mariposa.a?

PaulPool

PaulPool

New Member
Today got a call from Comcast that they detected on our home computers the mariposa.a virus.

I did a quick google search, to find that's mostly local to Spanish SD cards. I asked comcast what to do about it and they only told me I could download norton off their website since I was a client.

I'm going to run my malwarebtes and download their norton to see if it does anything, also I will plug my two SD cards in and scan them with the two programs.

Anyone dealt with this?
 
Just run malwarebytes and post the scan from it and a hijackthis log so we can see whats on your system.
 
Malware bytes hadn't found anything on my desktop. The Norton scan found 15 objects it got rid of, but I uninstalled that lumbering behemoth as soon as the scan was done. I have a suspicion this is related to those two files you helped me get rid of with ComboFix earlier, and comcast was just slow in responding to it.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:29 PM, on 3/31/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Auslogics BoostSpeed] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [Auslogics BoostSpeed 4] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1192989359741
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

--
End of file - 4748 bytes
 
Everything was fine then out of the blue my firefox shut off and XP antimalware 2010 popped up! What in the world!! BTW the ave.exe process is there I just shut it off so I could open firefox, so that's why it's not listed. Also it made my windows look like windows 98 or something.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:03:02 AM, on 4/1/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\ave.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Auslogics BoostSpeed] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [Auslogics BoostSpeed 4] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1192989359741
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

--
End of file - 4825 bytes
 
Last edited:
Providing that you made sure that malwarebytes was fully updated before running then perform the following procedure.

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

In your next reply please post:
  • The ComboFix log
  • A fresh HiJackThis log
  • An update on how your computer is running
 
Um, the combo log seems way too long to upload or post... here's the hijack log. Running combofix seemed to take care of the problem, again. I redownloaded malwarebytes, and also I got zonealarm becuase this is just ridiculous.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:20:55 AM, on 4/2/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Auslogics BoostSpeed] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [Auslogics BoostSpeed 4] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1192989359741
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553550000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 5000 bytes
 
Can you split it up into multiple posts or upload it to a file storage site and give me the link to it? You may have hidden infections still.
 
ComboFix 10-03-29.04 - Owner 04/01/2010 1:20.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.183 [GMT -4:00]
Running from: c:\documents and settings\Owner\My Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\Owner\Local Settings\Application Data\ave.exe

----- BITS: Possible infected sites -----

hxxp://liveupdate.symantec.com
hxxp://definitions.symantec.com
.
original MBR restored successfully !
.
((((((((((((((((((((((((( Files Created from 2010-03-01 to 2010-04-01 )))))))))))))))))))))))))))))))
.

2010-04-01 05:01 . 2010-04-01 05:16 181760 --sha-w- c:\documents and settings\Owner\Local Settings\Application Data\706991270.dll
2010-04-01 03:31 . 2010-04-01 03:31 -------- d-----w- c:\program files\CPUID
2010-04-01 03:31 . 2010-03-31 03:38 20968 ----a-w- c:\windows\system32\drivers\cpuz133_x32.sys
2010-03-31 21:40 . 2010-03-31 21:40 -------- d-----w- c:\program files\Windows Sidebar
2010-03-27 03:00 . 2010-03-27 03:00 -------- d-----w- c:\program files\iPod
2010-03-27 03:00 . 2010-03-27 03:01 -------- d-----w- c:\program files\iTunes
2010-03-27 03:00 . 2010-03-27 03:01 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-03-27 02:57 . 2010-03-27 02:58 -------- d-----w- c:\program files\QuickTime
2010-03-27 02:52 . 2010-03-27 02:52 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-03-27 00:26 . 2010-03-27 00:28 -------- dc-h--w- c:\windows\ie8
2010-03-24 19:26 . 2010-03-24 19:26 -------- d-----w- c:\program files\Common Files\Software Update Utility
2010-03-24 04:37 . 2010-03-24 04:37 -------- d-----w- C:\found.000
2010-03-19 21:14 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-18 01:47 . 2010-03-18 01:47 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-18 01:47 . 2010-03-18 01:47 -------- d-----w- c:\program files\Bonjour
2010-03-18 01:46 . 2010-03-18 01:46 -------- d-----w- c:\program files\Super Smash Flash EXE
2010-03-18 01:46 . 2010-03-18 01:46 -------- d-----w- c:\program files\Artoonix
2010-03-18 01:44 . 2010-03-18 01:44 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-03-17 13:16 . 2010-03-18 01:48 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\rasole64
2010-03-16 20:39 . 2010-03-18 01:42 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\{6DD9279C-E19C-4848-8EA6-CE44AEF9E731}
2010-03-16 05:48 . 2010-03-16 05:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Azureus
2010-03-16 05:47 . 2010-03-18 01:42 -------- d-----w- c:\documents and settings\Owner\Application Data\Azureus
2010-03-16 05:46 . 2010-03-16 05:46 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Conduit
2010-03-16 05:46 . 2010-03-18 01:42 -------- d-----w- c:\program files\Vuze_Remote
2010-03-09 03:02 . 2010-03-18 01:44 -------- d-----w- c:\program files\Common Files\DVDVideoSoft(2)
2010-03-04 17:41 . 2010-03-04 17:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-01 05:14 . 2009-10-12 03:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-01 00:30 . 2009-10-14 23:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-03-30 03:38 . 2007-10-21 20:37 33528 ----a-w- c:\documents and settings\Owner\Application Data\wklnhst.dat
2010-03-27 06:47 . 2009-03-29 03:12 737280 ----a-w- c:\windows\iun6002.exe
2010-03-27 06:47 . 2003-01-03 14:44 24576 ----a-w- c:\windows\HKNTDLL.dll
2010-03-27 06:47 . 2007-10-21 21:46 90112 ----a-w- c:\windows\DUMP57e4.tmp
2010-03-27 06:47 . 2007-09-05 00:25 65536 ----a-w- c:\windows\AutoTuneScript.dll
2010-03-27 05:55 . 2009-06-16 04:47 -------- d-----w- c:\documents and settings\Owner\Application Data\uTorrent
2010-03-27 05:54 . 2009-12-10 16:33 -------- d-----w- c:\documents and settings\Owner\Application Data\Auslogics
2010-03-27 05:25 . 2003-01-03 13:41 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-27 03:11 . 2009-06-30 22:49 -------- d-----w- c:\documents and settings\Owner\Application Data\Apple Computer
2010-03-27 03:00 . 2009-06-30 22:47 -------- d-----w- c:\program files\Common Files\Apple
2010-03-27 02:30 . 2009-09-23 20:20 -------- d-----w- c:\program files\Common Files\Akamai
2010-03-24 19:26 . 2009-10-20 21:59 -------- d-----w- c:\program files\AIM
2010-03-19 21:40 . 2007-10-21 20:37 82088 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-19 21:28 . 2007-10-25 18:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-03-18 02:46 . 2003-01-03 13:40 -------- d-----w- c:\program files\Microsoft Works
2010-03-18 02:44 . 2009-02-01 01:03 -------- d-----w- c:\program files\MSBuild
2010-03-18 02:42 . 2010-02-16 07:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-03-18 01:59 . 2009-05-25 18:54 -------- d-----w- c:\program files\CCleaner
2010-03-18 01:44 . 2009-10-07 19:25 -------- d-----w- c:\program files\DVDVideoSoft
2010-03-18 01:30 . 2007-11-17 03:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-03-04 18:35 . 2009-12-10 16:32 -------- d-----w- c:\program files\Auslogics
2010-03-02 21:33 . 2007-10-21 18:45 -------- d-----w- c:\program files\Lx_cats
2010-02-25 06:24 . 2006-06-23 15:33 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-16 08:23 . 2010-02-16 08:23 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
.

