 23:48 2000384 c:\windows\system32\iertutil.dll
- 2004-08-04 10:00 . 2004-08-04 10:00 1082368 c:\windows\system32\esent.dll
+ 2004-08-04 10:00 . 2008-04-14 00:11 1082368 c:\windows\system32\esent.dll
- 2004-08-04 10:00 . 2004-08-04 10:00 2113536 c:\windows\system32\dxdiagn.dll
+ 2004-08-04 10:00 . 2008-04-14 00:11 2113536 c:\windows\system32\dxdiagn.dll
+ 2004-08-04 10:00 . 2008-04-14 00:12 1298432 c:\windows\system32\dxdiag.exe
- 2004-08-04 10:00 . 2004-08-04 10:00 1298432 c:\windows\system32\dxdiag.exe
+ 2004-08-04 10:00 . 2008-04-14 00:11 1227264 c:\windows\system32\dx8vb.dll
- 2004-08-04 10:00 . 2004-08-04 10:00 1227264 c:\windows\system32\dx8vb.dll
+ 2004-08-04 10:00 . 2008-04-14 00:11 1293824 c:\windows\system32\dsound3d.dll
+ 2011-06-09 14:12 . 2011-05-10 13:06 4517664 c:\windows\system32\DRVSTORE\usbaapl_5CBB3A09528F68FC4AD2F36E43C028E7E6F20400\usbaaplrc.dll
+ 2011-06-09 14:12 . 2011-04-08 19:59 1461992 c:\windows\system32\DRVSTORE\netaapl_B71F8545DA20A81C41BFD744E8D7D9784787E916\wdfcoinstaller01009.dll
+ 2009-12-05 15:48 . 2004-08-04 04:29 1897408 c:\windows\system32\drivers\nv4_mini.sys
+ 2009-12-05 15:48 . 2004-08-04 04:41 1309184 c:\windows\system32\drivers\mtlstrm.sys
+ 2009-12-05 15:48 . 2004-08-04 04:41 1041536 c:\windows\system32\drivers\hsfdpsp2.sys
+ 2009-08-14 13:21 . 2011-09-06 13:20 1858944 c:\windows\system32\dllcache\win32k.sys
+ 2006-03-18 11:09 . 2011-08-22 23:48 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
- 2004-08-04 10:00 . 2009-07-17 16:27 1435648 c:\windows\system32\dllcache\query.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2009-06-03 19:09 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2010-07-16 12:05 . 2010-07-16 12:05 1288192 c:\windows\system32\dllcache\ole32.dll
+ 2009-12-05 02:22 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-12-05 02:22 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-08 01:02 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-12-05 02:22 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-14 00:12 . 2009-07-31 16:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2004-08-04 10:00 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2004-08-04 10:00 . 2009-07-31 04:57 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-12-03 23:14 . 2009-06-10 14:19 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2009-12-05 15:21 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2006-03-23 17:32 . 2011-10-03 08:35 5971456 c:\windows\system32\dllcache\mshtml.dll
+ 2009-12-03 23:16 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2009-12-05 01:45 . 2011-08-22 23:48 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-04 10:00 . 2008-04-14 00:11 1504256 c:\windows\system32\diskcopy.dll
+ 2006-03-04 03:33 . 2008-04-14 00:11 1054208 c:\windows\system32\danim.dll
- 2006-03-04 03:33 . 2006-03-04 03:33 1054208 c:\windows\system32\danim.dll
- 2004-08-04 10:00 . 2004-08-04 10:00 1689088 c:\windows\system32\d3d9.dll
+ 2004-08-04 10:00 . 2008-04-14 00:11 1689088 c:\windows\system32\d3d9.dll
- 2004-08-04 10:00 . 2004-08-04 10:00 1179648 c:\windows\system32\d3d8.dll
+ 2004-08-04 10:00 . 2008-04-14 00:11 1179648 c:\windows\system32\d3d8.dll
+ 2009-12-03 23:14 . 2008-04-14 00:11 1267200 c:\windows\system32\comsvcs.dll
+ 2004-08-04 10:00 . 2008-04-14 00:11 2091520 c:\windows\system32\cdosys.dll
+ 2006-03-04 03:33 . 2008-04-14 00:11 1025024 c:\windows\system32\browseui.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1888992 c:\windows\system32\ati3duag.dll
+ 2009-12-03 23:16 . 2008-04-14 00:11 3166208 c:\windows\srchasst\msgr3en.dll
- 2009-12-03 23:16 . 2004-08-04 10:00 3166208 c:\windows\srchasst\msgr3en.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1695232 c:\windows\ServicePackFiles\ServicePackCache\i386\msmsgs.exe
+ 2008-04-13 17:39 . 2008-04-13 17:39 2897920 c:\windows\ServicePackFiles\i386\xpsp2res.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1135616 c:\windows\ServicePackFiles\i386\wuaueng.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 4256768 c:\windows\ServicePackFiles\i386\wmm2res.dll
+ 2008-04-13 16:48 . 2008-04-13 16:48 1647616 c:\windows\ServicePackFiles\i386\winbrand.dll
+ 2008-04-13 19:30 . 2008-04-13 19:30 1845632 c:\windows\ServicePackFiles\i386\win32k.sys
+ 2009-12-05 15:48 . 2004-08-04 10:00 1326080 c:\windows\ServicePackFiles\i386\webfldrs.msi
+ 2008-04-14 00:12 . 2008-04-14 00:12 8461312 c:\windows\ServicePackFiles\i386\shell32.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1499136 c:\windows\ServicePackFiles\i386\shdocvw.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1614848 c:\windows\ServicePackFiles\i386\sfcfiles.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1435648 c:\windows\ServicePackFiles\i386\query.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1288192 c:\windows\ServicePackFiles\i386\quartz.dll
+ 2007-05-15 08:08 . 2007-05-15 08:08 1057280 c:\windows\ServicePackFiles\i386\pcl5ures.dll
+ 2007-05-15 08:08 . 2007-05-15 08:08 1058816 c:\windows\ServicePackFiles\i386\pcl5eres.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1287168 c:\windows\ServicePackFiles\i386\ole32.dll
+ 2009-12-05 15:48 . 2004-08-04 04:29 1897408 c:\windows\ServicePackFiles\i386\nv4_mini.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 4274816 c:\windows\ServicePackFiles\i386\nv4_disp.dll
+ 2008-04-13 19:27 . 2008-04-13 19:27 2188928 c:\windows\ServicePackFiles\i386\ntoskrnl.exe
+ 2008-04-13 18:31 . 2008-04-13 18:31 2023936 c:\windows\ServicePackFiles\i386\ntkrpamp.exe
+ 2008-04-13 18:31 . 2008-04-13 18:31 2065792 c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
+ 2008-04-13 19:24 . 2008-04-13 19:24 2145280 c:\windows\ServicePackFiles\i386\ntkrnlmp.exe
+ 2008-04-14 00:12 . 2008-04-14 00:12 1703936 c:\windows\ServicePackFiles\i386\netshell.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1737856 c:\windows\ServicePackFiles\i386\mtxparhd.dll
+ 2009-12-05 15:48 . 2004-08-04 04:41 1309184 c:\windows\ServicePackFiles\i386\mtlstrm.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 1104896 c:\windows\ServicePackFiles\i386\msxml3.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1428992 c:\windows\ServicePackFiles\i386\msvidctl.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1384479 c:\windows\ServicePackFiles\i386\msvbvm60.dll
+ 2008-04-13 16:23 . 2008-04-13 16:23 2479616 c:\windows\ServicePackFiles\i386\msoeres.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1314816 c:\windows\ServicePackFiles\i386\msoe.dll
+ 2009-12-05 15:48 . 2004-08-04 10:00 1327320 c:\windows\ServicePackFiles\i386\msnsusii.exe
+ 2009-12-05 15:48 . 2004-08-04 10:00 5080576 c:\windows\ServicePackFiles\i386\msnmsgs.msi
+ 2008-04-14 00:12 . 2008-04-14 00:12 1695232 c:\windows\ServicePackFiles\i386\msmsgs.exe
+ 2007-10-22 09:30 . 2007-10-22 09:30 1516568 c:\windows\ServicePackFiles\i386\msjet40.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 2843136 c:\windows\ServicePackFiles\i386\msi.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 3066880 c:\windows\ServicePackFiles\i386\mshtml.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 3166208 c:\windows\ServicePackFiles\i386\msgr3en.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 3558912 c:\windows\ServicePackFiles\i386\moviemk.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 1872896 c:\windows\ServicePackFiles\i386\mmcndmgr.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1414656 c:\windows\ServicePackFiles\i386\mmc.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 1028096 c:\windows\ServicePackFiles\i386\mfc42.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 2061824 c:\windows\ServicePackFiles\i386\lhmstscx.dll
+ 2009-12-05 15:48 . 2004-08-04 04:41 1041536 c:\windows\ServicePackFiles\i386\hsfdpsp2.sys
+ 2008-04-14 00:12 . 2008-04-14 00:12 1033728 c:\windows\ServicePackFiles\i386\explorer.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 1082368 c:\windows\ServicePackFiles\i386\esent.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 2113536 c:\windows\ServicePackFiles\i386\dxdiagn.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1298432 c:\windows\ServicePackFiles\i386\dxdiag.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 1227264 c:\windows\ServicePackFiles\i386\dx8vb.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1293824 c:\windows\ServicePackFiles\i386\dsound3d.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1504256 c:\windows\ServicePackFiles\i386\diskcopy.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1054208 c:\windows\ServicePackFiles\i386\danim.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1689088 c:\windows\ServicePackFiles\i386\d3d9.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1179648 c:\windows\ServicePackFiles\i386\d3d8.dll
+ 2008-04-14 00:12 . 2008-04-14 00:12 1032192 c:\windows\ServicePackFiles\i386\conf.exe
+ 2008-04-14 00:11 . 2008-04-14 00:11 1267200 c:\windows\ServicePackFiles\i386\comsvcs.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1358848 c:\windows\ServicePackFiles\i386\cimwin32.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 2091520 c:\windows\ServicePackFiles\i386\cdosys.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1025024 c:\windows\ServicePackFiles\i386\browseui.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1888992 c:\windows\ServicePackFiles\i386\ati3duag.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1057760 c:\windows\ServicePackFiles\i386\ati3d2ag.dll
+ 2008-04-14 00:11 . 2008-04-14 00:11 1852928 c:\windows\ServicePackFiles\i386\acgenral.dll
+ 2011-04-29 17:28 . 2011-04-29 17:28 1995264 c:\windows\Installer\df0bd81.msp
+ 2011-04-28 00:51 . 2011-04-28 00:51 6825472 c:\windows\Installer\df0bd79.msp
+ 2011-05-20 22:31 . 2011-05-20 22:31 5518848 c:\windows\Installer\df0bd64.msp
+ 2011-05-17 23:28 . 2011-05-17 23:28 6862848 c:\windows\Installer\df0bd4f.msp
+ 2011-04-29 17:33 . 2011-04-29 17:33 8173568 c:\windows\Installer\df0bd3a.msp
+ 2011-05-23 19:15 . 2011-05-23 19:15 3617792 c:\windows\Installer\c99f866.msp
+ 2011-07-16 00:46 . 2011-07-16 00:46 6541312 c:\windows\Installer\3a4aeb.msi
+ 2011-06-09 14:12 . 2011-06-09 14:12 3085312 c:\windows\Installer\2e89da0.msi
+ 2011-06-09 14:11 . 2011-06-09 14:11 1984000 c:\windows\Installer\2e89d9b.msi
+ 2011-07-26 18:50 . 2011-07-26 18:50 5522432 c:\windows\Installer\1efce48.msp
+ 2011-09-20 20:36 . 2011-09-20 20:36 5521408 c:\windows\Installer\171cf96f.msp
+ 2011-08-10 22:43 . 2011-08-10 22:43 3795968 c:\windows\Installer\1569154.msp
+ 2011-07-26 13:17 . 2011-07-26 13:17 6824960 c:\windows\Installer\1569137.msp
+ 2011-08-16 17:35 . 2011-08-16 17:35 5519872 c:\windows\Installer\1569122.msp
+ 2011-07-21 17:34 . 2011-07-21 17:34 3456000 c:\windows\Installer\156910e.msp
+ 2011-09-07 02:48 . 2011-09-07 02:48 8181248 c:\windows\Installer\1569103.msp
+ 2011-07-27 12:39 . 2011-07-27 12:39 9892352 c:\windows\Installer\15690fb.msp
+ 2007-04-19 20:09 . 2007-04-19 20:09 1061720 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OMFC.DLL
+ 2011-01-14 12:10 . 2011-01-14 12:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD.DLL
+ 2011-01-14 12:10 . 2011-01-14 12:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKPOWERPOINT.DLL
+ 2011-01-14 12:10 . 2011-01-14 12:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL.DLL
+ 2009-08-17 22:38 . 2009-08-17 22:38 8554872 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\OARTCONV.DLL
