Jean Robbe

i search babylon (zoekmachine in IE en Firefox)

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

Ik heb niets gevonden dat in de buurt van Babylon kwam. Ik heb Mozilla verwijderd en opnieuw geinstalleerd en Babylon lijkt helemaal verdwenen. Heel hartelijk bedankt!!

19 augustus 2012
16 antwoorden

i search babylon (zoekmachine in IE en Firefox)

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

Onder browser.search.defaultenginename staat Google. Onder browser.search.order staat Google, Bing en chrome://browser-region/locale/region.properties.

15 augustus 2012
16 antwoorden

i search babylon (zoekmachine in IE en Firefox)

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

Babylon staat niet in de lijst met zoekmachines.

15 augustus 2012
16 antwoorden

i search babylon (zoekmachine in IE en Firefox)

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

Als ik in Firefox via de default Mozilla zoekmachine een zoekterm intyp, dan is het volgende scherm de Babylon zoekmachine met gevonden sites adhv de zoekterm. Via Google word ik niet doorgestuurd naar Babylon. In IE vind ik van Babylon niks meer terug.

15 augustus 2012
16 antwoorden

i search babylon (zoekmachine in IE en Firefox)

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

Log van ComboFix ComboFix 12-08-13.01 - Jan 14/08/2012 19:54:58.5.2 - x86 MINIMAL Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.645 [GMT 2:00] Running from: c:\documents and settings\Jan\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Jan\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . . ((((((((((((((((((((((((( Files Created from 2012-07-14 to 2012-08-14 ))))))))))))))))))))))))))))))) . . 2012-08-14 16:35 . 2012-06-29 08:44 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A5B0929E-2181-4B46-94F4-B28818E316F1}\mpengine.dll 2012-08-13 19:49 . 2012-08-13 19:52 -------- d-----w- c:\documents and settings\Jan\cr3 2012-08-13 16:37 . 2012-08-13 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Browser Manager 2012-08-13 15:22 . 2012-06-29 08:44 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-06 14:55 . 2012-08-06 14:55 -------- d-----w- c:\documents and settings\Jan\Calibre Library 2012-08-06 14:25 . 2012-08-06 14:26 -------- d-----w- c:\program files\Calibre2 2012-08-06 14:09 . 2012-08-06 14:09 -------- d-----w- c:\windows\system32\wbem\Repository 2012-08-06 13:44 . 2012-08-06 14:41 -------- d-----w- c:\documents and settings\Jan\Application Data\calibre 2012-08-02 14:22 . 2012-08-02 14:22 -------- d-----w- c:\program files\Bulk Rename Utility 2012-08-01 00:00 . 2012-08-01 00:01 -------- dc-h--w- c:\windows\ie8 2012-07-29 18:52 . 2012-07-29 18:52 65848 ----a-w- c:\windows\system32\drivers\RapportKELL.sys 2012-07-28 23:34 . 2012-07-28 23:34 -------- d-----w- c:\program files\PD4ML 2012-07-22 21:25 . 2001-08-17 20:36 5632 ----a-w- c:\windows\system32\ptpusb.dll 2012-07-22 21:25 . 2008-04-14 03:42 159232 ----a-w- c:\windows\system32\ptpusd.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-02 18:52 . 2012-06-19 08:08 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-02 18:52 . 2011-07-23 11:40 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-10 10:26 . 2012-07-10 10:26 110592 ----a-w- c:\windows\system32\usbr38.dll 2012-07-10 10:26 . 2012-07-10 10:26 33536 ----a-w- c:\windows\system32\drivers\a38usb.sys 2012-07-03 11:46 . 2012-06-04 09:11 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-13 13:19 . 2009-04-28 04:51 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:50 . 2009-04-28 04:51 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:50 . 2009-04-28 04:51 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2009-04-28 04:51 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2008-10-16 19:09 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2009-04-28 05:02 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2009-04-28 05:02 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2009-04-28 05:02 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2008-10-16 19:07 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2009-04-28 05:02 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2009-04-28 05:02 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2009-04-28 04:51 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2008-10-16 19:09 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2008-10-16 19:07 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2008-10-16 19:07 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2009-04-28 05:02 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2009-04-28 05:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:18 . 2009-11-09 06:39 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2009-11-09 06:39 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 13:18 . 2009-11-09 06:39 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22 . 2009-04-28 04:51 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-22 08:46 . 2012-05-22 08:46 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-05-22 08:46 . 2012-05-22 08:46 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-07-14 00:15 . 2012-08-13 17:17 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot_2012-08-14_11.13.11 ))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072] "AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784] "AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304] "AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920] "SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "RTHDCPL"="RTHDCPL.EXE" [2009-04-27 17881088] "ModemListener"="c:\program files\Mobilni Internet\ModemListener.exe" [2010-07-13 98304] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-05-22 296056] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "beidsccertprop"="c:\program files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe" [2012-02-21 31768] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\PoivY.com\\PoivY\\PoivY.exe"= "c:\\Program Files\\SmsDiscount.com\\SmsDiscount\\SmsDiscount.exe"= "c:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . S0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [29/07/2012 20:52 65848] S1 RapportCerberus_42020;RapportCerberus_42020;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_42020.sys [6/08/2012 16:15 228376] S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [29/07/2012 20:52 71480] S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [29/07/2012 20:52 166840] S2 Browser Manager;Browser Manager;c:\documents and settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [13/08/2012 18:37 1697312] S2 DeviceManager;DeviceManager;c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start --> c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start [?] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/06/2012 11:11 655944] S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [29/07/2012 20:52 976728] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [10/07/2012 12:26 33536] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [19/06/2012 10:08 250056] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5/05/2009 18:00 1684736] S3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28/04/2009 3:59 38912] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/06/2012 11:11 22344] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [13/08/2012 19:17 113120] S3 qcusbser;Modem Interface USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbser.sys [18/07/2011 14:07 103552] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [5/05/2009 19:16 232872] S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [16/03/2009 23:27 39040] . Contents of the 'Scheduled Tasks' folder . 2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-19 18:52] . 2012-08-14 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . 2012-08-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-07-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-06-23 c:\windows\Tasks\WavePadReminder.job - c:\program files\NCH Software\WavePad\wavepad.exe [2012-05-30 20:36] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.be/ IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Jan\Application Data\Mozilla\Firefox\Profiles\lxmafyry.default\ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-14 20:04 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•A~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(984) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll . Completion time: 2012-08-14 20:07:45 ComboFix-quarantined-files.txt 2012-08-14 18:07 ComboFix2.txt 2012-08-14 11:16 ComboFix3.txt 2012-06-18 20:32 ComboFix4.txt 2012-06-10 14:19 ComboFix5.txt 2012-08-14 17:52 . Pre-Run: 30.569.074.688 bytes free Post-Run: 30.555.717.632 bytes free . - - End Of File - - BCE64ACA72DCDBBD4395DBBB62A3A478 Log van AdwCleaner # AdwCleaner v1.801 - Logfile created 08/15/2012 at 07:11:45 # Updated 14/08/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Jan - JANLAPTOP # Boot Mode : Normal # Running from : C:\Documents and Settings\Jan\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** Stopped & Deleted : Browser Manager ***** [Files / Folders] ***** Folder Deleted : C:\Documents and Settings\Jan\Application Data\Media Finder Folder Deleted : C:\Documents and Settings\Jan\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com Folder Deleted : C:\Documents and Settings\Jan\Start Menu\Programs\Browser Manager Deleted on reboot : C:\Documents and Settings\All Users\Application Data\Browser Manager Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Media Finder File Deleted : C:\Program Files\Mozilla FireFox\Components\AskSearch.js File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted : C:\user.js ***** [Registry] ***** Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\MediaFinder Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\AskBarDis Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL Key Deleted : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook Key Deleted : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1 Key Deleted : HKLM\SOFTWARE\Classes\MF Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702A2B6-13AA-4090-9E01-BCDC85DD933F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=113480&tt=120812_bandext_3312_4&babsrc=NT_ss&mntrId=648d7a1a000000000000002618fcbe43 --> hxxp://www.google.com -\\ Mozilla Firefox v14.0.1 (nl) Profile name : default File : C:\Documents and Settings\Jan\Application Data\Mozilla\Firefox\Profiles\lxmafyry.default\prefs.js Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)"); ************************* AdwCleaner[s1].txt - [4966 octets] - [15/08/2012 07:11:45] ########## EOF - C:\AdwCleaner[s1].txt - [5094 octets] ##########

15 augustus 2012
16 antwoorden

i search babylon (zoekmachine in IE en Firefox)