((((((((((((((((((((((((((((( SnapShot@2010-03-27_02.06.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2003-01-03 11:42 . 2010-03-27 06:48 77824 c:\windows\system32\wmpstub.exe
- 2003-01-03 11:42 . 2003-03-31 12:00 77824 c:\windows\system32\wmpstub.exe
+ 2008-04-10 15:22 . 2010-03-27 06:48 40960 c:\windows\system32\wh2robo.dll
- 2008-04-10 15:22 . 2003-11-14 14:19 40960 c:\windows\system32\wh2robo.dll
+ 2006-03-17 00:49 . 2010-03-27 06:48 28672 c:\windows\system32\verclsid.exe
- 2006-03-17 00:49 . 2008-04-14 00:12 28672 c:\windows\system32\verclsid.exe
- 1999-11-25 01:40 . 1999-11-25 01:40 40960 c:\windows\system32\VBAME.DLL
+ 1999-11-25 01:40 . 2010-03-27 06:48 40960 c:\windows\system32\VBAME.DLL
- 2003-01-03 11:42 . 2003-09-03 01:28 61440 c:\windows\system32\SStrmZHT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SStrmZHT.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 57344 c:\windows\system32\SStrmZHC.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 57344 c:\windows\system32\SStrmZHC.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 94208 c:\windows\system32\SStrmTR.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 94208 c:\windows\system32\SStrmTR.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 94208 c:\windows\system32\SStrmTH.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 94208 c:\windows\system32\SStrmTH.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 94208 c:\windows\system32\SStrmSV.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 94208 c:\windows\system32\SStrmSV.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 90112 c:\windows\system32\SStrmSL.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 90112 c:\windows\system32\SStrmSL.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 98304 c:\windows\system32\SStrmSK.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 98304 c:\windows\system32\SStrmSK.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 98304 c:\windows\system32\SStrmPTB.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 98304 c:\windows\system32\SStrmPTB.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 94208 c:\windows\system32\SStrmPT.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 94208 c:\windows\system32\SStrmPT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 94208 c:\windows\system32\SStrmNO.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 94208 c:\windows\system32\SStrmNO.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 69632 c:\windows\system32\SStrmKO.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 69632 c:\windows\system32\SStrmKO.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 69632 c:\windows\system32\SStrmJA.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 69632 c:\windows\system32\SStrmJA.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 86016 c:\windows\system32\SStrmHE.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 86016 c:\windows\system32\SStrmHE.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 94208 c:\windows\system32\SStrmFI.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 94208 c:\windows\system32\SStrmFI.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 94208 c:\windows\system32\sstrmenu.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 94208 c:\windows\system32\sstrmenu.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 94208 c:\windows\system32\SStrmENG.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 94208 c:\windows\system32\SStrmENG.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 98304 c:\windows\system32\SStrmDA.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 98304 c:\windows\system32\SStrmDA.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 94208 c:\windows\system32\SStrmCS.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 94208 c:\windows\system32\SStrmCS.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 86016 c:\windows\system32\SStrmAR.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 86016 c:\windows\system32\SStrmAR.dll
- 2003-01-03 11:42 . 2003-09-03 01:26 61440 c:\windows\system32\SSTraZHT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraZHT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraZHC.dll
- 2003-01-03 11:42 . 2003-09-03 01:26 61440 c:\windows\system32\SSTraZHC.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraTR.dll
- 2003-01-03 11:42 . 2003-09-03 01:26 61440 c:\windows\system32\SSTraTR.dll
- 2003-01-03 11:42 . 2003-09-03 01:26 61440 c:\windows\system32\SSTraTH.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraTH.dll
- 2003-01-03 11:42 . 2003-09-03 01:26 61440 c:\windows\system32\SSTraSV.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraSV.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraSL.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraSL.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraSK.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraSK.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraRU.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraRU.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraPTB.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraPTB.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraPT.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraPT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraPL.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraPL.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraNO.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraNO.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraNL.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraNL.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraKO.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraKO.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraJA.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraJA.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraIT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraIT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraHU.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraHU.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraHE.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraHE.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraFR.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraFR.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraFI.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraFI.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraES.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraES.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraENG.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraENG.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraEL.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraEL.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraDE.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraDE.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraDA.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraDA.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraCS.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraCS.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 61440 c:\windows\system32\SSTraAR.dll
- 2003-01-03 11:42 . 2003-09-03 01:25 61440 c:\windows\system32\SSTraAR.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplZHT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplZHT.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplZHC.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplZHC.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplTR.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplTR.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplTH.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplTH.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplSV.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplSV.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplSL.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplSL.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplSK.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplSK.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplRU.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplRU.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplPTB.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplPTB.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplPT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplPT.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplPL.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplPL.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplNO.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplNO.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplNL.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplNL.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplKO.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplKO.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplJA.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplJA.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplIT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplIT.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplHU.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplHU.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplHE.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplHE.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplFR.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplFR.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplFI.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplFI.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplES.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplES.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplENG.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplENG.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplEL.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplEL.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplDE.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplDE.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplDA.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplDA.dll
- 2003-01-03 11:42 . 2003-09-03 01:24 36864 c:\windows\system32\SSCplCS.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplCS.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\SSCplAR.dll
- 2003-01-03 11:42 . 2003-09-03 01:23 36864 c:\windows\system32\SSCplAR.dll
+ 2004-08-20 13:53 . 2010-03-27 06:48 65536 c:\windows\system32\spool\drivers\w32x86\3\lxbutime.dll
- 2004-08-20 13:53 . 2004-08-20 13:53 65536 c:\windows\system32\spool\drivers\w32x86\3\lxbutime.dll
+ 2004-08-19 16:39 . 2010-03-27 06:48 90112 c:\windows\system32\spool\drivers\w32x86\3\lxbuPRPR.DLL
- 2004-08-19 16:39 . 2004-08-19 16:39 90112 c:\windows\system32\spool\drivers\w32x86\3\lxbuPRPR.DLL
+ 2009-03-21 00:49 . 2010-03-27 06:48 65536 c:\windows\system32\spool\drivers\w32x86\3\lxbucfg.dll
- 2009-03-21 00:49 . 2004-08-13 01:17 65536 c:\windows\system32\spool\drivers\w32x86\3\lxbucfg.dll
- 2003-01-03 11:41 . 2010-03-18 01:52 68272 c:\windows\system32\perfc009.dat
+ 2003-01-03 11:41 . 2010-03-27 06:22 68272 c:\windows\system32\perfc009.dat
+ 2003-10-28 04:13 . 2010-03-27 06:48 24576 c:\windows\system32\odbcbcp.dll
- 2003-10-28 04:13 . 2008-04-14 00:12 24576 c:\windows\system32\odbcbcp.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\nvwddi.dll
- 2003-01-03 11:42 . 2004-03-03 17:29 36864 c:\windows\system32\nvwddi.dll
- 2003-01-03 11:43 . 2003-05-13 02:28 77824 c:\windows\system32\nvugart.exe
+ 2003-01-03 11:43 . 2010-03-27 06:48 77824 c:\windows\system32\nvugart.exe
+ 2003-01-03 11:42 . 2010-03-27 06:48 94208 c:\windows\system32\nvuenet.exe
- 2003-01-03 11:42 . 2003-08-16 02:52 94208 c:\windows\system32\nvuenet.exe
- 2003-01-03 11:42 . 2003-09-03 01:12 98304 c:\windows\system32\nvuautl.exe
+ 2003-01-03 11:42 . 2010-03-27 06:48 98304 c:\windows\system32\nvuautl.exe
+ 2003-01-03 11:42 . 2010-03-27 06:48 98304 c:\windows\system32\nvuaudio.exe
- 2003-01-03 11:42 . 2003-09-02 23:51 98304 c:\windows\system32\nvuaudio.exe
+ 2003-01-03 11:42 . 2010-03-27 06:48 77824 c:\windows\system32\nvsvc32.exe
- 2003-01-03 11:42 . 2004-03-03 17:29 77824 c:\windows\system32\nvsvc32.exe
+ 2003-01-03 14:06 . 2010-03-27 06:48 77824 c:\windows\system32\nvrszht.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 77824 c:\windows\system32\nvrszht.dll
- 2006-06-28 21:59 . 2009-01-07 22:20 24576 c:\windows\system32\nlsdl.dll
+ 2006-06-28 21:59 . 2010-03-27 06:48 24576 c:\windows\system32\nlsdl.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\system32\netfxperf.dll
+ 2005-09-23 11:28 . 2010-03-27 06:48 32768 c:\windows\system32\netfxperf.dll
- 2003-01-03 13:50 . 2002-10-09 11:36 53248 c:\windows\system32\NeroCo.dll
+ 2003-01-03 13:50 . 2010-03-27 06:48 53248 c:\windows\system32\NeroCo.dll
- 2001-03-09 00:30 . 2003-05-21 16:50 24576 c:\windows\system32\msxml3a.dll
+ 2001-03-09 00:30 . 2010-03-27 06:48 24576 c:\windows\system32\msxml3a.dll
- 1998-08-09 18:07 . 1998-08-09 18:07 94208 c:\windows\system32\MSSTKPRP.DLL
+ 1998-08-09 18:07 . 2010-03-27 06:48 94208 c:\windows\system32\MSSTKPRP.DLL
+ 2007-08-13 22:54 . 2010-02-25 06:24 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 22:54 . 2009-12-21 19:14 55296 c:\windows\system32\msfeedsbs.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 86016 c:\windows\system32\mdmxsdk.dll
- 2003-01-03 11:42 . 2004-01-16 23:14 86016 c:\windows\system32\mdmxsdk.dll
+ 2010-03-27 18:33 . 2010-03-27 18:33 85173 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2003-07-11 13:55 . 2010-03-27 06:48 40960 c:\windows\system32\lxbuvs.dll
- 2003-07-11 13:55 . 2003-07-11 13:55 40960 c:\windows\system32\lxbuvs.dll
- 2004-08-19 16:39 . 2004-08-19 16:39 94208 c:\windows\system32\lxbuinsr.dll
+ 2004-08-19 16:39 . 2010-03-27 06:48 94208 c:\windows\system32\lxbuinsr.dll
+ 2004-08-19 16:39 . 2010-03-27 06:48 32768 c:\windows\system32\lxbucur.dll
- 2004-08-19 16:39 . 2004-08-19 16:39 32768 c:\windows\system32\lxbucur.dll
- 2004-08-19 16:09 . 2004-08-19 16:09 86016 c:\windows\system32\lxbucub.dll
+ 2004-08-19 16:09 . 2010-03-27 06:48 86016 c:\windows\system32\lxbucub.dll
+ 2004-08-19 16:08 . 2010-03-27 06:48 69632 c:\windows\system32\lxbucu.dll
- 2004-08-19 16:08 . 2004-08-19 16:08 69632 c:\windows\system32\lxbucu.dll
+ 2009-03-21 00:45 . 2010-03-27 06:48 65536 c:\windows\system32\lxbucfg.dll
- 2009-03-21 00:45 . 2004-08-13 01:17 65536 c:\windows\system32\lxbucfg.dll
+ 2002-06-07 09:02 . 2010-03-27 06:48 36864 c:\windows\system32\lfbmp11n.dll
- 2002-06-07 09:02 . 2002-06-07 09:02 36864 c:\windows\system32\lfbmp11n.dll
+ 2004-01-18 04:31 . 2010-03-27 06:48 49152 c:\windows\system32\ldamfilt39.dll
- 2004-01-18 04:31 . 2004-01-18 04:31 49152 c:\windows\system32\ldamfilt39.dll
- 2003-12-03 22:51 . 2003-12-03 22:51 61440 c:\windows\system32\ldamfilt.dll
+ 2003-12-03 22:51 . 2010-03-27 06:48 61440 c:\windows\system32\ldamfilt.dll
- 2003-01-03 11:41 . 2009-12-21 19:14 25600 c:\windows\system32\jsproxy.dll
+ 2003-01-03 11:41 . 2010-02-25 06:24 25600 c:\windows\system32\jsproxy.dll
+ 2003-01-03 11:41 . 2010-03-27 06:48 65536 c:\windows\system32\jgsh400.dll
- 2003-01-03 11:41 . 2003-03-31 12:00 65536 c:\windows\system32\jgsh400.dll
+ 2007-08-13 22:39 . 2010-03-27 06:48 36864 c:\windows\system32\ieudinit.exe
- 2007-08-13 22:39 . 2009-03-08 08:32 36864 c:\windows\system32\ieudinit.exe
+ 2010-03-27 02:54 . 2009-08-28 23:42 40448 c:\windows\system32\DRVSTORE\usbaapl_6DA28B91FF48C57089E4D2436654AFA4ECAD0622\usbaapl.sys
+ 2010-03-27 03:01 . 2009-05-18 22:17 26600 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
+ 2009-06-30 22:47 . 2009-08-28 23:42 40448 c:\windows\system32\drivers\usbaapl.sys
+ 2003-01-03 11:41 . 2010-03-27 06:48 20480 c:\windows\system32\drivers\secdrv.sys
- 2003-01-03 11:41 . 2007-11-13 10:25 20480 c:\windows\system32\drivers\secdrv.sys
+ 2003-01-03 11:42 . 2010-03-27 06:48 36864 c:\windows\system32\drivers\nvax.sys
- 2003-01-03 11:42 . 2003-09-02 23:51 36864 c:\windows\system32\drivers\nvax.sys
+ 2009-06-30 22:49 . 2009-05-18 22:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys
- 2008-12-12 15:11 . 2008-12-12 15:11 61440 c:\windows\system32\dnssd.dll
+ 2008-12-12 15:11 . 2010-03-27 06:48 61440 c:\windows\system32\dnssd.dll
+ 2009-06-10 22:29 . 2010-02-25 06:24 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-06-10 22:29 . 2009-12-21 19:14 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2007-10-21 21:21 . 2010-02-25 06:24 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-10-21 21:21 . 2009-12-21 19:14 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-08-13 22:54 . 2009-12-21 19:14 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-13 22:54 . 2010-02-25 06:24 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2003-01-03 11:41 . 2010-03-27 06:48 28672 c:\windows\system32\dbnmpntw.dll
- 2003-01-03 11:41 . 2008-04-14 00:11 28672 c:\windows\system32\dbnmpntw.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 24576 c:\windows\system32\dbmsvinn.dLL
- 2003-01-03 11:42 . 2003-03-31 12:00 24576 c:\windows\system32\dbmsvinn.dLL
+ 2003-01-03 11:41 . 2010-03-27 06:48 24576 c:\windows\system32\dbmsrpcn.dll
- 2003-01-03 11:41 . 2008-04-14 00:11 24576 c:\windows\system32\dbmsrpcn.dll
+ 2003-01-03 11:41 . 2010-03-27 06:48 20480 c:\windows\system32\dbmsadsn.dll
- 2003-01-03 11:41 . 2003-03-31 12:00 20480 c:\windows\system32\dbmsadsn.dll
- 2010-03-16 20:36 . 2010-03-16 20:35 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-16 20:36 . 2010-03-27 06:48 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-16 20:36 . 2010-03-27 06:48 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-03-16 20:36 . 2010-03-16 20:35 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2003-01-03 12:53 . 2010-03-27 06:48 61440 c:\windows\system32\Com\comempty.dat
- 2003-01-03 12:53 . 2003-03-31 12:00 61440 c:\windows\system32\Com\comempty.dat
+ 2003-01-03 11:41 . 2010-03-27 06:48 20480 c:\windows\system32\cliconfg.exe
- 2003-01-03 11:41 . 2008-04-14 00:12 20480 c:\windows\system32\cliconfg.exe
- 2003-01-03 11:41 . 2008-04-14 00:11 77824 c:\windows\system32\cliconfg.dll
+ 2003-01-03 11:41 . 2010-03-27 06:48 77824 c:\windows\system32\cliconfg.dll
+ 2002-04-12 05:00 . 2010-03-27 06:48 57344 c:\windows\system32\brsvc01a.exe
- 2002-04-12 05:00 . 2002-04-12 05:00 57344 c:\windows\system32\brsvc01a.exe
 