+ 2011-10-12 08:01 . 2011-06-23 18:36 1212416 c:\windows\ie8updates\KB2586448-IE8\urlmon.dll
+ 2011-10-12 08:01 . 2011-07-25 15:17 5969920 c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
+ 2011-10-12 08:01 . 2011-06-23 18:36 1991680 c:\windows\ie8updates\KB2586448-IE8\iertutil.dll
+ 2011-08-10 08:01 . 2011-04-25 16:11 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-08-10 08:01 . 2011-05-30 22:19 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
+ 2011-08-10 08:01 . 2011-04-25 16:11 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-06-18 08:03 . 2011-02-22 23:06 1210880 c:\windows\ie8updates\KB2530548-IE8\urlmon.dll
+ 2011-06-18 08:03 . 2011-02-22 23:06 5962240 c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
+ 2011-06-18 08:03 . 2011-02-22 23:06 1991680 c:\windows\ie8updates\KB2530548-IE8\iertutil.dll
+ 2011-06-11 08:03 . 2010-05-06 10:41 1209344 c:\windows\ie8updates\KB2497640-IE8\urlmon.dll
+ 2011-06-11 08:03 . 2010-05-06 10:41 5950976 c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
+ 2011-06-11 08:03 . 2010-05-06 10:41 1985536 c:\windows\ie8updates\KB2497640-IE8\iertutil.dll
+ 2004-08-04 10:00 . 2008-04-14 00:12 1033728 c:\windows\explorer.exe
+ 2009-12-05 02:22 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-12-05 02:22 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-08 01:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-12-05 02:22 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2004-08-04 10:00 . 2008-04-14 00:11 1852928 c:\windows\AppPatch\acgenral.dll
+ 2011-06-11 08:01 . 2009-10-23 15:28 3558912 c:\windows\$NtUninstallKB981997$\moviemk.exe
+ 2011-06-11 08:04 . 2008-04-14 00:12 1287168 c:\windows\$NtUninstallKB979687$\ole32.dll
+ 2010-04-15 08:01 . 2009-12-08 18:14 2185984 c:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe
+ 2010-04-15 08:01 . 2009-12-08 17:35 2020864 c:\windows\$NtUninstallKB979683_0$\ntkrpamp.exe
+ 2010-04-15 08:01 . 2009-12-08 17:35 2063104 c:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
+ 2010-04-15 08:01 . 2009-12-08 18:11 2142720 c:\windows\$NtUninstallKB979683_0$\ntkrnlmp.exe
+ 2011-06-11 03:27 . 2009-12-08 19:27 2189184 c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
+ 2011-06-11 03:27 . 2009-12-08 18:43 2023936 c:\windows\$NtUninstallKB979683$\ntkrpamp.exe
+ 2011-06-11 03:27 . 2009-12-08 18:43 2066048 c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
+ 2011-06-11 03:27 . 2009-12-08 19:26 2145280 c:\windows\$NtUninstallKB979683$\ntkrnlmp.exe
+ 2010-06-11 08:01 . 2009-08-14 12:19 1850112 c:\windows\$NtUninstallKB979559_0$\win32k.sys
+ 2011-06-11 03:26 . 2009-08-14 13:21 1850624 c:\windows\$NtUninstallKB979559$\win32k.sys
+ 2010-05-30 08:00 . 2009-07-10 13:42 1315328 c:\windows\$NtUninstallKB978542_0$\msoe.dll
+ 2011-06-11 03:26 . 2009-07-10 13:27 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
- 2010-05-30 08:00 . 2009-07-10 13:42 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-02-10 09:00 . 2009-08-04 12:51 2185984 c:\windows\$NtUninstallKB977165_0$\ntoskrnl.exe
+ 2010-02-10 09:00 . 2009-08-04 12:02 2020864 c:\windows\$NtUninstallKB977165_0$\ntkrpamp.exe
+ 2010-02-10 09:00 . 2009-08-04 12:02 2062976 c:\windows\$NtUninstallKB977165_0$\ntkrnlpa.exe
+ 2010-02-10 09:00 . 2009-08-04 12:49 2142720 c:\windows\$NtUninstallKB977165_0$\ntkrnlmp.exe
+ 2011-06-11 03:25 . 2009-08-05 02:44 2189184 c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
+ 2011-06-11 03:25 . 2009-08-04 14:20 2023936 c:\windows\$NtUninstallKB977165$\ntkrpamp.exe
+ 2011-06-11 03:25 . 2009-08-04 14:20 2066048 c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
+ 2011-06-11 03:25 . 2009-08-04 15:13 2145280 c:\windows\$NtUninstallKB977165$\ntkrnlmp.exe
+ 2010-06-11 08:00 . 2009-11-27 17:33 1291264 c:\windows\$NtUninstallKB975562_0$\quartz.dll
+ 2011-06-11 03:25 . 2009-11-27 17:11 1291776 c:\windows\$NtUninstallKB975562$\quartz.dll
+ 2010-03-10 09:00 . 2004-08-04 10:00 3555328 c:\windows\$NtUninstallKB975561_0$\moviemk.exe
- 2010-03-10 09:00 . 2004-08-04 10:00 3555328 c:\windows\$NtUninstallKB975561$\moviemk.exe
+ 2011-06-11 03:25 . 2009-10-23 14:27 3555328 c:\windows\$NtUninstallKB975561$\moviemk.exe
+ 2010-02-10 09:01 . 2009-06-03 19:27 1290752 c:\windows\$NtUninstallKB975560_0$\quartz.dll
+ 2011-06-11 03:25 . 2009-06-03 19:09 1291264 c:\windows\$NtUninstallKB975560$\quartz.dll
+ 2011-06-11 03:21 . 2008-04-14 00:12 1306624 c:\windows\$NtUninstallKB973687_1$\msxml6.dll
+ 2011-06-11 03:21 . 2009-07-31 04:57 1172480 c:\windows\$NtUninstallKB973687_1$\msxml3.dll
+ 2009-12-06 05:04 . 2008-09-04 16:42 1106944 c:\windows\$NtUninstallKB973687_0$\msxml3.dll
+ 2011-06-11 03:24 . 2009-07-31 04:35 1172480 c:\windows\$NtUninstallKB973687$\msxml3.dll
+ 2009-12-06 05:04 . 2004-08-04 10:00 1311232 c:\windows\$NtUninstallKB973354_0$\msoe.dll
+ 2011-06-11 03:24 . 2008-04-14 00:12 1314816 c:\windows\$NtUninstallKB973354$\msoe.dll
+ 2009-12-06 05:05 . 2004-08-04 10:00 1287680 c:\windows\$NtUninstallKB971633_0$\quartz.dll
+ 2011-06-11 03:23 . 2008-04-14 00:12 1288192 c:\windows\$NtUninstallKB971633$\quartz.dll
+ 2009-12-06 05:03 . 2009-02-06 10:32 2186112 c:\windows\$NtUninstallKB971486_0$\ntoskrnl.exe
+ 2009-12-06 05:03 . 2009-02-06 09:49 2020864 c:\windows\$NtUninstallKB971486_0$\ntkrpamp.exe
+ 2009-12-06 05:03 . 2009-02-06 09:49 2062976 c:\windows\$NtUninstallKB971486_0$\ntkrnlpa.exe
+ 2009-12-06 05:03 . 2009-02-06 10:29 2142720 c:\windows\$NtUninstallKB971486_0$\ntkrnlmp.exe
+ 2011-06-11 03:23 . 2009-02-06 11:08 2189056 c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
+ 2011-06-11 03:23 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrpamp.exe
+ 2011-06-11 03:23 . 2009-02-08 01:02 2066048 c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
+ 2011-06-11 03:23 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntkrnlmp.exe
+ 2011-06-11 08:02 . 2008-06-17 19:02 8461312 c:\windows\$NtUninstallKB971029$\shell32.dll
+ 2009-12-06 05:01 . 2004-08-04 10:00 1835904 c:\windows\$NtUninstallKB969947_0$\win32k.sys
+ 2011-06-11 03:23 . 2008-04-13 19:30 1845632 c:\windows\$NtUninstallKB969947$\win32k.sys
+ 2009-12-06 05:05 . 2004-08-04 10:00 1435648 c:\windows\$NtUninstallKB969059_0$\query.dll
+ 2011-06-11 03:22 . 2008-04-14 00:12 1435648 c:\windows\$NtUninstallKB969059$\query.dll
- 2009-12-06 05:05 . 2004-08-04 10:00 1435648 c:\windows\$NtUninstallKB969059$\query.dll
+ 2009-12-06 05:03 . 2004-08-04 10:00 8384000 c:\windows\$NtUninstallKB967715_0$\shell32.dll
+ 2011-06-11 03:22 . 2008-04-14 00:12 8461312 c:\windows\$NtUninstallKB967715$\shell32.dll
+ 2011-06-11 08:05 . 2008-04-14 00:11 2061824 c:\windows\$NtUninstallKB956744$\mstscax.dll
+ 2009-12-05 03:23 . 2005-03-30 01:23 2179584 c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
+ 2009-12-05 03:23 . 2005-03-30 01:01 2015232 c:\windows\$NtUninstallKB956572_0$\ntkrpamp.exe
+ 2009-12-05 03:23 . 2005-03-30 01:01 2056832 c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
+ 2009-12-05 03:23 . 2005-03-30 01:21 2135552 c:\windows\$NtUninstallKB956572_0$\ntkrnlmp.exe
+ 2011-06-11 03:21 . 2008-04-13 19:27 2188928 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
+ 2011-06-11 03:21 . 2008-04-13 18:31 2065792 c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
+ 2009-12-06 05:02 . 2004-08-04 10:00 1236480 c:\windows\$NtUninstallKB955069_0$\msxml3.dll
+ 2011-07-13 08:01 . 2011-03-03 13:21 1857920 c:\windows\$NtUninstallKB2555917$\win32k.sys
+ 2011-06-11 08:04 . 2010-05-02 05:22 1851264 c:\windows\$NtUninstallKB2506223$\win32k.sys
+ 2011-06-11 08:01 . 2008-04-14 00:11 1028096 c:\windows\$NtUninstallKB2506212$\mfc42.dll
+ 2011-06-11 08:04 . 2009-07-27 23:17 8461824 c:\windows\$NtUninstallKB2483185$\shell32.dll
+ 2011-06-11 08:05 . 2009-06-10 14:19 2066432 c:\windows\$NtUninstallKB2481109$\mstscax.dll
+ 2011-06-11 08:01 . 2010-02-17 14:10 2189952 c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
+ 2011-06-11 08:01 . 2010-02-16 13:25 2024448 c:\windows\$NtUninstallKB2393802$\ntkrpamp.exe
+ 2011-06-11 08:01 . 2010-02-16 13:25 2066816 c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
+ 2011-06-11 08:01 . 2010-02-16 14:08 2146304 c:\windows\$NtUninstallKB2393802$\ntkrnlmp.exe
+ 2011-06-11 08:04 . 2009-07-31 04:35 1172480 c:\windows\$NtUninstallKB2079403$\msxml3.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 2897920 c:\windows\$NtServicePackUninstall$\xpsp2res.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 4256768 c:\windows\$NtServicePackUninstall$\wmm2res.dll
+ 2011-06-11 03:08 . 2010-05-02 05:56 1850880 c:\windows\$NtServicePackUninstall$\win32k.sys
+ 2011-06-11 03:08 . 2008-07-03 13:16 8454656 c:\windows\$NtServicePackUninstall$\shell32.dll
+ 2011-06-11 03:08 . 2009-01-08 00:20 1497088 c:\windows\$NtServicePackUninstall$\shdocvw.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 1580544 c:\windows\$NtServicePackUninstall$\sfcfiles.dll
+ 2011-06-11 03:08 . 2009-07-17 16:27 1435648 c:\windows\$NtServicePackUninstall$\query.dll
+ 2011-06-11 03:08 . 2010-02-05 18:40 1291264 c:\windows\$NtServicePackUninstall$\quartz.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 1281536 c:\windows\$NtServicePackUninstall$\ole32.dll
+ 2011-06-11 03:08 . 2010-02-16 17:37 2186880 c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
+ 2011-06-11 03:09 . 2010-02-16 16:57 2021888 c:\windows\$NtServicePackUninstall$\ntkrpamp.exe
+ 2011-06-11 03:08 . 2010-02-17 16:57 2063744 c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
+ 2011-06-11 03:09 . 2010-02-16 17:35 2143744 c:\windows\$NtServicePackUninstall$\ntkrnlmp.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 1708032 c:\windows\$NtServicePackUninstall$\netshell.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 1428480 c:\windows\$NtServicePackUninstall$\msvidctl.dll
+ 2011-06-11 03:08 . 2008-09-05 08:09 1376528 c:\windows\$NtServicePackUninstall$\msvbvm60.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 2479616 c:\windows\$NtServicePackUninstall$\msoeres.dll
+ 2011-06-11 03:09 . 2010-01-29 15:08 1315840 c:\windows\$NtServicePackUninstall$\msoe.dll
+ 2011-06-11 03:09 . 2004-08-04 07:06 1667584 c:\windows\$NtServicePackUninstall$\msmsgs.exe
+ 2011-06-11 03:08 . 2004-08-04 10:00 1507356 c:\windows\$NtServicePackUninstall$\msjet40.dll
+ 2011-06-11 03:08 . 2005-05-04 20:45 2890240 c:\windows\$NtServicePackUninstall$\msi.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 3166208 c:\windows\$NtServicePackUninstall$\msgr3en.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1192960 c:\windows\$NtServicePackUninstall$\mmcndmgr.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1024000 c:\windows\$NtServicePackUninstall$\mfc42u.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1028096 c:\windows\$NtServicePackUninstall$\mfc42.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1032192 c:\windows\$NtServicePackUninstall$\explorer.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 1082368 c:\windows\$NtServicePackUninstall$\esent.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 2113536 c:\windows\$NtServicePackUninstall$\dxdiagn.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1298432 c:\windows\$NtServicePackUninstall$\dxdiag.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 1227264 c:\windows\$NtServicePackUninstall$\dx8vb.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1294336 c:\windows\$NtServicePackUninstall$\dsound3d.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1501696 c:\windows\$NtServicePackUninstall$\diskcopy.dll