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

Combofix zegt dat AVG aan het draaien was, maar ik heb AVG een tijd geleden verwijderd en heb het ook niet zien staan bij mijn programma's. ComboFix 12-08-13.01 - Jan 14/08/2012 13:02:52.4.2 - x86 MINIMAL Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.645 [GMT 2:00] Running from: c:\documents and settings\Jan\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\Cache c:\windows\system32\Cache\140b433238e440b8.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\2c53092c95605355.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\a8556537add6dfc5.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\regtlib.exe . . ((((((((((((((((((((((((( Files Created from 2012-07-14 to 2012-08-14 ))))))))))))))))))))))))))))))) . . 2012-08-13 19:49 . 2012-08-13 19:52 -------- d-----w- c:\documents and settings\Jan\cr3 2012-08-13 16:37 . 2012-08-13 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Browser Manager 2012-08-13 15:22 . 2012-06-29 08:44 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6AFC46F4-1DB1-42C0-92FC-35F2C9C3CB5A}\mpengine.dll 2012-08-12 06:57 . 2012-06-29 08:44 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-06 14:55 . 2012-08-06 14:55 -------- d-----w- c:\documents and settings\Jan\Calibre Library 2012-08-06 14:25 . 2012-08-06 14:26 -------- d-----w- c:\program files\Calibre2 2012-08-06 14:09 . 2012-08-06 14:09 -------- d-----w- c:\windows\system32\wbem\Repository 2012-08-06 13:44 . 2012-08-06 14:41 -------- d-----w- c:\documents and settings\Jan\Application Data\calibre 2012-08-02 14:22 . 2012-08-02 14:22 -------- d-----w- c:\program files\Bulk Rename Utility 2012-08-01 00:00 . 2012-08-01 00:01 -------- dc-h--w- c:\windows\ie8 2012-07-29 18:52 . 2012-07-29 18:52 65848 ----a-w- c:\windows\system32\drivers\RapportKELL.sys 2012-07-28 23:34 . 2012-07-28 23:34 -------- d-----w- c:\program files\PD4ML 2012-07-22 21:25 . 2001-08-17 20:36 5632 ----a-w- c:\windows\system32\ptpusb.dll 2012-07-22 21:25 . 2008-04-14 03:42 159232 ----a-w- c:\windows\system32\ptpusd.dll 2012-07-15 12:11 . 2012-07-15 12:11 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-02 18:52 . 2012-06-19 08:08 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-02 18:52 . 2011-07-23 11:40 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-10 10:26 . 2012-07-10 10:26 110592 ----a-w- c:\windows\system32\usbr38.dll 2012-07-10 10:26 . 2012-07-10 10:26 33536 ----a-w- c:\windows\system32\drivers\a38usb.sys 2012-07-03 11:46 . 2012-06-04 09:11 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-13 13:19 . 2009-04-28 04:51 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:50 . 2009-04-28 04:51 1372672 ----a-w- c:\windows\system32\msxml6.dll 2012-06-05 15:50 . 2009-04-28 04:51 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2009-04-28 04:51 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2008-10-16 19:09 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2009-04-28 05:02 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2009-04-28 05:02 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2009-04-28 05:02 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2008-10-16 19:07 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2009-04-28 05:02 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2009-04-28 05:02 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2009-04-28 04:51 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2008-10-16 19:09 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2008-10-16 19:07 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2008-10-16 19:07 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2009-04-28 05:02 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2009-04-28 05:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:18 . 2009-11-09 06:39 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2009-11-09 06:39 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 13:18 . 2009-11-09 06:39 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22 . 2009-04-28 04:51 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-22 08:46 . 2012-05-22 08:46 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-05-22 08:46 . 2012-05-22 08:46 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-05-16 15:08 . 2009-04-28 04:51 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-16 13:33 . 2012-05-16 13:33 360448 ----a-w- c:\windows\system32\beid35applayer.dll 2012-05-16 13:32 . 2012-05-16 13:32 69632 ----a-w- c:\windows\system32\beidCSPlib.dll 2012-05-16 13:32 . 2012-05-16 13:32 102400 ----a-w- c:\windows\system32\Belgium Identity Card PKCS11.dll 2012-05-16 13:32 . 2012-05-16 13:32 102400 ----a-w- c:\windows\system32\beidpkcs11.dll 2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\system32\beid35cardlayer.dll 2012-05-16 13:32 . 2012-05-16 13:32 266240 ----a-w- c:\windows\system32\beid35DlgsWin32.dll 2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\system32\eidlib.dll 2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\system32\beidlib.dll 2012-05-16 13:31 . 2012-05-16 13:31 126976 ----a-w- c:\windows\system32\beid35common.dll 2012-05-16 13:29 . 2012-05-16 13:29 352256 ----a-w- c:\windows\system32\beid_ff_pkcs11.dll 2012-07-14 00:15 . 2012-08-13 17:17 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot_2012-06-18_20.29.19 ))))))))))))))))))))))))))))))))))))))))) . + 2009-04-27 21:58 . 2008-04-14 12:00 57344 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll + 2006-12-01 23:46 . 2006-12-01 23:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll + 2006-12-01 23:08 . 2006-12-01 23:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 23:08 . 2006-12-01 23:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 23:08 . 2006-12-01 23:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 23:08 . 2006-12-01 23:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 23:08 . 2006-12-01 23:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 23:08 . 2006-12-01 23:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 23:08 . 2006-12-01 23:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 23:08 . 2006-12-01 23:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 23:08 . 2006-12-01 23:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 23:26 . 2006-12-01 23:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 23:25 . 2006-12-01 23:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2005-09-23 01:16 . 2005-09-23 01:16 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll + 2005-09-23 01:16 . 2005-09-23 01:16 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll + 2006-12-01 21:56 . 2006-12-01 21:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2012-06-19 18:58 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\local\escndvrs.dll + 2012-06-19 18:58 . 2007-03-07 22:00 77824 c:\windows\twain_32\escndv\local\escfgres.dll + 2012-06-19 18:58 . 2007-03-07 22:00 40960 c:\windows\twain_32\escndv\estwm.exe + 2012-06-19 19:02 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\escndvrs.dll + 2012-06-19 18:58 . 2007-03-07 22:00 86016 c:\windows\twain_32\escndv\es0080\local\esmpsres.dll + 2012-06-19 18:58 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\local\eptifres.dll + 2012-06-19 18:58 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\local\eppitres.dll + 2012-06-19 18:58 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\local\eppijres.dll + 2012-06-19 18:58 . 2007-03-07 22:00 49152 c:\windows\twain_32\escndv\es0080\ffmt\local\eppdfres.dll + 2012-06-19 18:58 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\local\epmtfres.dll + 2012-06-19 18:58 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\local\epjpgres.dll + 2012-06-19 18:58 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\local\epbmpres.dll + 2012-06-19 18:58 . 2005-08-28 22:00 98304 c:\windows\twain_32\escndv\es0080\ffmt\espimtif.dll + 2012-06-19 19:02 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\eptifres.dll + 2012-06-19 19:02 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\eppitres.dll + 2012-06-19 18:58 . 2007-03-29 22:00 86016 c:\windows\twain_32\escndv\es0080\ffmt\eppit.dll + 2012-06-19 19:02 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\eppijres.dll + 2012-06-19 18:58 . 2007-03-29 22:00 86016 c:\windows\twain_32\escndv\es0080\ffmt\eppij.dll + 2012-06-19 19:02 . 2007-03-07 22:00 49152 c:\windows\twain_32\escndv\es0080\ffmt\eppdfres.dll + 2012-06-19 19:02 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\epmtfres.dll + 2012-06-19 18:58 . 2007-03-29 22:00 98304 c:\windows\twain_32\escndv\es0080\ffmt\epmtf.dll + 2012-06-19 19:02 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\epjpgres.dll + 2012-06-19 19:02 . 2007-03-07 22:00 45056 c:\windows\twain_32\escndv\es0080\ffmt\epbmpres.dll + 2012-06-19 18:58 . 2007-03-29 22:00 73728 c:\windows\twain_32\escndv\es0080\ffmt\epbmp.dll + 2012-06-19 18:58 . 2007-03-07 22:00 40960 c:\windows\twain_32\escndv\es0080\estwm.exe + 2012-06-19 19:02 . 2007-03-07 22:00 86016 c:\windows\twain_32\escndv\es0080\esmpsres.dll + 2012-06-19 18:58 . 2005-09-26 22:00 53248 c:\windows\twain_32\escndv\es0080\esicm.dll + 2012-06-19 18:58 . 2007-03-07 22:00 49152 c:\windows\twain_32\escndv\es0080\esdscl.dll + 2012-06-19 18:58 . 2006-11-01 22:00 90112 c:\windows\twain_32\escndv\es0080\esddc.dll + 2012-06-19 18:58 . 2007-04-09 22:00 86016 c:\windows\twain_32\escndv\es0080\ade.dll + 2009-04-27 21:58 . 2008-04-14 12:00 15360 c:\windows\TASKMAN.EXE + 2008-04-14 05:42 . 2008-04-14 12:00 52736 c:\windows\system32\wzcsapi.dll + 2006-09-28 22:56 . 2006-09-28 22:56 55808 c:\windows\system32\WudfSvc.dll + 2006-09-29 00:13 . 2006-09-29 00:13 95344 c:\windows\system32\WUDFCoinstaller.dll + 2006-10-19 01:47 . 2006-10-19 01:47 38400 c:\windows\system32\wpdshextres.dll + 2006-10-19 00:00 . 2006-10-19 00:00 17408 c:\windows\system32\wpdshextautoplay.exe + 2006-10-19 01:47 . 2006-10-19 01:47 63488 c:\windows\system32\wpdmtpus.dll + 2006-10-19 01:47 . 2006-10-19 01:47 35840 c:\windows\system32\wpdconns.dll + 2001-08-17 22:36 . 2008-04-14 12:00 13824 c:\windows\system32\wowfaxui.dll + 2008-04-14 05:42 . 2008-04-14 09:42 23552 c:\windows\system32\wdmaud.drv + 2009-04-27 22:00 . 2008-04-14 09:42 53760 c:\windows\system32\vfwwdm32.dll + 1999-11-24 17:40 . 1999-11-24 17:40 40960 c:\windows\system32\VBAME.DLL + 2001-08-17 22:36 . 2008-04-14 12:00 49211 c:\windows\system32\usrvpa.dll + 2001-08-17 22:36 . 2008-04-14 12:00 45116 c:\windows\system32\usrvoica.dll + 2001-08-17 22:36 . 2008-04-14 12:00 49209 c:\windows\system32\usrv80a.dll + 2001-08-17 22:36 . 2008-04-14 12:00 41019 c:\windows\system32\usrsvpia.dll + 2001-08-17 22:37 . 2008-04-14 12:00 69700 c:\windows\system32\usrshuta.exe + 2001-08-17 22:36 . 2008-04-14 12:00 49211 c:\windows\system32\usrsdpia.dll + 2001-08-17 22:36 . 2008-04-14 12:00 77883 c:\windows\system32\usrrtosa.dll + 2001-08-17 22:37 . 2008-04-14 12:00 61508 c:\windows\system32\usrprbda.exe + 2001-08-17 22:37 . 2008-04-14 12:00 77891 c:\windows\system32\usrmlnka.exe + 2001-08-17 22:36 . 2008-04-14 12:00 53305 c:\windows\system32\usrlbva.dll + 2001-08-17 22:36 . 2008-04-14 12:00 86073 c:\windows\system32\usrfaxa.dll + 2001-08-17 22:36 . 2008-04-14 12:00 77890 c:\windows\system32\usrdpa.dll + 2001-08-17 22:36 . 2008-04-14 12:00 69699 c:\windows\system32\usrcoina.dll + 2001-08-17 22:36 . 2008-04-14 12:00 61500 c:\windows\system32\usrcntra.dll + 2009-04-27 21:59 . 2008-04-14 12:42 74240 c:\windows\system32\usbui.dll + 2008-07-29 20:10 . 2008-07-29 20:10 26112 c:\windows\system32\TsWpfWrp.exe + 2009-04-27 21:58 . 2008-04-14 05:42 74752 c:\windows\system32\storprop.dll + 2009-04-27 21:58 . 2008-04-14 12:00 24661 c:\windows\system32\spxcoins.dll + 2009-05-05 16:04 . 2009-01-07 16:21 26144 c:\windows\system32\spupdsvc.exe - 2009-05-05 16:04 . 2009-01-07 17:21 26144 c:\windows\system32\spupdsvc.exe + 2001-08-17 22:36 . 2008-04-14 12:00 72192 c:\windows\system32\sprio800.dll + 2001-08-17 22:36 . 2008-04-14 12:00 70656 c:\windows\system32\sprio600.dll + 2012-06-19 19:02 . 2007-01-30 06:03 35840 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\EBPBIDI.DLL + 2012-06-19 19:02 . 2007-03-23 04:20 48640 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FMW0CEE.DLL + 2012-06-19 19:02 . 2007-03-30 01:02 37376 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FHSRCEE.DLL + 2012-06-19 19:02 . 2006-09-21 03:04 18432 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FGRCCEE.DLL + 2012-06-19 19:02 . 2007-04-10 05:00 71680 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FDSPCEE.DLL + 2012-06-19 19:02 . 2007-01-30 06:03 35840 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FBL6CEE.DLL + 2012-06-19 19:02 . 2007-02-21 06:01 32768 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FBA6CEE.DLL + 2012-06-19 19:02 . 2006-11-13 01:00 23552 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FAUDCEE.DLL + 2012-06-19 19:02 . 2007-04-16 06:02 68096 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FASRCEE.DLL + 2012-06-23 11:59 . 2001-08-17 20:36 32768 c:\windows\system32\spool\drivers\w32x86\3\HPFUI50.DLL + 2012-06-23 11:59 . 2008-04-14 03:41 87552 c:\windows\system32\spool\drivers\w32x86\3\HPFUD50.DLL + 2012-06-19 19:02 . 2007-01-30 06:03 35840 c:\windows\system32\spool\drivers\w32x86\3\EBPBIDI.DLL + 2012-06-19 19:02 . 2007-03-23 04:20 48640 c:\windows\system32\spool\drivers\w32x86\3\E_FMW0CEE.DLL + 2012-06-19 19:02 . 2007-03-30 01:02 37376 c:\windows\system32\spool\drivers\w32x86\3\E_FHSRCEE.DLL + 2012-06-19 19:02 . 2006-09-21 03:04 18432 c:\windows\system32\spool\drivers\w32x86\3\E_FGRCCEE.DLL + 2012-06-19 19:02 . 