+ 2001-12-13 05:01 . 2010-03-27 06:48 45056 c:\windows\system32\brss01a.exe
- 2001-12-13 05:01 . 2001-12-13 05:01 45056 c:\windows\system32\brss01a.exe
+ 2003-01-03 14:44 . 2010-03-27 06:48 36864 c:\windows\ShowWnd.exe
- 2003-01-03 14:44 . 2003-09-19 17:09 36864 c:\windows\ShowWnd.exe
+ 2005-04-27 13:09 . 2010-03-27 06:48 57344 c:\windows\Resources\ScreenSavers\Plasma.scr
- 2005-04-27 13:09 . 2005-04-27 13:09 57344 c:\windows\Resources\ScreenSavers\Plasma.scr
+ 2008-07-30 04:40 . 2010-03-27 06:48 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
- 2008-07-30 04:40 . 2008-07-30 04:40 40960
c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
- 2008-07-30 00:59 . 2008-07-30 00:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 00:59 . 2010-03-27 06:47 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
- 2008-07-30 00:16 . 2008-07-30 00:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-30 00:16 . 2010-03-27 06:47 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-30 00:16 . 2010-03-27 06:47 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
- 2008-07-30 00:16 . 2008-07-30 00:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 16:17 . 2010-03-27 06:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2008-07-25 16:17 . 2008-07-25 16:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 16:17 . 2010-03-27 06:47 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 16:17 . 2010-03-27 06:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2008-07-25 16:17 . 2008-07-25 16:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 16:17 . 2010-03-27 06:47 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2008-07-25 16:16 . 2008-07-25 16:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2008-07-25 16:16 . 2008-07-25 16:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 16:16 . 2010-03-27 06:47 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 16:17 . 2010-03-27 06:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2008-07-25 16:17 . 2008-07-25 16:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2008-07-25 16:17 . 2008-07-25 16:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 16:16 . 2010-03-27 06:47 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2008-07-25 16:16 . 2008-07-25 16:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 16:16 . 2010-03-27 06:47 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2008-07-25 16:16 . 2008-07-25 16:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2010-03-31 22:00 . 2009-12-21 19:14 12800 c:\windows\ie8updates\KB980182-IE8\xpshims.dll
+ 2010-03-31 22:00 . 2009-12-21 19:14 55296 c:\windows\ie8updates\KB980182-IE8\msfeedsbs.dll
+ 2010-03-31 22:00 . 2009-12-21 19:14 25600 c:\windows\ie8updates\KB980182-IE8\jsproxy.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 4096 c:\windows\system32\WMVADVE.DLL
+ 2006-10-19 01:47 . 2010-03-27 06:48 4096 c:\windows\system32\WMVADVE.DLL
+ 2006-10-19 01:47 . 2010-03-27 06:48 4096 c:\windows\system32\WMVADVD.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 4096 c:\windows\system32\WMVADVD.dll
+ 2006-10-19 01:47 . 2010-03-27 06:48 4096 c:\windows\system32\wdfapi.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 4096 c:\windows\system32\wdfapi.dll
- 2004-08-18 11:37 . 2004-08-18 11:37 4096 c:\windows\system32\spool\drivers\w32x86\3\lxbuPCFG.DLL
+ 2004-08-18 11:37 . 2010-03-27 06:48 4096 c:\windows\system32\spool\drivers\w32x86\3\lxbuPCFG.DLL
+ 2008-10-28 02:22 . 2010-03-27 06:48 8192 c:\windows\system32\Setup\koc.dll
- 2008-10-28 02:22 . 2008-04-14 00:11 8192 c:\windows\system32\Setup\koc.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2009-07-12 05:12 . 2009-07-12 05:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 05:09 . 2009-07-12 05:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 05:08 . 2009-07-12 05:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-10-19 01:47 . 2010-03-27 06:48 356352 c:\windows\system32\wpdsp.dll
- 2003-01-03 11:42 . 2003-03-31 12:00 446464 c:\windows\system32\wmvdmoe.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 446464 c:\windows\system32\wmvdmoe.dll
+ 2007-10-21 19:03 . 2010-03-27 06:48 221184 c:\windows\system32\wmpns.dll
- 2007-10-21 19:03 . 2008-04-14 00:12 221184 c:\windows\system32\wmpns.dll
- 2008-10-28 02:24 . 2008-04-14 00:12 712704 c:\windows\system32\windowscodecs.dll
+ 2008-10-28 02:24 . 2010-03-27 06:48 712704 c:\windows\system32\windowscodecs.dll
+ 2003-01-03 13:49 . 2010-03-27 06:48 106496 c:\windows\system32\TwnLib20.dll
- 2003-01-03 13:49 . 2000-06-26 19:45 106496 c:\windows\system32\TwnLib20.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 102400 c:\windows\system32\SStrmRU.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 102400 c:\windows\system32\SStrmRU.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 102400 c:\windows\system32\SStrmPL.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 102400 c:\windows\system32\SStrmPL.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 102400 c:\windows\system32\SStrmNL.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 102400 c:\windows\system32\SStrmNL.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 102400 c:\windows\system32\SStrmIT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 102400 c:\windows\system32\SStrmIT.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 102400 c:\windows\system32\SStrmHU.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 102400 c:\windows\system32\SStrmHU.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 102400 c:\windows\system32\SStrmFR.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 102400 c:\windows\system32\SStrmFR.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 102400 c:\windows\system32\SStrmES.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 102400 c:\windows\system32\SStrmES.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 102400 c:\windows\system32\SStrmEL.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 102400 c:\windows\system32\SStrmEL.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 102400 c:\windows\system32\SStrmDE.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 102400 c:\windows\system32\SStrmDE.dll
+ 2003-10-28 04:12 . 2010-03-27 06:48 442368 c:\windows\system32\sqlsrv32.dll
- 2003-10-28 04:12 . 2008-04-14 00:12 442368 c:\windows\system32\sqlsrv32.dll
+ 2009-03-21 00:49 . 2010-03-27 06:48 167936 c:\windows\system32\spool\drivers\w32x86\3\lxbuunst.exe
- 2009-03-21 00:49 . 2004-08-11 15:16 167936 c:\windows\system32\spool\drivers\w32x86\3\lxbuunst.exe
+ 2004-08-17 15:23 . 2010-03-27 06:48 176128 c:\windows\system32\spool\drivers\w32x86\3\lxbutsfw.dll
- 2004-08-17 15:23 . 2004-08-17 15:23 176128 c:\windows\system32\spool\drivers\w32x86\3\lxbutsfw.dll
+ 2004-08-19 16:08 . 2010-03-27 06:48 557056 c:\windows\system32\spool\drivers\w32x86\3\lxbuPRP.DLL
- 2004-08-19 16:08 . 2004-08-19 16:08 557056 c:\windows\system32\spool\drivers\w32x86\3\lxbuPRP.DLL
- 2004-05-26 10:05 . 2004-05-26 10:05 110592 c:\windows\system32\spool\drivers\w32x86\3\lxbudrec.dll
+ 2004-05-26 10:05 . 2010-03-27 06:48 110592 c:\windows\system32\spool\drivers\w32x86\3\lxbudrec.dll
+ 2004-05-21 17:49 . 2010-03-27 06:48 368640 c:\windows\system32\spool\drivers\w32x86\3\lxbucomx.dll
- 2004-05-21 17:49 . 2004-05-21 17:49 368640 c:\windows\system32\spool\drivers\w32x86\3\lxbucomx.dll
- 2005-04-29 00:42 . 2005-04-29 00:42 118784 c:\windows\system32\spool\drivers\w32x86\3\bril05a.dll
+ 2005-04-29 00:42 . 2010-03-27 06:48 118784 c:\windows\system32\spool\drivers\w32x86\3\bril05a.dll
+ 2003-01-03 13:27 . 2010-03-27 06:48 102400 c:\windows\system32\SimpleRegistry.dll
- 2003-01-03 13:27 . 2001-11-21 18:15 102400 c:\windows\system32\SimpleRegistry.dll
- 2003-01-03 11:41 . 2010-03-18 01:52 435568 c:\windows\system32\perfh009.dat
+ 2003-01-03 11:41 . 2010-03-27 06:22 435568 c:\windows\system32\perfh009.dat
- 2003-01-03 11:41 . 2009-12-21 19:14 206848 c:\windows\system32\occache.dll
+ 2003-01-03 11:41 . 2010-02-25 06:24 206848 c:\windows\system32\occache.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 782336 c:\windows\system32\nwiz.exe
- 2003-01-03 14:06 . 2004-03-03 17:29 782336 c:\windows\system32\nwiz.exe
+ 2003-01-03 14:06 . 2010-03-27 06:48 139264 c:\windows\system32\nvwrszht.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 139264 c:\windows\system32\nvwrszht.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 135168 c:\windows\system32\nvwrszhc.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 135168 c:\windows\system32\nvwrszhc.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 249856 c:\windows\system32\nvwrstr.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 249856 c:\windows\system32\nvwrstr.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 245760 c:\windows\system32\nvwrssv.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 245760 c:\windows\system32\nvwrssv.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 249856 c:\windows\system32\nvwrssl.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 249856 c:\windows\system32\nvwrssl.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 245760 c:\windows\system32\nvwrssk.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 245760 c:\windows\system32\nvwrssk.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 262144 c:\windows\system32\nvwrsru.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 262144 c:\windows\system32\nvwrsru.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 266240 c:\windows\system32\nvwrsptb.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 266240 c:\windows\system32\nvwrsptb.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 270336 c:\windows\system32\nvwrspt.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 270336 c:\windows\system32\nvwrspt.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 245760 c:\windows\system32\nvwrspl.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 245760 c:\windows\system32\nvwrspl.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 249856 c:\windows\system32\nvwrsno.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 249856 c:\windows\system32\nvwrsno.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 262144 c:\windows\system32\nvwrsnl.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 262144 c:\windows\system32\nvwrsnl.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 163840 c:\windows\system32\nvwrsko.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 163840 c:\windows\system32\nvwrsko.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 176128 c:\windows\system32\nvwrsja.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 176128 c:\windows\system32\nvwrsja.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 270336 c:\windows\system32\nvwrsit.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 270336 c:\windows\system32\nvwrsit.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 262144 c:\windows\system32\nvwrshu.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 262144 c:\windows\system32\nvwrshu.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 229376 c:\windows\system32\nvwrshe.