+ 2011-06-11 03:09 . 2006-03-04 03:33 1054208 c:\windows\$NtServicePackUninstall$\danim.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1689088 c:\windows\$NtServicePackUninstall$\d3d9.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1179648 c:\windows\$NtServicePackUninstall$\d3d8.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1032192 c:\windows\$NtServicePackUninstall$\conf.exe
+ 2011-06-11 03:09 . 2004-08-04 10:00 1251840 c:\windows\$NtServicePackUninstall$\comsvcs.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 1352192 c:\windows\$NtServicePackUninstall$\cimwin32.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 2067968 c:\windows\$NtServicePackUninstall$\cdosys.dll
+ 2011-06-11 03:09 . 2009-01-08 00:20 1022976 c:\windows\$NtServicePackUninstall$\browseui.dll
+ 2011-06-11 03:08 . 2004-08-04 10:00 1852416 c:\windows\$NtServicePackUninstall$\acgenral.dll
+ 2011-06-11 07:21 . 2010-06-18 13:43 3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe
+ 2010-07-16 12:04 . 2010-07-16 12:04 1289216 c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
+ 2009-07-27 22:13 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2011-06-11 07:23 . 2009-06-09 15:21 2067968 c:\windows\$hf_mig$\KB956744\SP3QFE\lhmstscx.dll
+ 2011-08-10 00:31 . 2011-06-23 18:33 1214464 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\urlmon.dll
+ 2011-08-10 00:31 . 2011-07-25 15:15 5971456 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
+ 2011-08-10 00:31 . 2011-06-23 18:33 1992192 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\iertutil.dll
+ 2011-06-02 14:07 . 2011-06-02 14:07 1867904 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys
+ 2011-06-17 13:31 . 2011-04-25 16:09 1213952 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\urlmon.dll
+ 2011-06-17 13:31 . 2011-05-30 22:17 5967360 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
+ 2011-06-17 13:31 . 2011-04-25 16:09 1992192 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iertutil.dll
+ 2011-03-03 13:27 . 2011-03-03 13:27 1866880 c:\windows\$hf_mig$\KB2506223\SP3QFE\win32k.sys
+ 2011-06-11 07:23 . 2011-02-22 23:27 1212928 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\urlmon.dll
+ 2011-06-11 07:23 . 2011-02-22 23:27 5964800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
+ 2011-06-11 07:23 . 2011-02-22 23:27 1992192 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iertutil.dll
+ 2011-01-21 14:42 . 2011-01-21 14:42 8463360 c:\windows\$hf_mig$\KB2483185\SP3QFE\shell32.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2011-06-11 07:20 . 2010-12-09 13:43 2192768 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
+ 2011-06-11 07:20 . 2010-12-09 13:09 2027008 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrpamp.exe
+ 2010-12-09 23:39 . 2010-12-09 23:39 2069376 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
+ 2011-06-11 07:21 . 2010-12-09 13:47 2148864 c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlmp.exe
+ 2010-06-14 07:39 . 2010-06-14 07:39 1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll
+ 2004-08-04 10:00 . 2010-08-26 04:36 10841088 c:\windows\system32\wmp.dll
- 2004-08-04 10:00 . 2009-07-14 04:43 10841088 c:\windows\system32\wmp.dll
+ 2009-12-05 01:45 . 2011-10-12 08:02 48324552 c:\windows\system32\MRT.exe
+ 2009-03-08 10:39 . 2011-08-23 22:48 11081728 c:\windows\system32\ieframe.dll
+ 2004-08-04 10:00 . 2010-08-26 04:36 10841088 c:\windows\system32\dllcache\wmp.dll
- 2004-08-04 10:00 . 2009-07-14 04:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-12-05 01:45 . 2011-08-23 22:48 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2009-12-03 23:18 . 2008-04-14 00:09 13463552 c:\windows\system32\dllcache\hwxjpn.dll
- 2009-12-03 23:18 . 2004-08-04 10:00 13463552 c:\windows\system32\dllcache\hwxjpn.dll
+ 2009-12-05 15:48 . 2004-08-04 10:00 11053008 c:\windows\ServicePackFiles\i386\msncli.exe
+ 2008-04-14 00:09 . 2008-04-14 00:09 13463552 c:\windows\ServicePackFiles\i386\lang\hwxjpn.dll
+ 2011-07-26 21:33 . 2011-07-26 21:33 10984448 c:\windows\Installer\156914c.msp
+ 2011-10-12 08:01 . 2011-06-23 18:36 11081728 c:\windows\ie8updates\KB2586448-IE8\ieframe.dll
+ 2011-08-10 08:01 . 2011-04-26 15:11 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-06-18 08:03 . 2011-02-22 23:06 11080704 c:\windows\ie8updates\KB2530548-IE8\ieframe.dll
+ 2011-06-11 08:03 . 2010-05-06 10:41 11076096 c:\windows\ie8updates\KB2497640-IE8\ieframe.dll
+ 2011-06-11 08:05 . 2009-07-14 04:43 10841088 c:\windows\$NtUninstallKB2378111_WM9$\wmp.dll
+ 2011-06-11 03:09 . 2004-08-04 10:00 13463552 c:\windows\$NtServicePackUninstall$\hwxjpn.dll
+ 2011-06-25 06:03 . 2011-06-25 06:03 11083776 c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\ieframe.dll
+ 2011-06-17 13:31 . 2011-04-25 16:09 11083776 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll
+ 2011-02-23 09:57 . 2011-02-23 09:57 11082752 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AOL Fast Start"="c:\program files\AOL Desktop 9.6\AOL.EXE" [2011-04-25 42320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-27 16844800]
"SkyTel"="SkyTel.EXE" [2007-08-03 1826816]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"HostManager"="c:\program files\Common Files\AOL\1310948168\ee\AOLSoftware.exe" [2010-03-08 41800]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AOL Desktop 9.6\\waol.exe"=
"c:\\Program Files\\AOL Desktop 9.6\\AOLBrowser\\aolbrowser.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\AOL\\1310948168\\ee\\aolsoftware.exe"=
.
R1 MpKslf8250f54;MpKslf8250f54;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKslf8250f54.sys [11/5/2011 2:30 PM 28752]
S1 MpKsl00e78c0b;MpKsl00e78c0b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsl00e78c0b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsl00e78c0b.sys [?]
S1 MpKsl07090f1d;MpKsl07090f1d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{08DAC112-0302-46AF-B25A-95B94F027620}\MpKsl07090f1d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{08DAC112-0302-46AF-B25A-95B94F027620}\MpKsl07090f1d.sys [?]
S1 MpKsl0cebd17a;MpKsl0cebd17a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{29AC5F71-D2D9-4CDB-9B28-81294F7E18AE}\MpKsl0cebd17a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{29AC5F71-D2D9-4CDB-9B28-81294F7E18AE}\MpKsl0cebd17a.sys [?]
S1 MpKsl0de37b66;MpKsl0de37b66;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl0de37b66.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl0de37b66.sys [?]
S1 MpKsl1488ce0a;MpKsl1488ce0a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKsl1488ce0a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKsl1488ce0a.sys [?]
S1 MpKsl1cda9331;MpKsl1cda9331;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE030093-AF6D-4A1E-A80D-7ED11FFD66B1}\MpKsl1cda9331.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE030093-AF6D-4A1E-A80D-7ED11FFD66B1}\MpKsl1cda9331.sys [?]
S1 MpKsl26ed2ab4;MpKsl26ed2ab4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8FFECE1F-8B13-467C-96FB-9692596B9CD8}\MpKsl26ed2ab4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8FFECE1F-8B13-467C-96FB-9692596B9CD8}\MpKsl26ed2ab4.sys [?]
S1 MpKsl2a45d52c;MpKsl2a45d52c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B9E8283A-8A83-4385-BB6F-6FF200C08BEC}\MpKsl2a45d52c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B9E8283A-8A83-4385-BB6F-6FF200C08BEC}\MpKsl2a45d52c.sys [?]
S1 MpKsl33a5cf38;MpKsl33a5cf38;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EB2BEB91-B926-47A0-B77A-D9F8BA41C187}\MpKsl33a5cf38.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EB2BEB91-B926-47A0-B77A-D9F8BA41C187}\MpKsl33a5cf38.sys [?]
S1 MpKsl3b67f5a8;MpKsl3b67f5a8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C1A47B2-91FE-4FEF-B5FD-CD2F06BD7B6A}\MpKsl3b67f5a8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C1A47B2-91FE-4FEF-B5FD-CD2F06BD7B6A}\MpKsl3b67f5a8.sys [?]
S1 MpKsl3da53e54;MpKsl3da53e54;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl3da53e54.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl3da53e54.sys [?]