2007-04-10 05:00 71680 c:\windows\system32\spool\drivers\w32x86\3\E_FDSPCEE.DLL + 2012-06-19 19:02 . 2007-01-30 06:03 35840 c:\windows\system32\spool\drivers\w32x86\3\E_FBL6CEE.DLL + 2012-06-19 19:02 . 2007-02-21 06:01 32768 c:\windows\system32\spool\drivers\w32x86\3\E_FBA6CEE.DLL + 2012-06-19 19:02 . 2006-11-13 01:00 23552 c:\windows\system32\spool\drivers\w32x86\3\E_FAUDCEE.DLL + 2012-06-19 19:02 . 2007-04-16 06:02 68096 c:\windows\system32\spool\drivers\w32x86\3\E_FASRCEE.DLL + 2001-08-17 22:36 . 2008-04-14 12:00 69632 c:\windows\system32\spnike.dll + 2009-05-05 16:43 . 2009-01-07 16:20 16928 c:\windows\system32\spmsg.dll - 2009-05-05 16:43 . 2009-01-07 17:20 16928 c:\windows\system32\spmsg.dll + 2012-06-19 12:58 . 2012-06-02 13:19 45080 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll + 2012-06-19 12:58 . 2012-06-02 13:19 35864 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll + 2012-05-16 13:33 . 2012-05-16 13:33 11776 c:\windows\system32\siscardplugins\siscardplugin1_BE_EID_35__ACS ACR38U__.dll + 2008-04-14 05:42 . 2008-04-14 12:00 29184 c:\windows\system32\sdhcinst.dll + 1998-03-24 20:54 . 1998-03-24 20:54 15872 c:\windows\system32\SCP32.DLL - 2009-04-28 04:51 . 2009-03-08 03:31 46592 c:\windows\system32\pngfilt.dll + 2009-04-28 04:51 . 2009-03-08 02:31 46592 c:\windows\system32\pngfilt.dll + 2008-04-14 05:42 . 2008-04-14 12:00 15360 c:\windows\system32\pjlmon.dll + 2008-04-14 05:42 . 2008-04-14 12:00 35328 c:\windows\system32\pid.dll + 2012-06-19 19:04 . 2006-10-19 22:10 80024 c:\windows\system32\PICSDK.dll + 2006-06-29 12:05 . 2009-01-07 16:20 23552 c:\windows\system32\normaliz.dll + 2006-06-28 21:59 . 2009-01-07 16:20 24576 c:\windows\system32\nlsdl.dll + 2008-04-14 05:42 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll + 1998-08-09 10:07 . 1998-08-09 10:07 94208 c:\windows\system32\MSSTKPRP.DLL - 2009-04-28 04:51 . 2009-03-08 03:31 48128 c:\windows\system32\mshtmler.dll + 2009-04-28 04:51 . 2009-03-08 02:31 48128 c:\windows\system32\mshtmler.dll + 2009-04-28 04:51 . 2009-03-08 02:31 45568 c:\windows\system32\mshta.exe - 2009-04-28 04:51 . 2009-03-08 03:31 45568 c:\windows\system32\mshta.exe + 2007-08-13 22:36 . 2009-03-08 02:31 13312 c:\windows\system32\msfeedssync.exe + 2007-08-13 22:54 . 2012-05-11 14:42 55296 c:\windows\system32\msfeedsbs.dll + 2008-07-25 10:16 . 2008-07-25 10:16 83968 c:\windows\system32\mscories.dll + 1998-12-14 17:33 . 1998-12-14 17:33 57344 c:\windows\system32\MFC42NLD.DLL + 2008-04-14 05:41 . 2009-11-27 16:07 48128 c:\windows\system32\iyuv_32.dll + 2009-04-27 21:58 . 2008-04-14 12:00 13312 c:\windows\system32\irclass.dll + 2009-04-28 04:51 . 2009-03-08 02:32 94720 c:\windows\system32\inseng.dll - 2009-04-28 04:51 . 2009-03-08 03:32 94720 c:\windows\system32\inseng.dll + 2008-07-29 18:24 . 2008-07-29 18:24 97800 c:\windows\system32\infocardapi.dll + 2009-04-28 04:51 . 2009-03-08 02:31 34816 c:\windows\system32\imgutil.dll - 2009-04-28 04:51 . 2009-03-08 03:31 34816 c:\windows\system32\imgutil.dll + 2007-08-13 22:39 . 2009-03-08 02:32 36864 c:\windows\system32\ieudinit.exe + 2009-04-28 04:51 . 2009-03-08 02:32 71680 c:\windows\system32\iesetup.dll - 2009-04-28 04:51 . 2009-03-08 03:32 71680 c:\windows\system32\iesetup.dll + 2009-04-28 04:51 . 2009-03-08 02:32 55808 c:\windows\system32\iernonce.dll - 2009-04-28 04:51 . 2009-03-08 03:32 55808 c:\windows\system32\iernonce.dll + 2006-06-29 12:05 . 2009-01-07 16:20 26112 c:\windows\system32\idndl.dll + 2008-07-29 18:24 . 2008-07-29 18:24 11264 c:\windows\system32\icardres.dll + 2007-08-13 22:36 . 2009-03-08 02:31 59904 c:\windows\system32\icardie.dll + 2007-06-05 00:30 . 2007-06-05 00:30 41296 c:\windows\system32\hlp95en.dll + 2008-04-14 05:41 . 2008-04-14 12:00 20992 c:\windows\system32\hid.dll + 2007-04-12 12:51 . 2007-04-12 12:51 48352 c:\windows\system32\FM20NLD.DLL + 2006-10-26 18:10 . 2006-10-26 18:10 33088 c:\windows\system32\FM20ENU.DLL + 2012-06-19 18:58 . 2007-04-17 22:00 67072 c:\windows\system32\escwiad.dll + 2012-06-19 19:04 . 2004-03-03 04:10 21390 c:\windows\system32\EPPICPattern5.dat + 2012-06-19 19:04 . 2004-03-03 04:10 11811 c:\windows\system32\EPPICPattern4.dat + 2012-06-19 19:04 . 2004-03-03 04:10 24903 c:\windows\system32\EPPICPattern3.dat + 2012-06-19 19:04 . 2004-03-03 04:10 20148 c:\windows\system32\EPPICPattern2.dat + 2012-06-19 19:04 . 2004-03-03 04:10 31053 c:\windows\system32\EPPICPattern131.dat + 2012-06-19 19:04 . 2004-03-03 04:10 27417 c:\windows\system32\EPPICPattern121.dat + 2012-06-19 19:04 . 2004-03-03 04:10 26154 c:\windows\system32\EPPICPattern1.dat + 2012-06-19 19:04 . 2006-10-30 22:10 71840 c:\windows\system32\EPPicMgr.dll + 2011-06-28 08:59 . 2011-06-28 08:59 40960 c:\windows\system32\eidlibj.dll + 2012-06-19 19:02 . 2006-12-08 02:04 76800 c:\windows\system32\E_FLBCEE.DLL + 2012-06-19 19:02 . 2006-04-19 02:00 62976 c:\windows\system32\E_FD4BCEE.DLL + 2012-06-19 19:02 . 2004-09-10 20:12 49152 c:\windows\system32\E_DCINST.DLL + 2008-07-29 20:10 . 2008-07-29 20:10 73720 c:\windows\system32\dxva2.dll + 2001-08-17 22:36 . 2008-04-14 12:00 55296 c:\windows\system32\dvdplay.exe + 2006-09-28 23:00 . 2006-09-28 23:00 82944 c:\windows\system32\drivers\WudfRd.sys + 2006-09-28 22:55 . 2006-09-28 22:55 77568 c:\windows\system32\drivers\WudfPf.sys + 2009-04-27 22:00 . 2008-04-14 00:16 19200 c:\windows\system32\drivers\WSTCODEC.SYS + 2006-10-19 00:00 . 2006-10-19 00:00 38528 c:\windows\system32\drivers\wpdusb.sys + 2008-03-27 20:27 . 2008-03-27 20:27 35040 c:\windows\system32\drivers\wdfldr.sys + 2001-08-17 14:02 . 2008-04-14 12:00 58112 c:\windows\system32\drivers\vdmindvd.sys + 2009-03-16 21:27 . 2008-11-19 20:21 39040 c:\windows\system32\drivers\uvclf.sys + 2008-04-14 00:15 . 2008-04-14 07:15 20608 c:\windows\system32\drivers\usbuhci.sys + 2008-04-14 00:15 . 2008-04-14 12:00 26368 c:\windows\system32\drivers\usbstor.sys + 2012-06-19 19:02 . 2008-04-13 22:15 15104 c:\windows\system32\drivers\usbscan.sys + 2012-06-19 18:53 . 2008-04-13 22:17 25856 c:\windows\system32\drivers\usbprint.sys + 2008-04-14 00:15 . 2008-04-14 12:00 15872 c:\windows\system32\drivers\usbintel.sys + 2008-04-14 00:15 . 2008-04-14 07:15 59520 c:\windows\system32\drivers\usbhub.sys + 2008-04-14 00:15 . 2008-04-14 07:15 30208 c:\windows\system32\drivers\usbehci.sys + 2008-04-14 00:15 . 2008-04-14 12:00 32128 c:\windows\system32\drivers\usbccgp.sys + 2008-04-14 00:15 . 2008-04-14 12:00 25728 c:\windows\system32\drivers\usbcamd2.sys + 2008-04-14 00:15 . 2008-04-14 12:00 25600 c:\windows\system32\drivers\usbcamd.sys + 2008-04-14 00:26 . 2008-04-14 12:00 12288 c:\windows\system32\drivers\tunmp.sys + 2001-08-17 14:06 . 2008-04-14 12:00 21376 c:\windows\system32\drivers\tsbvcap.sys + 2001-08-17 14:01 . 2008-04-14 12:00 51712 c:\windows\system32\drivers\tosdvd.sys + 2009-04-27 22:00 . 2008-04-14 00:16 15232 c:\windows\system32\drivers\StreamIP.sys + 2008-04-14 00:15 . 2008-04-14 04:15 49408 c:\windows\system32\drivers\stream.sys + 2008-04-14 00:16 . 2008-04-14 12:00 25344 c:\windows\system32\drivers\sonydcam.sys + 2009-04-27 22:00 . 2008-04-14 00:16 11136 c:\windows\system32\drivers\SLIP.sys + 2008-04-14 00:10 . 2008-04-14 12:00 11392 c:\windows\system32\drivers\sfloppy.sys + 2008-04-14 00:10 . 2008-04-14 12:00 11008 c:\windows\system32\drivers\sffp_sd.sys + 2008-04-14 00:10 . 2008-04-14 12:00 10240 c:\windows\system32\drivers\sffp_mmc.sys + 2008-04-14 00:10 . 2008-04-14 12:00 11904 c:\windows\system32\drivers\sffdisk.sys + 2008-04-14 00:45 . 2008-04-14 12:00 64512 c:\windows\system32\drivers\serial.sys + 2008-04-14 00:10 . 2008-04-14 12:00 15744 c:\windows\system32\drivers\serenum.sys + 2008-04-14 00:06 . 2008-04-14 12:00 79232 c:\windows\system32\drivers\sdbus.sys + 2008-04-14 00:10 . 2008-04-14 12:00 96384 c:\windows\system32\drivers\scsiport.sys + 2001-08-17 13:24 . 2008-04-14 12:00 12032 c:\windows\system32\drivers\riodrv.sys + 2001-08-17 13:24 . 2008-04-14 12:00 12032 c:\windows\system32\drivers\rio8drv.sys + 2009-04-27 22:00 . 2008-04-14 00:10 57600 c:\windows\system32\drivers\redbook.sys + 2008-04-14 00:01 . 2008-04-14 12:00 35840 c:\windows\system32\drivers\processr.sys + 2008-04-14 00:10 . 2008-04-14 07:10 24960 c:\windows\system32\drivers\pciidex.sys + 2008-04-14 00:06 . 2008-04-14 07:06 68224 c:\windows\system32\drivers\pci.sys + 2008-04-14 00:10 . 2008-04-14 12:00 80128 c:\windows\system32\drivers\parport.sys + 2008-04-14 00:01 . 2008-04-14 12:00 42752 c:\windows\system32\drivers\p3.sys + 2001-08-17 13:24 . 2008-04-14 12:00 12032 c:\windows\system32\drivers\nikedrv.sys + 2008-04-14 00:21 . 2008-04-14 12:00 61824 c:\windows\system32\drivers\nic1394.sys + 2008-04-14 00:26 . 2008-04-14 12:00 14592 c:\windows\system32\drivers\ndisuio.sys + 2009-04-27 22:00 . 2008-04-14 00:16 10880 c:\windows\system32\drivers\NdisIP.sys + 2009-04-27 22:00 . 2008-04-14 00:16 85248 c:\windows\system32\drivers\NABTSFEC.sys + 2008-04-14 00:06 . 2008-04-14 12:00 15488 c:\windows\system32\drivers\mssmbios.sys + 2008-04-14 00:09 . 2008-04-14 04:09 23040 c:\windows\system32\drivers\mouclass.sys + 2008-04-14 00:30 . 2008-04-14 12:00 30080 c:\windows\system32\drivers\modem.sys + 2008-04-14 00:06 . 2008-04-14 12:00 63744 c:\windows\system32\drivers\mf.sys + 2009-04-28 01:59 . 2009-03-02 05:03 38912 c:\windows\system32\drivers\l1c51x86.sys + 2008-04-14 00:09 . 2008-04-14 12:00 24576 c:\windows\system32\drivers\kbdclass.sys + 2008-04-14 00:06 . 2008-04-14 07:06 37248 c:\windows\system32\drivers\isapnp.sys + 2009-04-27 21:58 . 2008-04-14 12:00 11264 c:\windows\system32\drivers\irenum.sys + 2008-04-14 00:01 . 2008-04-14 12:00 36352 c:\windows\system32\drivers\intelppm.sys + 2008-04-14 00:11 . 2008-04-14 12:00 42112 c:\windows\system32\drivers\imapi.sys + 2008-04-14 00:48 . 2008-04-14 04:48 52480 c:\windows\system32\drivers\i8042prt.sys + 2008-04-14 00:15 . 2008-04-14 12:00 24960 c:\windows\system32\drivers\hidparse.sys + 2008-04-14 00:15 . 2008-04-14 12:00 36864 c:\windows\system32\drivers\hidclass.sys + 2001-08-17 13:57 . 2008-04-14 12:00 12160 c:\windows\system32\drivers\fsvga.sys + 2008-04-14 00:10 . 2008-04-14 12:00 20480 c:\windows\system32\drivers\flpydisk.sys + 2008-04-14 00:10 . 2008-04-14 12:00 27392 c:\windows\system32\drivers\fdc.sys + 2008-04-14 00:08 . 2008-04-14 12:00 71168 c:\windows\system32\drivers\dxg.sys + 2008-04-14 00:10 . 2008-04-14 12:00 36352 c:\windows\system32\drivers\disk.sys + 2008-04-14 00:01 . 2008-04-14 12:00 36736 c:\windows\system32\drivers\crusoe.sys + 2001-08-17 13:24 . 2008-04-14 12:00 11776 c:\windows\system32\drivers\cpqdap01.sys + 2009-04-27 22:00 . 2008-04-14 00:06 10240 c:\windows\system32\drivers\compbatt.sys + 2009-04-27 22:00 . 2008-04-14 00:06 13952 c:\windows\system32\drivers\CmBatt.sys + 2008-04-14 00:10 . 2008-04-14 12:00 62976 c:\windows\system32\drivers\cdrom.sys + 2001-08-17 13:52 . 2008-04-14 12:00 18688 c:\windows\system32\drivers\cdaudio.sys + 2009-04-27 22:00 . 2008-04-14 00:16 17024 c:\windows\system32\drivers\CCDECODE.sys + 2001-08-17 13:52 . 2008-04-14 12:00 13952 c:\windows\system32\drivers\cbidf2k.sys + 2009-04-27 22:00 . 2008-04-14 00:06 14208 c:\windows\system32\drivers\battc.sys + 2008-04-14 00:10 . 2008-04-14 07:10 96512 c:\windows\system32\drivers\atapi.sys + 2008-04-14 00:21 . 2008-04-14 12:00 60800 c:\windows\system32\drivers\arp1394.sys + 2008-04-14 00:01 . 2008-04-14 12:00 37760 c:\windows\system32\drivers\amdk7.sys + 2008-04-14 00:01 . 2008-04-14 12:00 37376 c:\windows\system32\drivers\amdk6.sys + 2001-08-17 13:57 . 2008-04-14 12:00 11648 c:\windows\system32\drivers\acpiec.sys + 2008-04-14 05:41 . 2008-04-14 12:00 52224 c:\windows\system32\dmutil.dll + 2009-04-28 05:02 . 2012-06-02 13:19 35864 c:\windows\system32\dllcache\wups.dll + 2009-04-28 05:02 . 2012-06-02 13:19 53784 c:\windows\system32\dllcache\wuauclt.exe + 2001-08-17 22:36 . 2008-04-14 12:00 13824 c:\windows\system32\dllcache\wowfaxui.dll + 2009-04-27 21:58 . 2008-04-14 12:00 13600 c:\windows\system32\dllcache\wfwnet.drv + 2008-04-14 05:42 . 2008-04-14 09:42 23552 c:\windows\system32\dllcache\wdmaud.drv + 2009-04-27 22:00 . 2008-04-14 09:42 53760 c:\windows\system32\dllcache\vfwwdm32.dll + 2001-08-17 22:36 . 2008-04-14 12:00 49211 c:\windows\system32\dllcache\usrvpa.dll + 2001-08-17 22:36 . 2008-04-14 12:00 45116 c:\windows\system32\dllcache\usrvoica.dll + 2001-08-17 22:36 . 2008-04-14 12:00 49209 c:\windows\system32\dllcache\usrv80a.dll + 2001-08-17 22:36 . 2008-04-14 12:00 41019 c:\windows\system32\dllcache\usrsvpia.dll + 2001-08-17 22:37 . 2008-04-14 12:00 69700 c:\windows\system32\dllcache\usrshuta.exe + 2001-08-17 22:36 . 2008-04-14 12:00 49211 c:\windows\system32\dllcache\usrsdpia.dll + 2001-08-17 22:36 . 2008-04-14 12:00 77883 c:\windows\system32\dllcache\usrrtosa.dll + 2001-08-17 22:37 . 2008-04-14 12:00 61508 c:\windows\system32\dllcache\usrprbda.exe + 2001-08-17 22:37 . 2008-04-14 12:00 77891 c:\windows\system32\dllcache\usrmlnka.exe + 2001-08-17 22:36 . 2008-04-14 12:00 53305 c:\windows\system32\dllcache\usrlbva.dll + 2001-08-17 22:36 . 2008-04-14 12:00 86073 c:\windows\system32\dllcache\usrfaxa.dll + 2001-08-17 22:36 . 2008-04-14 12:00 77890 c:\windows\system32\dllcache\usrdpa.dll + 2001-08-17 22:36 . 2008-04-14 12:00 69699 c:\windows\system32\dllcache\usrcoina.dll + 2001-08-17 22:36 . 2008-04-14 12:00 61500 c:\windows\system32\dllcache\usrcntra.dll + 2009-04-27 21:59 . 2008-04-14 12:42 74240 c:\windows\system32\dllcache\usbui.dll + 2008-04-14 00:15 . 2008-04-14 07:15 20608 c:\windows\system32\dllcache\usbuhci.sys + 2012-06-19 19:02 . 2008-04-13 22:15 15104 c:\windows\system32\dllcache\usbscan.sys + 2012-06-19 18:53 . 