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 229376 c:\windows\system32\nvwrshe.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 270336 c:\windows\system32\nvwrsfr.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 270336 c:\windows\system32\nvwrsfr.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 249856 c:\windows\system32\nvwrsfi.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 249856 c:\windows\system32\nvwrsfi.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 270336 c:\windows\system32\nvwrsesm.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 270336 c:\windows\system32\nvwrsesm.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 278528 c:\windows\system32\nvwrses.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 278528 c:\windows\system32\nvwrses.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 237568 c:\windows\system32\nvwrseng.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 237568 c:\windows\system32\nvwrseng.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 278528 c:\windows\system32\nvwrsel.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 278528 c:\windows\system32\nvwrsel.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 253952 c:\windows\system32\nvwrsde.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 253952 c:\windows\system32\nvwrsde.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 245760 c:\windows\system32\nvwrsda.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 245760 c:\windows\system32\nvwrsda.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 233472 c:\windows\system32\nvwrscs.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 233472 c:\windows\system32\nvwrscs.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 233472 c:\windows\system32\nvwrsar.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 233472 c:\windows\system32\nvwrsar.dll
+ 2003-01-03 14:07 . 2010-03-27 06:48 110592 c:\windows\system32\nvusmb.exe
- 2003-01-03 14:07 . 2003-10-29 20:02 110592 c:\windows\system32\nvusmb.exe
+ 2003-01-03 14:09 . 2010-03-27 06:48 110592 c:\windows\system32\NVUninst.exe
- 2003-01-03 14:09 . 2003-10-29 21:02 110592 c:\windows\system32\NVUninst.exe
- 2003-01-03 14:07 . 2003-10-29 21:02 110592 c:\windows\system32\nvumctl.exe
+ 2003-01-03 14:07 . 2010-03-27 06:48 110592 c:\windows\system32\nvumctl.exe
+ 2003-01-03 11:43 . 2010-03-27 06:48 102400 c:\windows\system32\nvuide.exe
- 2003-01-03 11:43 . 2003-10-10 19:11 102400 c:\windows\system32\nvuide.exe
- 2003-01-03 14:06 . 2004-03-03 17:29 110592 c:\windows\system32\nvudisp.exe
+ 2003-01-03 14:06 . 2010-03-27 06:48 110592 c:\windows\system32\nvudisp.exe
+ 2003-01-03 14:06 . 2010-03-27 06:48 454656 c:\windows\system32\nvshell.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 454656 c:\windows\system32\nvshell.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 147456 c:\windows\system32\nvrszhc.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 147456 c:\windows\system32\nvrszhc.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 151552 c:\windows\system32\nvrstr.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 151552 c:\windows\system32\nvrstr.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 147456 c:\windows\system32\nvrssv.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 147456 c:\windows\system32\nvrssv.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 155648 c:\windows\system32\nvrssl.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 155648 c:\windows\system32\nvrssl.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 147456 c:\windows\system32\nvrssk.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 147456 c:\windows\system32\nvrssk.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 155648 c:\windows\system32\nvrsru.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 155648 c:\windows\system32\nvrsru.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 159744 c:\windows\system32\nvrsptb.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 159744 c:\windows\system32\nvrsptb.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 155648 c:\windows\system32\nvrspt.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 155648 c:\windows\system32\nvrspt.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 147456 c:\windows\system32\nvrspl.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 147456 c:\windows\system32\nvrspl.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 147456 c:\windows\system32\nvrsno.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 147456 c:\windows\system32\nvrsno.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 159744 c:\windows\system32\nvrsnl.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 159744 c:\windows\system32\nvrsnl.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 172032 c:\windows\system32\nvrsko.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 172032 c:\windows\system32\nvrsko.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 172032 c:\windows\system32\nvrsja.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 172032 c:\windows\system32\nvrsja.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 167936 c:\windows\system32\nvrsit.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 167936 c:\windows\system32\nvrsit.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 151552 c:\windows\system32\nvrshu.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 151552 c:\windows\system32\nvrshu.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 196608 c:\windows\system32\nvrshe.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 196608 c:\windows\system32\nvrshe.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 167936 c:\windows\system32\nvrsfr.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 167936 c:\windows\system32\nvrsfr.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 143360 c:\windows\system32\nvrsfi.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 143360 c:\windows\system32\nvrsfi.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 172032 c:\windows\system32\nvrsesm.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 172032 c:\windows\system32\nvrsesm.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 163840 c:\windows\system32\nvrses.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 163840 c:\windows\system32\nvrses.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 147456 c:\windows\system32\nvrseng.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 147456 c:\windows\system32\nvrseng.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 163840 c:\windows\system32\nvrsel.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 163840 c:\windows\system32\nvrsel.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 163840 c:\windows\system32\nvrsde.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 163840 c:\windows\system32\nvrsde.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 151552 c:\windows\system32\nvrsda.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 151552 c:\windows\system32\nvrsda.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 143360 c:\windows\system32\nvrscs.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 143360 c:\windows\system32\nvrscs.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 200704 c:\windows\system32\nvrsar.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 200704 c:\windows\system32\nvrsar.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 241664 c:\windows\system32\nvnt4cpl.dll
- 2003-01-03 11:42 . 2004-03-03 17:29 241664 c:\windows\system32\nvnt4cpl.dll
- 2003-01-03 11:42 . 2004-03-03 17:29 131072 c:\windows\system32\nvinstnt.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 131072 c:\windows\system32\nvinstnt.dll
- 2007-06-26 03:20 . 2007-06-26 03:20 307200 c:\windows\system32\nvExpBar.dll
+ 2007-06-26 03:20 . 2010-03-27 06:48 307200 c:\windows\system32\nvExpBar.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 851968 c:\windows\system32\nvdspsch.exe
+ 2003-01-03 14:06 . 2010-03-27 06:48 851968 c:\windows\system32\nvdspsch.exe
+ 2007-06-26 03:20 . 2010-03-27 06:48 753664 c:\windows\system32\nvCplUI.exe
- 2007-06-26 03:20 . 2007-06-26 03:20 753664 c:\windows\system32\nvCplUI.exe
+ 2003-01-03 14:06 . 2010-03-27 06:48 401408 c:\windows\system32\nvappbar.exe
- 2003-01-03 14:06 . 2004-03-03 17:29 401408 c:\windows\system32\nvappbar.exe
- 2003-01-03 13:49 . 2001-07-09 19:50 155648 c:\windows\system32\NeroCheck.exe
+ 2003-01-03 13:49 . 2010-03-27 06:48 155648 c:\windows\system32\NeroCheck.exe
+ 2002-01-05 03:37 . 2010-03-27 06:48 344064 c:\windows\system32\msvcr70.dll
- 2002-01-05 03:37 . 2002-01-05 03:37 344064 c:\windows\system32\msvcr70.dll
- 2003-01-03 13:26 . 2008-12-25 17:19 499712 c:\windows\system32\msvcp71.dll
+ 2003-01-03 13:26 . 2010-03-27 06:48 499712 c:\windows\system32\msvcp71.dll
+ 2002-01-05 03:40 . 2010-03-27 06:48 487424 c:\windows\system32\msvcp70.dll
- 2002-01-05 03:40 . 2002-01-05 03:40 487424 c:\windows\system32\msvcp70.dll
- 2003-01-03 11:41 . 2009-03-08 08:32 611840 c:\windows\system32\mstime.dll
+ 2003-01-03 11:41 . 2010-02-25 06:24 611840 c:\windows\system32\mstime.dll
+ 2003-01-03 13:27 . 2010-03-27 06:48 118784 c:\windows\system32\Msstdfmt.dll
- 2003-01-03 13:27 . 2000-03-14 08:00 118784 c:\windows\system32\Msstdfmt.dll
+ 2002-08-29 03:41 . 2010-03-27 06:48 294912 c:\windows\system32\msh263.drv
- 2002-08-29 03:41 . 2008-04-14 00:12 294912 c:\windows\system32\msh263.drv
- 2003-01-03 12:54 . 2008-04-14 00:12 188416 c:\windows\system32\msh261.drv
+ 2003-01-03 12:54 . 2010-03-27 06:48 188416 c:\windows\system32\msh261.drv
+ 2007-08-13 22:54 . 2010-02-25 06:24 594432 c:\windows\system32\msfeeds.dll
- 2007-08-13 22:54 . 2009-12-21 19:14 594432 c:\windows\system32\msfeeds.dll
+ 2003-01-03 11:41 . 2010-03-27 06:48 163840 c:\windows\system32\mindex.dll
- 2003-01-03 11:41 . 2003-03-31 12:00 163840 c:\windows\system32\mindex.dll
+ 2006-10-19 01:47 . 2010-03-27 06:48 212992 c:\windows\system32\MFPLAT.dll
- 2006-10-19 01:47 . 2006-10-19 01:47 212992 c:\windows\system32\MFPLAT.dll
+ 2002-01-05 04:48 . 2010-03-27 06:48 974848 c:\windows\system32\mfc70.dll
- 2002-01-05 04:48 . 2002-01-05 04:48 974848 c:\windows\system32\mfc70.dll
+ 2010-01-27 01:07 . 2010-01-27 01:07 256280 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2004-08-19 16:01 . 2010-03-27 06:48 372736 c:\windows\system32\lxbuutil.dll
- 2004-08-19 16:01 . 2004-08-19 16:01 372736 c:\windows\system32\lxbuutil.dll
+ 2004-08-18 17:36 . 2010-03-27 06:48 139264 c:\windows\system32\lxbuprox.dll
- 2004-08-18 17:36 . 2004-08-18 17:36 139264 c:\windows\system32\lxbuprox.dll
- 2004-08-18 17:36 . 2004-08-18 17:36 114688 c:\windows\system32\lxbupplc.dll
+ 2004-08-18 17:36 . 2010-03-27 06:48 114688 c:\windows\system32\lxbupplc.dll
+ 2004-08-18 17:54 . 2010-03-27 06:48 622592 c:\windows\system32\lxbupmui.dll
- 2004-08-18 17:54 . 2004-08-18 17:54 622592 c:\windows\system32\lxbupmui.dll
+ 2004-08-19 16:38 . 2010-03-27 06:48 126976 c:\windows\system32\lxbujswr.dll
- 2004-08-19 16:38 . 2004-08-19 16:38 126976 c:\windows\system32\lxbujswr.dll
 