S1 MpKsl3fece518;MpKsl3fece518;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ADEF602D-8349-4AAE-8520-ED15DF0D7CEF}\MpKsl3fece518.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ADEF602D-8349-4AAE-8520-ED15DF0D7CEF}\MpKsl3fece518.sys [?]
S1 MpKsl458ff97b;MpKsl458ff97b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DF0E4EED-EEA3-4AD2-A677-24AD140C6BAA}\MpKsl458ff97b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DF0E4EED-EEA3-4AD2-A677-24AD140C6BAA}\MpKsl458ff97b.sys [?]
S1 MpKsl4860a5d4;MpKsl4860a5d4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl4860a5d4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl4860a5d4.sys [?]
S1 MpKsl4a6b2414;MpKsl4a6b2414;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F737DD1C-4978-43A3-8421-D3B8F91DACA1}\MpKsl4a6b2414.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F737DD1C-4978-43A3-8421-D3B8F91DACA1}\MpKsl4a6b2414.sys [?]
S1 MpKsl55356870;MpKsl55356870;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl55356870.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl55356870.sys [?]
S1 MpKsl606e7c50;MpKsl606e7c50;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AA2F5340-53CF-4DE9-8B3B-A7F514E37B95}\MpKsl606e7c50.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AA2F5340-53CF-4DE9-8B3B-A7F514E37B95}\MpKsl606e7c50.sys [?]
S1 MpKsl6848d028;MpKsl6848d028;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl6848d028.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl6848d028.sys [?]
S1 MpKsl71cf44ef;MpKsl71cf44ef;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{353413A5-6F53-4B93-8218-0B35280AC7DD}\MpKsl71cf44ef.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{353413A5-6F53-4B93-8218-0B35280AC7DD}\MpKsl71cf44ef.sys [?]
S1 MpKsl738c1863;MpKsl738c1863;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F854C088-EADA-48EB-868F-F8BEE586E16B}\MpKsl738c1863.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F854C088-EADA-48EB-868F-F8BEE586E16B}\MpKsl738c1863.sys [?]
S1 MpKsl918987de;MpKsl918987de;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl918987de.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl918987de.sys [?]
S1 MpKsl99016750;MpKsl99016750;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65EBCF0C-7FCF-4BA6-8CC2-C75EAC230427}\MpKsl99016750.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65EBCF0C-7FCF-4BA6-8CC2-C75EAC230427}\MpKsl99016750.sys [?]
S1 MpKsl9ab0fab7;MpKsl9ab0fab7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{42530F11-1153-4226-9E53-DB61B7B9B1B4}\MpKsl9ab0fab7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{42530F11-1153-4226-9E53-DB61B7B9B1B4}\MpKsl9ab0fab7.sys [?]
S1 MpKsla0c5c1ab;MpKsla0c5c1ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsla0c5c1ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsla0c5c1ab.sys [?]
S1 MpKsla491fcd5;MpKsla491fcd5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsla491fcd5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsla491fcd5.sys [?]
S1 MpKsla4f0807f;MpKsla4f0807f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{22662182-ED83-4964-A0AD-DB4D74F230F8}\MpKsla4f0807f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{22662182-ED83-4964-A0AD-DB4D74F230F8}\MpKsla4f0807f.sys [?]
S1 MpKslb4e62bc4;MpKslb4e62bc4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKslb4e62bc4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKslb4e62bc4.sys [?]
S1 MpKslbac96f9f;MpKslbac96f9f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKslbac96f9f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKslbac96f9f.sys [?]
S1 MpKsld1c287cd;MpKsld1c287cd;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsld1c287cd.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsld1c287cd.sys [?]
S1 MpKsle1c7068a;MpKsle1c7068a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4CD59BD8-1103-4864-A039-20FE41C5B7AC}\MpKsle1c7068a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4CD59BD8-1103-4864-A039-20FE41C5B7AC}\MpKsle1c7068a.sys [?]
S1 MpKsle3ee5d2a;MpKsle3ee5d2a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F98F1C08-87CC-4AA3-9A8C-A29168F4750D}\MpKsle3ee5d2a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F98F1C08-87CC-4AA3-9A8C-A29168F4750D}\MpKsle3ee5d2a.sys [?]
S1 MpKsle5838301;MpKsle5838301;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F71430E1-FC05-43F6-BFA5-9EAA3E08165F}\MpKsle5838301.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F71430E1-FC05-43F6-BFA5-9EAA3E08165F}\MpKsle5838301.sys [?]
S1 MpKsle5b27ad0;MpKsle5b27ad0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{494A7174-EBB9-4ED8-A59C-B77631CC7041}\MpKsle5b27ad0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{494A7174-EBB9-4ED8-A59C-B77631CC7041}\MpKsle5b27ad0.sys [?]
S1 MpKsle826513d;MpKsle826513d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsle826513d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsle826513d.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/5/2011 11:16 AM 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5/5/2011 11:16 AM 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10/30/2011 12:53 PM 27064]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLF8250F54
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2011-11-05 c:\windows\Tasks\At1.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-05 c:\windows\Tasks\At2.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-05 c:\windows\Tasks\At3.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-05 c:\windows\Tasks\At4.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 16:16]
.
2011-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 16:16]
.
2011-11-05 c:\windows\Tasks\hpwebreg_CN0AF22KXT05D2.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\hpwebreg.exe [2010-06-14 22:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?invocationType=tb50ffTB50CL-chromesbox-en-us&query=
FF - prefs.js: browser.search.selectedEngine - AOL Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=20&systemid=2&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - %profile%\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - user.js: protocol-handler.warn-external.dnUpdate - false
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll
Toolbar-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll
Toolbar-10 - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-05 14:31
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1964)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\RTHDCPL.EXE
c:\program files\AOL Desktop 9.6\waol.exe
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\AOL Desktop 9.6\shellmon.exe
c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe
.
**************************************************************************
.
Completion time: 2011-11-05 14:34:58 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-05 19:34
.
Pre-Run: 140,469,592,064 bytes free
Post-Run: 140,520,538,112 bytes free
.
- - End Of File - - D30A9DA32C503685B31A886A07C5380C
 
