[SOLVED] internet Links get redirected

[Gaurav1993]

hi,

My computer seems to have picked up the google redirect bug where the links that google generates on searches always redirect when clicked on to other related sites. Ie if i search for the DVLA (driver and vehicle licensing agency) and click on the link to the dvla website, it will redirect me to some dodgy site seeling private plates.

Anyone know how to get rid of this annoying piece of spyware?

Thanks

DDS (Ver_09-07-30.01) - NTFSx86
Run by user at 13:34:44.89 on Sat 05/09/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.64.1033.18.3071.2260 [GMT 12:00]

AV: Norton AntiVirus *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Norton AntiVirus\Engine\16.7.2.10\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Norton AntiVirus\Engine\16.7.2.10\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\System32\mmc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\user\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.nz/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://search.shareazaweb.com/sidebar.html?src=ssb
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 80.153.156.21:1080
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\documents and settings\all users\desktop\orbitdownloader\orbitcth.dll
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\16.7.2.10\IPSBHO.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: UrlHelper Class: {cfc4f59b-a2da-4e12-b337-52a4f871e10c} - c:\program files\shareaza applications\shareaza mediabar\ShareazaIEHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\documents and settings\all users\desktop\orbitdownloader\GrabPro.dll
TB: Shareaza MediaBar: {196c3a46-4758-433d-a600-802c804af39c} - c:\program files\shareaza applications\shareaza mediabar\ShareazaMediaBar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
EB: &AdVantage Branding Window: {d367a4af-8202-4173-a115-9831108f1e0a} - %SystemRoot%\system32\shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [autochk] rundll32.exe c:\docume~1\user\protect.dll,_IWMPEvents@16
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [autochk] rundll32.exe c:\windows\system32\autochk.dll,_IWMPEvents@16
dRun: [autochk] rundll32.exe c:\windows\system32\config\system~1\protect.dll,_IWMPEvents@16
dRunOnce: [<NO NAME>]
mExplorerRun: [<NO NAME>] 1 (0x1)
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hdadec~1.lnk - c:\program files\via\viaudioi\hdadeck\HDeck.exe
IE: &Download by Orbit - c:\documents and settings\all users\desktop\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\documents and settings\all users\desktop\orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\documents and settings\all users\desktop\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\documents and settings\all users\desktop\orbitdownloader\orbitmxt.dll/202
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/MyFunCardsInitialSetup1.0.1.1.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Monopoly/Images/armhelper.ocx
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\t380ja7t.default\
FF - prefs.js: browser.startup.homepage - www.google.co.nz
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 81
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 81
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 81
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\documents and settings\user\application data\idm\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1007020.00a\SymEFA.sys [2009-8-20 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nav\1007020.00a\BHDrvx86.sys [2009-8-20 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nav\1007020.00a\cchpx86.sys [2009-8-20 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090810.001\IDSXpx86.sys [2009-8-12 276344]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-5-14 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-5-14 72944]
R2 Norton AntiVirus;Norton AntiVirus;c:\program files\norton antivirus\engine\16.7.2.10\ccSvcHst.exe [2009-8-20 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-8-26 102448]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090904.024\NAVENG.SYS [2009-9-5 84912]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090904.024\NAVEX15.SYS [2009-9-5 1323568]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-1-26 845184]
S2 gupdate1c987e088888b26;Google Update Service (gupdate1c987e088888b26);c:\program files\google\update\GoogleUpdate.exe [2009-2-6 133104]
S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;\??\c:\documents and settings\user\desktop\new folder\new folder\ms v70 hax 3.5\engines + cts\moonlight engine\money1299.sys --> c:\documents and settings\user\desktop\new folder\new folder\ms v70 hax 3.5\engines + cts\moonlight engine\Money1299.sys [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-5-14 7408]
S3 SoRa_DRIVER53;SoRa_DRIVER53;\??\c:\documents and settings\user\desktop\new folder\new folder\ms v70 hax 3.5\engines + cts\sora 4.6\sora_.sys --> c:\documents and settings\user\desktop\new folder\new folder\ms v70 hax 3.5\engines + cts\sora 4.6\SoRa_.sys [?]

2009-09-05 00:06 19,968 a--sh--- c:\windows\system32\autochk.dll
2009-09-05 00:06 19,968 a--sh--- c:\documents and settings\user\protect.dll
2009-09-05 00:03 <DIR> --d----- c:\docume~1\alluse~1\applic~1\18550154
2009-09-04 23:56 43 a------- c:\windows\system32\kbiwkmtddhocfr.dat
2009-09-03 21:58 20,480 a------- c:\windows\system32\H@tKeysH@@k.DLL
2009-08-31 22:05 <DIR> --d----- c:\docume~1\user\applic~1\GetRightToGo
2009-08-30 21:57 1,970,176 a------- c:\windows\system32\d3dx9.dll
2009-08-30 21:57 <DIR> --d----- c:\program files\Cheat Engine
2009-08-30 18:21 0 a------- c:\windows\system32\Ÿ;Ÿ;
2009-08-30 15:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Test Drive Unlimited
2009-08-30 15:46 19,968 a------- c:\windows\system32\kbiwkmjugiakjc.dll
2009-08-30 15:46 44,544 a------- c:\windows\system32\kbiwkmcjexiija.dll
2009-08-30 15:46 25,463 a------- c:\windows\system32\kbiwkmppvfwwyo.dat
2009-08-30 12:06 <DIR> --d----- c:\docume~1\user\applic~1\IDM
2009-08-30 12:06 <DIR> --d----- c:\program files\Internet Download Manager
2009-08-29 09:36 <DIR> --d----- c:\program files\Norton Support
2009-08-28 21:49 25,280 a------- c:\windows\system32\drivers\hamachi.sys
2009-08-21 17:46 <DIR> --d----- c:\program files\Xilisoft
2009-08-20 20:42 <DIR> --d----- C:\spoolerlogs
2009-08-19 23:09 <DIR> --d----- c:\docume~1\user\applic~1\DMCache
2009-08-18 19:57 <DIR> --d----- c:\program files\EAGLE-5.6.0
2009-08-18 19:57 <DIR> --d----- c:\docume~1\user\applic~1\CadSoft
2009-08-18 19:51 <DIR> --d----- c:\program files\EAGLE-4.09r2
2009-08-18 19:51 299,520 a------- c:\windows\uninst.exe
2009-08-18 19:51 <DIR> --d----- c:\documents and settings\user\WINDOWS
2009-08-18 19:34 3,770 a------- c:\windows\GK.VUE
2009-08-18 19:32 <DIR> --d-h--- c:\windows\PIF
2009-08-14 23:51 <DIR> --d----- C:\05a6470875cce6fb0a2d0b4cec36
2009-08-14 22:53 <DIR> --d----- c:\docume~1\user\applic~1\Xilisoft Corporation
2009-08-14 21:26 <DIR> --d----- c:\program files\Valve
2009-08-08 20:25 3,245 a------- c:\windows\system32\wbem\Outlook_01ca1801d2e0e64e.mof
2009-08-08 14:49 <DIR> --d----- c:\program files\Codemasters
2009-08-08 14:49 4,178,264 a------- c:\windows\system32\D3DX9_41.dll
2009-08-08 14:49 1,846,632 a------- c:\windows\system32\D3DCompiler_41.dll
2009-08-08 14:49 453,456 a------- c:\windows\system32\d3dx10_41.dll
2009-08-08 14:49 517,448 a------- c:\windows\system32\XAudio2_4.dll
2009-08-08 14:49 69,448 a------- c:\windows\system32\XAPOFX1_3.dll
2009-08-08 14:49 235,352 a------- c:\windows\system32\xactengine3_4.dll
2009-08-08 14:49 22,360 a------- c:\windows\system32\X3DAudio1_6.dll

==================== Find3M ====================

2009-08-24 20:47 2,244,208 a------- c:\windows\system32\FNTCACHE.DAT
2009-08-20 21:48 124,976 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-08-20 21:48 60,808 a------- c:\windows\system32\S32EVNT1.DLL
2009-08-20 21:48 7,456 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-08-20 21:48 806 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-08-19 06:59 36,400 a----r-- c:\windows\system32\drivers\SymIM.sys
2009-08-05 21:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-19 13:07 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-07-19 13:07 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2009-07-19 13:07 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-07-19 09:21 434,688 a------- c:\windows\system32\ss2uinst.exe
2009-07-18 07:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
2009-07-04 05:09 915,456 a------- c:\windows\system32\wininet.dll
2009-07-02 23:23 311,296 a------- c:\windows\system32\sbcrreag.dll
2009-06-25 20:25 730,112 a------- c:\windows\system32\lsasrv.dll
2009-06-25 20:25 301,568 a------- c:\windows\system32\kerberos.dll
2009-06-25 20:25 147,456 a------- c:\windows\system32\schannel.dll
2009-06-25 20:25 136,192 a------- c:\windows\system32\msv1_0.dll
2009-06-25 20:25 56,832 a------- c:\windows\system32\secur32.dll
2009-06-25 20:25 54,272 a------- c:\windows\system32\wdigest.dll
2009-06-25 14:40 157,529 a------- c:\windows\hpoins28.dat
2009-06-17 02:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-17 02:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-13 00:31 76,288 a------- c:\windows\system32\telnet.exe
2009-06-11 02:13 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 18:14 132,096 a------- c:\windows\system32\wkssvc.dll
2009-06-10 09:19 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-06-10 08:28 3,510,272 a------- c:\windows\system32\nvgames.dll
2009-06-10 08:28 4,022,272 a------- c:\windows\system32\nvdisps.dll
2009-06-10 08:28 13,758,464 a------- c:\windows\system32\nvcpl.dll
2009-06-10 08:28 168,004 a------- c:\windows\system32\nvsvc32.exe
2009-06-10 08:28 143,360 a------- c:\windows\system32\nvcolor.exe
2009-06-10 08:28 86,016 a------- c:\windows\system32\nvmctray.dll
2009-06-10 08:28 229,376 a------- c:\windows\system32\nvmccs.dll
2009-06-10 06:03 9,998,336 a------- c:\windows\system32\nvoglnt.dll
2009-06-10 06:03 5,908,608 a------- c:\windows\system32\nv4_disp.dll
2009-06-10 06:03 1,720,320 a------- c:\windows\system32\nvcuda.dll
2009-06-10 06:03 1,580,550 a------- c:\windows\system32\nvdata.bin
2009-06-10 06:03 1,310,720 a------- c:\windows\system32\nvcuvenc.dll
2009-06-10 06:03 815,104 a------- c:\windows\system32\nvapi.dll
2009-06-10 06:03 671,744 a------- c:\windows\system32\nvcuvid.dll
2009-06-10 06:03 457,248 a------- c:\windows\system32\nvudisp.exe
2009-06-10 06:03 151,552 a------- c:\windows\system32\nvcodins.dll
2009-06-10 06:03 151,552 a------- c:\windows\system32\nvcod.dll

============= FINISH: 13:35:13.07 ===============

[chemist]

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

One or more of the identified infections is a backdoor trojan, although it seems to no longer be active on your system.

This type of infection allows hackers to remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Please refer to Microsoft's Online Safety article for tips on creating a strong password.

Do not change passwords or do any transactions from the infected computer until it has been cleaned.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Please visit this webpage for download links, and instructions for running ComboFix:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix.

Get help here

Please post the C:\ComboFix.txt in your next reply for further review.

------------------------------------------------------

It appears you attached DDS.txt instead of the second log from dds, Attach.txt to your initial post.

Please run dds again and attach Attach.txt to your next reply.

------------------------------------------------------

[Gaurav1993]

thank you soo much for replying, this virus is getting annoying.
heres my combofix log

ComboFix 09-09-06.04 - user 07/09/2009 20:03.1.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.64.1033.18.3071.2438 [GMT 12:00]
Running from: c:\documents and settings\user\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\user\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\NetworkService\protect.dll
c:\documents and settings\user\protect.dll
c:\windows\system32\autochk.dll
c:\windows\system32\config\systemprofile\protect.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ILVMONEYDRIVER53
-------\Service_IlvMoneyDRIVER53


((((((((((((((((((((((((( Files Created from 2009-08-07 to 2009-09-07 )))))))))))))))))))))))))))))))
.

2009-09-07 07:09 . 2009-09-07 07:09 222048 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-09-07 07:02 . 2009-09-07 07:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-06 11:43 . 2009-09-06 11:43 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\ICS
2009-09-04 12:03 . 2009-09-04 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\18550154
2009-09-03 09:58 . 2009-09-03 10:10 20480 ----a-w- c:\windows\system32\H@tKeysH@@k.DLL
2009-08-31 10:05 . 2009-08-31 10:06 -------- d-----w- c:\documents and settings\user\Application Data\GetRightToGo
2009-08-30 09:57 . 2009-08-30 10:02 -------- d-----w- c:\program files\Cheat Engine
2009-08-30 09:57 . 2007-12-26 05:30 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2009-08-30 05:39 . 2009-08-30 05:39 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\THQ
2009-08-30 03:50 . 2009-09-04 03:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Test Drive Unlimited
2009-08-28 21:36 . 2009-08-28 21:36 -------- d-----w- c:\program files\Norton Support
2009-08-28 21:35 . 2009-08-28 21:35 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Symantec
2009-08-28 09:49 . 2009-08-29 13:15 -------- d-----w- c:\documents and settings\user\Application Data\Hamachi
2009-08-28 09:49 . 2009-08-28 09:49 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-08-24 08:39 . 2009-08-24 08:48 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-08-21 23:32 . 2009-08-22 21:55 -------- d-----w- c:\program files\7-Zip
2009-08-21 08:17 . 2009-08-21 08:17 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Xilisoft Corporation
2009-08-21 05:46 . 2009-08-21 05:46 -------- d-----w- c:\program files\Xilisoft
2009-08-20 08:42 . 2009-08-20 08:42 -------- d-----w- C:\spoolerlogs
2009-08-19 11:09 . 2009-09-07 07:21 -------- d-----w- c:\documents and settings\user\Application Data\DMCache
2009-08-18 07:57 . 2009-08-22 06:39 -------- d-----w- c:\program files\EAGLE-5.6.0
2009-08-18 07:57 . 2009-08-18 07:57 -------- d-----w- c:\documents and settings\user\Application Data\CadSoft
2009-08-18 07:51 . 2009-08-18 07:58 -------- d-----w- c:\program files\EAGLE-4.09r2
2009-08-18 07:51 . 1997-04-08 08:08 299520 ----a-w- c:\windows\uninst.exe
2009-08-18 07:51 . 2009-08-18 07:51 -------- d-----w- c:\documents and settings\user\WINDOWS
2009-08-18 07:32 . 2009-08-18 07:32 -------- d--h--w- c:\windows\PIF
2009-08-14 11:51 . 2009-08-14 11:51 -------- d-----w- C:\05a6470875cce6fb0a2d0b4cec36
2009-08-14 10:53 . 2009-08-21 05:47 -------- d-----w- c:\documents and settings\user\Application Data\Xilisoft Corporation
2009-08-14 09:26 . 2009-08-14 09:27 -------- d-----w- c:\program files\Valve
2009-08-08 23:54 . 2009-08-08 23:54 -------- d-----w- c:\documents and settings\Guest