2008-04-13 22:17 25856 c:\windows\system32\dllcache\usbprint.sys + 2008-04-14 00:15 . 2008-04-14 07:15 59520 c:\windows\system32\dllcache\usbhub.sys + 2008-04-14 00:15 . 2008-04-14 07:15 30208 c:\windows\system32\dllcache\usbehci.sys + 2009-04-27 21:58 . 2008-04-14 12:00 15360 c:\windows\system32\dllcache\taskman.exe + 2008-04-14 00:15 . 2008-04-14 04:15 49408 c:\windows\system32\dllcache\stream.sys + 2009-04-27 21:58 . 2008-04-14 05:42 74752 c:\windows\system32\dllcache\storprop.dll + 2009-04-27 21:58 . 2008-04-14 12:00 24661 c:\windows\system32\dllcache\spxcoins.dll + 2001-08-17 22:36 . 2008-04-14 12:00 72192 c:\windows\system32\dllcache\sprio800.dll + 2001-08-17 22:36 . 2008-04-14 12:00 70656 c:\windows\system32\dllcache\sprio600.dll + 2001-08-17 22:36 . 2008-04-14 12:00 69632 c:\windows\system32\dllcache\spnike.dll + 2009-04-27 21:58 . 2008-04-14 12:00 61440 c:\windows\system32\dllcache\spcplui.dll + 2009-04-27 21:58 . 2008-04-14 12:00 77824 c:\windows\system32\dllcache\spcommon.dll + 2008-04-14 05:42 . 2008-04-14 12:00 29184 c:\windows\system32\dllcache\sdhcinst.dll + 2009-04-27 21:58 . 2008-04-14 12:00 36864 c:\windows\system32\dllcache\sapisvr.exe + 2009-04-28 04:51 . 2009-03-08 02:31 46592 c:\windows\system32\dllcache\pngfilt.dll - 2009-04-28 04:51 . 2009-03-08 03:31 46592 c:\windows\system32\dllcache\pngfilt.dll + 2008-04-14 05:42 . 2008-04-14 12:00 35328 c:\windows\system32\dllcache\pid.dll + 2008-04-14 00:10 . 2008-04-14 07:10 24960 c:\windows\system32\dllcache\pciidex.sys + 2008-04-14 00:06 . 2008-04-14 07:06 68224 c:\windows\system32\dllcache\pci.sys + 2009-04-27 21:58 . 2008-04-14 12:00 24064 c:\windows\system32\dllcache\olesvr.dll + 2009-04-27 21:58 . 2008-04-14 12:00 82944 c:\windows\system32\dllcache\olecli.dll + 2009-04-27 21:58 . 2008-04-14 12:00 69120 c:\windows\system32\dllcache\notepad.exe + 2008-04-14 05:42 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll + 2009-04-28 04:51 . 2009-03-08 02:31 48128 c:\windows\system32\dllcache\mshtmler.dll - 2009-04-28 04:51 . 2009-03-08 03:31 48128 c:\windows\system32\dllcache\mshtmler.dll + 2009-04-28 04:51 . 2009-03-08 02:31 45568 c:\windows\system32\dllcache\mshta.exe - 2009-04-28 04:51 . 2009-03-08 03:31 45568 c:\windows\system32\dllcache\mshta.exe + 2008-04-14 00:09 . 2008-04-14 04:09 23040 c:\windows\system32\dllcache\mouclass.sys + 2009-04-27 21:58 . 2008-04-14 12:00 68768 c:\windows\system32\dllcache\mmsystem.dll + 2009-04-27 21:58 . 2008-04-14 12:00 28160 c:\windows\system32\dllcache\mciwave.drv + 2009-04-27 21:58 . 2008-04-14 12:00 25264 c:\windows\system32\dllcache\mciseq.drv + 2009-04-27 21:58 . 2008-04-14 12:00 73376 c:\windows\system32\dllcache\mciavi.drv + 2008-04-14 05:41 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll + 2008-04-14 00:06 . 2008-04-14 07:06 37248 c:\windows\system32\dllcache\isapnp.sys + 2009-04-27 21:58 . 2008-04-14 12:00 11264 c:\windows\system32\dllcache\irenum.sys + 2009-04-27 21:58 . 2008-04-14 12:00 13312 c:\windows\system32\dllcache\irclass.dll - 2009-04-28 04:51 . 2009-03-08 03:32 94720 c:\windows\system32\dllcache\inseng.dll + 2009-04-28 04:51 . 2009-03-08 02:32 94720 c:\windows\system32\dllcache\inseng.dll + 2009-04-28 04:51 . 2009-03-08 02:31 34816 c:\windows\system32\dllcache\imgutil.dll - 2009-04-28 04:51 . 2009-03-08 03:31 34816 c:\windows\system32\dllcache\imgutil.dll + 2009-05-05 16:50 . 2012-04-23 11:33 13824 c:\windows\system32\dllcache\ieudinit.exe - 2009-05-05 16:50 . 2009-08-28 10:28 13824 c:\windows\system32\dllcache\ieudinit.exe + 2009-04-28 04:51 . 2009-03-08 02:32 71680 c:\windows\system32\dllcache\iesetup.dll - 2009-04-28 04:51 . 2009-03-08 03:32 71680 c:\windows\system32\dllcache\iesetup.dll + 2009-04-28 04:51 . 2009-03-08 02:32 55808 c:\windows\system32\dllcache\iernonce.dll - 2009-04-28 04:51 . 2009-03-08 03:32 55808 c:\windows\system32\dllcache\iernonce.dll - 2009-05-05 16:50 . 2009-03-08 03:31 59904 c:\windows\system32\dllcache\icardie.dll + 2009-05-05 16:50 . 2009-03-08 02:31 59904 c:\windows\system32\dllcache\icardie.dll + 2008-04-14 00:48 . 2008-04-14 04:48 52480 c:\windows\system32\dllcache\i8042prt.sys - 2009-04-28 05:02 . 2009-03-08 03:24 68608 c:\windows\system32\dllcache\hmmapi.dll + 2009-04-28 05:02 . 2009-03-08 02:24 68608 c:\windows\system32\dllcache\hmmapi.dll + 2001-08-17 22:36 . 2008-04-14 12:00 55296 c:\windows\system32\dllcache\dvdplay.exe + 2009-04-27 21:58 . 2008-04-14 12:00 85020 c:\windows\system32\dllcache\dgsetup.dll - 2009-04-28 04:51 . 2009-03-08 03:33 18944 c:\windows\system32\dllcache\corpol.dll + 2009-04-28 04:51 . 2009-03-08 02:33 18944 c:\windows\system32\dllcache\corpol.dll + 2009-04-27 21:58 . 2008-04-14 12:00 32816 c:\windows\system32\dllcache\commdlg.dll + 2009-04-28 04:51 . 2012-06-02 13:19 97304 c:\windows\system32\dllcache\cdm.dll + 2008-04-14 05:41 . 2008-04-14 12:00 30208 c:\windows\system32\dllcache\bthserv.dll + 2008-04-14 05:41 . 2008-04-14 12:00 20992 c:\windows\system32\dllcache\bthci.dll + 2009-04-27 21:58 . 2008-04-14 12:00 69584 c:\windows\system32\dllcache\avicap.dll + 2008-04-14 00:10 . 2008-04-14 07:10 96512 c:\windows\system32\dllcache\atapi.sys + 2009-04-27 21:58 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt041f.dll + 2009-04-27 21:58 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt0419.dll + 2009-04-27 21:58 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt0415.dll + 2009-04-27 21:58 . 2008-04-14 12:00 19968 c:\windows\system32\dllcache\agt040e.dll + 2009-04-27 21:58 . 2008-04-14 12:00 22016 c:\windows\system32\dllcache\agt0408.dll + 2009-04-27 21:58 . 2008-04-14 12:00 19456 c:\windows\system32\dllcache\agt0405.dll - 2009-04-28 04:51 . 2009-03-08 03:32 72704 c:\windows\system32\dllcache\admparse.dll + 2009-04-28 04:51 . 2009-03-08 02:32 72704 c:\windows\system32\dllcache\admparse.dll + 2009-04-27 21:58 . 2008-04-14 12:00 85020 c:\windows\system32\dgsetup.dll + 2009-04-28 04:51 . 2009-03-08 02:33 18944 c:\windows\system32\corpol.dll - 2009-04-28 04:51 . 2009-03-08 03:33 18944 c:\windows\system32\corpol.dll + 2008-04-14 05:41 . 2008-04-14 12:00 47104 c:\windows\system32\cnbjmon.dll + 2008-04-14 05:41 . 2008-04-14 12:00 30208 c:\windows\system32\bthserv.dll + 2008-04-14 05:41 . 2008-04-14 12:00 20992 c:\windows\system32\bthci.dll + 2011-06-28 09:18 . 2011-06-28 09:18 73728 c:\windows\system32\belpicppgui.dll + 2011-06-28 09:18 . 2011-06-28 09:18 61440 c:\windows\system32\beidpp\xireid.dll + 2011-06-28 08:59 . 2011-06-28 08:59 40960 c:\windows\system32\beidlibjni.dll + 2011-06-28 08:59 . 2011-06-28 08:59 48128 c:\windows\system32\beidCSP.dll + 2009-04-28 04:51 . 2009-03-08 02:32 72704 c:\windows\system32\admparse.dll - 2009-04-28 04:51 . 2009-03-08 03:32 72704 c:\windows\system32\admparse.dll + 2009-04-27 21:58 . 2008-04-14 12:00 13600 c:\windows\system\WFWNET.DRV + 2009-04-27 21:58 . 2008-04-14 12:00 19200 c:\windows\system\TAPI.DLL + 2009-04-27 21:58 . 2008-04-14 12:00 24064 c:\windows\system\OLESVR.DLL + 2009-04-27 21:58 . 2008-04-14 12:00 82944 c:\windows\system\OLECLI.DLL + 2009-04-27 21:58 . 2008-04-14 12:00 68768 c:\windows\system\MMSYSTEM.DLL + 2009-04-27 21:58 . 2008-04-14 12:00 28160 c:\windows\system\MCIWAVE.DRV + 2009-04-27 21:58 . 2008-04-14 12:00 25264 c:\windows\system\MCISEQ.DRV + 2009-04-27 21:58 . 2008-04-14 12:00 73376 c:\windows\system\MCIAVI.DRV + 2009-04-27 21:58 . 2008-04-14 12:00 32816 c:\windows\system\COMMDLG.DLL + 2009-04-27 21:58 . 2008-04-14 12:00 69584 c:\windows\system\AVICAP.DLL + 2009-04-27 21:58 . 2008-04-14 12:00 69120 c:\windows\NOTEPAD.EXE + 2009-04-27 21:58 . 2008-04-14 12:00 19456 c:\windows\msagent\intl\agt041f.dll + 2009-04-27 21:58 . 2008-04-14 12:00 19456 c:\windows\msagent\intl\agt0419.dll + 2009-04-27 21:58 . 2008-04-14 12:00 19456 c:\windows\msagent\intl\agt0415.dll + 2009-04-27 21:58 . 2008-04-14 12:00 19968 c:\windows\msagent\intl\agt040e.dll + 2009-04-27 21:58 . 2008-04-14 12:00 22016 c:\windows\msagent\intl\agt0408.dll + 2009-04-27 21:58 . 2008-04-14 12:00 19456 c:\windows\msagent\intl\agt0405.dll + 2008-07-29 22:40 . 2008-07-29 22:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll + 2008-07-29 22:40 . 2008-07-29 22:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe + 2008-07-29 22:40 . 2008-07-29 22:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll + 2008-07-29 22:40 . 2008-07-29 22:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll + 2008-07-29 17:47 . 2008-07-29 17:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll + 2008-07-29 17:47 . 2008-07-29 17:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll + 2008-07-29 17:47 . 2008-07-29 17:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll + 2008-07-29 17:47 . 2008-07-29 17:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll + 2008-07-29 17:47 . 2008-07-29 17:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll + 2008-07-29 17:47 . 2008-07-29 17:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll + 2008-07-29 17:47 . 2008-07-29 17:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll + 2008-07-29 17:47 . 2008-07-29 17:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll + 2008-07-29 17:47 . 2008-07-29 17:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe + 2008-07-29 22:40 . 2008-07-29 22:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe + 2008-07-29 22:40 . 2008-07-29 22:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe + 2008-07-29 22:40 . 2008-07-29 22:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe + 2008-07-29 22:40 . 2008-07-29 22:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe + 2008-07-29 22:40 . 2008-07-29 22:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe + 2008-07-29 20:10 . 2008-07-29 20:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe + 2008-07-29 18:59 . 2008-07-29 18:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll + 2008-07-29 20:10 . 2008-07-29 20:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll + 2008-07-29 18:32 . 2008-07-29 18:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe + 2008-07-29 18:16 . 2008-07-29 18:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll + 2008-07-29 18:16 . 2008-07-29 18:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll + 2008-07-29 18:16 . 2008-07-29 18:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll + 2008-07-25 10:17 . 2008-07-25 10:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2008-07-25 10:17 . 2008-07-25 10:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2008-07-25 10:17 . 2008-07-25 10:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll + 2008-07-25 10:17 . 2008-07-25 10:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll + 2008-07-25 10:17 . 2008-07-25 10:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2008-07-25 10:17 . 2008-07-25 10:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2008-07-25 10:17 . 2008-07-25 10:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2008-07-25 10:17 . 2008-07-25 10:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2008-07-25 10:17 . 2008-07-25 10:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2008-07-25 10:17 . 2008-07-25 10:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2008-07-25 10:17 . 2008-07-25 10:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2008-07-25 10:17 . 2008-07-25 10:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2008-07-25 10:17 . 2008-07-25 10:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2008-07-25 10:17 . 2008-07-25 10:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2008-07-25 10:17 . 2008-07-25 10:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2008-07-25 10:16 . 2008-07-25 10:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2008-07-25 10:17 . 2008-07-25 10:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2008-07-25 10:17 . 2008-07-25 10:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2008-07-25 10:17 . 2008-07-25 10:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2008-07-25 10:17 . 2008-07-25 10:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll + 2008-07-25 10:16 . 2008-07-25 10:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2008-07-25 10:16 . 2008-07-25 10:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll + 2008-07-25 10:16 . 2008-07-25 10:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-07-25 10:16 . 2008-07-25 10:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2008-07-25 10:16 . 2008-07-25 10:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2008-07-25 10:16 . 2008-07-25 10:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2008-07-25 10:16 . 2008-07-25 10:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2008-07-25 10:16 . 2008-07-25 10:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2008-07-25 10:17 . 2008-07-25 10:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2008-07-25 10:17 . 2008-07-25 10:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll + 2008-07-25 10:17 . 2008-07-25 10:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2008-07-25 10:17 . 2008-07-25 10:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2008-07-25 10:16 . 2008-07-25 10:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2008-07-25 10:16 . 2008-07-25 10:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2008-07-25 10:16 . 2008-07-25 10:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2008-07-25 10:17 . 2008-07-25 10:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2008-07-25 10:17 . 2008-07-25 10:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2008-07-25 10:16 . 2008-07-25 10:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2008-07-25 10:16 . 