+ 2004-08-19 16:09 . 2010-03-27 06:48 172032 c:\windows\system32\lxbuinsb.dll
- 2004-08-19 16:09 . 2004-08-19 16:09 172032 c:\windows\system32\lxbuinsb.dll
+ 2004-08-19 16:09 . 2010-03-27 06:48 122880 c:\windows\system32\lxbuins.dll
- 2004-08-19 16:09 . 2004-08-19 16:09 122880 c:\windows\system32\lxbuins.dll
- 2004-08-18 17:41 . 2004-08-18 17:41 319488 c:\windows\system32\lxbuih.exe
+ 2004-08-18 17:41 . 2010-03-27 06:48 319488 c:\windows\system32\lxbuih.exe
+ 2004-08-18 17:48 . 2010-03-27 06:48 741376 c:\windows\system32\lxbuhbn3.dll
- 2004-08-18 17:48 . 2004-08-18 17:48 741376 c:\windows\system32\lxbuhbn3.dll
- 2004-08-18 17:36 . 2004-08-18 17:36 450560 c:\windows\system32\lxbucoms.exe
+ 2004-08-18 17:36 . 2010-03-27 06:48 450560 c:\windows\system32\lxbucoms.exe
+ 2004-08-18 17:49 . 2010-03-27 06:48 401408 c:\windows\system32\lxbucomm.dll
- 2004-08-18 17:49 . 2004-08-18 17:49 401408 c:\windows\system32\lxbucomm.dll
+ 2004-08-18 17:48 . 2010-03-27 06:48 659456 c:\windows\system32\lxbucomc.dll
- 2004-08-18 17:48 . 2004-08-18 17:48 659456 c:\windows\system32\lxbucomc.dll
- 2004-08-18 17:48 . 2004-08-18 17:48 368640 c:\windows\system32\lxbucfg.exe
+ 2004-08-18 17:48 . 2010-03-27 06:48 368640 c:\windows\system32\lxbucfg.exe
+ 2002-06-07 09:02 . 2010-03-27 06:48 118784 c:\windows\system32\ltfil11n.DLL
- 2002-06-07 09:02 . 2002-06-07 09:02 118784 c:\windows\system32\ltfil11n.DLL
- 2002-06-07 09:02 . 2002-06-07 09:02 172032 c:\windows\system32\Lfpng11n.dll
+ 2002-06-07 09:02 . 2010-03-27 06:48 172032 c:\windows\system32\Lfpng11n.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 315392 c:\windows\system32\keystone.exe
- 2003-01-03 14:06 . 2004-03-03 17:29 315392 c:\windows\system32\keystone.exe
- 2003-01-03 11:41 . 2008-04-14 00:11 163840 c:\windows\system32\jgdw400.dll
+ 2003-01-03 11:41 . 2010-03-27 06:48 163840 c:\windows\system32\jgdw400.dll
+ 2007-10-21 18:49 . 2010-03-27 06:48 339968 c:\windows\system32\IMGMAN32.DLL
- 2007-10-21 18:49 . 2003-03-11 22:26 339968 c:\windows\system32\IMGMAN32.DLL
+ 2003-01-03 13:49 . 2010-03-27 06:48 544768 c:\windows\system32\imagx5.dll
- 2003-01-03 13:49 . 2001-07-06 20:44 544768 c:\windows\system32\imagx5.dll
+ 2003-01-03 13:49 . 2010-03-27 06:48 569344 c:\windows\system32\imagr5.dll
- 2003-01-03 13:49 . 2001-07-06 22:41 569344 c:\windows\system32\imagr5.dll
+ 2003-01-03 11:41 . 2010-02-25 06:24 184320 c:\windows\system32\iepeers.dll
- 2003-01-03 11:41 . 2009-12-21 19:14 184320 c:\windows\system32\iepeers.dll
+ 2003-01-03 11:41 . 2010-02-25 06:24 387584 c:\windows\system32\iedkcs32.dll
- 2003-01-03 11:41 . 2009-12-21 19:14 387584 c:\windows\system32\iedkcs32.dll
- 2003-01-03 11:41 . 2009-12-21 13:19 173056 c:\windows\system32\ie4uinit.exe
+ 2003-01-03 11:41 . 2010-02-24 09:54 173056 c:\windows\system32\ie4uinit.exe
+ 2009-06-30 22:49 . 2008-04-17 21:12 107368 c:\windows\system32\GEARAspi.dll
- 2009-06-30 22:49 . 2008-04-17 16:12 107368 c:\windows\system32\GEARAspi.dll
+ 2010-03-27 03:01 . 2008-04-17 21:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspi.dll
+ 2006-10-19 00:00 . 2010-03-27 06:48 249856 c:\windows\system32\drmupgds.exe
- 2006-10-19 00:00 . 2006-10-19 00:00 249856 c:\windows\system32\drmupgds.exe
- 2007-08-13 22:54 . 2009-12-21 19:14 916480 c:\windows\system32\dllcache\wininet.dll
+ 2007-08-13 22:54 . 2010-02-25 06:24 916480 c:\windows\system32\dllcache\wininet.dll
- 2007-08-13 22:44 . 2009-12-21 19:14 206848 c:\windows\system32\dllcache\occache.dll
+ 2007-08-13 22:44 . 2010-02-25 06:24 206848 c:\windows\system32\dllcache\occache.dll
+ 2007-08-13 22:54 . 2010-02-25 06:24 611840 c:\windows\system32\dllcache\mstime.dll
- 2007-08-13 22:54 . 2009-03-08 08:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-10-21 21:21 . 2010-02-25 06:24 594432 c:\windows\system32\dllcache\msfeeds.dll
- 2007-10-21 21:21 . 2009-12-21 19:14 594432 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-06-10 22:29 . 2010-02-25 06:24 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2007-08-13 22:54 . 2009-12-21 19:14 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 22:54 . 2010-02-25 06:24 184320 c:\windows\system32\dllcache\iepeers.dll
- 2007-08-13 22:39 . 2009-12-21 19:14 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-08-13 22:39 . 2010-02-25 06:24 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-08-13 22:39 . 2010-02-24 09:54 173056 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-13 22:39 . 2009-12-21 13:19 173056 c:\windows\system32\dllcache\ie4uinit.exe
- 2003-12-24 21:45 . 2003-12-24 21:45 221184 c:\windows\system32\diconxp.dll
+ 2003-12-24 21:45 . 2010-03-27 06:48 221184 c:\windows\system32\diconxp.dll
- 2003-01-03 13:04 . 2007-10-21 21:46 262144 c:\windows\system32\config\systemprofile\ntuser.dat
+ 2003-01-03 13:04 . 2010-03-27 06:48 262144 c:\windows\system32\config\systemprofile\ntuser.dat
- 2007-10-21 21:50 . 2007-10-21 21:46 262144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
+ 2007-10-21 21:50 . 2010-03-27 06:48 262144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
+ 2003-12-24 05:00 . 2010-03-27 06:48 131072 c:\windows\system32\bsplmf01.exe
- 2003-12-24 05:00 . 2003-12-24 05:00 131072 c:\windows\system32\bsplmf01.exe
- 2001-02-05 16:16 . 2001-02-05 16:16 258048 c:\windows\system32\bsplmf01.dll
+ 2001-02-05 16:16 . 2010-03-27 06:48 258048 c:\windows\system32\bsplmf01.dll
- 2010-03-27 00:19 . 2009-12-21 19:09 184320 c:\windows\SoftwareDistribution\Download\f1062d4e51d6818acdde68ea67673088\SP3QFE\iepeers.dll
- 2010-03-27 00:19 . 2009-12-21 19:14 184320 c:\windows\SoftwareDistribution\Download\f1062d4e51d6818acdde68ea67673088\SP3GDR\iepeers.dll
+ 2007-03-12 17:01 . 2010-03-27 06:48 217088 c:\windows\NVGfxOgl.dll
- 2007-03-12 17:01 . 2007-03-12 17:01 217088 c:\windows\NVGfxOgl.dll
- 2007-09-05 00:26 . 2007-09-05 00:26 450560 c:\windows\ntuneoem.dll
+ 2007-09-05 00:26 . 2010-03-27 06:48 450560 c:\windows\ntuneoem.dll
+ 2008-07-30 04:40 . 2010-03-27 06:47 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
- 2008-07-30 04:40 . 2008-07-30 04:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
- 2008-07-29 23:47 . 2008-07-29 23:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 23:47 . 2010-03-27 06:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
- 2008-07-29 23:47 . 2008-07-29 23:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 23:47 . 2010-03-27 06:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
- 2008-07-30 01:35 . 2008-07-30 01:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-30 01:35 . 2010-03-27 06:47 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-30 00:16 . 2010-03-27 06:47 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-30 00:16 . 2008-07-30 00:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-30 00:16 . 2010-03-27 06:47 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
- 2008-07-30 00:16 . 2008-07-30 00:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
- 2008-07-30 00:16 . 2008-07-30 00:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-30 00:16 . 2010-03-27 06:47 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-30 00:16 . 2010-03-27 06:47 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
- 2008-07-30 00:16 . 2008-07-30 00:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 16:17 . 2010-03-27 06:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 16:16 . 2010-03-27 06:47 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2008-07-25 16:16 . 2008-07-25 16:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 16:16 . 2010-03-27 06:47 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2008-07-25 16:16 . 2008-07-25 16:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2009-06-15 16:55 . 2010-03-27 06:47 122880 c:\windows\Installer\b9710.msi
- 2009-06-15 16:55 . 2009-06-15 16:55 122880 c:\windows\Installer\b9710.msi
+ 2010-03-27 02:55 . 2010-03-27 02:55 796672 c:\windows\Installer\4e10a7.msi
+ 2010-03-27 03:02 . 2010-03-27 06:47 102400 c:\windows\Installer\{81063354-9060-42B2-A000-1EBE96778AA9}\iTunesIco.exe
+ 2010-03-31 22:00 . 2009-12-21 19:14 916480 c:\windows\ie8updates\KB980182-IE8\wininet.dll
+ 2010-03-31 22:00 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB980182-IE8\spuninst\updspapi.dll
+ 2010-03-31 22:00 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB980182-IE8\spuninst\spuninst.exe