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-07 07:38 . 2009-01-26 21:00 -------- d-----w- c:\program files\DivX
2009-09-07 07:26 . 2009-05-12 09:24 -------- d-----w- c:\program files\RivaTuner v2.24
2009-09-07 07:09 . 2009-07-03 23:27 -------- d-----w- c:\program files\DNA
2009-09-07 07:06 . 2009-07-03 23:27 -------- d-----w- c:\documents and settings\user\Application Data\DNA
2009-09-07 06:58 . 2009-04-22 12:13 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2009-09-06 11:17 . 2009-08-03 08:25 -------- d-----w- c:\program files\Symantec
2009-09-06 09:26 . 2009-02-05 22:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-09-04 12:30 . 2009-03-16 21:18 -------- d-----w- c:\documents and settings\user\Application Data\BitTorrent
2009-08-30 00:58 . 2009-01-26 03:06 -------- d-----w- c:\program files\Microsoft Games
2009-08-29 08:54 . 2009-07-18 08:56 -------- d-----w- c:\documents and settings\user\Application Data\Bioshock
2009-08-25 08:01 . 2009-08-08 02:49 -------- d-----w- c:\program files\Codemasters
2009-08-25 04:02 . 2009-01-25 18:01 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-25 02:16 . 2009-01-26 08:12 97400 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-24 08:49 . 2009-03-01 07:45 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-20 09:48 . 2009-08-03 08:25 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-08-20 09:48 . 2009-08-03 08:25 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-08-20 09:48 . 2009-08-03 08:25 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2009-08-20 09:48 . 2009-08-03 08:25 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-08-18 18:59 . 2009-08-03 08:25 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys
2009-08-18 07:49 . 2009-01-26 03:43 -------- d-----w- c:\program files\Google
2009-08-13 18:58 . 2009-09-07 07:03 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-08-08 23:55 . 2009-03-01 07:50 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-08-06 07:07 . 2009-06-06 03:11 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-08-05 09:01 . 2008-04-14 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 20:19 . 2009-01-25 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-08-03 08:43 . 2009-01-25 17:47 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-08-03 08:24 . 2009-08-03 08:24 -------- d-----w- c:\program files\Norton AntiVirus
2009-08-03 08:24 . 2009-08-03 08:24 -------- d-----w- c:\program files\Windows Sidebar
2009-08-03 08:24 . 2009-08-03 08:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2009-08-03 08:23 . 2009-08-03 08:23 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-08-03 08:23 . 2009-08-03 08:23 -------- d-----w- c:\program files\NortonInstaller
2009-08-03 07:16 . 2009-01-26 02:00 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-07-24 09:07 . 2009-01-26 05:10 -------- d-----w- c:\documents and settings\user\Application Data\Orbit
2009-07-21 20:33 . 2009-07-21 20:33 -------- d-----w- c:\documents and settings\All Users\Application Data\2DBoy
2009-07-19 10:57 . 2009-07-19 10:54 -------- d-----w- c:\program files\WorldOfGoo
2009-07-19 01:09 . 2009-07-19 01:09 -------- d-----w- c:\documents and settings\user\Application Data\Logitech
2009-07-19 01:08 . 2009-07-19 01:05 -------- d-----w- c:\program files\Common Files\Logishrd
2009-07-19 01:07 . 2009-07-19 01:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-07-19 01:07 . 2009-07-19 01:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2009-07-19 01:07 . 2009-07-19 01:07 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-07-19 01:05 . 2009-07-19 01:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
2009-07-19 01:05 . 2009-07-19 01:05 -------- d-----w- c:\program files\Logitech
2009-07-19 01:05 . 2009-07-19 01:05 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd
2009-07-18 22:28 . 2009-07-18 22:28 -------- d-----w- c:\documents and settings\user\Application Data\ProxyCap
2009-07-18 21:21 . 2009-07-18 21:21 434688 ----a-w- c:\windows\system32\ss2uinst.exe
2009-07-18 21:03 . 2009-07-18 21:03 -------- d-----w- c:\documents and settings\user\Application Data\MiniDm
2009-07-18 20:58 . 2009-07-18 20:58 -------- d-----w- c:\documents and settings\user\Application Data\IEPro
2009-07-18 08:13 . 2009-07-18 08:13 -------- d-----w- c:\program files\2K Games
2009-07-17 19:01 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 09:23 . 2009-07-17 09:23 -------- d-----w- c:\program files\Activision
2009-07-13 11:43 . 2008-04-14 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 17:09 . 2008-04-14 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-02 11:23 . 2009-07-02 11:23 311296 ----a-w- c:\windows\system32\sbcrreag.dll
2009-06-25 08:25 . 2008-04-14 12:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2008-04-14 12:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2008-04-14 12:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2008-04-14 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:25 . 2008-04-14 12:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2008-04-14 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 02:40 . 2009-03-29 02:44 157529 ----a-w- c:\windows\hpoins28.dat
2009-06-24 11:18 . 2008-04-14 12:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:36 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-12 12:31 . 2008-04-14 12:00 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:13 . 2008-04-14 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2008-04-14 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-09 21:19 . 2009-01-25 17:32 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-09 20:28 . 2009-06-09 20:28 3510272 ----a-w- c:\windows\system32\nvgames.dll
2009-06-09 20:28 . 2009-06-09 20:28 4022272 ----a-w- c:\windows\system32\nvdisps.dll
2009-06-09 20:28 . 2009-06-09 20:28 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-06-09 20:28 . 2009-06-09 20:28 168004 ----a-w- c:\windows\system32\nvsvc32.exe
2009-06-09 20:28 . 2009-06-09 20:28 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-06-09 20:28 . 2009-06-09 20:28 13758464 ----a-w- c:\windows\system32\nvcpl.dll
2009-06-09 20:28 . 2009-06-09 20:28 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-06-09 18:03 . 2009-06-09 18:03 1580550 ----a-w- c:\windows\system32\nvdata.bin
2009-06-09 18:03 . 2009-06-09 18:03 1310720 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-06-09 18:03 . 2009-02-09 00:18 671744 ----a-w- c:\windows\system32\nvcuvid.dll
2009-06-09 18:03 . 2009-01-25 17:59 457248 ----a-w- c:\windows\system32\nvudisp.exe
2009-06-09 18:03 . 2008-05-03 06:46 9998336 ----a-w- c:\windows\system32\nvoglnt.dll
2009-06-09 18:03 . 2008-05-03 06:46 815104 ----a-w- c:\windows\system32\nvapi.dll
2009-06-09 18:03 . 2008-05-03 06:46 8087712 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-06-09 18:03 . 2008-05-03 06:46 5908608 ----a-w- c:\windows\system32\nv4_disp.dll
2009-06-09 18:03 . 2008-05-03 06:46 1720320 ----a-w- c:\windows\system32\nvcuda.dll
2009-06-09 18:03 . 2008-05-03 06:46 151552 ----a-w- c:\windows\system32\nvcodins.dll
2009-06-09 18:03 . 2008-05-03 06:46 151552 ----a-w- c:\windows\system32\nvcod.dll
2008-06-30 01:44 . 2009-06-06 03:59 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
2008-09-02 14:07 398784 ----a-w- c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2008-09-02 529856]

[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2008-09-02 529856]

[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2008-04-14 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-09 13758464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-09 86016]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-09-20 55824]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-09-20 55824]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HD ADeck.lnk - c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-1-26 30003200]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-12 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 00:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2007-11-14 22:10 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\documents and settings\user\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^Need for Speed™ Undercover Registration.lnk]
path=c:\documents and settings\user\Start Menu\Programs\Startup\Need for Speed™ Undercover Registration.lnk
backup=c:\windows\pss\Need for Speed™ Undercover Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^Shortcut to VIA HD Audio Deck.lnk]
path=c:\documents and settings\user\Start Menu\Programs\Startup\Shortcut to VIA HD Audio Deck.lnk
backup=c:\windows\pss\Shortcut to VIA HD Audio Deck.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Codemasters\\Ashes Cricket 2009\\Cricket2009.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Documents and Settings\\user\\My Documents\\Downloads\\[PC] Test Drive Unlimited [PROPER] [RIP] [dopeman]\\TDU\\TestDriveUnlimited.exe"=

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1007020.00A\SymEFA.sys [20/08/2009 9:48 p.m. 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NAV\1007020.00A\BHDrvx86.sys [20/08/2009 9:48 p.m. 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1007020.00A\cchpx86.sys [20/08/2009 9:48 p.m. 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090904.002\IDSXpx86.sys [6/09/2009 9:38 a.m. 276344]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [14/05/2009 2:22 p.m. 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [14/05/2009 2:22 p.m. 72944]
R2 Norton AntiVirus;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\16.7.2.10\ccSvcHst.exe [20/08/2009 9:48 p.m. 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [26/08/2009 8:00 p.m. 102448]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [26/01/2009 6:06 a.m. 845184]
S2 gupdate1c987e088888b26;Google Update Service (gupdate1c987e088888b26);c:\program files\Google\Update\GoogleUpdate.exe [6/02/2009 10:24 a.m. 133104]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [14/05/2009 2:22 p.m. 7408]
S3 SoRa_DRIVER53;SoRa_DRIVER53;\??\c:\documents and settings\user\Desktop\New Folder\New Folder\MS v70 Hax 3.5\Engines + CTs\SoRa 4.6\SoRa_.sys --> c:\documents and settings\user\Desktop\New Folder\New Folder\MS v70 Hax 3.5\Engines + CTs\SoRa 4.6\SoRa_.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-26 03:45]

2009-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 22:24]

2009-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 22:24]

2009-09-07 c:\windows\Tasks\User_Feed_Synchronization-{F09015BD-E3FE-40C5-BA2A-9699E76672A3}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 16:31]
.
- - - - ORPHANS REMOVED - - - -

HKU-Default-Run-autochk - c:\windows\system32\config\SYSTEM~1\protect.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.nz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 80.153.156.21:1080
IE: &Download by Orbit - c:\documents and settings\All Users\Desktop\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\documents and settings\All Users\Desktop\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\documents and settings\All Users\Desktop\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\documents and settings\All Users\Desktop\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvLsp.dll
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\t380ja7t.default\
FF - prefs.js: browser.startup.homepage - www.google.co.nz
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 81
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 81
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 81
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-07 20:10
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\16.7.2.10\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"c:\program files\Norton AntiVirus\Engine\16.7.2.10\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-57989841-1644491937-1417001333-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-57989841-1644491937-1417001333-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5f,90,2f,88,35,c2,f7,5c,e0,36,66,76,49,9d,4e,ed,78,86,8d,8d,f2,27,2a,
44,44,49,80,58,67,8f,46,47,7a,70,b6,a6,72,e7,1d,58,ce,c9,2b,34,48,7e,89,e5,\
"??"=hex:97,1d,ce,1e,72,5a,e9,94,f9,49,d2,00,89,62,6b,c5

[HKEY_USERS\S-1-5-21-57989841-1644491937-1417001333-1004\Software\SecuROM\License information*]
"datasecu"=hex:be,5e,a2,a4,61,f2,80,07,4b,35,98,8f,38,4b,9d,9d,23,42,c4,87,d2,
4e,02,68,32,e4,6f,a8,47,4f,6d,af,57,9f,24,ec,63,93,9a,4d,ca,7c,da,e0,8b,44,\
"rkeysecu"=hex:6c,60,7e,64,5e,1b,d7,fc,ef,a0,e3,46,02,d3,44,71

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):af,73,4d,dc,45,2d,4e,c3,f1,7a,ab,87,3e,e0,fe,e9,89,77,eb,6a,8f,
6e,f3,68,73,09,62,dd,8b,ce,d1,e7,94,ed,e8,28,e1,3b,2f,a2,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8a97a2a9-a6eb-43bc-9b74-688d3e51adcb}]
@Denied: (Full) (Everyone)
"Model"=dword:000000f9
"Therad"=dword:00000014
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(924)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'lsass.exe'(980)
c:\windows\system32\nvLsp.dll

- - - - - - - > 'explorer.exe'(2288)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-09-07 20:12 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-07 08:12

Pre-Run: 362,951,688,192 bytes free
Post-Run: 363,441,823,744 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

344 --- E O F --- 2009-09-02 11:35

[Gaurav1993]

as i was getting very impatient i ran this combo fix yesterday, but i havent done anything else, i hope it doesnt make a difference.

[chemist]

Hello Gaurav1993. It is unwise to run ComboFix until a trained helper has had a look at your logs. How is your machine behaving?

Please copy this page to Notepad and Save it to your Desktop in order to assist you when carrying out the following instructions.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding.
Ensure that there aren't any opened browsers when you are carrying out the procedures below.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

------------------------------------------------------

Do you normally use a proxy server?

------------------------------------------------------

Close any open browsers.

Disable your antivirus and antispyware applications, usually via a right-click on the System Tray icon. They may otherwise interfere with ComboFix.

Open Notepad and copy/paste all the text in the codebox below into Notepad:

Code:

Folder::
c:\documents and settings\All Users\Application Data\18550154
c:\documents and settings\user\Application Data\GetRightToGo
c:\documents and settings\All Users\Application Data\McAfee
c:\program files\Shareaza Applications

DDS::
uInternet Connection Wizard,ShellNext = iexplore

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
"c:\\Program Files\\DNA\\btdna.exe"=-

Save this Notepad file as CFScript.txt to your Desktop and then close the file.





Referring to the picture above, drag CFScript onto ComboFix

If you are prompted to update ComboFix and have an internet connection, please choose Yes

Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.

When finished, it shall produce a log for you. Please post that log, ComboFix.txt in your next reply.

------------------------------------------------------

Your Java is out of date.

Java(TM) 6 Update 13 can be updated from the Java Control Panel. Go Start > Control Panel(Classic View) > Java (looks like a coffee cup) > Update Tab > Update Now. An update should begin; follow the prompts.

Make sure you untick the box next to whatever free program they prompt you to install, unless you want it.

------------------------------------------------------

Please download ATF-Cleaner by Atribune and Save it to your Desktop.

• Double-click ATF-Cleaner.exe to run the program.
• Under Main choose: Select All
• Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
• Click the Empty Selected button.
• NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

• Click Opera at the top and choose: Select All
• Click the Empty Selected button.
• NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

------------------------------------------------------

Please run this online scan to help look for remnants. Ensure your external and/or USB drives are inserted during the scan.

Establish an internet connection & perform an online scan at Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

• Click Run at any Security prompt.
• The program will then begin downloading and installing and will also update the database.
• Please be patient as this can take several minutes.
• Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
• Click View scan report at the bottom.
• Click the Save Report As... button.
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

• Close any open programs.
• Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.

------------------------------------------------------

Please post the following in your next reply:

ComboFix.txt
Kaspersky report
report on system behavior

[Gaurav1993]

my computer is now behaving normally all links on the internet are working except a message pops up around every 5 minutes it says "msfeedssync.exe - Application Error the instruction at "0x7e4195c8" referenced memory at "0x00000048". the memory could not be "read" i click OK and it pops up again i click OK and "Microsoft Feeds Synchronization has encountered a propblem and needs to close. we are sorry for the inconvenience." i click on dont sen and it goes away but this happens around every 5 minutes.

i have attatched the combofix log as it was too long

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Tuesday, September 8, 2009
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, September 08, 2009 04:29:47
Records in database: 2758913
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\

Scan statistics:
Objects scanned: 172071
Threats found: 1
Infected objects found: 1
Suspicious objects found: 0
Scan duration: 01:57:06


File name / Threat / Threats count
C:\Qoobox\Quarantine\C\WINDOWS\system32\config\systemprofile\protect.dll.vir Infected: Trojan.Win32.Agent2.lbu 1

Selected area has been scanned.