2008-07-25 10:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2008-07-25 10:17 . 2008-07-25 10:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2008-07-25 10:16 . 2008-07-25 10:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2008-07-25 10:16 . 2008-07-25 10:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2008-07-25 10:16 . 2008-07-25 10:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2008-07-25 10:16 . 2008-07-25 10:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2008-07-25 10:16 . 2008-07-25 10:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2008-07-25 10:16 . 2008-07-25 10:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2008-07-25 10:16 . 2008-07-25 10:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2008-07-25 10:16 . 2008-07-25 10:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2008-07-25 10:17 . 2008-07-25 10:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2008-07-25 10:16 . 2008-07-25 10:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll + 2008-07-25 10:17 . 2008-07-25 10:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2008-07-25 10:16 . 2008-07-25 10:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2008-07-25 10:16 . 2008-07-25 10:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2004-07-15 06:11 . 2004-07-15 06:11 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll + 2004-07-15 18:28 . 2004-07-15 18:28 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll + 2004-07-15 04:35 . 2004-07-15 04:35 66560 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll + 2003-03-05 08:58 . 2003-03-05 08:58 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.Design.dll + 2004-07-15 18:28 . 2004-07-15 18:28 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll + 2003-03-05 09:02 . 2003-03-05 09:02 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Configuration.Install.dll + 2004-07-15 04:34 . 2004-07-15 04:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW660\_PerfCounter.dll + 2007-04-14 00:58 . 2007-04-14 00:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW660\_mscorsn.dll + 2007-04-14 00:57 . 2007-04-14 00:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW660\_CORPerfMonExt.dll + 2004-07-15 04:34 . 2004-07-15 04:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3248\_PerfCounter.dll + 2003-03-05 08:57 . 2003-03-05 08:57 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3248\_mscorsn.dll + 2004-07-15 04:32 . 2004-07-15 04:32 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3248\_CORPerfMonExt.dll + 2003-03-05 08:58 . 2003-03-05 08:58 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe + 2004-07-15 18:28 . 2004-07-15 18:28 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll + 2003-03-05 08:58 . 2003-03-05 08:58 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe + 2004-07-15 04:34 . 2004-07-15 04:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll + 2003-03-05 08:57 . 2003-03-05 08:57 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\ngen.exe + 2007-01-15 20:11 . 2007-01-15 20:11 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe + 2003-03-05 08:57 . 2003-03-05 08:57 22528 c:\windows\Microsoft.NET\Framework\v1.1.4322\MUI\0409\mscorsecr.dll + 2003-03-05 08:57 . 2003-03-05 08:57 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\mtxoci8.dll + 2004-07-15 04:33 . 2004-07-15 04:33 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll + 2003-03-05 08:57 . 2003-03-05 08:57 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll + 2004-07-15 04:32 . 2004-07-15 04:32 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll + 2004-07-15 18:28 . 2004-07-15 18:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe + 2004-07-15 18:28 . 2004-07-15 18:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe + 2003-03-05 08:58 . 2003-03-05 08:58 11264 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2003-03-05 09:02 . 2003-03-05 09:02 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll + 2003-03-05 08:58 . 2003-03-05 08:58 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll + 2003-03-05 08:58 . 2003-03-05 08:58 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\jsc.exe + 2003-03-05 08:58 . 2003-03-05 08:58 26112 c:\windows\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll + 2003-03-05 08:57 . 2003-03-05 08:57 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll + 2003-03-05 09:02 . 2003-03-05 09:02 15872 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe + 2004-07-15 18:31 . 2004-07-15 18:31 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll + 2003-10-08 18:30 . 2003-10-08 18:30 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\gacutil.exe + 2003-03-05 08:58 . 2003-03-05 08:58 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe + 2003-03-05 08:58 . 2003-03-05 08:58 33792 c:\windows\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll + 2003-03-05 08:58 . 2003-03-05 08:58 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll + 2004-07-15 15:23 . 2004-07-15 15:23 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe + 2003-03-05 08:58 . 2003-03-05 08:58 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe + 2003-03-05 08:58 . 2003-03-05 08:58 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\CasPol.exe + 2004-07-15 05:49 . 2004-07-15 05:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe + 2004-07-15 05:49 . 2004-07-15 05:49 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe + 2003-03-05 08:57 . 2003-03-05 08:57 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll + 2003-03-05 09:02 . 2003-03-05 09:02 98304 c:\windows\Microsoft.NET\Framework\v1.1.4322\alink.dll + 2003-03-05 08:58 . 2003-03-05 08:58 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll + 2003-03-05 08:58 . 2003-03-05 08:58 16896 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll + 2008-07-25 10:16 . 2008-07-25 10:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2008-07-29 20:07 . 2008-07-29 20:07 23040 c:\windows\Installer\3fdf42.msp + 2012-06-19 19:08 . 2012-06-19 19:08 69632 c:\windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\ARPPRODUCTICON.exe + 2012-06-19 19:08 . 2012-06-19 19:08 69632 c:\windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\_SHCT_Sprint.exe.exe - 2009-11-11 01:14 . 2012-05-11 22:36 23040 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2009-11-11 01:14 . 2012-07-11 10:38 23040 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2009-11-11 01:14 . 2012-07-11 10:38 61440 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe - 2009-11-11 01:14 . 2012-05-11 22:36 61440 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe + 2009-11-11 01:14 . 2012-07-11 10:38 27136 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe - 2009-11-11 01:14 . 2012-05-11 22:36 27136 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2009-11-11 01:14 . 2012-07-11 10:38 11264 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2009-11-11 01:14 . 2012-05-11 22:36 11264 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2009-11-11 01:14 . 2012-05-11 22:36 86016 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe + 2009-11-11 01:14 . 2012-07-11 10:38 86016 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe - 2009-11-11 01:14 . 2012-05-11 22:36 12288 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2009-11-11 01:14 . 2012-07-11 10:38 12288 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2012-07-09 22:52 . 2012-07-09 22:52 98304 c:\windows\Installer\{2E295B5B-1AD4-4D36-97C2-A316084722CF}\python_icon.exe + 2007-03-22 18:07 . 2007-03-22 18:07 78168 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\RM.DLL + 2007-03-22 18:07 . 2007-03-22 18:07 41824 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\RECALL.DLL + 2007-03-22 18:05 . 2007-03-22 18:05 97632 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\PP7X32.DLL + 2007-04-19 12:53 . 2007-04-19 12:53 69984 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\OUTLRPC.DLL + 2007-03-22 18:13 . 2007-03-22 18:13 23904 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\IPDMCTRL.DLL + 2007-03-22 18:07 . 2007-03-22 18:07 80224 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\DLGSETP.DLL + 2007-03-22 18:07 . 2007-03-22 18:07 91488 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\ADDRPARS.DLL + 2003-07-15 06:00 . 2003-07-15 06:00 99904 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\TRANSMGR.DLL + 2003-07-15 05:53 . 2003-07-15 05:53 11848 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\SMARTTAGINSTALL.EXE + 2003-07-14 21:57 . 2003-07-14 21:57 58944 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\SEQCHK10.DLL + 2003-07-15 05:44 . 2003-07-15 05:44 66616 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\SENDTO.DLL + 2003-07-15 05:43 . 2003-07-15 05:43 74288 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\RM.DLL + 2003-07-15 05:57 . 2003-07-15 05:57 40512 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\REFIEBAR.DLL + 2003-05-09 04:54 . 2003-05-09 04:54 77824 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\REFEDIT.DLL + 2003-07-15 05:42 . 2003-07-15 05:42 37432 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\RECALL.DLL + 2003-07-15 05:40 . 2003-07-15 05:40 51256 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\PUBTRAP.DLL + 2003-07-15 10:18 . 2003-07-15 10:18 93752 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\PP7X32.DLL + 2003-07-15 05:43 . 2003-07-15 05:43 49208 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OUTLWAB.DLL + 2003-07-15 05:43 . 2003-07-15 05:43 64056 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OUTLRPC.DLL + 2003-07-15 05:44 . 2003-07-15 05:44 88128 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OUTLMIME.DLL + 2003-07-15 05:41 . 2003-07-15 05:41 24640 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OUTLACCT.DLL + 2003-07-15 10:14 . 2003-07-15 10:14 27192 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OISCTRL.DLL + 2003-07-15 05:56 . 2003-07-15 05:56 13888 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\NPOFFICE.DLL + 2003-07-15 05:57 . 2003-07-15 05:57 56888 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\NAME.DLL + 2003-07-15 05:52 . 2003-07-15 05:52 41528 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL + 2003-06-18 16:31 . 2003-06-18 16:31 16384 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSPGIMME.DLL + 2003-07-15 05:45 . 2003-07-15 05:45 39488 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOXMLMF.DLL + 2003-07-15 05:45 . 2003-07-15 05:45 55360 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOXMLED.EXE + 2003-07-15 05:46 . 2003-07-15 05:46 42040 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOXEV.DLL + 2003-07-15 05:53 . 2003-07-15 05:53 39488 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOSVFBR.DLL + 2003-07-15 05:52 . 2003-07-15 05:52 35896 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOSV.DLL + 2003-07-14 21:52 . 2003-07-14 21:52 28224 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOSTYLE.DLL + 2003-07-15 05:52 . 2003-07-15 05:52 55360 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOHTMED.EXE + 2003-07-15 05:44 . 2003-07-15 05:44 25144 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL + 2003-07-15 05:52 . 2003-07-15 05:52 27704 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSODCW.DLL + 2003-07-15 05:52 . 2003-07-15 05:52 17464 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSMH.DLL + 2003-07-15 05:51 . 2003-07-15 05:51 87104 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSENCODE.DLL + 2003-06-19 00:31 . 2003-06-19 00:31 35328 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MDIUI.DLL + 2003-06-19 00:31 . 2003-06-19 00:31 18944 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MDIPPR.DLL + 2003-06-19 00:31 . 2003-06-19 00:31 17920 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL + 2003-07-15 05:45 . 2003-07-15 05:45 58944 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\INLAUNCH.DLL + 2003-07-14 21:57 . 2003-07-14 21:57 87096 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\IEAWSDC.DLL + 2003-07-15 05:41 . 2003-07-15 05:41 13368 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\FINDER.EXE + 2003-07-15 05:57 . 2003-07-15 05:57 98360 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\DSSM.EXE + 2003-07-15 05:56 . 2003-07-15 05:56 14904 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\DSITF.DLL + 2003-07-26 01:57 . 2003-07-26 01:57 75832 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\DLGSETP.DLL + 2003-07-15 10:18 . 2003-07-15 10:18 47160 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\DFUICOM.EXE + 2003-07-15 05:53 . 2003-07-15 05:53 94768 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\AW.DLL + 2003-07-15 05:57 . 2003-07-15 05:57 38968 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\AUTHZAX.DLL + 2003-07-15 05:43 . 2003-07-15 05:43 87616 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\ADDRPARS.DLL + 2007-06-20 14:04 . 2007-06-20 14:04 13152 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F990_worksup.dll + 2007-06-20 14:04 . 2007-06-20 14:04 14176 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F839_WkImgL90.dll + 2009-02-26 17:43 . 2009-02-26 17:43 71520 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\XL12CNVP.DLL + 2009-02-26 16:45 . 2009-02-26 16:45 20808 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\WRD12EXE.EXE + 2009-02-26 12:06 . 2009-02-26 12:06 16712 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\PXBPROXY.DLL + 2009-02-26 12:06 . 2009-02-26 12:06 68488 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\PXBCOM.EXE + 2006-10-27 01:13 . 