+ 2010-03-31 22:00 . 2009-12-21 19:14 206848 c:\windows\ie8updates\KB980182-IE8\occache.dll
+ 2010-03-31 22:00 . 2009-03-08 08:32 611840 c:\windows\ie8updates\KB980182-IE8\mstime.dll
+ 2010-03-31 22:00 . 2009-12-21 19:14 594432 c:\windows\ie8updates\KB980182-IE8\msfeeds.dll
+ 2010-03-31 22:00 . 2009-12-21 19:14 246272 c:\windows\ie8updates\KB980182-IE8\ieproxy.dll
+ 2010-03-31 22:00 . 2009-12-21 19:14 184320 c:\windows\ie8updates\KB980182-IE8\iepeers.dll
+ 2010-03-31 22:00 . 2009-12-21 19:14 387584 c:\windows\ie8updates\KB980182-IE8\iedkcs32.dll
+ 2010-03-31 22:00 . 2009-12-21 13:19 173056 c:\windows\ie8updates\KB980182-IE8\ie4uinit.exe
+ 2007-10-10 17:36 . 2010-03-27 06:47 442368 c:\windows\Downloaded Program Files\NeffyLauncher.dll
- 2007-10-10 17:36 . 2007-10-10 17:36 442368 c:\windows\Downloaded Program Files\NeffyLauncher.dll
+ 2009-10-25 20:03 . 2010-03-27 06:47 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll
- 2009-10-25 20:03 . 2009-10-25 20:03 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll
+ 2009-10-25 19:38 . 2010-03-27 06:47 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
- 2009-10-25 19:38 . 2009-10-25 19:38 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
+ 2009-03-19 14:30 . 2010-03-27 06:47 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-19 14:30 . 2009-03-19 14:30 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-19 14:30 . 2010-03-27 06:47 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-03-19 14:30 . 2009-03-19 14:30 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2003-01-03 13:50 . 2010-03-27 06:48 1658880 c:\windows\UNNeroBurnRights.exe
- 2003-01-03 13:50 . 2004-01-14 08:53 1658880 c:\windows\UNNeroBurnRights.exe
+ 2009-06-30 22:47 . 2009-08-28 23:42 2065696 c:\windows\system32\usbaaplrc.dll
+ 2006-08-31 00:42 . 2010-02-25 06:24 1209344 c:\windows\system32\urlmon.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 1589248 c:\windows\system32\sstrmres.dll
- 2003-01-03 11:42 . 2003-09-03 01:27 1589248 c:\windows\system32\sstrmres.dll
+ 2004-08-19 16:10 . 2010-03-27 06:48 1990656 c:\windows\system32\spool\drivers\w32x86\3\lxbuPRPB.DLL
- 2004-08-19 16:10 . 2004-08-19 16:10 1990656 c:\windows\system32\spool\drivers\w32x86\3\lxbuPRPB.DLL
+ 2003-01-03 13:26 . 2010-03-27 06:48 1044480 c:\windows\system32\roboex32.dll
- 2003-01-03 13:26 . 2004-06-30 17:49 1044480 c:\windows\system32\roboex32.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 1019904 c:\windows\system32\nvwimg.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 1019904 c:\windows\system32\nvwimg.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 1617920 c:\windows\system32\nvwdmcpl.dll
- 2003-01-03 11:42 . 2004-03-03 17:29 1617920 c:\windows\system32\nvwdmcpl.dll
- 2003-01-03 11:42 . 2004-03-03 17:29 4841472 c:\windows\system32\nvoglnt.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 4841472 c:\windows\system32\nvoglnt.dll
+ 2003-01-03 14:06 . 2010-03-27 06:48 1335296 c:\windows\system32\nview.dll
- 2003-01-03 14:06 . 2004-03-03 17:29 1335296 c:\windows\system32\nview.dll
- 2007-06-26 03:21 . 2007-06-26 03:21 1073152 c:\windows\system32\nvCplUIR.dll
+ 2007-06-26 03:21 . 2010-03-27 06:48 1073152 c:\windows\system32\nvCplUIR.dll
- 2003-01-03 11:42 . 2004-03-03 17:29 2904064 c:\windows\system32\nvcpl.dll
+ 2003-01-03 11:42 . 2010-03-27 06:48 2904064 c:\windows\system32\nvcpl.dll
- 2003-01-03 11:41 . 2003-03-31 12:00 1355776 c:\windows\system32\msvbvm50.dll
+ 2003-01-03 11:41 . 2010-03-27 06:48 1355776 c:\windows\system32\msvbvm50.dll
+ 2006-06-30 14:28 . 2010-02-25 06:24 5944832 c:\windows\system32\mshtml.dll
+ 2003-01-03 13:26 . 2010-03-27 06:48 1060864 c:\windows\system32\mfc71.dll
- 2003-01-03 13:26 . 2004-06-30 17:49 1060864 c:\windows\system32\mfc71.dll
+ 2010-01-27 01:07 . 2010-01-27 01:07 3884312 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2004-08-18 17:45 . 2010-03-27 06:48 1085440 c:\windows\system32\lxbuusb1.dll
- 2004-08-18 17:45 . 2004-08-18 17:45 1085440 c:\windows\system32\lxbuusb1.dll
- 2004-08-18 17:53 . 2004-08-18 17:53 1138688 c:\windows\system32\lxbuserv.dll
+ 2004-08-18 17:53 . 2010-03-27 06:48 1138688 c:\windows\system32\lxbuserv.dll
+ 2009-09-14 17:19 . 2010-03-27 06:48 2158592 c:\windows\system32\LOGOOS.EXE
- 2009-09-14 17:19 . 2009-09-14 18:07 2158592 c:\windows\system32\LOGOOS.EXE
+ 2007-08-13 22:34 . 2010-02-25 06:24 1985536 c:\windows\system32\iertutil.dll
- 2007-08-13 22:34 . 2009-12-21 19:14 1985536 c:\windows\system32\iertutil.dll
+ 2010-03-27 02:54 . 2009-08-28 23:42 2065696 c:\windows\system32\DRVSTORE\usbaapl_6DA28B91FF48C57089E4D2436654AFA4ECAD0622\usbaaplrc.dll
+ 2007-08-13 22:54 . 2010-02-25 06:24 1209344 c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-13 22:54 . 2010-02-25 06:24 5944832 c:\windows\system32\dllcache\mshtml.dll
+ 2007-10-21 21:21 . 2010-02-25 06:24 1985536 c:\windows\system32\dllcache\iertutil.dll
- 2007-10-21 21:21 . 2009-12-21 19:14 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2007-09-05 00:25 . 2010-03-27 06:48 1646592 c:\windows\NVBenchMarks.dll
- 2007-09-05 00:25 . 2007-09-05 00:25 1646592 c:\windows\NVBenchMarks.dll
- 2008-12-06 01:12 . 2008-12-06 01:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-12-06 01:12 . 2010-03-27 06:47 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-11-25 09:59 . 2008-11-25 09:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-11-25 09:59 . 2010-03-27 06:47 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 09:59 . 2010-03-27 06:47 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2008-11-25 09:59 . 2008-11-25 09:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2008-07-25 16:17 . 2008-07-25 16:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 16:17 . 2010-03-27 06:47 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2009-08-08 03:51 . 2009-08-08 03:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2009-08-08 03:51 . 2010-03-27 06:47 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-03-27 03:02 . 2010-03-27 03:02 4449280 c:\windows\Installer\4e1513.msi
+ 2010-03-27 02:57 . 2010-03-27 02:57 9473024 c:\windows\Installer\4e11ce.msi
+ 2010-03-27 02:54 . 2010-03-27 02:54 3310592 c:\windows\Installer\4e1093.msi
+ 2009-07-16 16:48 . 2010-03-27 06:47 2727936 c:\windows\Installer\10ee6f.msi
- 2009-07-16 16:48 . 2009-07-16 16:48 2727936 c:\windows\Installer\10ee6f.msi
+ 2010-03-31 22:00 . 2009-12-21 19:14 1208832 c:\windows\ie8updates\KB980182-IE8\urlmon.dll
+ 2010-03-31 22:00 . 2009-12-21 19:14 5942784 c:\windows\ie8updates\KB980182-IE8\mshtml.dll
+ 2010-03-31 22:00 . 2009-12-21 19:14 1985536 c:\windows\ie8updates\KB980182-IE8\iertutil.dll
- 2009-10-25 06:11 . 2009-10-25 06:11 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2009-10-25 06:11 . 2010-03-27 06:47 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2009-10-25 19:38 . 2010-03-27 06:47 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll
- 2009-10-25 19:38 . 2009-10-25 19:38 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll
- 2009-03-19 14:30 . 2009-03-19 14:30 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-03-19 14:30 . 2010-03-27 06:47 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-08-13 22:54 . 2010-02-25 15:54 11070976 c:\windows\system32\ieframe.dll
+ 2007-10-21 21:21 . 2010-02-25 15:54 11070976 c:\windows\system32\dllcache\ieframe.dll
+ 2010-03-31 22:00 . 2009-12-21 19:14 11070464 c:\windows\ie8updates\KB980182-IE8\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"STYLEXP"="c:\program files\TGTSoft\StyleXP\StyleXP.exe" [2010-03-27 1372160]
"Aim"="c:\program files\AIM\aim.exe" [2010-03-08 3972440]
"Auslogics BoostSpeed"="c:\program files\Auslogics\Auslogics BoostSpeed\boostspeed.exe" [2009-03-16 362096]
"Auslogics BoostSpeed 4"="c:\program files\Auslogics\Auslogics BoostSpeed\boostspeed.exe" [2009-03-16 362096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LXBUCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [2010-03-27 65536]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-27 417792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2004-05-18 02:30 543232 ----a-w- c:\windows\zHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2010-03-27 06:43 61440 ----a-w- c:\program files\Lexmark 6200 Series\ezprint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
 