[Gaurav1993]

ComboFix 09-09-07.03 - user 08/09/2009 13:49.2.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.64.1033.18.3071.2463 [GMT 12:00]
Running from: c:\documents and settings\user\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\user\Desktop\CFScript.txt
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\18550154
c:\documents and settings\All Users\Application Data\18550154\18550154
c:\documents and settings\All Users\Application Data\18550154\pc18550154ins
c:\documents and settings\All Users\Application Data\McAfee
c:\documents and settings\All Users\Application Data\McAfee\dspwrp\SmartMessaging.db
c:\documents and settings\All Users\Application Data\McAfee\MSC\Cache\McSubDB.Bak
c:\documents and settings\All Users\Application Data\McAfee\MSC\mcini.ini
c:\documents and settings\All Users\Application Data\McAfee\MSC\McSubDB.Dat
c:\documents and settings\user\Application Data\GetRightToGo
c:\documents and settings\user\Application Data\GetRightToGo\Lexus_Xbox_Live_Trailer_With_Gamma_Correction-wmv.data
c:\documents and settings\user\Application Data\GetRightToGo\Lexus_Xbox_Live_Trailer_With_Gamma_Correction-wmv.data0
c:\program files\Shareaza Applications
c:\program files\Shareaza Applications\Shareaza MediaBar\basis.xml
c:\program files\Shareaza Applications\Shareaza MediaBar\beforeNavigate.js
c:\program files\Shareaza Applications\Shareaza MediaBar\button_arrow.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\button_arrow_clk.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\button_arrow_hl.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\mailsites.html
c:\program files\Shareaza Applications\Shareaza MediaBar\myemail.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\myemail_hl.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\mysites.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\mysites_hl.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\resizer.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\search.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\search_clk.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\search_hl.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\search_images.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\search_maps.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\search_news.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\search_videos.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\Shareaza.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\Shareaza_icons.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\Shareaza_logo.bmp
c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
c:\program files\Shareaza Applications\Shareaza MediaBar\showSettings.js
c:\program files\Shareaza Applications\Shareaza MediaBar\storesearchcriteria.js
c:\program files\Shareaza Applications\Shareaza MediaBar\Thumbs.db
c:\program files\Shareaza Applications\Shareaza MediaBar\topsites.html
c:\program files\Shareaza Applications\Shareaza MediaBar\Uninstall.exe
c:\program files\Shareaza Applications\Shareaza MediaBar\version.txt
c:\program files\Shareaza Applications\Shareaza MediaBar\web.bmp

.
((((((((((((((((((((((((( Files Created from 2009-08-08 to 2009-09-08 )))))))))))))))))))))))))))))))
.

2009-09-07 10:43 . 2009-09-07 10:43 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-09-07 09:53 . 2009-09-07 09:53 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-09-07 09:53 . 2009-09-07 09:53 -------- d-----w- c:\program files\Zone Labs
2009-09-07 09:52 . 2009-09-08 00:18 -------- d-----w- c:\windows\Internet Logs
2009-09-07 09:21 . 2008-04-14 12:00 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2009-09-07 09:21 . 2008-04-14 12:00 31232 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys
2009-09-07 09:21 . 2008-04-14 12:00 48256 -c--a-w- c:\windows\system32\dllcache\w32.dll
2009-09-07 09:21 . 2008-04-14 12:00 14336 -c--a-w- c:\windows\system32\dllcache\tsprof.exe
2009-09-07 09:21 . 2008-04-14 12:00 21896 -c--a-w- c:\windows\system32\dllcache\tdipx.sys
2009-09-07 09:21 . 2008-04-14 12:00 19464 -c--a-w- c:\windows\system32\dllcache\tdspx.sys
2009-09-07 09:21 . 2008-04-14 12:00 13192 -c--a-w- c:\windows\system32\dllcache\tdasync.sys
2009-09-07 09:19 . 2008-04-14 12:00 39936 -c--a-w- c:\windows\system32\dllcache\hostmib.dll
2009-09-07 09:18 . 2003-03-24 04:52 20540 -c--a-w- c:\windows\system32\dllcache\admin.dll
2009-09-07 08:45 . 2008-04-14 12:00 97792 -c--a-w- c:\windows\system32\dllcache\chtmbx.dll
2009-09-07 08:45 . 2008-04-14 12:00 56320 -c--a-w- c:\windows\system32\dllcache\chtskdic.dll
2009-09-07 08:45 . 2008-04-14 12:00 480256 -c--a-w- c:\windows\system32\dllcache\cintsetp.exe
2009-09-07 08:45 . 2008-04-14 12:00 455168 -c--a-w- c:\windows\system32\dllcache\tintsetp.exe
2009-09-07 08:45 . 2008-04-14 12:00 44032 -c--a-w- c:\windows\system32\dllcache\tintlphr.exe
2009-09-07 08:45 . 2008-04-14 12:00 198656 -c--a-w- c:\windows\system32\dllcache\cintime.dll
2009-09-07 08:45 . 2008-04-14 12:00 173568 -c--a-w- c:\windows\system32\dllcache\chtskf.dll
2009-09-07 08:45 . 2008-04-14 12:00 10240 -c--a-w- c:\windows\system32\dllcache\tmigrate.dll
2009-09-07 08:45 . 2008-04-14 12:00 70144 -c--a-w- c:\windows\system32\dllcache\pintlphr.exe
2009-09-07 08:45 . 2008-04-14 12:00 67584 -c--a-w- c:\windows\system32\dllcache\pmigrate.dll
2009-09-07 08:45 . 2008-04-14 12:00 59392 -c--a-w- c:\windows\system32\dllcache\imscinst.exe
2009-09-07 08:45 . 2008-04-14 12:00 10096640 -c--a-w- c:\windows\system32\dllcache\hwxcht.dll
2009-09-07 08:44 . 2008-04-14 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2009-09-07 08:44 . 2008-04-14 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2009-09-07 08:44 . 2008-04-14 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2009-09-07 08:44 . 2008-04-14 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2009-09-07 07:09 . 2009-09-07 07:09 222048 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-09-07 07:02 . 2009-09-07 07:21 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-06 11:43 . 2009-09-06 11:43 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\ICS
2009-09-03 09:58 . 2009-09-03 10:10 20480 ----a-w- c:\windows\system32\H@tKeysH@@k.DLL
2009-08-30 09:57 . 2009-08-30 10:02 -------- d-----w- c:\program files\Cheat Engine
2009-08-30 09:57 . 2007-12-26 05:30 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2009-08-30 05:39 . 2009-08-30 05:39 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\THQ
2009-08-30 03:50 . 2009-09-04 03:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Test Drive Unlimited
2009-08-28 21:36 . 2009-08-28 21:36 -------- d-----w- c:\program files\Norton Support
2009-08-28 21:35 . 2009-08-28 21:35 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Symantec
2009-08-28 09:49 . 2009-08-29 13:15 -------- d-----w- c:\documents and settings\user\Application Data\Hamachi
2009-08-28 09:49 . 2009-08-28 09:49 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-08-24 08:39 . 2009-08-24 08:48 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-08-21 23:32 . 2009-08-22 21:55 -------- d-----w- c:\program files\7-Zip
2009-08-21 08:17 . 2009-08-21 08:17 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Xilisoft Corporation
2009-08-21 05:46 . 2009-08-21 05:46 -------- d-----w- c:\program files\Xilisoft
2009-08-20 08:42 . 2009-08-20 08:42 -------- d-----w- C:\spoolerlogs
2009-08-19 11:09 . 2009-09-07 07:21 -------- d-----w- c:\documents and settings\user\Application Data\DMCache
2009-08-18 07:57 . 2009-08-22 06:39 -------- d-----w- c:\program files\EAGLE-5.6.0
2009-08-18 07:57 . 2009-08-18 07:57 -------- d-----w- c:\documents and settings\user\Application Data\CadSoft
2009-08-18 07:51 . 2009-08-18 07:58 -------- d-----w- c:\program files\EAGLE-4.09r2
2009-08-18 07:51 . 1997-04-08 08:08 299520 ----a-w- c:\windows\uninst.exe
2009-08-18 07:51 . 2009-08-18 07:51 -------- d-----w- c:\documents and settings\user\WINDOWS
2009-08-18 07:32 . 2009-08-18 07:32 -------- d--h--w- c:\windows\PIF
2009-08-16 15:04 . 2009-08-16 15:04 2173472 ----a-w- c:\windows\system32\nvcplui.exe
2009-08-16 15:04 . 2009-08-16 15:04 81920 ----a-w- c:\windows\system32\nvwddi.dll
2009-08-16 15:03 . 2009-08-16 15:03 3170304 ----a-w- c:\windows\system32\nvwss.dll
2009-08-16 15:03 . 2009-08-16 15:03 4026368 ----a-w- c:\windows\system32\nvvitvs.dll
2009-08-16 15:03 . 2009-08-16 15:03 188416 ----a-w- c:\windows\system32\nvmccss.dll
2009-08-16 15:03 . 2009-08-16 15:03 1286144 ----a-w- c:\windows\system32\nvmobls.dll
2009-08-16 15:03 . 2009-08-16 15:03 3547136 ----a-w- c:\windows\system32\nvgames.dll
2009-08-16 15:03 . 2009-08-16 15:03 4923392 ----a-w- c:\windows\system32\nvdisps.dll
2009-08-16 15:03 . 2009-08-16 15:03 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-08-16 15:03 . 2009-08-16 15:03 168004 ----a-w- c:\windows\system32\nvsvc32.exe
2009-08-16 15:03 . 2009-08-16 15:03 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-08-16 15:03 . 2009-08-16 15:03 13877248 ----a-w- c:\windows\system32\nvcpl.dll
2009-08-16 15:02 . 2009-08-16 15:02 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-08-14 11:51 . 2009-08-14 11:51 -------- d-----w- C:\05a6470875cce6fb0a2d0b4cec36
2009-08-14 10:53 . 2009-08-21 05:47 -------- d-----w- c:\documents and settings\user\Application Data\Xilisoft Corporation
2009-08-14 09:26 . 2009-08-14 09:27 -------- d-----w- c:\program files\Valve
2009-08-14 01:36 . 2009-08-14 01:36 70936 ----a-w- c:\windows\system32\PhysXLoader.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-08 00:14 . 2009-03-29 06:29 -------- d-----w- c:\documents and settings\user\Application Data\HPAppData
2009-09-07 10:44 . 2009-03-01 08:30 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-07 10:43 . 2009-03-01 08:30 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-07 10:43 . 2009-01-25 18:00 -------- d-----w- c:\program files\NVIDIA Corporation
2009-09-07 10:37 . 2009-01-26 08:12 97400 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-07 10:29 . 2009-02-05 22:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-09-07 09:16 . 2009-01-25 17:33 22720 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-07 07:38 . 2009-01-26 21:00 -------- d-----w- c:\program files\DivX
2009-09-07 07:26 . 2009-05-12 09:24 -------- d-----w- c:\program files\RivaTuner v2.24
2009-09-07 07:09 . 2009-07-03 23:27 -------- d-----w- c:\program files\DNA
2009-09-07 07:06 . 2009-07-03 23:27 -------- d-----w- c:\documents and settings\user\Application Data\DNA
2009-09-07 06:58 . 2009-04-22 12:13 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2009-09-06 11:17 . 2009-08-03 08:25 -------- d-----w- c:\program files\Symantec
2009-09-04 12:30 . 2009-03-16 21:18 -------- d-----w- c:\documents and settings\user\Application Data\BitTorrent
2009-08-30 00:58 . 2009-01-26 03:06 -------- d-----w- c:\program files\Microsoft Games
2009-08-29 08:54 . 2009-07-18 08:56 -------- d-----w- c:\documents and settings\user\Application Data\Bioshock
2009-08-25 08:01 . 2009-08-08 02:49 -------- d-----w- c:\program files\Codemasters
2009-08-25 04:02 . 2009-01-25 18:01 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-24 08:49 . 2009-03-01 07:45 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-20 09:48 . 2009-08-03 08:25 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-08-20 09:48 . 2009-08-03 08:25 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-08-20 09:48 . 2009-08-03 08:25 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2009-08-20 09:48 . 2009-08-03 08:25 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-08-18 18:59 . 2009-08-03 08:25 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys
2009-08-18 07:49 . 2009-01-26 03:43 -------- d-----w- c:\program files\Google
2009-08-16 12:57 . 2009-06-09 18:03 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-08-16 12:57 . 2009-06-09 18:03 1597690 ----a-w- c:\windows\system32\nvdata.bin
2009-08-16 12:57 . 2009-02-09 00:18 2189856 ----a-w- c:\windows\system32\nvcuvid.dll
2009-08-16 12:57 . 2009-01-25 17:59 485920 ----a-w- c:\windows\system32\nvudisp.exe
2009-08-16 12:57 . 2008-05-03 06:46 868352 ----a-w- c:\windows\system32\nvapi.dll
2009-08-16 12:57 . 2008-05-03 06:46 7729568 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-08-16 12:57 . 2008-05-03 06:46 5845760 ----a-w- c:\windows\system32\nv4_disp.dll
2009-08-16 12:57 . 2008-05-03 06:46 2002944 ----a-w- c:\windows\system32\nvcuda.dll
2009-08-16 12:57 . 2008-05-03 06:46 155648 ----a-w- c:\windows\system32\nvcodins.dll
2009-08-16 12:57 . 2008-05-03 06:46 155648 ----a-w- c:\windows\system32\nvcod.dll
2009-08-16 12:57 . 2008-05-03 06:46 10457088 ----a-w- c:\windows\system32\nvoglnt.dll
2009-08-13 18:58 . 2009-09-07 07:03 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-08-11 00:35 . 2009-01-25 17:59 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-08-08 23:55 . 2009-03-01 07:50 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-08-06 07:07 . 2009-06-06 03:11 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-08-03 20:19 . 2009-01-25 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-08-03 08:43 . 2009-01-25 17:47 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-08-03 08:24 . 2009-08-03 08:24 -------- d-----w- c:\program files\Norton AntiVirus
2009-08-03 08:24 . 2009-08-03 08:24 -------- d-----w- c:\program files\Windows Sidebar
2009-08-03 08:24 . 2009-08-03 08:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2009-08-03 08:23 . 2009-08-03 08:23 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-08-03 08:23 . 2009-08-03 08:23 -------- d-----w- c:\program files\NortonInstaller
2009-08-02 12:21 . 2009-08-02 12:21 23320 ----a-w- c:\windows\system32\PhysXDevice.dll
2009-07-24 09:07 . 2009-01-26 05:10 -------- d-----w- c:\documents and settings\user\Application Data\Orbit
2009-07-21 20:33 . 2009-07-21 20:33 -------- d-----w- c:\documents and settings\All Users\Application Data\2DBoy
2009-07-19 10:57 . 2009-07-19 10:54 -------- d-----w- c:\program files\WorldOfGoo
2009-07-19 01:09 . 2009-07-19 01:09 -------- d-----w- c:\documents and settings\user\Application Data\Logitech
2009-07-19 01:08 . 2009-07-19 01:05 -------- d-----w- c:\program files\Common Files\Logishrd
2009-07-19 01:07 . 2009-07-19 01:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-07-19 01:07 . 2009-07-19 01:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2009-07-19 01:07 . 2009-07-19 01:07 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-07-19 01:05 . 2009-07-19 01:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
2009-07-19 01:05 . 2009-07-19 01:05 -------- d-----w- c:\program files\Logitech
2009-07-19 01:05 . 2009-07-19 01:05 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd
2009-07-18 22:28 . 2009-07-18 22:28 -------- d-----w- c:\documents and settings\user\Application Data\ProxyCap
2009-07-18 21:21 . 2009-07-18 21:21 434688 ----a-w- c:\windows\system32\ss2uinst.exe
2009-07-18 21:03 . 2009-07-18 21:03 -------- d-----w- c:\documents and settings\user\Application Data\MiniDm
2009-07-18 20:58 . 2009-07-18 20:58 -------- d-----w- c:\documents and settings\user\Application Data\IEPro
2009-07-18 08:13 . 2009-07-18 08:13 -------- d-----w- c:\program files\2K Games
2009-07-17 09:23 . 2009-07-17 09:23 -------- d-----w- c:\program files\Activision
2009-07-02 11:23 . 2009-07-02 11:23 311296 ----a-w- c:\windows\system32\sbcrreag.dll
2009-06-25 02:40 . 2009-03-29 02:44 157529 ----a-w- c:\windows\hpoins28.dat
2008-06-30 01:44 . 2009-06-06 03:59 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-09-07_08.10.16 )))))))))))))))))))))))))))))))))))))))))