2006-10-27 01:13 72472 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\XL12CNVP.DLL + 2006-10-27 19:11 . 2006-10-27 19:11 21264 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\WRD12EXE.EXE + 2006-10-27 01:07 . 2006-10-27 01:07 17680 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\PXBPROXY.DLL + 2006-10-27 01:07 . 2006-10-27 01:07 67920 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\PXBCOM.EXE + 2012-08-01 00:02 . 2009-03-08 02:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll + 2012-08-01 00:02 . 2008-07-08 13:02 17272 c:\windows\ie8updates\KB982381-IE8\spmsg.dll + 2012-08-01 00:02 . 2008-07-08 13:02 26488 c:\windows\ie8updates\KB982381-IE8\spcustom.dll - 2010-06-12 16:47 . 2010-02-25 06:24 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll + 2012-08-01 00:02 . 2009-03-08 02:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll + 2012-08-01 00:02 . 2009-03-08 02:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll - 2010-06-12 16:47 . 2010-02-25 06:24 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll + 2012-08-01 00:04 . 2011-11-04 19:20 12800 c:\windows\ie8updates\KB2699988-IE8\xpshims.dll - 2012-06-14 00:12 . 2012-03-01 11:01 12800 c:\windows\ie8updates\KB2699988-IE8\xpshims.dll + 2012-08-01 00:04 . 2010-07-05 13:15 17272 c:\windows\ie8updates\KB2699988-IE8\spmsg.dll + 2012-08-01 00:04 . 2010-07-05 13:15 26488 c:\windows\ie8updates\KB2699988-IE8\spcustom.dll - 2012-06-14 00:12 . 2012-03-01 11:01 66560 c:\windows\ie8updates\KB2699988-IE8\mshtmled.dll + 2012-08-01 00:04 . 2011-11-04 19:20 66560 c:\windows\ie8updates\KB2699988-IE8\mshtmled.dll - 2012-06-14 00:12 . 2012-03-01 11:01 55296 c:\windows\ie8updates\KB2699988-IE8\msfeedsbs.dll + 2012-08-01 00:04 . 2011-11-04 19:20 55296 c:\windows\ie8updates\KB2699988-IE8\msfeedsbs.dll + 2012-08-01 00:04 . 2011-11-04 19:20 43520 c:\windows\ie8updates\KB2699988-IE8\licmgr10.dll - 2012-06-14 00:12 . 2012-03-01 11:01 43520 c:\windows\ie8updates\KB2699988-IE8\licmgr10.dll - 2012-06-14 00:12 . 2012-03-01 11:01 25600 c:\windows\ie8updates\KB2699988-IE8\jsproxy.dll + 2012-08-01 00:04 . 2011-11-04 19:20 25600 c:\windows\ie8updates\KB2699988-IE8\jsproxy.dll + 2012-08-01 00:03 . 2010-05-06 10:41 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll - 2011-12-23 12:35 . 2011-08-22 23:48 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll + 2012-08-01 00:03 . 2010-07-05 13:15 17272 c:\windows\ie8updates\KB2618444-IE8\spmsg.dll + 2012-08-01 00:03 . 2010-07-05 13:15 26488 c:\windows\ie8updates\KB2618444-IE8\spcustom.dll + 2012-08-01 00:03 . 2009-03-08 02:31 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll - 2011-12-23 12:35 . 2011-08-22 23:48 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll - 2011-12-23 12:35 . 2011-08-22 23:48 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll + 2012-08-01 00:03 . 2010-05-06 10:41 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll + 2012-08-01 00:03 . 2009-03-08 02:34 43008 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll - 2011-12-23 12:35 . 2011-08-22 23:48 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll + 2012-08-01 00:03 . 2010-05-06 10:41 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll + 2012-08-01 00:03 . 2010-07-05 13:15 17272 c:\windows\ie8updates\KB2598845-IE8\spmsg.dll + 2012-08-01 00:03 . 2010-07-05 13:15 26488 c:\windows\ie8updates\KB2598845-IE8\spcustom.dll + 2012-08-01 00:14 . 2010-07-05 13:15 17272 c:\windows\ie8updates\KB2544521-IE8\spmsg.dll + 2012-08-01 00:14 . 2010-07-05 13:15 26488 c:\windows\ie8updates\KB2544521-IE8\spcustom.dll + 2012-08-01 00:14 . 2010-07-05 13:15 17272 c:\windows\ie8updates\KB2510531-IE8\spmsg.dll + 2012-08-01 00:14 . 2010-07-05 13:15 26488 c:\windows\ie8updates\KB2510531-IE8\spcustom.dll - 2009-11-10 05:09 . 2009-03-08 13:23 58464 c:\windows\ie8\spuninst\iecustom.dll + 2012-08-01 00:00 . 2009-03-08 12:23 58464 c:\windows\ie8\spuninst\iecustom.dll + 2012-08-01 00:00 . 2012-04-23 14:46 44544 c:\windows\ie8\pngfilt.dll - 2009-11-10 05:09 . 2009-08-29 07:36 44544 c:\windows\ie8\pngfilt.dll - 2009-11-10 05:09 . 2007-08-13 22:01 48128 c:\windows\ie8\mshtmler.dll + 2012-08-01 00:00 . 2007-08-13 22:01 48128 c:\windows\ie8\mshtmler.dll - 2009-11-10 05:09 . 2007-08-13 22:32 45568 c:\windows\ie8\mshta.exe + 2012-08-01 00:00 . 2007-08-13 22:32 45568 c:\windows\ie8\mshta.exe - 2009-11-10 05:09 . 2007-08-13 22:36 12288 c:\windows\ie8\msfeedssync.exe + 2012-08-01 00:00 . 2007-08-13 22:36 12288 c:\windows\ie8\msfeedssync.exe - 2009-11-10 05:09 . 2009-08-29 07:36 52224 c:\windows\ie8\msfeedsbs.dll + 2012-08-01 00:00 . 2012-04-23 14:46 52224 c:\windows\ie8\msfeedsbs.dll - 2009-11-10 05:09 . 2007-08-13 22:44 40960 c:\windows\ie8\licmgr10.dll + 2012-08-01 00:00 . 2007-08-13 22:44 40960 c:\windows\ie8\licmgr10.dll - 2009-11-10 05:09 . 2009-08-29 07:36 27648 c:\windows\ie8\jsproxy.dll + 2012-08-01 00:00 . 2012-04-23 14:46 27648 c:\windows\ie8\jsproxy.dll + 2012-08-01 00:00 . 2007-08-13 22:39 92672 c:\windows\ie8\inseng.dll - 2009-11-10 05:09 . 2007-08-13 22:39 92672 c:\windows\ie8\inseng.dll + 2012-08-01 00:00 . 2007-08-13 22:36 36352 c:\windows\ie8\imgutil.dll - 2009-11-10 05:09 . 2007-08-13 22:36 36352 c:\windows\ie8\imgutil.dll + 2012-08-01 00:00 . 2007-08-13 22:39 55296 c:\windows\ie8\iesetup.dll - 2009-11-10 05:09 . 2007-08-13 22:39 55296 c:\windows\ie8\iesetup.dll + 2012-08-01 00:00 . 2012-04-23 14:46 44544 c:\windows\ie8\iernonce.dll - 2009-11-10 05:09 . 2009-08-29 07:36 44544 c:\windows\ie8\iernonce.dll + 2012-08-01 00:00 . 2012-04-23 14:46 78336 c:\windows\ie8\ieencode.dll - 2009-11-10 05:09 . 2009-08-29 07:36 78336 c:\windows\ie8\ieencode.dll + 2012-08-01 00:00 . 2012-04-23 11:33 70656 c:\windows\ie8\ie4uinit.exe - 2009-11-10 05:09 . 2009-08-28 10:28 70656 c:\windows\ie8\ie4uinit.exe - 2009-11-10 05:09 . 2009-08-29 07:36 63488 c:\windows\ie8\icardie.dll + 2012-08-01 00:00 . 2012-04-23 14:46 63488 c:\windows\ie8\icardie.dll - 2009-11-10 05:09 . 2007-08-13 22:18 60416 c:\windows\ie8\hmmapi.dll + 2012-08-01 00:00 . 2007-08-13 22:18 60416 c:\windows\ie8\hmmapi.dll - 2009-11-10 05:09 . 2009-08-29 07:36 17408 c:\windows\ie8\corpol.dll + 2012-08-01 00:00 . 2012-04-23 14:46 17408 c:\windows\ie8\corpol.dll - 2009-11-10 05:09 . 2007-08-13 22:39 71680 c:\windows\ie8\admparse.dll + 2012-08-01 00:00 . 2007-08-13 22:39 71680 c:\windows\ie8\admparse.dll + 2012-06-20 21:02 . 2008-10-16 20:38 44544 c:\windows\ie7updates\KB2699988-IE7\pngfilt.dll + 2012-06-20 21:02 . 2008-10-16 20:38 52224 c:\windows\ie7updates\KB2699988-IE7\msfeedsbs.dll + 2012-06-20 21:02 . 2008-10-16 20:38 27648 c:\windows\ie7updates\KB2699988-IE7\jsproxy.dll + 2012-06-20 21:02 . 2008-10-16 13:11 13824 c:\windows\ie7updates\KB2699988-IE7\ieudinit.exe + 2012-06-20 21:02 . 2008-10-16 20:38 44544 c:\windows\ie7updates\KB2699988-IE7\iernonce.dll + 2012-06-20 21:02 . 2009-08-29 07:36 78336 c:\windows\ie7updates\KB2699988-IE7\ieencode.dll + 2012-06-20 21:02 . 2008-10-16 13:11 70656 c:\windows\ie7updates\KB2699988-IE7\ie4uinit.exe + 2012-06-20 21:02 . 2008-10-16 20:38 63488 c:\windows\ie7updates\KB2699988-IE7\icardie.dll + 2012-06-20 21:02 . 2009-08-29 07:36 17408 c:\windows\ie7updates\KB2699988-IE7\corpol.dll + 2009-04-28 04:49 . 2008-04-14 12:00 69632 c:\windows\I386\HWDB.DLL + 2009-04-28 04:49 . 2008-04-14 12:00 20992 c:\windows\I386\FAXPATCH.EXE + 2009-04-28 04:49 . 2008-04-14 12:00 15872 c:\windows\I386\EXPAND.EXE + 2009-04-28 04:49 . 2008-04-14 12:00 28672 c:\windows\I386\DRW\FAULTH.DLL + 2009-04-28 04:49 . 2008-04-14 12:00 55632 c:\windows\I386\DRW\1033\DWINTL.DLL + 2009-04-28 04:48 . 2008-04-14 12:00 60416 c:\windows\I386\CABINET.DLL + 2009-04-28 04:48 . 2008-04-14 12:00 50688 c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCIRT.DLL + 2009-04-28 04:48 . 2008-04-14 12:00 74802 c:\windows\I386\ASMS\6000\MSFT\VCRTL\ATL.DLL + 2012-06-19 19:17 . 2002-07-25 15:13 24576 c:\windows\Downloaded Program Files\dwusplay.dll + 2012-07-11 10:43 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2719985\update\spcustom.dll + 2012-07-11 10:43 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2719985\spmsg.dll + 2012-07-11 10:43 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2718523\update\spcustom.dll + 2012-07-11 10:43 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2718523\spmsg.dll + 2012-06-20 21:02 . 2012-03-08 15:40 26488 c:\windows\$hf_mig$\KB2699988-IE7\update\spcustom.dll + 2012-06-20 21:02 . 2012-03-08 15:40 17272 c:\windows\$hf_mig$\KB2699988-IE7\spmsg.dll + 2012-04-23 14:45 . 2012-04-23 14:45 44544 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\pngfilt.dll + 2012-04-23 14:45 . 2012-04-23 14:45 52224 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\msfeedsbs.dll + 2012-04-23 14:45 . 2012-04-23 14:45 27648 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\jsproxy.dll + 2012-04-23 11:55 . 2012-04-23 11:55 13824 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\ieudinit.exe + 2012-04-23 14:45 . 2012-04-23 14:45 44544 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\iernonce.dll + 2012-04-23 14:45 . 2012-04-23 14:45 78336 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\ieencode.dll + 2012-04-23 11:55 . 2012-04-23 11:55 70656 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\ie4uinit.exe + 2012-04-23 14:45 . 2012-04-23 14:45 63488 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\icardie.dll + 2012-04-23 14:45 . 2012-04-23 14:45 17408 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\corpol.dll + 2012-07-11 10:38 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2698365\update\spcustom.dll + 2012-07-11 10:38 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2698365\spmsg.dll + 2012-07-10 19:25 . 2012-05-28 18:15 57344 c:\windows\$hf_mig$\KB2698365\SP3QFE\msador15.dll + 2012-07-11 10:44 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2691442\update\spcustom.dll + 2012-07-11 10:44 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2691442\spmsg.dll + 2012-07-11 10:43 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2655992\update\spcustom.dll + 2012-07-11 10:43 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2655992\spmsg.dll + 2012-06-20 21:20 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2598845-IE8\update\spcustom.dll + 2012-06-20 21:20 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2598845-IE8\spmsg.dll + 2012-06-20 21:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544521-IE7\update\spcustom.dll + 2012-06-20 21:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544521-IE7\spmsg.dll + 2012-06-20 21:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2510581\update\spcustom.dll + 2012-06-20 21:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2510581\spmsg.dll + 2009-04-20 17:06 . 2009-04-20 17:06 45568 c:\windows\$hf_mig$\KB2509553\SP3QFE\dnsrslvr.dll + 2001-08-17 22:36 . 2008-04-14 12:00 3200 c:\windows\system32\wowfax.dll + 2006-10-19 01:47 . 2006-10-19 01:47 4096 c:\windows\system32\WMVADVE.DLL + 2006-10-19 01:47 . 2006-10-19 01:47 4096 c:\windows\system32\WMVADVD.dll + 2006-10-19 01:58 . 2006-10-19 01:58 8704 c:\windows\system32\wdfmgr.exe + 2006-10-19 01:47 . 2006-10-19 01:47 4096 c:\windows\system32\wdfapi.dll + 2006-10-19 01:58 . 2006-10-19 01:58 8704 c:\windows\system32\uwdf.exe + 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\tsbyuv.dll + 2001-08-17 22:36 . 2008-04-14 12:00 8192 c:\windows\system32\streamci.dll + 2012-06-19 18:59 . 2004-04-21 00:00 6198 c:\windows\system32\spool\drivers\w32x86\EPUPDATE.DAT + 2012-06-19 19:02 . 2004-04-21 00:00 6198 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\EPUPDATE.DAT + 2012-06-19 19:02 . 2007-04-04 06:02 8192 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FUIPCEE.DLL + 2012-06-19 19:02 . 2007-02-26 01:01 9728 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FGEPCEE.DLL + 2012-06-19 19:02 . 2007-02-15 06:00 3864 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FAIFCEE.DAT + 2012-06-19 19:02 . 2007-02-14 02:00 6656 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_DUPA2E.DLL + 2012-06-19 19:02 . 2004-04-21 00:00 6198 c:\windows\system32\spool\drivers\w32x86\3\EPUPDATE.DAT + 2012-06-19 19:02 . 2007-04-04 06:02 8192 c:\windows\system32\spool\drivers\w32x86\3\E_FUIPCEE.DLL + 2012-06-19 19:02 . 2007-02-26 01:01 9728 c:\windows\system32\spool\drivers\w32x86\3\E_FGEPCEE.DLL + 2012-06-19 19:02 . 2007-02-15 06:00 3864 c:\windows\system32\spool\drivers\w32x86\3\E_FAIFCEE.DAT + 2012-06-19 19:02 . 2007-02-14 02:00 6656 c:\windows\system32\spool\drivers\w32x86\3\E_DUPA2E.DLL + 2003-03-05 08:58 . 2003-03-05 08:58 4096 c:\windows\system32\mui\0409\mscoreer.dll + 1999-03-25 18:30 . 1999-03-25 18:30 8192 c:\windows\system32\MSPRPNL.DLL + 2009-04-27 22:00 . 2008-04-14 09:41 4096 c:\windows\system32\ksuser.dll + 2009-04-28 04:49 . 2008-04-14 12:00 5120 c:\windows\system32\kbdarmw.dll + 2009-04-28 04:49 . 2008-04-14 12:00 5120 c:\windows\system32\kbdarme.dll + 2009-04-28 04:49 . 2008-04-14 12:00 5632 c:\windows\system32\kbda3.dll + 2009-04-28 04:49 . 2008-04-14 12:00 5632 c:\windows\system32\kbda2.dll + 2009-04-28 04:49 . 2008-04-14 12:00 5632 c:\windows\system32\kbda1.dll + 2008-04-14 05:41 . 2008-04-14 12:00 7168 c:\windows\system32\hccoin.dll + 2012-06-19 19:04 . 2004-03-03 04:10 4943 c:\windows\system32\EPPICPattern6.dat + 2001-08-17 14:03 . 2008-04-14 12:00 4736 c:\windows\system32\drivers\usbd.sys + 2008-04-14 00:09 . 2008-04-14 12:00 4352 c:\windows\system32\drivers\swenum.sys + 2001-08-17 13:51 . 2001-08-17 20:51 3328 c:\windows\system32\drivers\pciide.sys + 2001-08-17 13:57 . 