2010-02-15 22:07 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxbumon.exe]
2010-03-27 06:43 188416 ----a-w- c:\program files\Lexmark 6200 Series\lxbumon.exE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-02-06 22:51 3885408 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2010-03-27 06:48 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-03-27 06:48 2904064 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
2010-03-27 06:43 81920 ----a-w- c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2004-03-03 17:29 46080 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-03-27 06:48 782336 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-27 06:44 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowWnd]
2010-03-27 06:48 36864 ----a-w- c:\windows\ShowWnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
2004-03-11 23:18 135168 -c--a-w- c:\program files\Digital Media Reader\shwiconEM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Schedule"=2 (0x2)
"ATTRcAppSvc"=3 (0x3)
"aawservice"=2 (0x2)
"xmlprov"=3 (0x3)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"WmiApSrv"=3 (0x3)
"WmdmPmSN"=3 (0x3)
"WebClient"=2 (0x2)
"VSS"=3 (0x3)
"Viewpoint Manager Service"=2 (0x2)
"usprserv"=3 (0x3)
"UPS"=3 (0x3)
"upnphost"=3 (0x3)
"TrkWks"=2 (0x2)
"TermService"=2 (0x2)
"TapiSrv"=3 (0x3)
"SysmonLog"=3 (0x3)
"SwPrv"=3 (0x3)
"stisvc"=3 (0x3)
"SSDPSRV"=3 (0x3)
"srservice"=2 (0x2)
"SharedAccess"=2 (0x2)
"SENS"=2 (0x2)
"seclogon"=2 (0x2)
"SCardSvr"=3 (0x3)
"SamSs"=2 (0x2)
"RSVP"=3 (0x3)
"RDSessMgr"=3 (0x3)
"RasMan"=3 (0x3)
"RasAuto"=3 (0x3)
"ProtectedStorage"=2 (0x2)
"PolicyAgent"=2 (0x2)
"NVSvc"=2 (0x2)
"NtmsSvc"=3 (0x3)
"NtLmSsp"=3 (0x3)
"Nla"=3 (0x3)
"Netlogon"=3 (0x3)
"napagent"=3 (0x3)
"MSDTC"=3 (0x3)
"mnmsrvc"=3 (0x3)
"lxbu_device"=3 (0x3)
"LmHosts"=2 (0x2)
"lanmanworkstation"=2 (0x2)
"lanmanserver"=2 (0x2)
"ImapiService"=3 (0x3)
"HTTPFilter"=3 (0x3)
"hkmsvc"=3 (0x3)
"HidServ"=2 (0x2)
"helpsvc"=2 (0x2)
"FastUserSwitchingCompatibility"=2 (0x2)
"EventSystem"=3 (0x3)
"ERSvc"=2 (0x2)
"EapHost"=3 (0x3)
"Dot3svc"=3 (0x3)
"Dnscache"=2 (0x2)
"dmserver"=3 (0x3)
"dmadmin"=3 (0x3)
"CryptSvc"=3 (0x3)
"COMSysApp"=3 (0x3)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"CiSvc"=3 (0x3)
"Browser"=2 (0x2)
"Brother XP spl Service"=2 (0x2)
"bmwebcfg"=2 (0x2)
"BITS"=3 (0x3)
"Autodesk Licensing Service"=3 (0x3)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"ALG"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"nTuneService"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"iPod Service"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Microsoft Games\\Halo Custom Edition\\haloce.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\lxbucoms.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"2479:TCP"= 2479:TCP:Services
"6243:TCP"= 6243:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
"5723:TCP"= 5723:TCP:Services
"5037:TCP"= 5037:TCP:Services
"8574:TCP"= 8574:TCP:Services
"1036:TCP"= 1036:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
"7615:TCP"= 7615:TCP:Services
"7614:TCP"= 7614:TCP:Services
"7646:TCP"= 7646:TCP:Services
"7645:TCP"= 7645:TCP:Services
"7849:TCP"= 7849:TCP:Services
"7848:TCP"= 7848:TCP:Services
"9458:TCP"= 9458:TCP:Services
"9459:TCP"= 9459:TCP:Services
"4353:TCP"= 4353:TCP:Services
"7206:TCP"= 7206:TCP:Services