[Gaurav1993]

.
+ 2009-09-08 00:19 . 2009-09-08 00:19 16384 c:\windows\Temp\Perflib_Perfdata_320.dat
- 2009-01-26 06:27 . 2008-04-14 12:00 15360 c:\windows\TASKMAN.EXE
+ 2008-04-14 12:00 . 2008-04-14 12:00 15360 c:\windows\taskman.exe
+ 2009-01-25 17:34 . 2008-04-14 12:00 32256 c:\windows\system32\wups.dll
- 2008-04-14 12:00 . 2008-05-09 10:53 90112 c:\windows\system32\wshext.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 90112 c:\windows\system32\wshext.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 23552 c:\windows\system32\wmdmps.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 27136 c:\windows\system32\wmdmlog.dll
- 2008-04-14 05:42 . 2008-04-13 16:42 23552 c:\windows\system32\wdmaud.drv
+ 2008-04-14 05:42 . 2008-04-14 12:00 23552 c:\windows\system32\wdmaud.drv
+ 2008-04-14 12:00 . 2008-04-14 12:00 49152 c:\windows\system32\wdigest.dll
- 2009-01-26 06:28 . 2008-04-14 05:42 74240 c:\windows\system32\usbui.dll
+ 2008-04-14 05:42 . 2008-04-14 12:00 74240 c:\windows\system32\usbui.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 37888 c:\windows\system32\url.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 60416 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 75776 c:\windows\system32\telnet.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 56320 c:\windows\system32\secur32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 31232 c:\windows\system32\sc.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 39424 c:\windows\system32\pngfilt.dll
+ 2008-04-14 12:00 . 2009-09-07 09:53 68156 c:\windows\system32\perfc009.dat
- 2008-04-14 12:00 . 2009-08-14 11:56 68156 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2008-04-14 12:00 96256 c:\windows\system32\occache.dll
- 2009-01-25 17:32 . 2008-06-12 14:23 91648 c:\windows\system32\mtxoci.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 91648 c:\windows\system32\mtxoci.dll
- 2008-04-14 12:00 . 2008-06-12 14:23 66560 c:\windows\system32\mtxclu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 66560 c:\windows\system32\mtxclu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 52224 c:\windows\system32\mspmsnsv.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 40960 c:\windows\system32\msiregmv.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 56832 c:\windows\system32\mshtmler.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 29184 c:\windows\system32\mshta.exe
+ 2009-01-25 17:32 . 2008-04-14 12:00 58880 c:\windows\system32\msdtclog.dll
- 2009-01-25 17:32 . 2008-06-12 14:23 58880 c:\windows\system32\msdtclog.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 73728 c:\windows\system32\mscms.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 22016 c:\windows\system32\licmgr10.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 15872 c:\windows\system32\jsproxy.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 96256 c:\windows\system32\inseng.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 35840 c:\windows\system32\imgutil.dll
+ 2009-09-07 08:45 . 2008-04-14 12:00 10240 c:\windows\system32\IME\TINTLGNT\TMIGRATE.DLL
- 2009-05-10 06:21 . 2008-04-14 12:00 10240 c:\windows\system32\IME\TINTLGNT\TMIGRATE.DLL
- 2009-05-10 06:21 . 2008-04-14 12:00 44032 c:\windows\system32\IME\TINTLGNT\TINTLPHR.EXE
+ 2009-09-07 08:45 . 2008-04-14 12:00 44032 c:\windows\system32\IME\TINTLGNT\TINTLPHR.EXE
+ 2009-09-07 08:45 . 2008-04-14 12:00 67584 c:\windows\system32\IME\PINTLGNT\PMIGRATE.DLL
- 2009-05-10 06:21 . 2008-04-14 12:00 67584 c:\windows\system32\IME\PINTLGNT\PMIGRATE.DLL
+ 2009-09-07 08:45 . 2008-04-14 12:00 70144 c:\windows\system32\IME\PINTLGNT\PINTLPHR.EXE
- 2009-05-10 06:21 . 2008-04-14 12:00 70144 c:\windows\system32\IME\PINTLGNT\PINTLPHR.EXE
- 2009-05-10 06:21 . 2008-04-14 12:00 59392 c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
+ 2009-09-07 08:45 . 2008-04-14 12:00 59392 c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
+ 2008-04-14 12:00 . 2008-04-14 12:00 62976 c:\windows\system32\iesetup.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 48640 c:\windows\system32\iernonce.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 81920 c:\windows\system32\ieencode.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 34304 c:\windows\system32\ie4uinit.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 80896 c:\windows\system32\fontsub.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 55808 c:\windows\system32\extmgr.dll
+ 2009-01-27 07:38 . 2008-04-13 12:16 19200 c:\windows\system32\drivers\wstcodec.sys
+ 2008-04-14 00:47 . 2008-04-14 12:00 83072 c:\windows\system32\drivers\wdmaud.sys
- 2009-01-25 18:06 . 2008-04-13 11:47 83072 c:\windows\system32\drivers\wdmaud.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 42240 c:\windows\system32\drivers\viaagp.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 26368 c:\windows\system32\drivers\usbstor.sys
- 2009-01-26 01:29 . 2008-04-13 11:15 26368 c:\windows\system32\drivers\USBSTOR.SYS
+ 2008-04-14 12:00 . 2008-04-14 12:00 32128 c:\windows\system32\drivers\usbccgp.sys
- 2009-03-29 00:40 . 2008-04-13 11:15 32128 c:\windows\system32\drivers\usbccgp.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 44672 c:\windows\system32\drivers\uagp35.sys
- 2009-01-25 18:06 . 2008-04-13 11:45 60800 c:\windows\system32\drivers\sysaudio.sys
+ 2008-04-14 00:45 . 2008-04-14 12:00 60800 c:\windows\system32\drivers\sysaudio.sys
- 2009-01-25 18:06 . 2008-04-13 11:15 56576 c:\windows\system32\drivers\swmidi.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 56576 c:\windows\system32\drivers\swmidi.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 15232 c:\windows\system32\drivers\streamip.sys
- 2008-04-14 00:15 . 2008-04-13 11:15 49408 c:\windows\system32\drivers\stream.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 49408 c:\windows\system32\drivers\stream.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 11136 c:\windows\system32\drivers\slip.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 40960 c:\windows\system32\drivers\sisagp.sys
+ 2008-04-14 00:16 . 2008-04-14 12:00 10880 c:\windows\system32\drivers\ndisip.sys
+ 2009-01-27 07:38 . 2008-04-13 12:16 85248 c:\windows\system32\drivers\nabtsfec.sys
+ 2009-01-27 07:38 . 2008-04-13 12:16 51200 c:\windows\system32\drivers\msdv.sys
+ 2008-04-14 00:16 . 2008-04-14 12:00 15232 c:\windows\system32\drivers\mpe.sys
- 2009-01-26 01:24 . 2001-08-17 01:48 12160 c:\windows\system32\drivers\mouhid.sys
+ 2001-08-17 13:48 . 2008-04-14 12:00 12160 c:\windows\system32\drivers\mouhid.sys
- 2008-04-14 00:09 . 2008-04-13 12:09 23040 c:\windows\system32\drivers\mouclass.sys
+ 2008-04-14 00:09 . 2008-04-14 12:00 23040 c:\windows\system32\drivers\mouclass.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 92288 c:\windows\system32\drivers\ksecdd.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 24576 c:\windows\system32\drivers\kbdclass.sys
- 2008-04-14 12:00 . 2008-04-13 12:09 24576 c:\windows\system32\drivers\kbdclass.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 52480 c:\windows\system32\drivers\i8042prt.sys
- 2008-04-14 12:00 . 2008-04-13 12:48 52480 c:\windows\system32\drivers\i8042prt.sys
- 2009-01-26 01:24 . 2008-04-13 12:15 10368 c:\windows\system32\drivers\hidusb.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 10368 c:\windows\system32\drivers\hidusb.sys
- 2008-04-14 12:00 . 2008-04-13 12:15 24960 c:\windows\system32\drivers\hidparse.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 24960 c:\windows\system32\drivers\hidparse.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 36864 c:\windows\system32\drivers\hidclass.sys
- 2008-04-14 12:00 . 2008-04-13 12:15 36864 c:\windows\system32\drivers\hidclass.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 46464 c:\windows\system32\drivers\gagp30kx.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 60160 c:\windows\system32\drivers\drmk.sys
- 2009-01-25 18:06 . 2008-04-13 11:15 60160 c:\windows\system32\drivers\drmk.sys
+ 2009-01-27 07:38 . 2008-04-13 12:16 17024 c:\windows\system32\drivers\ccdecode.sys
+ 2008-04-14 00:16 . 2008-04-14 12:00 11776 c:\windows\system32\drivers\bdasup.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 43008 c:\windows\system32\drivers\amdagp.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 42752 c:\windows\system32\drivers\alim1541.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 44928 c:\windows\system32\drivers\agpcpq.sys
+ 2008-04-14 00:06 . 2008-04-14 12:00 42368 c:\windows\system32\drivers\agp440.sys
+ 2009-01-25 17:34 . 2008-04-14 12:00 32256 c:\windows\system32\dllcache\wups.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 90112 c:\windows\system32\dllcache\wshext.dll
- 2008-04-14 12:00 . 2008-05-09 10:53 90112 c:\windows\system32\dllcache\wshext.dll
+ 2009-01-25 17:34 . 2008-04-14 12:00 73728 c:\windows\system32\dllcache\wmplayer.exe
+ 2009-01-25 17:34 . 2008-04-14 12:00 98304 c:\windows\system32\dllcache\wmpband.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\wmdmps.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 27136 c:\windows\system32\dllcache\wmdmlog.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 49152 c:\windows\system32\dllcache\wdigest.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 37888 c:\windows\system32\dllcache\url.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 75776 c:\windows\system32\dllcache\telnet.exe
- 2009-01-25 17:35 . 2003-03-24 03:52 16384 c:\windows\system32\dllcache\tcptsat.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 16384 c:\windows\system32\dllcache\tcptsat.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 32827 c:\windows\system32\dllcache\tcptest.exe
+ 2009-09-07 09:19 . 2003-03-24 04:52 32827 c:\windows\system32\dllcache\tcptest.exe
- 2009-01-26 06:27 . 2008-04-14 12:00 15360 c:\windows\system32\dllcache\taskman.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 15360 c:\windows\system32\dllcache\taskman.exe
+ 2009-09-07 09:20 . 2008-04-14 12:00 39936 c:\windows\system32\dllcache\snmpthrd.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 39936 c:\windows\system32\dllcache\snmpthrd.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 10240 c:\windows\system32\dllcache\snmpstup.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 10240 c:\windows\system32\dllcache\snmpstup.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 33280 c:\windows\system32\dllcache\snmp.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 33280 c:\windows\system32\dllcache\snmp.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 15872 c:\windows\system32\dllcache\smierrsm.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 15872 c:\windows\system32\dllcache\smierrsm.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 31744 c:\windows\system32\dllcache\smb6w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 31744 c:\windows\system32\dllcache\smb6w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 31744 c:\windows\system32\dllcache\sma3w.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 31744 c:\windows\system32\dllcache\sma3w.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 38912 c:\windows\system32\dllcache\sm9aw.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 38912 c:\windows\system32\dllcache\sm9aw.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\sm93w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\sm93w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\sm92w.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\sm92w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 26112 c:\windows\system32\dllcache\sm90w.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 26112 c:\windows\system32\dllcache\sm90w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 26112 c:\windows\system32\dllcache\sm8dw.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 26112 c:\windows\system32\dllcache\sm8dw.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 29184 c:\windows\system32\dllcache\sm8cw.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 29184 c:\windows\system32\dllcache\sm8cw.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 26112 c:\windows\system32\dllcache\sm8aw.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 26112 c:\windows\system32\dllcache\sm8aw.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 26112 c:\windows\system32\dllcache\sm89w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 26112 c:\windows\system32\dllcache\sm89w.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 30208 c:\windows\system32\dllcache\sm87w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 30208 c:\windows\system32\dllcache\sm87w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 30208 c:\windows\system32\dllcache\sm81w.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 30208 c:\windows\system32\dllcache\sm81w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 25088 c:\windows\system32\dllcache\sm59w.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 25088 c:\windows\system32\dllcache\sm59w.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\simptcp.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\simptcp.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 16437 c:\windows\system32\dllcache\shtml.exe
- 2009-01-25 17:35 . 2003-03-24 03:52 16437 c:\windows\system32\dllcache\shtml.exe
+ 2009-09-07 09:19 . 2003-03-24 04:52 20536 c:\windows\system32\dllcache\shtml.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 20536 c:\windows\system32\dllcache\shtml.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 56320 c:\windows\system32\dllcache\secur32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 31232 c:\windows\system32\dllcache\sc.exe
+ 2009-09-07 09:20 . 2008-04-14 12:00 79872 c:\windows\system32\dllcache\rwia330.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 79872 c:\windows\system32\dllcache\rwia330.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 79872 c:\windows\system32\dllcache\rwia001.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 79872 c:\windows\system32\dllcache\rwia001.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 29184 c:\windows\system32\dllcache\rw330ext.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 29184 c:\windows\system32\dllcache\rw330ext.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 27648 c:\windows\system32\dllcache\rw001ext.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 27648 c:\windows\system32\dllcache\rw001ext.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 14848 c:\windows\system32\dllcache\register.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 14848 c:\windows\system32\dllcache\register.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 20736 c:\windows\system32\dllcache\ramdisk.sys
+ 2009-09-07 09:20 . 2008-04-14 12:00 20736 c:\windows\system32\dllcache\ramdisk.sys
- 2009-01-25 17:36 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\quser.exe
+ 2009-09-07 09:20 . 2008-04-14 12:00 16384 c:\windows\system32\dllcache\quser.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 39424 c:\windows\system32\dllcache\pngfilt.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 11264 c:\windows\system32\dllcache\pmxmcro.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 11264 c:\windows\system32\dllcache\pmxmcro.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 96256 c:\windows\system32\dllcache\occache.dll
- 2009-01-25 17:32 . 2008-06-12 14:23 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 91648 c:\windows\system32\dllcache\mtxoci.dll
- 2008-04-14 12:00 . 2008-06-12 14:23 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 52224 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 40960 c:\windows\system32\dllcache\msiregmv.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 40960 c:\windows\system32\dllcache\msiregmv.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 56832 c:\windows\system32\dllcache\mshtmler.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 29184 c:\windows\system32\dllcache\mshta.exe
+ 2009-01-25 17:32 . 2008-04-14 12:00 58880 c:\windows\system32\dllcache\msdtclog.dll
- 2009-01-25 17:32 . 2008-06-12 14:23 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 73728 c:\windows\system32\dllcache\mscms.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 92416 c:\windows\system32\dllcache\mga.sys
- 2009-01-25 17:36 . 2008-04-14 12:00 92416 c:\windows\system32\dllcache\mga.sys
+ 2009-09-07 09:20 . 2008-04-14 12:00 92032 c:\windows\system32\dllcache\mga.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 92032 c:\windows\system32\dllcache\mga.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\lprmon.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\lprmon.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 22528 c:\windows\system32\dllcache\lpdsvc.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 22528 c:\windows\system32\dllcache\lpdsvc.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 33792 c:\windows\system32\dllcache\lmmib2.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 33792 c:\windows\system32\dllcache\lmmib2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 22016 c:\windows\system32\dllcache\licmgr10.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 92288 c:\windows\system32\dllcache\ksecdd.sys
+ 2009-09-07 09:20 . 2008-04-14 12:00 18432 c:\windows\system32\dllcache\jupiw.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 18432 c:\windows\system32\dllcache\jupiw.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 15872 c:\windows\system32\dllcache\jsproxy.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 35328 c:\windows\system32\dllcache\iprip.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 35328 c:\windows\system32\dllcache\iprip.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 96256 c:\windows\system32\dllcache\inseng.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 35840 c:\windows\system32\dllcache\imgutil.dll
+ 2009-01-25 17:33 . 2008-04-14 12:00 93184 c:\windows\system32\dllcache\iexplore.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 62976 c:\windows\system32\dllcache\iesetup.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 48640 c:\windows\system32\dllcache\iernonce.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-01-25 17:33 . 2008-04-14 12:00 18432 c:\windows\system32\dllcache\iedw.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 34304 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-01-25 17:33 . 2008-04-14 12:00 38912 c:\windows\system32\dllcache\hmmapi.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 11264 c:\windows\system32\dllcache\fxssend.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 11264 c:\windows\system32\dllcache\fxssend.exe