2008-04-14 12:00 3456 c:\windows\system32\drivers\oprghdlr.sys + 2009-04-27 22:00 . 2008-04-14 00:09 5504 c:\windows\system32\drivers\MSTEE.sys + 2009-04-27 22:00 . 2008-04-14 00:09 4992 c:\windows\system32\drivers\MSPQM.sys + 2009-04-27 22:00 . 2008-04-14 00:09 5376 c:\windows\system32\drivers\MSPCLOCK.sys + 2009-04-27 22:00 . 2008-04-14 00:09 7552 c:\windows\system32\drivers\MSKSSRV.sys + 2009-04-27 22:00 . 2001-08-17 13:59 3072 c:\windows\system32\drivers\audstub.sys + 2001-08-17 22:36 . 2008-04-14 12:00 3200 c:\windows\system32\dllcache\wowfax.dll + 2009-04-27 21:58 . 2008-04-14 12:00 2176 c:\windows\system32\dllcache\vga.drv + 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll + 2009-04-27 21:58 . 2008-04-14 12:00 4048 c:\windows\system32\dllcache\timer.drv + 2009-04-27 21:58 . 2008-04-14 12:00 3360 c:\windows\system32\dllcache\system.drv + 2001-08-17 22:36 . 2008-04-14 12:00 8192 c:\windows\system32\dllcache\streamci.dll + 2009-04-27 21:58 . 2008-04-14 12:00 1744 c:\windows\system32\dllcache\sound.drv + 2009-04-27 21:58 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\shell.dll + 2001-08-17 13:51 . 2001-08-17 20:51 3328 c:\windows\system32\dllcache\pciide.sys + 2009-04-27 21:58 . 2008-04-14 12:00 2032 c:\windows\system32\dllcache\mouse.drv + 2009-04-27 22:00 . 2008-04-14 09:41 4096 c:\windows\system32\dllcache\ksuser.dll + 2009-04-27 21:58 . 2008-04-14 12:00 2000 c:\windows\system32\dllcache\keyboard.drv + 2009-04-28 04:49 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\kbdarmw.dll + 2009-04-28 04:49 . 2008-04-14 12:00 5120 c:\windows\system32\dllcache\kbdarme.dll + 2009-04-28 04:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbda3.dll + 2009-04-28 04:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbda2.dll + 2009-04-28 04:49 . 2008-04-14 12:00 5632 c:\windows\system32\dllcache\kbda1.dll + 2009-11-10 05:10 . 2011-08-16 10:45 6144 c:\windows\system32\dllcache\iecompat.dll + 2008-04-14 05:41 . 2008-04-14 12:00 7168 c:\windows\system32\dllcache\hccoin.dll + 2009-04-27 21:58 . 2008-04-14 12:00 8704 c:\windows\system32\dllcache\batt.dll + 2009-04-27 21:58 . 2008-04-14 12:00 8704 c:\windows\system32\batt.dll + 2009-04-27 21:58 . 2008-04-14 12:00 2176 c:\windows\system\VGA.DRV + 2009-04-27 21:58 . 2008-04-14 12:00 9008 c:\windows\system\VER.DLL + 2009-04-27 21:58 . 2008-04-14 12:00 4048 c:\windows\system\TIMER.DRV + 2009-04-27 21:58 . 2008-04-14 12:00 3360 c:\windows\system\SYSTEM.DRV + 2009-04-27 21:58 . 2008-04-14 12:00 1744 c:\windows\system\SOUND.DRV + 2009-04-27 21:58 . 2008-04-14 12:00 5120 c:\windows\system\SHELL.DLL + 2009-04-27 21:58 . 2008-04-14 12:00 2032 c:\windows\system\MOUSE.DRV + 2009-04-27 21:58 . 2008-04-14 12:00 9936 c:\windows\system\LZEXPAND.DLL + 2009-04-27 21:58 . 2008-04-14 12:00 2000 c:\windows\system\KEYBOARD.DRV + 2008-07-29 22:40 . 2008-07-29 22:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll + 2008-07-25 10:16 . 2008-07-25 10:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2008-07-25 10:17 . 2008-07-25 10:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2008-07-25 10:17 . 2008-07-25 10:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll + 2008-07-25 10:17 . 2008-07-25 10:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2008-07-25 10:17 . 2008-07-25 10:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2008-07-25 10:16 . 2008-07-25 10:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2003-03-05 09:02 . 2003-03-05 09:02 9216 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscortim.dll + 2003-03-05 08:58 . 2003-03-05 08:58 6656 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft_VsaVb.dll + 2003-03-05 08:58 . 2003-03-05 08:58 6144 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll + 2003-03-05 08:58 . 2003-03-05 08:58 4608 c:\windows\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll + 2004-07-15 18:31 . 2004-07-15 18:31 8192 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll + 2003-03-05 08:58 . 2003-03-05 08:58 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExec.exe + 2003-03-05 08:58 . 2003-03-05 08:58 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll + 2003-03-05 08:57 . 2003-03-05 08:57 5120 c:\windows\Microsoft.NET\Framework\sbs_VsaVb7rt.dll + 2003-03-05 08:57 . 2003-03-05 08:57 5632 c:\windows\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll + 2003-03-05 09:03 . 2003-03-05 09:03 5120 c:\windows\Microsoft.NET\Framework\sbs_iehost.dll + 2009-11-11 01:14 . 2012-07-11 10:38 4096 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2009-11-11 01:14 . 2012-05-11 22:36 4096 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe - 2010-08-20 23:04 . 2012-03-30 05:54 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceStopShortcut.exe + 2010-08-20 23:04 . 2012-08-06 14:14 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceStopShortcut.exe + 2010-08-20 23:04 . 2012-08-06 14:14 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceStartShortcut.exe - 2010-08-20 23:04 . 2012-03-30 05:54 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceStartShortcut.exe + 2010-08-20 23:04 . 2012-08-06 14:14 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceConsoleShortcut.exe - 2010-08-20 23:04 . 2012-03-30 05:54 5430 c:\windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\RapportServiceConsoleShortcut.exe + 2012-08-01 00:03 . 2009-03-08 02:35 2048 c:\windows\ie8updates\KB2598845-IE8\iecompat.dll + 2009-04-28 04:49 . 2008-04-14 12:00 5632 c:\windows\I386\KBDAZEL.DLL + 2009-04-28 04:49 . 2008-04-14 12:00 5120 c:\windows\I386\KBDARMW.DLL + 2009-04-28 04:49 . 2008-04-14 12:00 5120 c:\windows\I386\KBDARME.DLL + 2009-04-28 04:49 . 2008-04-14 12:00 6656 c:\windows\I386\KBDAL.DLL + 2009-04-28 04:49 . 2008-04-14 12:00 5632 c:\windows\I386\KBDA3.DLL + 2009-04-28 04:49 . 2008-04-14 12:00 5632 c:\windows\I386\KBDA2.DLL + 2009-04-28 04:49 . 2008-04-14 12:00 5632 c:\windows\I386\KBDA1.DLL + 2012-06-20 21:19 . 2011-08-16 10:32 6144 c:\windows\$hf_mig$\KB2598845-IE8\SP3QFE\iecompat.dll + 2009-02-06 23:03 . 2009-02-06 23:03 307576 c:\windows\WLXPGSS.SCR + 2009-04-27 21:58 . 2008-04-14 12:00 132096 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll + 2009-04-27 21:58 . 2008-04-14 12:00 991232 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll + 2009-04-27 21:58 . 2008-04-14 12:00 853504 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll + 2009-04-27 21:58 . 2008-04-14 12:00 343040 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll + 2008-07-29 06:05 . 2008-07-29 06:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll + 2008-07-29 06:05 . 2008-07-29 06:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll + 2008-07-29 01:54 . 2008-07-29 01:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll + 2007-11-07 05:19 . 2007-11-07 05:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll + 2007-11-07 05:19 . 2007-11-07 05:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 00:23 . 2007-11-07 00:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2006-12-02 02:54 . 2006-12-02 02:54 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll + 2006-12-02 02:54 . 2006-12-02 02:54 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll + 2006-12-02 02:54 . 2006-12-02 02:54 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll + 2005-09-22 23:48 . 2005-09-22 23:48 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2005-09-22 23:48 . 2005-09-22 23:48 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll + 2005-09-22 23:48 . 2005-09-22 23:48 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll + 2008-07-25 10:17 . 2008-07-25 10:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll + 2008-07-25 10:17 . 2008-07-25 10:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll + 2008-07-25 10:17 . 2008-07-25 10:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll + 2007-12-04 06:56 . 2007-12-04 06:56 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\msvcr80.dll + 2007-12-04 06:56 . 2007-12-04 06:56 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\msvcp80.dll + 2007-12-03 22:58 . 2007-12-03 22:58 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1801_x-ww_5eed8217\msvcm80.dll + 2012-06-19 18:58 . 2005-04-24 22:00 126976 c:\windows\twain_32\escndv\esnetbg.dll + 2012-06-19 18:58 . 2007-03-07 22:00 118784 c:\windows\twain_32\escndv\escndv.exe + 2012-06-19 18:58 . 2007-02-08 22:00 176128 c:\windows\twain_32\escndv\escfg.exe + 2012-06-19 18:58 . 2007-03-07 22:00 143360 c:\windows\twain_32\escndv\es0080\local\esres.dll + 2012-06-19 18:58 . 2007-03-19 22:00 520192 c:\windows\twain_32\escndv\es0080\ffmt\pdflib.dll + 2012-06-19 18:58 . 2005-08-28 22:00 143360 c:\windows\twain_32\escndv\es0080\ffmt\esexf.dll + 2012-06-19 18:58 . 2007-03-29 22:00 102400 c:\windows\twain_32\escndv\es0080\ffmt\eptif.dll + 2012-06-19 18:58 . 2007-04-04 22:00 114688 c:\windows\twain_32\escndv\es0080\ffmt\eppdf.dll + 2012-06-19 18:58 . 2007-03-29 22:00 151552 c:\windows\twain_32\escndv\es0080\ffmt\epjpg.dll + 2012-06-19 18:58 . 2007-03-07 22:00 126976 c:\windows\twain_32\escndv\es0080\esutwb.dll + 2012-06-19 18:58 . 2007-03-07 22:00 249856 c:\windows\twain_32\escndv\es0080\estwpmg.dll + 2012-06-19 18:58 . 2007-03-29 22:00 348160 c:\windows\twain_32\escndv\es0080\esscncl.dll + 2012-06-19 19:02 . 2007-03-07 22:00 139264 c:\windows\twain_32\escndv\es0080\esres.dll + 2012-06-19 18:58 . 2005-04-24 22:00 126976 c:\windows\twain_32\escndv\es0080\esnetbg.dll + 2012-06-19 18:58 . 2007-03-29 22:00 348287 c:\windows\twain_32\escndv\es0080\esmps.dll + 2012-06-19 18:58 . 2007-03-07 22:00 229376 c:\windows\twain_32\escndv\es0080\esimgctl.dll + 2012-06-19 18:58 . 2006-11-01 22:00 561152 c:\windows\twain_32\escndv\es0080\esimfl.dll + 2012-06-19 18:58 . 2007-02-06 22:00 188416 c:\windows\twain_32\escndv\es0080\esfit.dll + 2012-06-19 18:58 . 2007-01-28 22:00 454656 c:\windows\twain_32\escndv\es0080\esdtr2.dll + 2012-06-19 18:58 . 2006-12-11 22:00 425984 c:\windows\twain_32\escndv\es0080\esdtr.dll + 2012-06-19 18:58 . 2007-03-07 22:00 131072 c:\windows\twain_32\escndv\es0080\esdevif.dll + 2012-06-19 18:58 . 2007-03-29 22:00 188416 c:\windows\twain_32\escndv\es0080\esdevcl.dll + 2012-06-19 18:58 . 2004-07-02 14:02 167936 c:\windows\twain_32\escndv\es0080\enludp.dll + 2012-06-19 18:58 . 2004-07-02 14:02 184320 c:\windows\twain_32\escndv\es0080\enll.dll + 2012-06-19 18:58 . 2004-07-02 14:02 180224 c:\windows\twain_32\escndv\es0080\encmutil.dll + 2012-06-19 18:58 . 2004-07-02 14:02 409600 c:\windows\twain_32\escndv\es0080\encm.dll + 2012-06-19 18:58 . 2004-07-02 14:02 167936 c:\windows\twain_32\escndv\enludp.dll + 2012-06-19 18:58 . 2004-07-02 14:02 184320 c:\windows\twain_32\escndv\enll.dll + 2012-06-19 18:58 . 2004-07-02 14:02 180224 c:\windows\twain_32\escndv\encmutil.dll + 2012-06-19 18:58 . 2004-07-02 14:02 409600 c:\windows\twain_32\escndv\encm.dll - 2009-04-28 04:51 . 2009-01-07 17:21 121856 c:\windows\system32\xmllite.dll + 2009-04-28 04:51 . 2009-01-07 16:21 121856 c:\windows\system32\xmllite.dll + 2008-04-14 05:42 . 2008-04-14 12:00 483840 c:\windows\system32\wzcsvc.dll + 2006-09-28 22:56 . 2006-09-28 22:56 316416 c:\windows\system32\WUDFx.dll + 2006-09-28 22:56 . 2006-09-28 22:56 165376 c:\windows\system32\WudfPlatform.dll + 2006-09-28 22:56 . 2006-09-28 22:56 146432 c:\windows\system32\WudfHost.exe + 2008-04-14 05:42 . 2008-04-14 12:00 108032 c:\windows\system32\wshbth.dll + 2006-10-19 01:47 . 2006-10-19 01:47 356352 c:\windows\system32\wpdsp.dll + 2006-10-19 01:47 . 2006-10-19 01:47 133632 c:\windows\system32\WPDShServiceObj.dll + 2006-10-19 01:47 . 2006-10-19 01:47 154624 c:\windows\system32\wpdmtp.dll + 2006-10-19 01:47 . 2006-10-19 01:47 629760 c:\windows\system32\wpd_ci.dll + 2006-10-19 01:47 . 2006-10-19 01:47 656896 c:\windows\system32\WMVXENCD.dll + 2006-10-19 01:47 . 2006-10-19 01:47 767488 c:\windows\system32\WMVSENCD.dll + 2006-10-19 01:47 . 2006-10-19 01:47 204288 c:\windows\system32\wmpsrcwp.dll + 2006-10-19 01:47 . 2006-10-19 01:47 130048 c:\windows\system32\wmpps.dll + 2006-10-19 01:47 . 2006-10-19 01:47 613376 c:\windows\system32\wmpmde.dll + 2006-10-19 01:47 . 2008-06-24 22:12 295936 c:\windows\system32\wmpeffects.dll + 2006-10-19 01:47 . 2006-10-19 01:47 535040 c:\windows\system32\wmdrmsdk.dll + 2006-10-19 01:47 . 2006-10-19 01:47 348672 c:\windows\system32\wmdrmnet.dll + 2006-10-19 01:47 . 2006-10-19 01:47 429056 c:\windows\system32\wmdrmdev.dll + 2002-08-21 04:13 . 2002-08-21 04:13 189952 c:\windows\system32\WISPTIS.EXE + 2007-08-13 22:45 . 2009-03-08 02:34 208384 c:\windows\system32\WinFXDocObj.exe - 2009-04-28 04:51 . 2009-03-08 03:34 236544 c:\windows\system32\webcheck.dll + 2009-04-28 04:51 . 2009-03-08 02:34 236544 c:\windows\system32\webcheck.dll + 2001-08-17 22:36 . 2008-04-14 12:00 102457 c:\windows\system32\usrv42a.dll + 2001-08-17 22:36 . 2008-04-14 12:00 323641 c:\windows\system32\usrdtea.dll + 2008-07-29 18:59 . 2011-09-26 09:41 611328 c:\windows\system32\uiautomationcore.dll + 2007-12-17 17:30 . 2007-12-17 17:30 200704 c:\windows\system32\ssleay32_0_9_8g.dll + 2012-06-19 18:59 . 2007-02-26 06:18 723128 c:\windows\system32\spool\drivers\w32x86\EPUPDATE.EXE + 2012-06-19 19:02 . 2007-02-26 06:18 723128 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\EPUPDATE.EXE + 2012-06-19 19:02 . 2007-03-06 03:09 296448 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\EPSET32.DLL + 2012-06-19 19:02 . 2006-11-30 05:12 172032 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\EBAPI4.DLL + 2012-06-19 19:02 . 2007-01-11 04:02 113664 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_S40RP7.EXE + 2012-06-19 19:02 . 