Last edited by a moderator:
T

TryingToProve

New Member
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:04:44 PM, on 11/5/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\1310948168\ee\AOLSoftware.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\AOL Desktop 9.6\waol.exe
C:\Program Files\AOL Desktop 9.6\shellmon.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\ctfmon.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: (no name) - !{ba00b7b1-0351-477a-b948-23e3ee5a73d4} - (no file)
O3 - Toolbar: (no name) - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1310948168\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL Desktop 9.6\AOL.EXE" -b
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 5143 bytes
 
johnb35

johnb35

Administrator
Staff member
Much better. Just have HJT fix these entries.

O3 - Toolbar: (no name) - !{ba00b7b1-0351-477a-b948-23e3ee5a73d4} - (no file)
O3 - Toolbar: (no name) - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)


How's the system running now?
 
johnb35

johnb35

Administrator
Staff member
Make sure all windows are closed before clicking on fix checked. you are doing this on an administrator account correct?
 
johnb35

johnb35

Administrator
Staff member
Download OTL to your Desktop

Click on the green download box on that page to download OTL.

•Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

•Click on Minimal Output at the top

•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file.
 
T

TryingToProve

New Member
I did not get a chance to do the minimal thing. It just ran and scanned then the errors popped up & I copied and pasted to you what it found.
 
T

TryingToProve

New Member
I cannot get that regproclean off my computer. Please help. When I went to remove and uninstall it says it is running??? and its not on the task bar.