+ 2009-09-07 09:19 . 2008-04-14 12:00 31744 c:\windows\system32\dllcache\fxsroute.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 31744 c:\windows\system32\dllcache\fxsroute.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\fxsmon.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\fxsmon.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\fxsext32.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 23552 c:\windows\system32\dllcache\fxsext32.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 55296 c:\windows\system32\dllcache\fxsevent.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 55296 c:\windows\system32\dllcache\fxsevent.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\fxsdrv.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 26624 c:\windows\system32\dllcache\fxsdrv.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 72192 c:\windows\system32\dllcache\fxscom.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 72192 c:\windows\system32\dllcache\fxscom.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 20538 c:\windows\system32\dllcache\fpremadm.exe
+ 2009-09-07 09:19 . 2003-03-24 04:52 20538 c:\windows\system32\dllcache\fpremadm.exe
+ 2009-09-07 09:19 . 2003-03-24 04:52 20541 c:\windows\system32\dllcache\fpexedll.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 20541 c:\windows\system32\dllcache\fpexedll.dll
- 2009-01-25 17:36 . 2003-03-24 03:52 94208 c:\windows\system32\dllcache\fpencode.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 94208 c:\windows\system32\dllcache\fpencode.dll
- 2009-01-25 17:36 . 2003-03-24 03:52 20541 c:\windows\system32\dllcache\fpadmdll.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 20541 c:\windows\system32\dllcache\fpadmdll.dll
- 2009-01-25 17:36 . 2003-03-24 03:52 24632 c:\windows\system32\dllcache\fpadmcgi.exe
+ 2009-09-07 09:19 . 2003-03-24 04:52 24632 c:\windows\system32\dllcache\fpadmcgi.exe
- 2009-01-25 17:35 . 2003-03-24 03:52 14608 c:\windows\system32\dllcache\fp98sadm.exe
+ 2009-09-07 09:19 . 2003-03-24 04:52 14608 c:\windows\system32\dllcache\fp98sadm.exe
+ 2009-09-07 09:19 . 2003-03-24 04:52 49212 c:\windows\system32\dllcache\fp4awebs.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 49212 c:\windows\system32\dllcache\fp4awebs.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 32826 c:\windows\system32\dllcache\fp4avss.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 32826 c:\windows\system32\dllcache\fp4avss.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 41020 c:\windows\system32\dllcache\fp4avnb.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 41020 c:\windows\system32\dllcache\fp4avnb.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 49210 c:\windows\system32\dllcache\fp4areg.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 49210 c:\windows\system32\dllcache\fp4areg.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 82035 c:\windows\system32\dllcache\fp4anscp.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 82035 c:\windows\system32\dllcache\fp4anscp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 80896 c:\windows\system32\dllcache\fontsub.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 14848 c:\windows\system32\dllcache\flattemp.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 14848 c:\windows\system32\dllcache\flattemp.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 55808 c:\windows\system32\dllcache\extmgr.dll
+ 2009-09-07 09:20 . 2001-08-17 10:36 12288 c:\windows\system32\dllcache\EXCH_smtpctrs.dll
- 2009-01-25 17:36 . 2001-08-17 09:36 12288 c:\windows\system32\dllcache\EXCH_smtpctrs.dll
+ 2009-09-07 09:20 . 2001-08-17 10:36 26112 c:\windows\system32\dllcache\EXCH_seos.dll
- 2009-01-25 17:36 . 2001-08-17 09:36 26112 c:\windows\system32\dllcache\EXCH_seos.dll
- 2009-01-25 17:36 . 2001-08-17 09:36 57856 c:\windows\system32\dllcache\EXCH_scripto.dll
+ 2009-09-07 09:20 . 2001-08-17 10:36 57856 c:\windows\system32\dllcache\EXCH_scripto.dll
+ 2009-09-07 09:20 . 2001-08-17 10:36 23040 c:\windows\system32\dllcache\EXCH_regtrace.exe
- 2009-01-25 17:36 . 2001-08-17 09:36 23040 c:\windows\system32\dllcache\EXCH_regtrace.exe
+ 2009-09-07 09:20 . 2001-08-17 10:36 38912 c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
- 2009-01-25 17:36 . 2001-08-17 09:36 38912 c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
- 2009-01-25 17:36 . 2001-08-17 09:36 65536 c:\windows\system32\dllcache\EXCH_mailmsg.dll
+ 2009-09-07 09:20 . 2001-08-17 10:36 65536 c:\windows\system32\dllcache\EXCH_mailmsg.dll
- 2009-01-25 17:36 . 2001-08-17 09:36 43520 c:\windows\system32\dllcache\EXCH_fcachdll.dll
+ 2009-09-07 09:19 . 2001-08-17 10:36 43520 c:\windows\system32\dllcache\EXCH_fcachdll.dll
+ 2009-09-07 09:19 . 2001-08-17 10:36 45056 c:\windows\system32\dllcache\EXCH_aqadmin.dll
- 2009-01-25 17:35 . 2001-08-17 09:36 45056 c:\windows\system32\dllcache\EXCH_aqadmin.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 92160 c:\windows\system32\dllcache\evntwin.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 92160 c:\windows\system32\dllcache\evntwin.exe
+ 2009-09-07 09:19 . 2008-04-14 12:00 24064 c:\windows\system32\dllcache\evntcmd.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 24064 c:\windows\system32\dllcache\evntcmd.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 25856 c:\windows\system32\dllcache\et4000.sys
+ 2009-09-07 09:19 . 2008-04-14 12:00 25856 c:\windows\system32\dllcache\et4000.sys
- 2009-01-25 17:36 . 2008-04-14 12:00 45056 c:\windows\system32\dllcache\esunid.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 45056 c:\windows\system32\dllcache\esunid.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 57856 c:\windows\system32\dllcache\esuimgd.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 57856 c:\windows\system32\dllcache\esuimgd.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 31744 c:\windows\system32\dllcache\esucmd.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 31744 c:\windows\system32\dllcache\esucmd.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 85020 c:\windows\system32\dllcache\dgsetup.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 85020 c:\windows\system32\dllcache\dgsetup.dll
+ 2009-01-25 17:34 . 2008-04-14 12:00 33792 c:\windows\system32\dllcache\custsat.dll
- 2009-01-25 17:34 . 2007-08-13 05:54 33792 c:\windows\system32\dllcache\custsat.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\cprofile.exe
+ 2009-09-07 09:19 . 2008-04-14 12:00 18944 c:\windows\system32\dllcache\cprofile.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 35328 c:\windows\system32\dllcache\corpol.dll
- 2009-01-25 17:35 . 2008-04-14 12:00 14336 c:\windows\system32\dllcache\chgusr.exe
+ 2009-09-07 09:19 . 2008-04-14 12:00 14336 c:\windows\system32\dllcache\chgusr.exe
+ 2009-09-07 09:19 . 2008-04-14 12:00 15872 c:\windows\system32\dllcache\chgport.exe
- 2009-01-25 17:35 . 2008-04-14 12:00 15872 c:\windows\system32\dllcache\chgport.exe
+ 2009-09-07 09:19 . 2008-04-14 12:00 13312 c:\windows\system32\dllcache\chglogon.exe
- 2009-01-25 17:35 . 2008-04-14 12:00 13312 c:\windows\system32\dllcache\chglogon.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 66560 c:\windows\system32\dllcache\cdm.dll
- 2009-01-25 17:35 . 2008-04-14 12:00 54528 c:\windows\system32\dllcache\cap7146.sys
+ 2009-09-07 09:19 . 2008-04-14 12:00 54528 c:\windows\system32\dllcache\cap7146.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 84992 c:\windows\system32\dllcache\avifil32.dll
- 2008-04-14 12:00 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 16439 c:\windows\system32\dllcache\author.exe
- 2009-01-25 17:35 . 2003-03-24 03:52 16439 c:\windows\system32\dllcache\author.exe
- 2009-01-25 17:35 . 2003-03-24 03:52 20540 c:\windows\system32\dllcache\author.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 20540 c:\windows\system32\dllcache\author.dll
- 2008-04-14 12:00 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 58880 c:\windows\system32\dllcache\atl.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 99840 c:\windows\system32\dllcache\advpack.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 61440 c:\windows\system32\dllcache\admparse.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 16439 c:\windows\system32\dllcache\admin.exe
+ 2009-09-07 09:19 . 2003-03-24 04:52 16439 c:\windows\system32\dllcache\admin.exe
- 2009-01-26 06:27 . 2008-04-14 12:00 85020 c:\windows\system32\dgsetup.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 85020 c:\windows\system32\dgsetup.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 35328 c:\windows\system32\corpol.dll
+ 2009-01-25 17:38 . 2009-09-07 09:24 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-01-25 17:38 . 2009-09-04 12:04 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-25 17:38 . 2009-09-07 09:24 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-01-25 17:38 . 2009-09-04 12:04 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-01-25 17:38 . 2009-09-04 12:04 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-01-25 17:38 . 2009-09-07 09:24 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-04-14 12:00 . 2008-04-14 12:00 66560 c:\windows\system32\cdm.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 84992 c:\windows\system32\avifil32.dll
- 2008-04-14 12:00 . 2009-06-10 14:13 84992 c:\windows\system32\avifil32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 58880 c:\windows\system32\atl.dll
- 2008-04-14 12:00 . 2009-07-17 19:01 58880 c:\windows\system32\atl.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 99840 c:\windows\system32\advpack.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 61440 c:\windows\system32\admparse.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 19200 c:\windows\system\TAPI.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 19200 c:\windows\system\TAPI.DLL
+ 2008-04-14 12:00 . 2008-04-14 12:00 24064 c:\windows\system\OLESVR.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 24064 c:\windows\system\OLESVR.DLL
+ 2008-04-14 12:00 . 2008-04-14 12:00 82944 c:\windows\system\OLECLI.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 82944 c:\windows\system\OLECLI.DLL
+ 2008-04-14 12:00 . 2008-04-14 12:00 68768 c:\windows\system\MMSYSTEM.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 68768 c:\windows\system\MMSYSTEM.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 28160 c:\windows\system\MCIWAVE.DRV
+ 2008-04-14 12:00 . 2008-04-14 12:00 28160 c:\windows\system\MCIWAVE.DRV
- 2009-01-26 06:27 . 2008-04-14 12:00 25264 c:\windows\system\MCISEQ.DRV
+ 2008-04-14 12:00 . 2008-04-14 12:00 25264 c:\windows\system\MCISEQ.DRV
- 2009-01-26 06:27 . 2008-04-14 12:00 73376 c:\windows\system\MCIAVI.DRV
+ 2008-04-14 12:00 . 2008-04-14 12:00 73376 c:\windows\system\MCIAVI.DRV
+ 2008-04-14 12:00 . 2008-04-14 12:00 32816 c:\windows\system\COMMDLG.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 32816 c:\windows\system\COMMDLG.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 69120 c:\windows\NOTEPAD.EXE
+ 2008-04-14 12:00 . 2008-04-14 12:00 69120 c:\windows\notepad.exe
+ 2009-09-07 09:15 . 2008-04-14 12:00 13801 c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs
+ 2009-09-07 09:15 . 2008-04-14 12:00 18917 c:\windows\Installer\TSClientMsiTrans\tscinst.vbs
+ 2009-09-07 09:52 . 2009-09-07 09:52 62464 c:\windows\Installer\be964.msi
- 2009-05-10 06:21 . 2008-04-14 12:00 56320 c:\windows\ime\CHTIME\Applets\CHTSKDIC.DLL
+ 2009-09-07 08:45 . 2008-04-14 12:00 56320 c:\windows\ime\CHTIME\Applets\CHTSKDIC.DLL
+ 2009-09-07 08:45 . 2008-04-14 12:00 97792 c:\windows\ime\CHTIME\Applets\CHTMBX.DLL
- 2009-05-10 06:21 . 2008-04-14 12:00 97792 c:\windows\ime\CHTIME\Applets\CHTMBX.DLL
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\laprxy.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\kbdycl.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdycl.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdycc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdycc.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdvntc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdvntc.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbduzb.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbduzb.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdurdu.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdurdu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdur.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdur.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\kbdtuq.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdtuq.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\kbdtuf.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdtuf.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\kbdth3.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdth3.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdth2.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\kbdth2.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdth1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdth1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdth0.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdth0.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdtat.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdtat.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdsyr2.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdsyr2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdsyr1.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdsyr1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\kbdsl1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdsl1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\kbdsl.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdsl.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdru1.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdru1.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdru.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdru.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdro.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 5632 c:\windows\system32\kbdro.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 5632 c:\windows\system32\kbdpl1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdpl1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\kbdpl.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdpl.dll
- 2009-05-10 06:21 . 2008-04-14 12:00 7680 c:\windows\system32\kbdnecNT.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 7680 c:\windows\system32\kbdnecnt.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 9216 c:\windows\system32\kbdnecat.dll
- 2009-05-10 06:21 . 2008-04-14 12:00 9216 c:\windows\system32\kbdnecAT.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 7168 c:\windows\system32\kbdnec95.dll
- 2009-05-10 06:21 . 2008-04-14 12:00 7168 c:\windows\system32\kbdnec95.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdmon.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdmon.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdlv1.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\kbdlv1.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\kbdlv.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdlv.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdlt1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdlt1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdlt.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdlt.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\kbdlk41j.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdlk41j.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6656 c:\windows\system32\kbdlk41a.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdlk41a.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdkyr.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdkyr.dll
- 2009-05-10 06:20 . 2001-08-17 10:36 8192 c:\windows\system32\kbdkor.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 8192 c:\windows\system32\kbdkor.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdkaz.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdkaz.dll
- 2009-05-10 06:20 . 2001-08-17 10:36 8704 c:\windows\system32\kbdjpn.dll
+ 2001-08-17 22:36 . 2008-04-14 12:00 8704 c:\windows\system32\kbdjpn.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdintel.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdintel.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdintam.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdintam.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\kbdinpun.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdinpun.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdinmar.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdinmar.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdinkan.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdinkan.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdinhin.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdinhin.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdinguj.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdinguj.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdindev.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdindev.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 7168 c:\windows\system32\kbdibm02.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 7168 c:\windows\system32\kbdibm02.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdhu1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 5632 c:\windows\system32\kbdhu1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\kbdhu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdhu.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 8192 c:\windows\system32\kbdhept.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 8192 c:\windows\system32\kbdhept.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdhela3.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6656 c:\windows\system32\kbdhela3.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdhela2.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows

[Gaurav1993]

\system32\kbdhela2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdheb.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdheb.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdhe319.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdhe319.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdhe220.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdhe220.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdhe.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdhe.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdgkl.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\kbdgkl.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5120 c:\windows\system32\kbdgeo.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5120 c:\windows\system32\kbdgeo.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdfa.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbdfa.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\kbdest.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdest.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbddiv2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbddiv2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbddiv1.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbddiv1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\kbdcz2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdcz2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdcz1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\kbdcz1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 7168 c:\windows\system32\kbdcz.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 7168 c:\windows\system32\kbdcz.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\kbdcr.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdcr.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdbu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdbu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdblr.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdblr.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdazel.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdazel.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbdaze.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\kbdaze.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\kbdax2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbdax2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5120 c:\windows\system32\kbdarmw.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5120 c:\windows\system32\kbdarmw.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5120 c:\windows\system32\kbdarme.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5120 c:\windows\system32\kbdarme.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\KBDAL.DLL
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\kbdal.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbda3.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbda3.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbda2.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbda2.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\kbda1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\kbda1.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\kbd106n.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbd106n.dll
+ 2008-04-14 05:39 . 2008-04-14 12:00 6144 c:\windows\system32\kbd106.dll
- 2009-05-10 06:20 . 2008-04-13 17:39 6144 c:\windows\system32\kbd106.dll
- 2009-05-10 06:20 . 2001-08-17 02:55 5632 c:\windows\system32\kbd103.dll
+ 2001-08-17 14:55 . 2008-04-14 12:00 5632 c:\windows\system32\kbd103.dll
- 2009-05-10 06:20 . 2001-08-17 02:55 6144 c:\windows\system32\kbd101c.dll
+ 2001-08-17 14:55 . 2008-04-14 12:00 6144 c:\windows\system32\kbd101c.dll
- 2009-05-10 06:20 . 2001-08-17 02:55 6144 c:\windows\system32\kbd101b.dll
+ 2001-08-17 14:55 . 2008-04-14 12:00 6144 c:\windows\system32\kbd101b.dll
- 2009-05-10 06:21 . 2008-04-14 12:00 6144 c:\windows\system32\kbd101a.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbd101a.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\kbd101.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\kbd101.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 7168 c:\windows\system32\f3ahvoas.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 7168 c:\windows\system32\f3ahvoas.dll
- 2009-01-27 07:38 . 2002-12-11 11:14 5504 c:\windows\system32\drivers\mstee.sys
+ 2009-01-27 07:38 . 2008-04-13 12:09 5504 c:\windows\system32\drivers\mstee.sys
+ 2008-04-14 00:09 . 2008-04-14 12:00 4992 c:\windows\system32\drivers\mspqm.sys
- 2009-01-25 18:06 . 2008-04-13 11:09 4992 c:\windows\system32\drivers\MSPQM.sys
+ 2008-04-14 00:09 . 2008-04-14 12:00 5376 c:\windows\system32\drivers\mspclock.sys
- 2009-01-25 18:06 . 2008-04-13 11:09 5376 c:\windows\system32\drivers\MSPCLOCK.sys
+ 2008-04-14 00:09 . 2008-04-14 12:00 7552 c:\windows\system32\drivers\mskssrv.sys
- 2009-01-25 18:06 . 2008-04-13 11:09 7552 c:\windows\system32\drivers\MSKSSRV.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 2944 c:\windows\system32\drivers\drmkaud.sys
- 2009-01-25 18:06 . 2008-04-13 11:15 2944 c:\windows\system32\drivers\drmkaud.sys
- 2009-01-25 17:36 . 2008-04-14 12:00 8704 c:\windows\system32\dllcache\snmptrap.exe
+ 2009-09-07 09:20 . 2008-04-14 12:00 8704 c:\windows\system32\dllcache\snmptrap.exe
+ 2009-09-07 09:20 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\snmpmib.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\snmpmib.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\smimsgif.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\smimsgif.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\smierrsy.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\smierrsy.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 9728 c:\windows\system32\dllcache\query.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 9728 c:\windows\system32\dllcache\query.exe
+ 2009-09-07 09:20 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\pmxgl.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\pmxgl.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\migregdb.exe
+ 2009-09-07 09:20 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\migregdb.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\laprxy.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdycl.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdycl.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdycc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdycc.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdvntc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdvntc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbduzb.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbduzb.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdurdu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdurdu.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdur.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdur.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdtuq.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdtuq.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdtuf.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdtuf.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdth3.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdth3.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdth2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdth2.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdth1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdth1.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdth0.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdth0.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdtat.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdtat.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdsyr2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdsyr2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdsyr1.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdsyr1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdsl1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdsl1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdsl.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdsl.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdru1.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdru1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdru.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdru.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdro.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdro.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdpl1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdpl1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdpl.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdpl.dll
- 2009-05-10 06:21 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\kbdnecnt.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 7680 c:\windows\system32\dllcache\kbdnecnt.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 9216 c:\windows\system32\dllcache\kbdnecat.dll
- 2009-05-10 06:21 . 2008-04-14 12:00 9216 c:\windows\system32\dllcache\kbdnecat.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdnec95.dll
- 2009-05-10 06:21 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdnec95.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdmon.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdmon.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdlv1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdlv1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdlv.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdlv.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdlt1.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdlt1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdlt.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdlt.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdlk41j.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdlk41j.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdlk41a.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdlk41a.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdkyr.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdkyr.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdkaz.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdkaz.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdintel.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdintel.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdintam.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdintam.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdinpun.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdinpun.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdinmar.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdinmar.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdinkan.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdinkan.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdinhin.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdinhin.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdinguj.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdinguj.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdindev.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdindev.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdibm02.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdibm02.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhu1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhu1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdhu.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdhu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\kbdhept.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\kbdhept.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdhela3.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdhela3.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdhela2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdhela2.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdheb.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdheb.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhe319.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhe319.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhe220.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhe220.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhe.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdhe.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdgkl.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdgkl.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\kbdgeo.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\kbdgeo.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdfa.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdfa.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdest.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdest.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbddiv2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbddiv2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbddiv1.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbddiv1.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdcz2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdcz2.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdcz1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdcz1.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdcz.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\kbdcz.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdcr.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdcr.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdbu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdbu.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdblr.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdblr.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdazel.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdazel.dll
- 2009-01-26 06:28 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdaze.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbdaze.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdax2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbdax2.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\kbdarmw.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\kbdarmw.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\kbdarme.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\kbdarme.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdal.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\kbdal.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbda3.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbda3.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbda2.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbda2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbda1.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbda1.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbd106n.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbd106n.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbd101a.dll
- 2009-05-10 06:21 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbd101a.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbd101.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 6144 c:\windows\system32\dllcache\kbd101.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\fxsres.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 6656 c:\windows\system32\dllcache\fxsres.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 8704 c:\windows\system32\dllcache\fxsperf.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 8704 c:\windows\system32\dllcache\fxsperf.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\f3ahvoas.dll
- 2009-05-10 06:20 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\f3ahvoas.dll
+ 2009-09-07 09:20 . 2001-08-17 10:36 7168 c:\windows\system32\dllcache\EXCH_snprfdll.dll
- 2009-01-25 17:36 . 2001-08-17 09:36 7168 c:\windows\system32\dllcache\EXCH_snprfdll.dll
+ 2009-09-07 09:19 . 2001-08-17 10:36 5632 c:\windows\system32\dllcache\EXCH_adsiisex.dll
- 2009-01-25 17:35 . 2001-08-17 09:36 5632 c:\windows\system32\dllcache\EXCH_adsiisex.dll
- 2009-01-25 17:35 . 2008-04-14 12:00 9728 c:\windows\system32\dllcache\change.exe
+ 2009-09-07 09:19 . 2008-04-14 12:00 9728 c:\windows\system32\dllcache\change.exe
- 2009-01-26 06:27 . 2008-04-14 12:00 8704 c:\windows\system32\dllcache\batt.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 8704 c:\windows\system32\dllcache\batt.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\asferror.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 8704 c:\windows\system32\batt.dll
- 2009-01-26 06:27 . 2008-04-14 12:00 8704 c:\windows\system32\batt.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 8192 c:\windows\system32\asferror.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 9008 c:\windows\system\VER.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 9008 c:\windows\system\VER.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 5120 c:\windows\system\SHELL.DLL
+ 2008-04-14 12:00 . 2008-04-14 12:00 5120 c:\windows\system\SHELL.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 9936 c:\windows\system\LZEXPAND.DLL
+ 2008-04-14 12:00 . 2008-04-14 12:00 9936 c:\windows\system\LZEXPAND.DLL
+ 2009-09-07 09:15 . 2008-04-14 12:00 2247 c:\windows\Installer\TSClientMsiTrans\tscdsbl.bat
+ 2008-07-28 20:05 . 2008-07-28 20:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-28 20:05 . 2008-07-28 20:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-28 15:54 . 2008-07-28 15:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2009-01-26 06:25 . 2008-04-14 12:00 921088 c:\windows\WinSxS\InstallTemp\87077\comctl32.dll
+ 2008-07-28 17:23 . 2008-07-28 17:23 626688 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_a17e7c1e\msvcr90.dll
+ 2008-07-28 17:23 . 2008-07-28 17:23 856576 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_a17e7c1e\msvcp90.dll
+ 2008-07-28 15:51 . 2008-07-28 15:51 245760 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_a17e7c1e\msvcm90.dll
- 2008-04-14 12:00 . 2009-01-07 06:21 121856 c:\windows\system32\xmllite.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 121856 c:\windows\system32\xmllite.dll
+ 2009-01-25 17:34 . 2008-04-14 12:00 120320 c:\windows\system32\wuweb.dll
+ 2009-01-25 17:34 . 2008-04-14 12:00 112640 c:\windows\system32\wucltui.dll
+ 2009-01-25 17:34 . 2008-04-14 12:00 111104 c:\windows\system32\wuauclt.exe
+ 2009-01-25 17:34 . 2008-04-14 12:00 430592 c:\windows\system32\wuapi.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 155648 c:\windows\system32\wscript.exe
- 2008-04-14 12:00 . 2008-05-08 11:24 155648 c:\windows\system32\wscript.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 809984 c:\windows\system32\wmvdmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 897024 c:\windows\system32\wmspdmoe.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 485376 c:\windows\system32\wmspdmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 759296 c:\windows\system32\wmsdmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 102400 c:\windows\system32\wmpshell.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 233472 c:\windows\system32\wmpdxm.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 114688 c:\windows\system32\wmpasf.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 151552 c:\windows\system32\wmidx.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 168448 c:\windows\system32\wmerror.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 230912 c:\windows\system32\wmasf.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 670720 c:\windows\system32\wmadmoe.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 408064 c:\windows\system32\wmadmod.dll
- 2008-04-14 12:00 . 2009-06-10 06:14 132096 c:\windows\system32\wkssvc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 132096 c:\windows\system32\wkssvc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 666112 c:\windows\system32\wininet.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 354304 c:\windows\system32\winhttp.dll
- 2008-04-14 12:00 . 2008-12-16 12:30 354304 c:\windows\system32\winhttp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 276480 c:\windows\system32\webcheck.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 218112 c:\windows\system32\wbem\wmiprvse.exe
+ 2009-01-25 17:32 . 2008-04-14 12:00 437248 c:\windows\system32\wbem\wmiprvsd.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 472064 c:\windows\system32\wbem\fastprox.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 434176 c:\windows\system32\vbscript.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 218624 c:\windows\system32\uxtheme.dll
- 2008-04-14 12:00 . 2008-04-25 07:41 218624 c:\windows\system32\uxtheme.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 619520 c:\windows\system32\urlmon.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 117760 c:\windows\system32\t2embed.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 246814 c:\windows\system32\strmdll.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 108544 c:\windows\system32\services.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 172032 c:\windows\system32\scrrun.dll
- 2008-04-14 12:00 . 2008-05-09 10:53 172032 c:\windows\system32\scrrun.dll
- 2008-04-14 12:00 . 2008-05-09 10:53 180224 c:\windows\system32\scrobj.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 180224 c:\windows\system32\scrobj.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 144384 c:\windows\system32\schannel.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 399360 c:\windows\system32\rpcss.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 584704 c:\windows\system32\rpcrt4.dll
+ 2009-09-07 10:42 . 2009-06-09 18:03 671744 c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvcuvid.dll
+ 2009-09-07 10:42 . 2009-06-09 18:03 151552 c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvcod.dll
+ 2009-09-07 10:42 . 2009-06-09 18:03 815104 c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvapi.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 237568 c:\windows\system32\qasf.dll
+ 2008-04-14 05:42 . 2008-04-14 12:00 363520 c:\windows\system32\psisdecd.dll
- 2008-04-14 12:00 . 2009-08-14 11:56 435260 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2009-09-07 09:53 435260 c:\windows\system32\perfh009.dat
- 2008-04-14 12:00 . 2009-03-06 14:22 284160 c:\windows\system32\pdh.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 284160 c:\windows\system32\pdh.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 706048 c:\windows\system32\ntdll.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 337408 c:\windows\system32\netapi32.dll
- 2008-04-14 12:00 . 2008-10-15 16:34 337408 c:\windows\system32\netapi32.dll
- 2008-04-14 12:00 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 245248 c:\windows\system32\mswsock.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 245760 c:\windows\system32\mswmdm.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 203776 c:\windows\system32\mswebdvd.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 132608 c:\windows\system32\msv1_0.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 532480 c:\windows\system32\mstime.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 356352 c:\windows\system32\msscp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 146432 c:\windows\system32\msrating.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 201728 c:\windows\system32\mspmsp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 259072 c:\windows\system32\msnetobj.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 146432 c:\windows\system32\msls31.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 449024 c:\windows\system32\mshtmled.dll
- 2009-01-25 17:32 . 2008-06-12 14:23 161792 c:\windows\system32\msdtcuiu.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 161792 c:\windows\system32\msdtcuiu.dll
- 2009-01-25 17:32 . 2008-06-12 14:23 956928 c:\windows\system32\msdtctm.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 956928 c:\windows\system32\msdtctm.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 427008 c:\windows\system32\msdtcprx.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 240640 c:\windows\system32\mpg4dmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 384512 c:\windows\system32\mp4sdmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 310272 c:\windows\system32\mp43dmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 728064 c:\windows\system32\lsasrv.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 103936 c:\windows\system32\logagent.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 343040 c:\windows\system32\localspl.dll
- 2008-04-14 12:00 . 2009-03-21 14:06 989696 c:\windows\system32\kernel32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 989696 c:\windows\system32\kernel32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 299520 c:\windows\system32\kerberos.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 512000 c:\windows\system32\jscript.dll
- 2009-01-25 17:33 . 2008-04-11 19:04 691712 c:\windows\system32\inetcomm.dll
+ 2009-01-25 17:33 . 2008-04-14 12:00 691712 c:\windows\system32\inetcomm.dll
+ 2009-09-07 08:45 . 2008-04-14 12:00 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
- 2009-05-10 06:21 . 2008-04-14 12:00 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
+ 2009-09-07 08:45 . 2008-04-14 12:00 480256 c:\windows\system32\IME\CINTLGNT\CINTSETP.EXE
- 2009-05-10 06:21 . 2008-04-14 12:00 480256 c:\windows\system32\IME\CINTLGNT\CINTSETP.EXE
+ 2009-09-07 08:45 . 2008-04-14 12:00 198656 c:\windows\system32\IME\CINTLGNT\CINTIME.DLL
- 2009-05-10 06:21 . 2008-04-14 12:00 198656 c:\windows\system32\IME\CINTLGNT\CINTIME.DLL