S0 Lbd;Lbd; [x]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [3/31/2010 11:31 PM 20968]
S3 SWNC8U56;Sierra Wireless MUX NDIS Driver (UMTS56);c:\windows\system32\drivers\swnc8u56.sys [6/27/2007 11:41 AM 101248]
S3 SWUMX56;Sierra Wireless USB MUX Driver (UMTS56);c:\windows\system32\drivers\swumx56.sys [6/27/2007 11:42 AM 73856]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/15/2009 12:56 PM 24652]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - CPUZ133
.
Contents of the 'Scheduled Tasks' folder

2009-12-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ujeraeka.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, falsec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-BitTorrent DNA - c:\program files\DNA\btdna.exe
MSConfigStartUp-FaxCenterServer - c:\program files\Lexmark Fax Solutions\fm3032.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-01 01:27
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXBUCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x845FF478]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74cbf28
\Driver\ACPI -> 0x845ff478
\Driver\atapi -> atapi.sys @ 0xf73f6852
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805e668e
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805e668e
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
NDIS: NVIDIA nForce MCP Networking Controller -> SendCompleteHandler -> 0x8454f330
PacketIndicateHandler -> NDIS.sys @ 0xf730fa21
SendHandler -> NDIS.sys @ 0xf72ed87b
Warning: possible MBR rootkit infection !
copy of MBR has been found in sector 0x012A18AC1
malicious code @ sector 0x012A18AC4 !
PE file found in sector at 0x012A18ADA !
MBR rootkit infection detected ! Use: "mbr.exe -f" to fix.

**************************************************************************
.
Completion time: 2010-04-01 01:31:46
ComboFix-quarantined-files.txt 2010-04-01 05:31
ComboFix2.txt 2010-03-27 02:44
ComboFix3.txt 2010-03-27 02:09
ComboFix4.txt 2009-02-03 16:56
ComboFix5.txt 2010-04-01 05:19

Pre-Run: 129,441,267,712 bytes free
Post-Run: 129,402,056,704 bytes free

- - End Of File - - 7BDB0B89A53F5F8044453E9619F81036


That should be all of it.
 
1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box

Code: 
File::
c:\documents and settings\Owner\Local Settings\Application Data\706991270.dll

DIRLOOK::
c:\documents and settings\Owner\Local Settings\Application Data\{6DD9279C-E19C-4848-8EA6-CE44AEF9E731}

3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!


CFScript-1.gif


ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.

You also need to run Ccleaner to clean out all your old temp files and such. Get it here and set it up with the options in the attached image and click on run cleaner.

http://www.filehippo.com/download_ccleaner/
 

Attachments

  • ccleaner.JPG
    ccleaner.JPG
    76.3 KB · Views: 45
You must log in or register to reply here.
Back
Top