ComboFix 11-11-07.02 - QuentinAshleyAli 11/07/2011 4:21.7.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.895.564 [GMT -6:00]
Running from: c:\documents and settings\QuentinAshleyAli\My Documents\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\StartNow Toolbar
c:\program files\StartNow Toolbar\Resources\images\engine_images.png
c:\program files\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files\StartNow Toolbar\Resources\images\engine_news.png
c:\program files\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files\StartNow Toolbar\Resources\images\engine_web.png
c:\program files\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files\StartNow Toolbar\Resources\images\icon_games.png
c:\program files\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files\StartNow Toolbar\Resources\installer.xml
c:\program files\StartNow Toolbar\Resources\protect\index.html
c:\program files\StartNow Toolbar\Resources\protect\NotIE6.css
c:\program files\StartNow Toolbar\Resources\protect\OnlyIE6.css
c:\program files\StartNow Toolbar\Resources\protect\SearchProtectIcon.png
c:\program files\StartNow Toolbar\Resources\protect\window.css
c:\program files\StartNow Toolbar\Resources\protect\window.js
c:\program files\StartNow Toolbar\Resources\reactivate\index.html
c:\program files\StartNow Toolbar\Resources\reactivate\LeftImage.png
c:\program files\StartNow Toolbar\Resources\reactivate\NotIE6.css
c:\program files\StartNow Toolbar\Resources\reactivate\OnlyIE6.css
c:\program files\StartNow Toolbar\Resources\reactivate\window.css
c:\program files\StartNow Toolbar\Resources\reactivate\window.js
c:\program files\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_background.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_left.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files\StartNow Toolbar\Resources\skin\separator.png
c:\program files\StartNow Toolbar\Resources\skin\splitter.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files\StartNow Toolbar\Resources\toolbar.xml
c:\program files\StartNow Toolbar\Resources\update.xml
c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe
c:\program files\StartNow Toolbar\ToOLbar32.dll
c:\program files\StartNow Toolbar\ToolbarUpdaterService.exe
c:\program files\StartNow Toolbar\uninstall.dat
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_Updater_Service_for_StartNow_Toolbar
-------\Legacy_Updater_Service_for_StartNow_Toolbar
-------\Service_Updater Service for StartNow Toolbar
-------\Service_Updater Service for StartNow Toolbar
.
.
((((((((((((((((((((((((( Files Created from 2011-10-07 to 2011-11-07 )))))))))))))))))))))))))))))))
.
.
2011-11-07 10:28 . 2011-11-07 10:28 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKsl52b8a736.sys
2011-11-07 10:28 . 2011-11-07 10:28 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\offreg.dll
2011-11-07 07:57 . 2011-10-07 03:48 6668624 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\mpengine.dll
2011-11-07 02:14 . 2011-11-07 02:14 -------- d-----w- c:\documents and settings\QuentinAshleyAli\Application Data\Systweak
2011-11-07 02:14 . 2011-07-07 19:26 17280 ----a-w- c:\windows\system32\roboot.exe
2011-11-07 02:14 . 2011-11-07 02:15 -------- d-----w- c:\program files\YTDSETUP
2011-11-07 02:14 . 2011-11-07 02:31 -------- d-----w- c:\program files\RegClean Pro
2011-10-30 18:01 . 2011-10-30 18:01 -------- d-----w- c:\documents and settings\Administrator
2011-10-30 17:53 . 2011-10-30 17:53 -------- d-----w- c:\documents and settings\QuentinAshleyAli\Local Settings\Application Data\VS Revo Group
2011-10-30 17:53 . 2009-12-30 16:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 15:47 . 2011-09-05 18:42 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-07 03:48 . 2011-02-08 12:11 6668624 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-26 16:41 . 2011-09-26 16:41 611328 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 16:41 . 2004-08-04 10:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 16:41 . 2004-08-04 10:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12 . 2004-08-04 10:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20 . 2004-08-04 10:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 22:00 . 2011-05-16 14:02 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-22 23:48 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-04 10:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((( SnapShot_2011-11-05_19.31.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-07 10:28 . 2011-11-07 10:28 16384 c:\windows\temp\Perflib_Perfdata_234.dat
+ 2004-08-04 10:00 . 2011-11-06 15:04 40836 c:\windows\system32\perfc009.dat
- 2004-08-04 10:00 . 2011-06-11 04:12 40836 c:\windows\system32\perfc009.dat
+ 2004-08-04 10:00 . 2011-11-06 15:04 314508 c:\windows\system32\perfh009.dat
- 2004-08-04 10:00 . 2011-06-11 04:12 314508 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RDReminder"="c:\program files\RegClean Pro\RegCleanPro.exe" [2011-07-07 7734656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-27 16844800]
"SkyTel"="SkyTel.EXE" [2007-08-03 1826816]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"HostManager"="c:\program files\Common Files\AOL\1310948168\ee\AOLSoftware.exe" [2010-03-08 41800]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AOL Desktop 9.6\\waol.exe"=
"c:\\Program Files\\AOL Desktop 9.6\\AOLBrowser\\aolbrowser.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\AOL\\1310948168\\ee\\aolsoftware.exe"=
.
R1 MpKsl52b8a736;MpKsl52b8a736;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKsl52b8a736.sys [11/7/2011 4:28 AM 28752]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5/16/2011 8:02 AM 366152]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5/16/2011 8:02 AM 22216]
S1 MpKsl00e78c0b;MpKsl00e78c0b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsl00e78c0b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsl00e78c0b.sys [?]
S1 MpKsl07090f1d;MpKsl07090f1d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{08DAC112-0302-46AF-B25A-95B94F027620}\MpKsl07090f1d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{08DAC112-0302-46AF-B25A-95B94F027620}\MpKsl07090f1d.sys [?]
S1 MpKsl0cebd17a;MpKsl0cebd17a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{29AC5F71-D2D9-4CDB-9B28-81294F7E18AE}\MpKsl0cebd17a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{29AC5F71-D2D9-4CDB-9B28-81294F7E18AE}\MpKsl0cebd17a.sys [?]
S1 MpKsl0de37b66;MpKsl0de37b66;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl0de37b66.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl0de37b66.sys [?]
S1 MpKsl1488ce0a;MpKsl1488ce0a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKsl1488ce0a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKsl1488ce0a.sys [?]
S1 MpKsl1cda9331;MpKsl1cda9331;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE030093-AF6D-4A1E-A80D-7ED11FFD66B1}\MpKsl1cda9331.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE030093-AF6D-4A1E-A80D-7ED11FFD66B1}\MpKsl1cda9331.sys [?]
S1 MpKsl26ed2ab4;MpKsl26ed2ab4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8FFECE1F-8B13-467C-96FB-9692596B9CD8}\MpKsl26ed2ab4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8FFECE1F-8B13-467C-96FB-9692596B9CD8}\MpKsl26ed2ab4.sys [?]
S1 MpKsl2a45d52c;MpKsl2a45d52c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B9E8283A-8A83-4385-BB6F-6FF200C08BEC}\MpKsl2a45d52c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B9E8283A-8A83-4385-BB6F-6FF200C08BEC}\MpKsl2a45d52c.sys [?]
S1 MpKsl33a5cf38;MpKsl33a5cf38;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EB2BEB91-B926-47A0-B77A-D9F8BA41C187}\MpKsl33a5cf38.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EB2BEB91-B926-47A0-B77A-D9F8BA41C187}\MpKsl33a5cf38.sys [?]
S1 MpKsl3b67f5a8;MpKsl3b67f5a8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C1A47B2-91FE-4FEF-B5FD-CD2F06BD7B6A}\MpKsl3b67f5a8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C1A47B2-91FE-4FEF-B5FD-CD2F06BD7B6A}\MpKsl3b67f5a8.sys [?]
S1 MpKsl3da53e54;MpKsl3da53e54;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl3da53e54.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl3da53e54.sys [?]
S1 MpKsl3fece518;MpKsl3fece518;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ADEF602D-8349-4AAE-8520-ED15DF0D7CEF}\MpKsl3fece518.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ADEF602D-8349-4AAE-8520-ED15DF0D7CEF}\MpKsl3fece518.sys [?]
S1 MpKsl458ff97b;MpKsl458ff97b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DF0E4EED-EEA3-4AD2-A677-24AD140C6BAA}\MpKsl458ff97b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DF0E4EED-EEA3-4AD2-A677-24AD140C6BAA}\MpKsl458ff97b.sys [?]
S1 MpKsl4860a5d4;MpKsl4860a5d4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl4860a5d4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl4860a5d4.sys [?]
S1 MpKsl4a6b2414;MpKsl4a6b2414;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F737DD1C-4978-43A3-8421-D3B8F91DACA1}\MpKsl4a6b2414.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F737DD1C-4978-43A3-8421-D3B8F91DACA1}\MpKsl4a6b2414.sys [?]
S1 MpKsl55356870;MpKsl55356870;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl55356870.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl55356870.sys [?]
S1 MpKsl5b7a2392;MpKsl5b7a2392;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKsl5b7a2392.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKsl5b7a2392.sys [?]
S1 MpKsl606e7c50;MpKsl606e7c50;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AA2F5340-53CF-4DE9-8B3B-A7F514E37B95}\MpKsl606e7c50.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AA2F5340-53CF-4DE9-8B3B-A7F514E37B95}\MpKsl606e7c50.sys [?]
S1 MpKsl6848d028;MpKsl6848d028;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl6848d028.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl6848d028.sys [?]
S1 MpKsl71cf44ef;MpKsl71cf44ef;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{353413A5-6F53-4B93-8218-0B35280AC7DD}\MpKsl71cf44ef.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{353413A5-6F53-4B93-8218-0B35280AC7DD}\MpKsl71cf44ef.sys [?]
S1 MpKsl738c1863;MpKsl738c1863;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F854C088-EADA-48EB-868F-F8BEE586E16B}\MpKsl738c1863.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F854C088-EADA-48EB-868F-F8BEE586E16B}\MpKsl738c1863.sys [?]
S1 MpKsl918987de;MpKsl918987de;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl918987de.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl918987de.sys [?]
S1 MpKsl99016750;MpKsl99016750;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65EBCF0C-7FCF-4BA6-8CC2-C75EAC230427}\MpKsl99016750.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65EBCF0C-7FCF-4BA6-8CC2-C75EAC230427}\MpKsl99016750.sys [?]
S1 MpKsl9ab0fab7;MpKsl9ab0fab7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{42530F11-1153-4226-9E53-DB61B7B9B1B4}\MpKsl9ab0fab7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{42530F11-1153-4226-9E53-DB61B7B9B1B4}\MpKsl9ab0fab7.sys [?]
S1 MpKsla0c5c1ab;MpKsla0c5c1ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsla0c5c1ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsla0c5c1ab.sys [?]
S1 MpKsla491fcd5;MpKsla491fcd5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsla491fcd5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsla491fcd5.sys [?]
S1 MpKsla4f0807f;MpKsla4f0807f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{22662182-ED83-4964-A0AD-DB4D74F230F8}\MpKsla4f0807f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{22662182-ED83-4964-A0AD-DB4D74F230F8}\MpKsla4f0807f.sys [?]
S1 MpKslb4e62bc4;MpKslb4e62bc4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKslb4e62bc4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKslb4e62bc4.sys [?]
S1 MpKslbac96f9f;MpKslbac96f9f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKslbac96f9f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKslbac96f9f.sys [?]
S1 MpKslc51e4b47;MpKslc51e4b47;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKslc51e4b47.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKslc51e4b47.sys [?]
S1 MpKsld1c287cd;MpKsld1c287cd;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsld1c287cd.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsld1c287cd.sys [?]
S1 MpKsle1c7068a;MpKsle1c7068a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4CD59BD8-1103-4864-A039-20FE41C5B7AC}\MpKsle1c7068a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4CD59BD8-1103-4864-A039-20FE41C5B7AC}\MpKsle1c7068a.sys [?]
S1 MpKsle3ee5d2a;MpKsle3ee5d2a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F98F1C08-87CC-4AA3-9A8C-A29168F4750D}\MpKsle3ee5d2a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F98F1C08-87CC-4AA3-9A8C-A29168F4750D}\MpKsle3ee5d2a.sys [?]
S1 MpKsle5838301;MpKsle5838301;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F71430E1-FC05-43F6-BFA5-9EAA3E08165F}\MpKsle5838301.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F71430E1-FC05-43F6-BFA5-9EAA3E08165F}\MpKsle5838301.sys [?]
S1 MpKsle5b27ad0;MpKsle5b27ad0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{494A7174-EBB9-4ED8-A59C-B77631CC7041}\MpKsle5b27ad0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{494A7174-EBB9-4ED8-A59C-B77631CC7041}\MpKsle5b27ad0.sys [?]
S1 MpKsle826513d;MpKsle826513d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsle826513d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsle826513d.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/5/2011 10:16 AM 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5/5/2011 10:16 AM 136176]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10/30/2011 11:53 AM 27064]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL52B8A736
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2011-11-06 c:\windows\Tasks\At1.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-07 c:\windows\Tasks\At2.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-07 c:\windows\Tasks\At3.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-06 c:\windows\Tasks\At4.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 16:16]
.
2011-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 16:16]
.
2011-11-06 c:\windows\Tasks\hpwebreg_CN0AF22KXT05D2.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\hpwebreg.exe [2010-06-14 22:10]
.
2011-11-07 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
.
2011-11-07 c:\windows\Tasks\RegClean Pro_DEFAULT.job
- c:\program files\RegClean Pro\RegCleanPro.exe [2011-11-07 19:26]
.
2011-11-07 c:\windows\Tasks\RegClean Pro_UPDATES.job
- c:\program files\RegClean Pro\RegCleanPro.exe [2011-11-07 19:26]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?invocationType=tb50ffTB50CL-chromesbox-en-us&query=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z137&install_date=20111107
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z137&form=ZGAADF&install_date=20111107&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - %profile%\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - user.js: protocol-handler.warn-external.dnUpdate - false
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-StartNowToolbarHelper - c:\program files\StartNow Toolbar\ToolbarHelper.exe
AddRemove-StartNow Toolbar - c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-07 04:28
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1840)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\progra~1\MICROS~3\OFFICE11\MCPS.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\RTHDCPL.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Completion time: 2011-11-07 04:32:26 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-07 10:32
ComboFix2.txt 2011-11-05 19:35
.
Pre-Run: 140,566,941,696 bytes free
Post-Run: 140,570,611,712 bytes free
.
- - End Of File - - F3F539A12047A8552EDD5A55849CC584
 