+ 2008-04-14 12:00 . 2008-04-14 12:00 251904 c:\windows\system32\iepeers.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 323584 c:\windows\system32\iedkcs32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 221184 c:\windows\system32\ieakui.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 216576 c:\windows\system32\ieaksie.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 143360 c:\windows\system32\ieakeng.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 285184 c:\windows\system32\gdi32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 246272 c:\windows\system32\es.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 514587 c:\windows\system32\edb500.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 205312 c:\windows\system32\dxtrans.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 357888 c:\windows\system32\dxtmsft.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 695808 c:\windows\system32\drmv2clt.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 225664 c:\windows\system32\drivers\tcpip6.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 361344 c:\windows\system32\drivers\tcpip.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 334848 c:\windows\system32\drivers\srv.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 202624 c:\windows\system32\drivers\RMCast.sys
+ 2008-04-14 00:49 . 2008-04-14 12:00 146048 c:\windows\system32\drivers\portcls.sys
- 2009-01-25 18:06 . 2008-04-13 11:49 146048 c:\windows\system32\drivers\portcls.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 456576 c:\windows\system32\drivers\mrxsmb.sys
- 2008-04-14 00:46 . 2008-04-13 11:46 141056 c:\windows\system32\drivers\ks.sys
+ 2008-04-14 00:46 . 2008-04-14 12:00 141056 c:\windows\system32\drivers\ks.sys
- 2009-01-25 18:06 . 2008-04-13 11:15 172416 c:\windows\system32\drivers\kmixer.sys
+ 2008-04-14 00:15 . 2008-04-14 12:00 172416 c:\windows\system32\drivers\kmixer.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 273024 c:\windows\system32\drivers\bthport.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 138112 c:\windows\system32\drivers\afd.sys
- 2009-01-25 18:06 . 2008-04-13 09:09 142592 c:\windows\system32\drivers\aec.sys
+ 2008-04-13 22:09 . 2008-04-14 12:00 142592 c:\windows\system32\drivers\aec.sys
- 2008-04-14 12:00 . 2008-06-20 17:46 147968 c:\windows\system32\dnsapi.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 147968 c:\windows\system32\dnsapi.dll
+ 2009-01-25 17:34 . 2008-04-14 12:00 120320 c:\windows\system32\dllcache\wuweb.dll
+ 2009-01-25 17:34 . 2008-04-14 12:00 112640 c:\windows\system32\dllcache\wucltui.dll
+ 2009-01-25 17:34 . 2008-04-14 12:00 111104 c:\windows\system32\dllcache\wuauclt.exe
+ 2009-01-25 17:34 . 2008-04-14 12:00 430592 c:\windows\system32\dllcache\wuapi.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 155648 c:\windows\system32\dllcache\wscript.exe
- 2008-04-14 12:00 . 2008-05-08 11:24 155648 c:\windows\system32\dllcache\wscript.exe
+ 2009-01-25 17:32 . 2008-04-14 12:00 214528 c:\windows\system32\dllcache\wordpad.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 809984 c:\windows\system32\dllcache\wmvdmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 897024 c:\windows\system32\dllcache\wmspdmoe.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 485376 c:\windows\system32\dllcache\wmspdmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 759296 c:\windows\system32\dllcache\wmsdmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 102400 c:\windows\system32\dllcache\wmpshell.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 114688 c:\windows\system32\dllcache\wmpasf.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 218112 c:\windows\system32\dllcache\wmiprvse.exe
+ 2009-01-25 17:32 . 2008-04-14 12:00 437248 c:\windows\system32\dllcache\wmiprvsd.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 151552 c:\windows\system32\dllcache\wmidx.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 168448 c:\windows\system32\dllcache\wmerror.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 230912 c:\windows\system32\dllcache\wmasf.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 670720 c:\windows\system32\dllcache\wmadmoe.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 408064 c:\windows\system32\dllcache\wmadmod.dll
- 2008-04-14 12:00 . 2009-06-10 06:14 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 666112 c:\windows\system32\dllcache\wininet.dll
- 2008-04-14 12:00 . 2008-12-16 12:30 354304 c:\windows\system32\dllcache\winhttp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 354304 c:\windows\system32\dllcache\winhttp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 276480 c:\windows\system32\dllcache\webcheck.dll
+ 2009-01-25 17:34 . 2008-04-14 12:00 851968 c:\windows\system32\dllcache\vgx.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 434176 c:\windows\system32\dllcache\vbscript.dll
- 2008-04-14 12:00 . 2008-04-25 07:41 218624 c:\windows\system32\dllcache\uxtheme.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 218624 c:\windows\system32\dllcache\uxtheme.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 619520 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 208896 c:\windows\system32\dllcache\unregmp2.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 225664 c:\windows\system32\dllcache\tcpip6.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 361344 c:\windows\system32\dllcache\tcpip.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 117760 c:\windows\system32\dllcache\t2embed.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 246814 c:\windows\system32\dllcache\strmdll.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 334848 c:\windows\system32\dllcache\srv.sys
+ 2009-09-07 09:20 . 2008-04-14 12:00 101376 c:\windows\system32\dllcache\srusbusd.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 101376 c:\windows\system32\dllcache\srusbusd.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 188416 c:\windows\system32\dllcache\snmpsmir.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 188416 c:\windows\system32\dllcache\snmpsmir.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 358400 c:\windows\system32\dllcache\snmpincl.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 358400 c:\windows\system32\dllcache\snmpincl.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 259072 c:\windows\system32\dllcache\snmpcl.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 259072 c:\windows\system32\dllcache\snmpcl.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 456192 c:\windows\system32\dllcache\smtpsvc.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 456192 c:\windows\system32\dllcache\smtpsvc.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 236544 c:\windows\system32\dllcache\smi2smir.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 236544 c:\windows\system32\dllcache\smi2smir.exe
+ 2009-01-25 17:34 . 2008-04-14 12:00 774144 c:\windows\system32\dllcache\setup_wm.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 108544 c:\windows\system32\dllcache\services.exe
- 2008-04-14 12:00 . 2008-05-09 10:53 172032 c:\windows\system32\dllcache\scrrun.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 172032 c:\windows\system32\dllcache\scrrun.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 180224 c:\windows\system32\dllcache\scrobj.dll
- 2008-04-14 12:00 . 2008-05-09 10:53 180224 c:\windows\system32\dllcache\scrobj.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 144384 c:\windows\system32\dllcache\schannel.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 399360 c:\windows\system32\dllcache\rpcss.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 584704 c:\windows\system32\dllcache\rpcrt4.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 202624 c:\windows\system32\dllcache\rmcast.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 237568 c:\windows\system32\dllcache\qasf.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 131584 c:\windows\system32\dllcache\pmxviceo.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 131584 c:\windows\system32\dllcache\pmxviceo.dll
- 2008-04-14 12:00 . 2009-03-06 14:22 284160 c:\windows\system32\dllcache\pdh.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 284160 c:\windows\system32\dllcache\pdh.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 706048 c:\windows\system32\dllcache\ntdll.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 337408 c:\windows\system32\dllcache\netapi32.dll
- 2008-04-14 12:00 . 2008-10-15 16:34 337408 c:\windows\system32\dllcache\netapi32.dll
+ 2009-09-07 09:20 . 2008-04-14 12:00 119808 c:\windows\system32\dllcache\mtstocom.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 119808 c:\windows\system32\dllcache\mtstocom.exe
- 2008-04-14 12:00 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 245760 c:\windows\system32\dllcache\mswmdm.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 203776 c:\windows\system32\dllcache\mswebdvd.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 132608 c:\windows\system32\dllcache\msv1_0.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 532480 c:\windows\system32\dllcache\mstime.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 356352 c:\windows\system32\dllcache\msscp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 146432 c:\windows\system32\dllcache\msrating.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 201728 c:\windows\system32\dllcache\mspmsp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 259072 c:\windows\system32\dllcache\msnetobj.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 146432 c:\windows\system32\dllcache\msls31.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 449024 c:\windows\system32\dllcache\mshtmled.dll
- 2009-01-25 17:32 . 2008-06-12 14:23 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 161792 c:\windows\system32\dllcache\msdtcuiu.dll
- 2009-01-25 17:32 . 2008-06-12 14:23 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 427008 c:\windows\system32\dllcache\msdtcprx.dll
- 2009-01-25 17:33 . 2008-05-01 14:33 331776 c:\windows\system32\dllcache\msadce.dll
+ 2009-01-25 17:33 . 2008-04-14 12:00 331776 c:\windows\system32\dllcache\msadce.dll
+ 2009-01-25 17:34 . 2008-04-14 12:00 368640 c:\windows\system32\dllcache\mpvis.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 240640 c:\windows\system32\dllcache\mpg4dmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 384512 c:\windows\system32\dllcache\mp4sdmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 310272 c:\windows\system32\dllcache\mp43dmod.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 728064 c:\windows\system32\dllcache\lsasrv.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 103936 c:\windows\system32\dllcache\logagent.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 343040 c:\windows\system32\dllcache\localspl.dll
- 2008-04-14 12:00 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\kernel32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 989696 c:\windows\system32\dllcache\kernel32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 299520 c:\windows\system32\dllcache\kerberos.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 512000 c:\windows\system32\dllcache\jscript.dll
+ 2009-01-25 17:33 . 2008-04-14 12:00 691712 c:\windows\system32\dllcache\inetcomm.dll
- 2009-01-25 17:33 . 2008-04-11 19:04 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 323584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 221184 c:\windows\system32\dllcache\ieakui.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 216576 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 143360 c:\windows\system32\dllcache\ieakeng.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 285184 c:\windows\system32\dllcache\gdi32.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 400384 c:\windows\system32\dllcache\fxsxp32.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 400384 c:\windows\system32\dllcache\fxsxp32.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 192512 c:\windows\system32\dllcache\fxswzrd.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 192512 c:\windows\system32\dllcache\fxswzrd.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 154112 c:\windows\system32\dllcache\fxsui.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 154112 c:\windows\system32\dllcache\fxsui.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 397312 c:\windows\system32\dllcache\fxstiff.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 397312 c:\windows\system32\dllcache\fxstiff.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 246272 c:\windows\system32\dllcache\fxst30.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 246272 c:\windows\system32\dllcache\fxst30.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 267776 c:\windows\system32\dllcache\fxssvc.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 267776 c:\windows\system32\dllcache\fxssvc.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 562176 c:\windows\system32\dllcache\fxsst.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 562176 c:\windows\system32\dllcache\fxsst.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 229376 c:\windows\system32\dllcache\fxscover.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 229376 c:\windows\system32\dllcache\fxscover.exe
+ 2009-09-07 09:19 . 2008-04-14 12:00 285184 c:\windows\system32\dllcache\fxscomex.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 285184 c:\windows\system32\dllcache\fxscomex.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 132608 c:\windows\system32\dllcache\fxsclntr.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 132608 c:\windows\system32\dllcache\fxsclntr.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 142848 c:\windows\system32\dllcache\fxsclnt.exe
+ 2009-09-07 09:19 . 2008-04-14 12:00 142848 c:\windows\system32\dllcache\fxsclnt.exe
- 2009-01-25 17:36 . 2008-04-14 12:00 111104 c:\windows\system32\dllcache\fxscfgwz.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 111104 c:\windows\system32\dllcache\fxscfgwz.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 451584 c:\windows\system32\dllcache\fxsapi.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 451584 c:\windows\system32\dllcache\fxsapi.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 208896 c:\windows\system32\dllcache\fpmmcsat.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 208896 c:\windows\system32\dllcache\fpmmcsat.dll
- 2009-01-25 17:35 . 2004-05-12 11:39 598071 c:\windows\system32\dllcache\fpmmc.dll
+ 2009-09-07 09:19 . 2004-05-12 12:39 598071 c:\windows\system32\dllcache\fpmmc.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 188494 c:\windows\system32\dllcache\fpcount.exe
- 2009-01-25 17:35 . 2003-03-24 03:52 188494 c:\windows\system32\dllcache\fpcount.exe
+ 2009-09-07 09:19 . 2003-03-24 04:52 109328 c:\windows\system32\dllcache\fp98swin.exe
- 2009-01-25 17:35 . 2003-03-24 03:52 109328 c:\windows\system32\dllcache\fp98swin.exe
- 2009-01-25 17:35 . 2004-05-12 11:39 876653 c:\windows\system32\dllcache\fp4awel.dll
+ 2009-09-07 09:19 . 2004-05-12 12:39 876653 c:\windows\system32\dllcache\fp4awel.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 102509 c:\windows\system32\dllcache\fp4atxt.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 102509 c:\windows\system32\dllcache\fp4atxt.dll
- 2009-01-25 17:35 . 2003-03-24 03:52 147513 c:\windows\system32\dllcache\fp4apws.dll
+ 2009-09-07 09:19 . 2003-03-24 04:52 147513 c:\windows\system32\dllcache\fp4apws.dll
+ 2009-09-07 09:19 . 2004-05-12 12:39 184435 c:\windows\system32\dllcache\fp4amsft.dll
- 2009-01-25 17:35 . 2004-05-12 11:39 184435 c:\windows\system32\dllcache\fp4amsft.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 472064 c:\windows\system32\dllcache\fastprox.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 101888 c:\windows\system32\dllcache\evntagnt.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 101888 c:\windows\system32\dllcache\evntagnt.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 246272 c:\windows\system32\dllcache\es.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 514587 c:\windows\system32\dllcache\edb500.dll
- 2009-01-25 17:36 . 2008-04-14 12:00 514587 c:\windows\system32\dllcache\edb500.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 205312 c:\windows\system32\dllcache\dxtrans.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 357888 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 695808 c:\windows\system32\dllcache\drmv2clt.dll
- 2008-04-14 12:00 . 2008-06-20 17:46 147968 c:\windows\system32\dllcache\dnsapi.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 147968 c:\windows\system32\dllcache\dnsapi.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 139264 c:\windows\system32\dllcache\cscript.exe
- 2009-01-25 17:35 . 2003-03-24 03:52 188480 c:\windows\system32\dllcache\cfgwiz.exe
+ 2009-09-07 09:19 . 2003-03-24 04:52 188480 c:\windows\system32\dllcache\cfgwiz.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 159232 c:\windows\system32\dllcache\cewmdm.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 286720 c:\windows\system32\dllcache\blackbox.dll
- 2009-01-25 17:35 . 2008-04-14 12:00 331264 c:\windows\system32\dllcache\aqueue.dll
+ 2009-09-07 09:19 . 2008-04-14 12:00 331264 c:\windows\system32\dllcache\aqueue.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 138112 c:\windows\system32\dllcache\afd.sys
- 2008-04-14 12:00 . 2009-02-09 12:10 617472 c:\windows\system32\dllcache\advapi32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 617472 c:\windows\system32\dllcache\advapi32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 139264 c:\windows\system32\cscript.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 159232 c:\windows\system32\cewmdm.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 286720 c:\windows\system32\blackbox.dll
- 2008-04-14 12:00 . 2009-02-09 12:10 617472 c:\windows\system32\advapi32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 617472 c:\windows\system32\advapi32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 126912 c:\windows\system\MSVIDEO.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 126912 c:\windows\system\MSVIDEO.DLL
+ 2008-04-14 12:00 . 2008-04-14 12:00 109456 c:\windows\system\AVIFILE.DLL
- 2009-01-26 06:27 . 2008-04-14 12:00 109456 c:\windows\system\AVIFILE.DLL
+ 2009-01-25 17:36 . 2009-09-07 09:18 331776 c:\windows\repair\ntuser.dat
+ 2008-04-14 12:00 . 2008-04-14 12:00 208896 c:\windows\inf\unregmp2.exe
+ 2009-09-07 08:45 . 2008-04-14 12:00 173568 c:\windows\ime\CHTIME\Applets\CHTSKF.DLL
- 2009-05-10 06:21 . 2008-04-14 12:00 173568 c:\windows\ime\CHTIME\Applets\CHTSKF.DLL
+ 2009-01-25 17:34 . 2008-04-14 12:00 1135616 c:\windows\system32\wuaueng.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1001472 c:\windows\system32\wmvdmoe2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 2109440 c:\windows\system32\wmvcore.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1119744 c:\windows\system32\wmsdmoe2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 2940928 c:\windows\system32\wmploc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 4874240 c:\windows\system32\wmp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1053184 c:\windows\system32\wmnetmgr.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1845632 c:\windows\system32\win32k.sys
- 2008-04-14 12:00 . 2008-06-17 19:02 8461312 c:\windows\system32\shell32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 8461312 c:\windows\system32\shell32.dll
- 2008-04-14 12:00 . 2008-10-16 01:00 1499136 c:\windows\system32\shdocvw.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1499136 c:\windows\system32\shdocvw.dll
+ 2009-09-07 10:42 . 2009-06-09 18:03 9998336 c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvoglnt.dll
+ 2009-09-07 10:42 . 2009-06-09 18:03 1580550 c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvdata.bin
+ 2009-09-07 10:42 . 2009-06-09 18:03 1310720 c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvcuvenc.dll
+ 2009-09-07 10:42 . 2009-06-09 18:03 1720320 c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvcuda.dll
+ 2009-09-07 10:42 . 2009-06-09 18:03 8087712 c:\windows\system32\ReinstallBackups\0007\DriverFiles\nv4_mini.sys
+ 2009-09-07 10:42 . 2009-06-09 18:03 5908608 c:\windows\system32\ReinstallBackups\0007\DriverFiles\nv4_disp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1288192 c:\windows\system32\quartz.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 2145280 c:\windows\system32\ntoskrnl.exe
- 2008-04-14 12:00 . 2009-02-06 11:06 2145280 c:\windows\system32\ntoskrnl.exe
+ 2008-04-14 00:01 . 2008-04-14 12:00 2023936 c:\windows\system32\ntkrnlpa.exe
- 2008-04-14 00:01 . 2009-02-06 10:32 2023936 c:\windows\system32\ntkrnlpa.exe
+ 2008-04-14 12:00 . 2008-04-14 12:00 1306624 c:\windows\system32\msxml6.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1104896 c:\windows\system32\msxml3.dll
+ 2009-01-25 17:32 . 2008-04-14 12:00 2061824 c:\windows\system32\mstscax.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 3066880 c:\windows\system32\mshtml.dll
+ 2009-01-26 06:25 . 2009-09-07 09:40 2244208 c:\windows\system32\FNTCACHE.DAT
- 2009-01-26 06:25 . 2009-08-24 08:47 2244208 c:\windows\system32\FNTCACHE.DAT
+ 2009-01-25 17:34 . 2008-04-14 12:00 1135616 c:\windows\system32\dllcache\wuaueng.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1001472 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 2109440 c:\windows\system32\dllcache\wmvcore.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1119744 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 2940928 c:\windows\system32\dllcache\wmploc.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 4874240 c:\windows\system32\dllcache\wmp.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1053184 c:\windows\system32\dllcache\wmnetmgr.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1845632 c:\windows\system32\dllcache\win32k.sys
- 2008-04-14 12:00 . 2008-06-17 19:02 8461312 c:\windows\system32\dllcache\shell32.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 8461312 c:\windows\system32\dllcache\shell32.dll
- 2008-04-14 12:00 . 2008-10-16 01:00 1499136 c:\windows\system32\dllcache\shdocvw.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1499136 c:\windows\system32\dllcache\shdocvw.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1288192 c:\windows\system32\dllcache\quartz.dll
+ 2008-05-03 06:46 . 2009-08-16 12:57 7729568 c:\windows\system32\dllcache\nv4_mini.sys
+ 2008-04-14 12:00 . 2008-04-14 12:00 1306624 c:\windows\system32\dllcache\msxml6.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 1104896 c:\windows\system32\dllcache\msxml3.dll
+ 2009-01-25 17:33 . 2008-04-14 12:00 1314816 c:\windows\system32\dllcache\msoe.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 3066880 c:\windows\system32\dllcache\mshtml.dll
+ 2009-09-07 10:43 . 2009-09-07 10:43 1500160 c:\windows\Installer\2bba87.msi
+ 2009-09-07 10:42 . 2009-06-09 18:03 20887360 c:\windows\system32\ReinstallBackups\0007\DriverFiles\NvCplSetupEng.exe
+ 2009-09-07 08:45 . 2008-04-14 12:00 10096640 c:\windows\ime\CHTIME\Applets\HWXCHT.DLL
- 2009-05-10 06:21 . 2008-04-14 12:00 10096640 c:\windows\ime\CHTIME\Applets\HWXCHT.DLL
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2008-04-14 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-16 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-16 86016]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-09-20 55824]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-09-20 55824]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HD ADeck.lnk - c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-1-26 30003200]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-12 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 00:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2007-11-14 22:10 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\documents and settings\user\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^Need for Speed™ Undercover Registration.lnk]
path=c:\documents and settings\user\Start Menu\Programs\Startup\Need for Speed™ Undercover Registration.lnk
backup=c:\windows\pss\Need for Speed™ Undercover Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^Shortcut to VIA HD Audio Deck.lnk]
path=c:\documents and settings\user\Start Menu\Programs\Startup\Shortcut to VIA HD Audio Deck.lnk
backup=c:\windows\pss\Shortcut to VIA HD Audio Deck.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Codemasters\\Ashes Cricket 2009\\Cricket2009.exe"=
"c:\\Documents and Settings\\user\\My Documents\\Downloads\\[PC] Test Drive Unlimited [PROPER] [RIP] [dopeman]\\TDU\\TestDriveUnlimited.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Norton AntiVirus\\Engine\\16.7.2.10\\ccSvcHst.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1007020.00A\SymEFA.sys [8/20/2009 9:48 PM 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NAV\1007020.00A\BHDrvx86.sys [8/20/2009 9:48 PM 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1007020.00A\cchpx86.sys [8/20/2009 9:48 PM 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090904.002\IDSXpx86.sys [9/6/2009 9:38 AM 276344]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5/14/2009 2:22 PM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/14/2009 2:22 PM 72944]
R2 Norton AntiVirus;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\16.7.2.10\ccSvcHst.exe [8/20/2009 9:48 PM 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [8/26/2009 8:00 PM 102448]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [1/26/2009 6:06 AM 845184]
S2 gupdate1c987e088888b26;Google Update Service (gupdate1c987e088888b26);c:\program files\Google\Update\GoogleUpdate.exe [2/6/2009 10:24 AM 133104]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/14/2009 2:22 PM 7408]
S3 SoRa_DRIVER53;SoRa_DRIVER53;\??\c:\documents and settings\user\Desktop\New Folder\New Folder\MS v70 Hax 3.5\Engines + CTs\SoRa 4.6\SoRa_.sys --> c:\documents and settings\user\Desktop\New Folder\New Folder\MS v70 Hax 3.5\Engines + CTs\SoRa 4.6\SoRa_.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2009-09-08 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-26 03:45]

2009-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 22:24]

2009-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 22:24]

2009-09-08 c:\windows\Tasks\User_Feed_Synchronization-{F09015BD-E3FE-40C5-BA2A-9699E76672A3}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 16:31]
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{196C3A46-4758-433D-A600-802C804AF39C} - c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
WebBrowser-{196C3A46-4758-433D-A600-802C804AF39C} - c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
HKU-Default-RunOnce-tscuninstall - c:\windows\system32\tscupgrd.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.nz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 80.153.156.21:1080
IE: &Download by Orbit - c:\documents and settings\All Users\Desktop\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\documents and settings\All Users\Desktop\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\documents and settings\All Users\Desktop\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\documents and settings\All Users\Desktop\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvLsp.dll
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\t380ja7t.default\
FF - prefs.js: browser.startup.homepage - www.google.co.nz
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 81
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 81
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 81
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-08 13:53
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\16.7.2.10\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"c:\program files\Norton AntiVirus\Engine\16.7.2.10\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-57989841-1644491937-1417001333-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-57989841-1644491937-1417001333-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5f,90,2f,88,35,c2,f7,5c,e0,36,66,76,49,9d,4e,ed,78,86,8d,8d,f2,27,2a,
44,44,49,80,58,67,8f,46,47,7a,70,b6,a6,72,e7,1d,58,ce,c9,2b,34,48,7e,89,e5,\
"??"=hex:97,1d,ce,1e,72,5a,e9,94,f9,49,d2,00,89,62,6b,c5

[HKEY_USERS\S-1-5-21-57989841-1644491937-1417001333-1004\Software\SecuROM\License information*]
"datasecu"=hex:be,5e,a2,a4,61,f2,80,07,4b,35,98,8f,38,4b,9d,9d,23,42,c4,87,d2,
4e,02,68,32,e4,6f,a8,47,4f,6d,af,57,9f,24,ec,63,93,9a,4d,ca,7c,da,e0,8b,44,\
"rkeysecu"=hex:6c,60,7e,64,5e,1b,d7,fc,ef,a0,e3,46,02,d3,44,71

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):af,73,4d,dc,45,2d,4e,c3,f1,7a,ab,87,3e,e0,fe,e9,89,77,eb,6a,8f,
6e,f3,68,73,09,62,dd,8b,ce,d1,e7,94,ed,e8,28,e1,3b,2f,a2,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8a97a2a9-a6eb-43bc-9b74-688d3e51adcb}]
@Denied: (Full) (Everyone)
"Model"=dword:000000f9
"Therad"=dword:00000014
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(900)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'lsass.exe'(956)
c:\windows\system32\nvLsp.dll
.
Completion time: 2009-09-08 13:55
ComboFix-quarantined-files.txt 2009-09-08 01:55
ComboFix2.txt 2009-09-07 08:12

Pre-Run: 363,347,750,912 bytes free
Post-Run: 363,393,630,208 bytes free

1443 --- E O F --- 2009-09-02 11:35

[Gaurav1993]

sry i had to divide the log up it was too long and it wouldnt let me attach it either

[chemist]

Hello again, Gaurav1993. QooBox is ComboFix's quarantine folder. It will get deleted when we uninstall ComboFix.

Open Notepad and copy/paste the entire contents of the codebox below into Notepad (don't forget to copy and paste REGEDIT4):

Code:

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\DNA\\btdna.exe"=-

Save the file as fix.reg and choose to Save as type: - All Files then close the Notepad file.
It should look like this:

Double-click on fix.reg and choose Yes to merge/add it to the registry. Please delete the file afterwards.

------------------------------------------------------

Quote:

a message pops up around every 5 minutes it says "msfeedssync.exe - Application Error the instruction at "0x7e4195c8" referenced memory at "0x00000048"

Please follow the instructions here for disabling msfeedsync > http://www.webisee.com/2008/10/21/ms...le-in-ie7-ie8/

Did that fix your problem? Let me know and I will give you some final instructions.

------------------------------------------------------

[Gaurav1993]

yup that seems to have fixed the problem the message doesnt popup any more but every time i start the computer a popup comes in the bottom of right of the screen saying your computer might be at risk windows firewall is turned off this disappears after a second and when i check firewall settings it says its on, is this OK.

[chemist]

Hello again, Gaurav1993.

Quote:

but every time i start the computer a popup comes in the bottom of right of the screen saying your computer might be at risk windows firewall is turned off this disappears after a second and when i check firewall settings it says its on, is this OK.

Is your Norton Firewall also turned on by chance? If so, turn Norton Firewall off and see if that is the cause. Never run more than one firewall.

You could turn off the alert, but if your firewall ever gets turned off, it won't tell you so. I might just ignore it if it's just for a second.

Control Panel > Security Center > Change the way Security Center alerts me > Untick Firewall > OK.

Or you could ask for help here > Windows XP Support Forum

------------------------------------------------------

Congratulations. Well done! Your logs appear clean. You should be good to go.

As far as those infected objects listed in the Kaspersky report, those are safely tucked away in ComboFix's quarantine folder or in old System Restore Points, which we will be taking care of now.

Please disable AVG before uninstalling ComboFix and then re-enable it after doing so.

Go to Start >> Run and Copy/Paste the following single-line command into the Run box and click OK:

combofix /u

This will uninstall ComboFix and delete ComboFix's quarantine folder. It will also implement some cleanup procedures, remove old System Restore Points which contain previous infections, and create a fresh, clean System Restore Point.

Please re-enable your antivirus program and any other antispyware programs disabled earlier if you haven't already.

You can safely delete any tools downloaded or any logs, files, and any shortcuts on your desktop that were created during this fix.

------------------------------------------------------

MICROSOFT UPDATES
It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Please go to Microsoft and download all the critical updates to help prevent possible re-infection.

SPYWARE PREVENTION
This is a good time to set up protection against further attacks. In light of your recent problem, I'm sure you'd like to avoid any future infections. Please read these well written articles:

• How Did I Get Infected In The First Place? by TonyKlein
• How to Prevent Malware by miekiemoes

To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:

• WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
  • Green to go
  • Yellow for caution
  • Red to stop
  WOT has an add-on available for both Firefox and IE.
  
• SpywareBlaster prevents the installation of ActiveX-based malware, blocks cookies, and restricts the actions of "bad" sites in Internet Explorer. See tutorial here
  
• MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting the attempted connections to 127.0.0.1, which is the IP of your local computer. See guide here and for Windows Vista here
  • Download Host.zip and Save it to your Desktop.
  • Right-click hosts.zip and select 'Extract all files' or 'Extract files...'.
  • Follow the prompts and click 'Finish'.
  • This will open the newly created hosts folder on your Desktop.
  • Double-click on the included mvps.bat file, this will rename the existing HOSTS file to HOSTS.MVP, then it will copy the included updated HOSTS file to the correct location on your machine.
  • Once updated you should see another prompt that the task was completed.
• IE-Spyad is another excellent program that places over 5000 dubious websites and domains in the IE Restricted list, which will help prevent attempts to infect your system. It basically prevents any downloads from the sites listed, although you will still be able to connect to the site. See tutorial here

Keep your antivirus program and antispyware programs updated and scan with them on a regular basis.

Please respond to this thread one more time so we can mark this thread as resolved.

[Gaurav1993]

thanks alot for the help. soo happy that the computers running normally again.

[chemist]

You're very welcome, Gaurav1993! Glad to have helped.