T

TryingToProve

New Member
Here is the OTL Log. Sorry it has been a few weeks. I just now found the time to do it.

OTL logfile created on: 11/20/2011 10:27:55 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\QuentinAshleyAli\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

895.48 Mb Total Physical Memory | 460.47 Mb Available Physical Memory | 51.42% Memory free
2.12 Gb Paging File | 1.70 Gb Available in Paging File | 80.46% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 130.46 Gb Free Space | 87.53% Space Free | Partition Type: NTFS

Computer Name: ASHLEY-F3EDA773 | User Name: QuentinAshleyAli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\QuentinAshleyAli\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\AOL Desktop 9.6\waol.exe (AOL Inc.)
PRC - C:\Program Files\AOL Desktop 9.6\shellmon.exe (AOL Inc.)
PRC - C:\Program Files\Common Files\AOL\1310948168\ee\aolsoftware.exe (AOL Inc.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\AOL\acs\AOLacsd.exe (AOL LLC)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Mozilla Firefox\js3250.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\AOL Desktop 9.6\zlib.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()


========== Win32 Services (SafeList) ==========

SRV - (stllssvr) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC)


========== Driver Services (SafeList) ==========

DRV - (MpKsld2d84017) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1831CF62-8029-422B-AD2D-3345E8CC2404}\MpKsld2d84017.sys (Microsoft Corporation)
DRV - (MpKsl4fc3dac6) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1831CF62-8029-422B-AD2D-3345E8CC2404}\MpKsl4fc3dac6.sys (Microsoft Corporation)
DRV - (MpKsl3f87ab82) -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1831CF62-8029-422B-AD2D-3345E8CC2404}\MpKsl3f87ab82.sys (Microsoft Corporation)
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Revoflt) -- C:\WINDOWS\system32\drivers\revoflt.sys (VS Revo Group)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=Z137&install_date=20111107
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE 93 ED 36 DC C9 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/aolcom/search?invocationType=tb50ffTB50CL-chromesbox-en-us&query="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?pc=Z137&install_date=20111107"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.3.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z137&form=ZGAADF&install_date=20111107&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/09 13:42:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/09 05:31:06 | 000,000,000 | ---D | M]

[2011/10/30 11:49:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Mozilla\Extensions
[2011/11/20 09:27:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions
[2011/11/06 20:15:05 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2011/09/05 12:42:26 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/30 08:48:02 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2011/07/10 15:19:12 | 000,002,352 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\searchplugins\aol-search.xml
[2010/09/14 06:48:25 | 000,002,506 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\searchplugins\BearShareWebSearch.xml
[2011/11/06 20:15:01 | 000,001,945 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\searchplugins\bing-zugo.xml
[2011/07/15 18:26:12 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\searchplugins\SearchResults.xml
[2011/11/19 18:00:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/07 17:16:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/07/11 08:11:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
[2009/12/12 18:58:33 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/10 14:20:26 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/02/10 14:20:26 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2009/11/19 16:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/19 16:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/09/14 06:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2011/02/07 08:16:39 | 000,001,919 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing-zugo.xml
[2011/09/30 08:44:18 | 000,003,803 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MyHeritage.xml
[2011/07/15 18:26:12 | 000,002,495 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Documents and Settings\QuentinAshleyAli\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: No name found = C:\Documents and Settings\QuentinAshleyAli\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2011/11/07 04:28:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - !{ba00b7b1-0351-477a-b948-23e3ee5a73d4} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1310948168\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL Desktop 9.6\AOL.EXE (AOL Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{211BB749-EC0C-4B69-A26C-234235E22451}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/03 17:18:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/17 12:38:11 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/11/07 04:50:56 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/11/06 20:14:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Systweak
[2011/11/06 20:14:48 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2011/11/06 20:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\YTDSETUP
[2011/11/05 13:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QuentinAshleyAli\My Documents\A2-FOUNDATIONPLAN
[2011/11/03 10:31:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QuentinAshleyAli\My Documents\FLOORPLAN 2
[2011/10/30 11:57:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\QuentinAshleyAli\Recent
[2011/10/30 11:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QuentinAshleyAli\Local Settings\Application Data\VS Revo Group
[2011/10/30 11:53:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2011/10/30 11:53:04 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2011/10/30 11:51:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QuentinAshleyAli\Start Menu\Programs\Revo Uninstaller
[2011/10/21 10:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\QuentinAshleyAli\My Documents\FLOORPLAN
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/20 10:10:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2011/11/20 09:46:00 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/20 09:46:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/20 09:21:55 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/11/20 09:17:47 | 000,068,264 | ---- | M] () -- C:\VETlog.dmp
[2011/11/20 09:17:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/20 05:39:00 | 000,000,666 | ---- | M] () -- C:\WINDOWS\tasks\hpwebreg_CN0AF22KXT05D2.job
[2011/11/19 23:28:41 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/19 22:55:32 | 000,002,481 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\Desktop\ChartNet Client 4.10.lnk
[2011/11/19 22:29:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/19 22:17:58 | 000,136,998 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\0607110821a6.jpg
[2011/11/19 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/11/19 19:32:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/11/19 17:50:15 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/19 14:00:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/11/19 08:19:20 | 000,018,944 | ---- | M] () -- C:\ads_err.adi
[2011/11/19 08:19:18 | 001,027,624 | ---- | M] () -- C:\ads_err.adt
[2011/11/17 12:44:05 | 000,299,054 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\0207101629.3g2
[2011/11/17 12:37:35 | 000,037,376 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/17 10:48:23 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/11/10 03:04:57 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/07 21:11:33 | 000,079,169 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1107111755.3g2
[2011/11/07 04:50:56 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/11/07 04:28:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/11/06 09:04:47 | 000,314,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/06 09:04:47 | 000,040,836 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/05 19:26:44 | 000,002,469 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\Desktop\HiJackThis.lnk
[2011/11/05 13:18:09 | 000,000,990 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\Desktop\Shortcut to ComboFix.lnk
[2011/11/05 13:08:13 | 001,316,685 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\A2-FOUNDATIONPLAN.zip
[2011/11/04 05:12:28 | 000,190,621 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\FLOORPLAN.zip
[2011/11/03 10:31:35 | 000,248,242 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\FLOORPLAN 2.zip
[2011/11/02 07:29:23 | 000,069,363 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\FLOORPLAN revised new.pdf
[2011/10/31 18:24:18 | 000,069,170 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1031111732.3g2
[2011/10/31 08:23:17 | 000,080,295 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1031110910.jpg
[2011/10/31 05:38:16 | 000,073,938 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\PRELIMINARYFLOORPLAN2011-10-30.pdf
[2011/10/30 11:53:07 | 000,000,943 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011/10/30 11:53:07 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2011/10/30 11:51:19 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\Desktop\Revo Uninstaller.lnk
[2011/10/29 18:20:10 | 000,207,731 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1029111657.3g2
[2011/10/25 13:24:44 | 000,075,824 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\FLOORPLAN.pdf
[2011/10/24 16:29:31 | 000,370,922 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1024111703.3g2
[2011/10/21 17:50:24 | 000,362,620 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1021111742a.3g2
[2011/10/21 10:45:26 | 001,094,576 | ---- | M] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\T159643-1.pdf
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/17 12:44:03 | 000,299,054 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\0207101629.3g2
[2011/11/10 03:04:55 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/11/07 21:11:32 | 000,079,169 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1107111755.3g2
[2011/11/05 13:39:13 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/11/05 13:18:09 | 000,000,990 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\Desktop\Shortcut to ComboFix.lnk
[2011/11/05 13:08:07 | 001,316,685 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\A2-FOUNDATIONPLAN.zip
[2011/11/03 10:31:32 | 000,248,242 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\FLOORPLAN 2.zip
[2011/11/02 07:29:22 | 000,069,363 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\FLOORPLAN revised new.pdf
[2011/10/31 18:24:17 | 000,069,170 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1031111732.3g2
[2011/10/31 08:14:07 | 000,080,295 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1031110910.jpg
[2011/10/31 05:38:15 | 000,073,938 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\PRELIMINARYFLOORPLAN2011-10-30.pdf
[2011/10/30 11:53:07 | 000,000,943 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011/10/30 11:53:07 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2011/10/29 18:20:09 | 000,207,731 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1029111657.3g2
[2011/10/24 16:29:22 | 000,370,922 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1024111703.3g2
[2011/10/21 17:50:22 | 000,362,620 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\1021111742a.3g2
[2011/10/21 10:58:31 | 000,075,824 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\FLOORPLAN.pdf
[2011/10/21 10:55:43 | 000,190,621 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\FLOORPLAN.zip
[2011/10/21 10:45:22 | 001,094,576 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\My Documents\T159643-1.pdf
[2011/06/03 04:37:44 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/06/03 03:45:26 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\18276132
[2011/06/01 17:09:26 | 000,009,006 | -HS- | C] () -- C:\Documents and Settings\QuentinAshleyAli\Local Settings\Application Data\6r1043817wg41hmvm1euryts4pr04508b0271rx
[2011/06/01 17:09:26 | 000,009,006 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\6r1043817wg41hmvm1euryts4pr04508b0271rx
[2011/03/14 14:57:14 | 000,000,006 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2011/03/04 19:15:44 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/28 15:01:10 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/02/23 05:44:05 | 000,043,740 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/09 13:38:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\QuentinAshleyAli\Application Data\wklnhst.dat
[2011/02/07 15:41:26 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/02/07 15:41:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/02/07 15:41:26 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/02/07 15:41:26 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/02/07 15:41:26 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/01/01 21:35:01 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2009/12/05 12:48:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/04 14:39:37 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/12/04 14:01:05 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/12/04 10:18:05 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/12/03 17:30:22 | 000,000,167 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/12/03 17:19:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/12/03 17:15:39 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/12/03 02:10:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/12/03 02:09:25 | 000,223,224 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/03/22 12:48:43 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 12:48:43 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 04:00:00 | 000,314,508 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 04:00:00 | 000,040,836 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 04:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/01/27 06:13:02 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib_dec.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2011/02/06 21:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/02/06 21:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/07/15 19:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2009/12/05 10:06:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/01/01 22:52:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/02/07 15:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/05/17 13:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2011/02/05 22:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/07/15 18:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/02/06 13:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QuentinAshleyAli\Application Data\AnyModalEdit
[2011/03/04 19:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QuentinAshleyAli\Application Data\bsbandmltbpi
[2011/02/10 14:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Catalina Marketing Corp
[2011/11/20 00:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QuentinAshleyAli\Application Data\chartnet
[2011/06/01 17:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QuentinAshleyAli\Application Data\NCH Swift Sound
[2011/11/07 04:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Systweak
[2011/02/06 19:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QuentinAshleyAli\Application Data\Viewpoint
[2011/11/20 10:10:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2011/11/19 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2011/11/19 19:32:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2011/11/19 14:00:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2011/11/20 09:21:55 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



< End of report >
 
T

TryingToProve

New Member
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8198

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/20/2011 11:11:09 AM
mbam-log-2011-11-20 (11-11-09).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 232646
Time elapsed: 32 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files\YTDSETUP\trafficspace.exe (PUP.Zugo) -> Quarantined and deleted successfully.
 
T

TryingToProve

New Member
ComboFix 11-11-20.01 - QuentinAshleyAli 11/20/2011 11:22:47.9.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.895.543 [GMT -6:00]
Running from: c:\documents and settings\QuentinAshleyAli\My Documents\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome.manifest
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\bar.js
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\bar.xul
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\buttons.js
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\constants.js
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\events.js
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\globals.js
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\htmldialog.js
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\htmldialog.xul
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\htmldropdown.xul
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\init.js
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_images.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_maps.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_news.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_videos.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_web.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_amazon.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_ebay.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_facebook.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_games.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_msn.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_shopping.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_travel.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_twitter.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\startnow_logo.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\installer.xml
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\protect\index.html
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\protect\NotIE6.css
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\protect\OnlyIE6.css
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\protect\SearchProtectIcon.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\protect\Web.config
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\protect\window.css
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\protect\window.js
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\reactivate\index.html
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\reactivate\LeftImage.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\reactivate\NotIE6.css
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\reactivate\OnlyIE6.css
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\reactivate\window.css
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\reactivate\window.js
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\chevron_button.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_button_hover.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_button_normal.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_dropdown_button_normal.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_background.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_left.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_middle.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\separator.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\splitter.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ff_hover_c.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_c.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_l.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_r.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_c.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_l.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_r.png
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\toolbar.xml
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\locale\en-US\{5911488E-9D1E-40ec-8CBB-06B231CC153F}.dtd
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\skin\overlay.css
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\install.rdf
c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\searchplugins\bing-zugo.xml
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_COMSYSAPP
-------\Service_COMSysApp
.
.
((((((((((((((((((((((((( Files Created from 2011-10-20 to 2011-11-20 )))))))))))))))))))))))))))))))
.
.
2011-11-20 17:28 . 2011-11-20 17:28 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1831CF62-8029-422B-AD2D-3345E8CC2404}\MpKsl906f855c.sys
2011-11-20 17:28 . 2011-11-20 17:28 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1831CF62-8029-422B-AD2D-3345E8CC2404}\offreg.dll
2011-11-20 08:30 . 2011-10-07 03:48 6668624 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1831CF62-8029-422B-AD2D-3345E8CC2404}\mpengine.dll
2011-11-07 02:14 . 2011-11-07 10:34 -------- d-----w- c:\documents and settings\QuentinAshleyAli\Application Data\Systweak
2011-11-07 02:14 . 2011-07-07 19:26 17280 ----a-w- c:\windows\system32\roboot.exe
2011-11-07 02:14 . 2011-11-20 17:11 -------- d-----w- c:\program files\YTDSETUP
2011-10-30 18:01 . 2011-10-30 18:01 -------- d-----w- c:\documents and settings\Administrator
2011-10-30 17:53 . 2011-10-30 17:53 -------- d-----w- c:\documents and settings\QuentinAshleyAli\Local Settings\Application Data\VS Revo Group
2011-10-30 17:53 . 2009-12-30 16:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-10 14:22 . 2009-12-03 23:15 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-07 03:48 . 2011-02-08 12:11 6668624 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-28 07:06 . 2004-08-04 10:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 16:41 . 2011-09-26 16:41 611328 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 16:41 . 2004-08-04 10:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 16:41 . 2004-08-04 10:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 13:20 . 2004-08-04 10:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 22:00 . 2011-05-16 14:02 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-22 23:48 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
.
.
((((((((((((((((((((((((((((( SnapShot_2011-11-05_19.31.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-20 17:29 . 2011-11-20 17:29 16384 c:\windows\temp\Perflib_Perfdata_17c.dat
+ 2010-08-21 01:30 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
- 2010-08-21 01:30 . 2011-08-12 18:51 17272 c:\windows\system32\spmsg.dll
+ 2004-08-04 10:00 . 2011-11-06 15:04 40836 c:\windows\system32\perfc009.dat
- 2004-08-04 10:00 . 2011-06-11 04:12 40836 c:\windows\system32\perfc009.dat
+ 2009-12-04 20:00 . 2011-11-10 09:01 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2004-08-04 10:00 . 2011-11-06 15:04 314508 c:\windows\system32\perfh009.dat
- 2004-08-04 10:00 . 2011-06-11 04:12 314508 c:\windows\system32\perfh009.dat
- 2009-12-05 15:20 . 2011-05-02 15:31 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-12-05 15:20 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2011-09-03 10:17 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
- 2011-09-03 10:17 . 2011-09-09 09:12 599040 c:\windows\system32\dllcache\crypt32.dll
- 2009-12-04 20:00 . 2011-10-12 08:00 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-12-04 20:00 . 2011-11-10 09:01 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2009-12-04 20:00 . 2011-10-12 08:00 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2011-11-03 19:31 . 2011-11-03 19:31 5525504 c:\windows\Installer\2da253f.msp
+ 2009-12-05 01:45 . 2011-11-10 09:01 50295240 c:\windows\system32\MRT.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AOL Fast Start"="c:\program files\AOL Desktop 9.6\AOL.EXE" [2011-04-25 42320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-27 16844800]
"SkyTel"="SkyTel.EXE" [2007-08-03 1826816]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"HostManager"="c:\program files\Common Files\AOL\1310948168\ee\AOLSoftware.exe" [2010-03-08 41800]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AOL Desktop 9.6\\waol.exe"=
"c:\\Program Files\\AOL Desktop 9.6\\AOLBrowser\\aolbrowser.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\AOL\\1310948168\\ee\\aolsoftware.exe"=
.
R1 MpKsl906f855c;MpKsl906f855c;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1831CF62-8029-422B-AD2D-3345E8CC2404}\MpKsl906f855c.sys [11/20/2011 11:28 AM 28752]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5/16/2011 8:02 AM 366152]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5/16/2011 8:02 AM 22216]
S1 MpKsl00e78c0b;MpKsl00e78c0b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsl00e78c0b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsl00e78c0b.sys [?]
S1 MpKsl07090f1d;MpKsl07090f1d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{08DAC112-0302-46AF-B25A-95B94F027620}\MpKsl07090f1d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{08DAC112-0302-46AF-B25A-95B94F027620}\MpKsl07090f1d.sys [?]
S1 MpKsl0878e9c4;MpKsl0878e9c4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6263D13C-D870-4466-8924-2C7C8BA9C41C}\MpKsl0878e9c4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6263D13C-D870-4466-8924-2C7C8BA9C41C}\MpKsl0878e9c4.sys [?]
S1 MpKsl0a693b83;MpKsl0a693b83;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E3462757-4458-426F-837D-A5CC15ED83BA}\MpKsl0a693b83.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E3462757-4458-426F-837D-A5CC15ED83BA}\MpKsl0a693b83.sys [?]
S1 MpKsl0cebd17a;MpKsl0cebd17a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{29AC5F71-D2D9-4CDB-9B28-81294F7E18AE}\MpKsl0cebd17a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{29AC5F71-D2D9-4CDB-9B28-81294F7E18AE}\MpKsl0cebd17a.sys [?]
S1 MpKsl0de37b66;MpKsl0de37b66;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl0de37b66.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl0de37b66.sys [?]
S1 MpKsl135967b3;MpKsl135967b3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFE04494-753E-4BFB-B7A9-8D12D8F7C2A0}\MpKsl135967b3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFE04494-753E-4BFB-B7A9-8D12D8F7C2A0}\MpKsl135967b3.sys [?]
S1 MpKsl1488ce0a;MpKsl1488ce0a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKsl1488ce0a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKsl1488ce0a.sys [?]
S1 MpKsl1cda9331;MpKsl1cda9331;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE030093-AF6D-4A1E-A80D-7ED11FFD66B1}\MpKsl1cda9331.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CE030093-AF6D-4A1E-A80D-7ED11FFD66B1}\MpKsl1cda9331.sys [?]
S1 MpKsl26ed2ab4;MpKsl26ed2ab4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8FFECE1F-8B13-467C-96FB-9692596B9CD8}\MpKsl26ed2ab4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8FFECE1F-8B13-467C-96FB-9692596B9CD8}\MpKsl26ed2ab4.sys [?]
S1 MpKsl2a45d52c;MpKsl2a45d52c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B9E8283A-8A83-4385-BB6F-6FF200C08BEC}\MpKsl2a45d52c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B9E8283A-8A83-4385-BB6F-6FF200C08BEC}\MpKsl2a45d52c.sys [?]
S1 MpKsl33a5cf38;MpKsl33a5cf38;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EB2BEB91-B926-47A0-B77A-D9F8BA41C187}\MpKsl33a5cf38.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EB2BEB91-B926-47A0-B77A-D9F8BA41C187}\MpKsl33a5cf38.sys [?]
S1 MpKsl36a4a6d7;MpKsl36a4a6d7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKsl36a4a6d7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKsl36a4a6d7.sys [?]
S1 MpKsl3b67f5a8;MpKsl3b67f5a8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C1A47B2-91FE-4FEF-B5FD-CD2F06BD7B6A}\MpKsl3b67f5a8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C1A47B2-91FE-4FEF-B5FD-CD2F06BD7B6A}\MpKsl3b67f5a8.sys [?]
S1 MpKsl3da53e54;MpKsl3da53e54;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl3da53e54.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl3da53e54.sys [?]
S1 MpKsl3fece518;MpKsl3fece518;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ADEF602D-8349-4AAE-8520-ED15DF0D7CEF}\MpKsl3fece518.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{ADEF602D-8349-4AAE-8520-ED15DF0D7CEF}\MpKsl3fece518.sys [?]
S1 MpKsl4358232c;MpKsl4358232c;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1831CF62-8029-422B-AD2D-3345E8CC2404}\MpKsl4358232c.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1831CF62-8029-422B-AD2D-3345E8CC2404}\MpKsl4358232c.sys [?]
S1 MpKsl458ff97b;MpKsl458ff97b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DF0E4EED-EEA3-4AD2-A677-24AD140C6BAA}\MpKsl458ff97b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DF0E4EED-EEA3-4AD2-A677-24AD140C6BAA}\MpKsl458ff97b.sys [?]
S1 MpKsl4860a5d4;MpKsl4860a5d4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl4860a5d4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl4860a5d4.sys [?]
S1 MpKsl4a6b2414;MpKsl4a6b2414;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F737DD1C-4978-43A3-8421-D3B8F91DACA1}\MpKsl4a6b2414.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F737DD1C-4978-43A3-8421-D3B8F91DACA1}\MpKsl4a6b2414.sys [?]
S1 MpKsl5127d145;MpKsl5127d145;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFE04494-753E-4BFB-B7A9-8D12D8F7C2A0}\MpKsl5127d145.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AFE04494-753E-4BFB-B7A9-8D12D8F7C2A0}\MpKsl5127d145.sys [?]
S1 MpKsl55356870;MpKsl55356870;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl55356870.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKsl55356870.sys [?]
S1 MpKsl5b7a2392;MpKsl5b7a2392;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKsl5b7a2392.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKsl5b7a2392.sys [?]
S1 MpKsl606e7c50;MpKsl606e7c50;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AA2F5340-53CF-4DE9-8B3B-A7F514E37B95}\MpKsl606e7c50.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{AA2F5340-53CF-4DE9-8B3B-A7F514E37B95}\MpKsl606e7c50.sys [?]
S1 MpKsl6848d028;MpKsl6848d028;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl6848d028.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D8875BD-C16C-4053-A4E2-20CE23AD67C3}\MpKsl6848d028.sys [?]
S1 MpKsl694171bf;MpKsl694171bf;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA8B662D-EEF0-4D10-AD72-F384C5BC978C}\MpKsl694171bf.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CA8B662D-EEF0-4D10-AD72-F384C5BC978C}\MpKsl694171bf.sys [?]
S1 MpKsl71cf44ef;MpKsl71cf44ef;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{353413A5-6F53-4B93-8218-0B35280AC7DD}\MpKsl71cf44ef.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{353413A5-6F53-4B93-8218-0B35280AC7DD}\MpKsl71cf44ef.sys [?]
S1 MpKsl738c1863;MpKsl738c1863;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F854C088-EADA-48EB-868F-F8BEE586E16B}\MpKsl738c1863.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F854C088-EADA-48EB-868F-F8BEE586E16B}\MpKsl738c1863.sys [?]
S1 MpKsl918987de;MpKsl918987de;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl918987de.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsl918987de.sys [?]
S1 MpKsl99016750;MpKsl99016750;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65EBCF0C-7FCF-4BA6-8CC2-C75EAC230427}\MpKsl99016750.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65EBCF0C-7FCF-4BA6-8CC2-C75EAC230427}\MpKsl99016750.sys [?]
S1 MpKsl9ab0fab7;MpKsl9ab0fab7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{42530F11-1153-4226-9E53-DB61B7B9B1B4}\MpKsl9ab0fab7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{42530F11-1153-4226-9E53-DB61B7B9B1B4}\MpKsl9ab0fab7.sys [?]
S1 MpKsla0c5c1ab;MpKsla0c5c1ab;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsla0c5c1ab.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsla0c5c1ab.sys [?]
S1 MpKsla491fcd5;MpKsla491fcd5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsla491fcd5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A8262AE-8804-4054-9CD1-05DB01B555AB}\MpKsla491fcd5.sys [?]
S1 MpKsla4f0807f;MpKsla4f0807f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{22662182-ED83-4964-A0AD-DB4D74F230F8}\MpKsla4f0807f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{22662182-ED83-4964-A0AD-DB4D74F230F8}\MpKsla4f0807f.sys [?]
S1 MpKslae6873d0;MpKslae6873d0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F0DC775-EDF5-4084-810D-D55F4A348FAF}\MpKslae6873d0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F0DC775-EDF5-4084-810D-D55F4A348FAF}\MpKslae6873d0.sys [?]
S1 MpKslb4e62bc4;MpKslb4e62bc4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKslb4e62bc4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4D4BCCC3-36FF-4B2E-A928-D5B15345401D}\MpKslb4e62bc4.sys [?]
S1 MpKslbac96f9f;MpKslbac96f9f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKslbac96f9f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5EB23607-FAB3-4B2F-BA4F-0DEE45DB76AC}\MpKslbac96f9f.sys [?]
S1 MpKslc51e4b47;MpKslc51e4b47;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKslc51e4b47.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKslc51e4b47.sys [?]
S1 MpKslcb3e022b;MpKslcb3e022b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{61C02F84-3229-4A23-ACF0-4023C7361E44}\MpKslcb3e022b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{61C02F84-3229-4A23-ACF0-4023C7361E44}\MpKslcb3e022b.sys [?]
S1 MpKslcfaac653;MpKslcfaac653;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKslcfaac653.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BAFDE0F4-0BC4-48DD-9F1E-A32845D42CB3}\MpKslcfaac653.sys [?]
S1 MpKsld1c287cd;MpKsld1c287cd;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsld1c287cd.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6BB86095-4623-4287-A019-61B30B4452EA}\MpKsld1c287cd.sys [?]
S1 MpKsle1c7068a;MpKsle1c7068a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4CD59BD8-1103-4864-A039-20FE41C5B7AC}\MpKsle1c7068a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4CD59BD8-1103-4864-A039-20FE41C5B7AC}\MpKsle1c7068a.sys [?]
S1 MpKsle3ee5d2a;MpKsle3ee5d2a;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F98F1C08-87CC-4AA3-9A8C-A29168F4750D}\MpKsle3ee5d2a.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F98F1C08-87CC-4AA3-9A8C-A29168F4750D}\MpKsle3ee5d2a.sys [?]
S1 MpKsle5838301;MpKsle5838301;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F71430E1-FC05-43F6-BFA5-9EAA3E08165F}\MpKsle5838301.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F71430E1-FC05-43F6-BFA5-9EAA3E08165F}\MpKsle5838301.sys [?]
S1 MpKsle5b27ad0;MpKsle5b27ad0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{494A7174-EBB9-4ED8-A59C-B77631CC7041}\MpKsle5b27ad0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{494A7174-EBB9-4ED8-A59C-B77631CC7041}\MpKsle5b27ad0.sys [?]
S1 MpKsle826513d;MpKsle826513d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsle826513d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2EEEF6E0-C538-43DF-A889-5B46CC8E4532}\MpKsle826513d.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/5/2011 10:16 AM 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5/5/2011 10:16 AM 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10/30/2011 11:53 AM 27064]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL906F855C
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2011-11-20 c:\windows\Tasks\At1.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-20 c:\windows\Tasks\At2.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-20 c:\windows\Tasks\At3.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-19 c:\windows\Tasks\At4.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\HPCustPartic.exe [2010-06-14 22:07]
.
2011-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 16:16]
.
2011-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 16:16]
.
2011-11-20 c:\windows\Tasks\hpwebreg_CN0AF22KXT05D2.job
- c:\program files\HP\HP Deskjet 1000 J110 series\Bin\hpwebreg.exe [2010-06-14 22:10]
.
2011-11-20 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\documents and settings\QuentinAshleyAli\Application Data\Mozilla\Firefox\Profiles\bdg8hvb6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?invocationType=tb50ffTB50CL-chromesbox-en-us&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z137&install_date=20111107
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z137&form=ZGAADF&install_date=20111107&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - user.js: protocol-handler.warn-external.dnUpdate - false
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-20 11:29
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2004)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\RTHDCPL.EXE
c:\program files\AOL Desktop 9.6\waol.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\AOL Desktop 9.6\shellmon.exe
.
**************************************************************************
.
Completion time: 2011-11-20 11:33:03 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-20 17:33
.
Pre-Run: 140,349,546,496 bytes free
Post-Run: 140,346,327,040 bytes free
.
- - End Of File - - C14D38B4E4749EEA06190B35E18FFCE9
 
T

TryingToProve

New Member
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:36:21 AM, on 11/20/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\1310948168\ee\AOLSoftware.exe
C:\Program Files\AOL Desktop 9.6\waol.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\AOL Desktop 9.6\shellmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: (no name) - !{ba00b7b1-0351-477a-b948-23e3ee5a73d4} - (no file)
O3 - Toolbar: (no name) - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1310948168\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL Desktop 9.6\AOL.EXE" -b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 5251 bytes

Okay so I have posted the OTL, malwarebytes & hijack. I tried to delete the no names after all of this and it will not delete.
 
johnb35

johnb35

Administrator
Staff member
Rerun OTL and then paste this in the custom scans box at the bottom.

Code: 
:OTL

O3 - HKLM\..\Toolbar: (no name) - !{ba00b7b1-0351-477a-b948-23e3ee5a73d4} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.

Then click on run fix.

Please post the logfile that pops up afterwards.
 
T

TryingToProve

New Member
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - !{ba00b7b1-0351-477a-b948-23e3ee5a73d4} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.> in the current context!

OTL by OldTimer - Version 3.2.31.0 log created on 11232011_045007
 
You must log in or register to reply here.
Top