2007-03-13 07:02 200192 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FUIRCEE.DLL + 2012-06-19 19:02 . 2007-01-22 07:01 740864 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FUI1CEE.DLL + 2012-06-19 19:02 . 2007-01-23 04:00 626688 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FPRUCEE.DLL + 2012-06-19 19:02 . 2006-10-31 04:00 196608 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FPRECEE.EXE + 2012-06-19 19:02 . 2006-12-13 14:55 536576 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FOKACEE.DLL + 2012-06-19 19:02 . 2007-01-22 05:00 119296 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FMAICEE.DLL + 2012-06-19 19:02 . 2007-04-05 04:00 561664 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FJBCCEE.DLL + 2012-06-19 19:02 . 2007-03-30 10:06 105984 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FHUTCEE.EXE + 2012-06-19 19:02 . 2007-03-30 10:06 218624 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FHUTCEE.DLL + 2012-06-19 19:02 . 2007-02-13 04:20 104960 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FHT0CEE.DLL + 2012-06-19 19:02 . 2007-01-18 04:20 328192 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FHM0CEE.DLL + 2012-06-19 19:02 . 2007-03-30 01:00 504832 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FHBRCEE.DLL + 2012-06-19 19:02 . 2006-11-13 04:00 458752 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FCONCEE.DLL + 2012-06-19 19:02 . 2006-11-16 01:01 176128 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FBCSCEE.EXE + 2012-06-19 19:02 . 2006-11-30 05:12 172032 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FBAPCEE.DLL + 2012-06-19 19:02 . 2007-04-12 06:00 182272 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FATICEE.EXE + 2012-06-19 19:02 . 2007-03-06 01:01 454656 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FASOCEE.DLL + 2012-06-19 19:02 . 2006-11-13 05:00 129536 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FASKCEE.DLL + 2012-06-19 19:02 . 2007-03-12 05:01 156160 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FARNCEE.EXE + 2012-06-19 19:02 . 2007-04-12 06:00 677888 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FAPRCEE.DLL + 2012-06-19 19:02 . 2007-03-09 05:01 173056 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FAMTCEE.EXE + 2012-06-19 19:02 . 2007-01-22 01:02 138752 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FAIRCEE.DLL + 2012-06-19 19:02 . 2007-02-26 06:00 397824 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FABRCEE.DLL + 2012-06-19 19:02 . 2007-02-02 18:57 202912 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_DUPA20.EXE + 2012-06-23 11:59 . 2001-08-17 20:36 435200 c:\windows\system32\spool\drivers\w32x86\3\HPF900AL.DLL + 2012-06-19 19:02 . 2007-02-26 06:18 723128 c:\windows\system32\spool\drivers\w32x86\3\EPUPDATE.EXE + 2012-06-19 19:02 . 2007-03-06 03:09 296448 c:\windows\system32\spool\drivers\w32x86\3\EPSET32.DLL + 2012-06-19 19:02 . 2006-11-30 05:12 172032 c:\windows\system32\spool\drivers\w32x86\3\EBAPI4.DLL + 2012-06-19 19:02 . 2007-01-11 04:02 113664 c:\windows\system32\spool\drivers\w32x86\3\E_S40RP7.EXE + 2012-06-19 19:02 . 2007-03-13 07:02 200192 c:\windows\system32\spool\drivers\w32x86\3\E_FUIRCEE.DLL + 2012-06-19 19:02 . 2007-01-22 07:01 740864 c:\windows\system32\spool\drivers\w32x86\3\E_FUI1CEE.DLL + 2012-06-19 19:02 . 2007-01-23 04:00 626688 c:\windows\system32\spool\drivers\w32x86\3\E_FPRUCEE.DLL + 2012-06-19 19:02 . 2006-10-31 04:00 196608 c:\windows\system32\spool\drivers\w32x86\3\E_FPRECEE.EXE + 2012-06-19 19:02 . 2006-12-13 14:55 536576 c:\windows\system32\spool\drivers\w32x86\3\E_FOKACEE.DLL + 2012-06-19 19:02 . 2007-01-22 05:00 119296 c:\windows\system32\spool\drivers\w32x86\3\E_FMAICEE.DLL + 2012-06-19 19:02 . 2007-04-05 04:00 561664 c:\windows\system32\spool\drivers\w32x86\3\E_FJBCCEE.DLL + 2012-06-19 19:02 . 2007-03-30 10:06 105984 c:\windows\system32\spool\drivers\w32x86\3\E_FHUTCEE.EXE + 2012-06-19 19:02 . 2007-03-30 10:06 218624 c:\windows\system32\spool\drivers\w32x86\3\E_FHUTCEE.DLL + 2012-06-19 19:02 . 2007-02-13 04:20 104960 c:\windows\system32\spool\drivers\w32x86\3\E_FHT0CEE.DLL + 2012-06-19 19:02 . 2007-01-18 04:20 328192 c:\windows\system32\spool\drivers\w32x86\3\E_FHM0CEE.DLL + 2012-06-19 19:02 . 2007-03-30 01:00 504832 c:\windows\system32\spool\drivers\w32x86\3\E_FHBRCEE.DLL + 2012-06-19 19:02 . 2006-11-13 04:00 458752 c:\windows\system32\spool\drivers\w32x86\3\E_FCONCEE.DLL + 2012-06-19 19:02 . 2006-11-16 01:01 176128 c:\windows\system32\spool\drivers\w32x86\3\E_FBCSCEE.EXE + 2012-06-19 19:02 . 2006-11-30 05:12 172032 c:\windows\system32\spool\drivers\w32x86\3\E_FBAPCEE.DLL + 2012-06-19 19:02 . 2007-04-12 06:00 182272 c:\windows\system32\spool\drivers\w32x86\3\E_FATICEE.EXE + 2012-06-19 19:02 . 2007-03-06 01:01 454656 c:\windows\system32\spool\drivers\w32x86\3\E_FASOCEE.DLL + 2012-06-19 19:02 . 2006-11-13 05:00 129536 c:\windows\system32\spool\drivers\w32x86\3\E_FASKCEE.DLL + 2012-06-19 19:02 . 2007-03-12 05:01 156160 c:\windows\system32\spool\drivers\w32x86\3\E_FARNCEE.EXE + 2012-06-19 19:02 . 2007-04-12 06:00 677888 c:\windows\system32\spool\drivers\w32x86\3\E_FAPRCEE.DLL + 2012-06-19 19:02 . 2007-03-09 05:01 173056 c:\windows\system32\spool\drivers\w32x86\3\E_FAMTCEE.EXE + 2012-06-19 19:02 . 2007-01-22 01:02 138752 c:\windows\system32\spool\drivers\w32x86\3\E_FAIRCEE.DLL + 2012-06-19 19:02 . 2007-02-26 06:00 397824 c:\windows\system32\spool\drivers\w32x86\3\E_FABRCEE.DLL + 2012-06-19 19:02 . 2007-02-02 18:57 202912 c:\windows\system32\spool\drivers\w32x86\3\E_DUPA20.EXE + 2006-08-24 15:15 . 2006-08-24 15:15 150808 c:\windows\system32\rgb9rast_2.dll + 2012-01-17 22:34 . 2012-08-06 14:10 491092 c:\windows\system32\Restore\rstrlog.dat + 2000-04-03 16:52 . 2000-04-03 16:52 151552 c:\windows\system32\RDOCURS.DLL + 2008-07-29 18:59 . 2008-07-29 18:59 781344 c:\windows\system32\PresentationNative_v0300.dll + 2008-07-29 18:59 . 2008-07-29 18:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll + 2006-10-19 01:47 . 2006-10-19 01:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll + 2006-10-19 01:47 . 2006-10-19 01:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll + 2006-10-19 01:47 . 2006-10-19 01:47 166912 c:\windows\system32\PortableDeviceTypes.dll + 2006-10-19 01:47 . 2006-10-19 01:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll + 2006-10-19 01:47 . 2006-10-19 01:47 284160 c:\windows\system32\PortableDeviceApi.dll + 2012-06-19 19:04 . 2006-10-19 22:10 501912 c:\windows\system32\PICSDK2.dll + 2012-06-19 19:04 . 2006-10-19 22:10 108704 c:\windows\system32\PICEntry.dll + 2001-08-17 22:36 . 2008-04-14 12:00 157696 c:\windows\system32\paqsp.dll + 2002-01-05 07:37 . 2002-01-05 07:37 344064 c:\windows\system32\msvcr70.dll + 2000-05-23 21:45 . 2000-05-23 21:45 118784 c:\windows\system32\MSSTDFMT.DLL + 2000-05-11 12:06 . 2000-05-11 12:06 397312 c:\windows\system32\MSRDO20.DLL + 2009-04-28 04:51 . 2009-03-08 02:34 193536 c:\windows\system32\msrating.dll - 2009-04-28 04:51 . 2009-03-08 03:34 193536 c:\windows\system32\msrating.dll + 2009-04-28 04:51 . 2009-03-08 02:22 156160 c:\windows\system32\msls31.dll - 2009-04-28 04:51 . 2009-03-08 03:22 156160 c:\windows\system32\msls31.dll + 2008-04-14 05:42 . 2008-04-14 09:42 294912 c:\windows\system32\msh263.drv + 2007-08-13 22:54 . 2012-05-11 14:42 629760 c:\windows\system32\msfeeds.dll + 2006-10-02 19:28 . 2006-10-02 19:28 312128 c:\windows\system32\msdelta.dll + 2009-01-07 17:20 . 2009-01-07 16:20 265720 c:\windows\system32\msdbg2.dll + 2008-07-25 10:16 . 2008-07-25 10:16 158720 c:\windows\system32\mscorier.dll + 2012-06-27 00:09 . 2012-01-31 12:44 237072 c:\windows\system32\MpSigStub.exe + 2006-10-19 01:47 . 2006-10-19 01:47 259072 c:\windows\system32\MPG4DECD.dll + 2006-10-19 01:47 . 2010-03-30 10:24 317440 c:\windows\system32\mp4sdecd.dll + 2006-10-19 01:47 . 2006-10-19 01:47 259072 c:\windows\system32\MP43DECD.dll + 2006-10-19 01:47 . 2006-10-19 01:47 212992 c:\windows\system32\MFPLAT.dll + 2001-08-17 22:36 . 2008-04-14 12:00 147968 c:\windows\system32\mdwmdmsp.dll + 2012-08-02 18:52 . 2012-08-02 18:52 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_Plugin.exe + 2012-08-02 17:52 . 2012-08-02 17:52 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe + 2012-08-02 17:52 . 2012-08-02 17:52 466632 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.dll + 2012-06-19 08:08 . 2012-08-02 18:52 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe + 2002-08-21 04:10 . 2002-08-21 04:10 204800 c:\windows\system32\INKED.DLL + 2007-08-13 22:54 . 2009-03-08 02:22 164352 c:\windows\system32\ieui.dll + 2007-07-11 16:27 . 2009-03-08 02:11 445952 c:\windows\system32\ieapfltr.dll + 2009-04-28 04:51 . 2009-03-08 02:32 163840 c:\windows\system32\ieakui.dll - 2009-04-28 04:51 . 2009-03-08 03:32 163840 c:\windows\system32\ieakui.dll - 2009-04-28 04:51 . 2009-03-08 03:33 229376 c:\windows\system32\ieaksie.dll + 2009-04-28 04:51 . 2009-03-08 02:33 229376 c:\windows\system32\ieaksie.dll + 2009-04-28 04:51 . 2009-03-08 02:33 125952 c:\windows\system32\ieakeng.dll - 2009-04-28 04:51 . 2009-03-08 03:33 125952 c:\windows\system32\ieakeng.dll + 2008-07-29 18:24 . 2008-07-29 18:24 622080 c:\windows\system32\icardagt.exe + 2008-04-14 00:01 . 2008-04-14 12:00 134400 c:\windows\system32\hal.dll + 2008-04-14 05:42 . 2008-04-14 12:00 193024 c:\windows\system32\fsquirt.exe + 2009-04-27 21:58 . 2012-07-12 20:50 298848 c:\windows\system32\FNTCACHE.DAT + 2009-04-28 04:51 . 2012-04-23 14:46 133120 c:\windows\system32\extmgr.dll - 2009-04-28 04:51 . 2009-08-29 07:36 133120 c:\windows\system32\extmgr.dll + 2008-07-29 20:10 . 2008-07-29 20:10 493048 c:\windows\system32\evr.dll + 2009-04-27 21:58 . 2008-04-14 12:00 103424 c:\windows\system32\EqnClass.Dll + 2012-06-19 19:04 . 2006-10-30 22:10 120992 c:\windows\system32\EpPicPrt.dll + 2012-06-19 19:04 . 2005-05-31 22:20 111932 c:\windows\system32\EPPICPrinterDB.dat + 2011-06-28 08:59 . 2011-06-28 08:59 114688 c:\windows\system32\EIDLibCtrl.dll - 2009-04-28 04:51 . 2009-03-08 03:31 216064 c:\windows\system32\dxtrans.dll + 2009-04-28 04:51 . 2009-03-08 02:31 216064 c:\windows\system32\dxtrans.dll - 2009-04-28 04:51 . 2009-03-08 03:31 348160 c:\windows\system32\dxtmsft.dll + 2009-04-28 04:51 . 2009-03-08 02:31 348160 c:\windows\system32\dxtmsft.dll + 2006-10-19 00:00 . 2006-10-19 00:00 249856 c:\windows\system32\drmupgds.exe + 2008-03-27 20:27 . 2008-03-27 20:27 503008 c:\windows\system32\drivers\wdf01000.sys + 2009-04-27 22:00 . 2008-04-14 00:16 121984 c:\windows\system32\drivers\usbvideo.sys + 2008-04-14 00:15 . 2008-04-14 07:15 143872 c:\windows\system32\drivers\usbport.sys + 2006-10-19 01:47 . 2006-10-19 01:47 671232 c:\windows\system32\drivers\UMDF\wpdmtpdr.dll + 2008-04-14 00:06 . 2008-04-14 12:00 120192 c:\windows\system32\drivers\pcmcia.sys + 2012-03-20 18:44 . 2012-03-20 18:44 171064 c:\windows\system32\drivers\MpFilter.sys + 2008-04-14 00:46 . 2008-04-14 04:46 141056 c:\windows\system32\drivers\ks.sys + 2008-04-14 00:23 . 2009-10-20 16:20 265728 c:\windows\system32\drivers\http.sys + 2008-04-13 22:06 . 2008-04-14 12:00 144384 c:\windows\system32\drivers\hdaudbus.sys + 2001-08-17 13:52 . 2008-04-14 12:00 125056 c:\windows\system32\drivers\ftdisk.sys + 2001-08-17 14:02 . 2008-04-14 12:00 262528 c:\windows\system32\drivers\cinemst2.sys + 2008-04-14 00:06 . 2008-04-14 12:00 187776 c:\windows\system32\drivers\acpi.sys + 2009-04-28 05:02 . 2012-06-02 13:19 210968 c:\windows\system32\dllcache\wuweb.dll + 2009-04-28 05:02 . 2012-06-02 13:19 329240 c:\windows\system32\dllcache\wucltui.dll + 2009-04-28 05:02 . 2012-06-02 13:19 577048 c:\windows\system32\dllcache\wuapi.dll + 2008-04-14 05:42 . 2008-04-14 12:00 108032 c:\windows\system32\dllcache\wshbth.dll + 2009-04-27 21:58 . 2008-04-14 12:00 146432 c:\windows\system32\dllcache\winspool.drv + 2009-04-28 04:51 . 2009-03-08 02:34 236544 c:\windows\system32\dllcache\webcheck.dll - 2009-04-28 04:51 . 2009-03-08 03:34 236544 c:\windows\system32\dllcache\webcheck.dll + 2001-08-17 22:36 . 2008-04-14 12:00 102457 c:\windows\system32\dllcache\usrv42a.dll + 2001-08-17 22:36 . 2008-04-14 12:00 323641 c:\windows\system32\dllcache\usrdtea.dll + 2008-04-14 00:15 . 2008-04-14 07:15 143872 c:\windows\system32\dllcache\usbport.sys + 2009-01-07 16:20 . 2009-01-07 16:20 134144 c:\windows\system32\dllcache\sqmapi.dll + 2009-04-27 21:58 . 2008-04-14 12:00 774144 c:\windows\system32\dllcache\spttseng.dll + 2009-04-28 04:51 . 2012-06-04 04:32 152576 c:\windows\system32\dllcache\schannel.dll + 2009-04-27 21:58 . 2008-04-14 12:00 741376 c:\windows\system32\dllcache\sapi.dll + 2001-08-17 22:36 . 2008-04-14 12:00 157696 c:\windows\system32\dllcache\paqsp.dll + 2009-04-27 21:58 . 2008-04-14 12:00 126912 c:\windows\system32\dllcache\msvideo.dll - 2009-04-28 04:51 . 2009-03-08 03:34 193536 c:\windows\system32\dllcache\msrating.dll + 2009-04-28 04:51 . 2009-03-08 02:34 193536 c:\windows\system32\dllcache\msrating.dll - 2009-04-28 04:51 . 2009-03-08 03:22 156160 c:\windows\system32\dllcache\msls31.dll + 2009-04-28 04:51 . 2009-03-08 02:22 156160 c:\windows\system32\dllcache\msls31.dll + 2009-04-28 05:02 . 2012-05-28 18:16 536576 c:\windows\system32\dllcache\msado15.dll - 2009-04-28 05:02 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll + 2001-08-17 22:36 . 2008-04-14 12:00 147968 c:\windows\system32\dllcache\mdwmdmsp.dll + 2008-04-14 00:46 . 2008-04-14 04:46 141056 c:\windows\system32\dllcache\ks.sys - 2009-04-28 05:02 . 2009-03-08 13:09 638816 c:\windows\system32\dllcache\iexplore.exe + 2009-04-28 05:02 . 2009-03-08 12:09 638816 c:\windows\system32\dllcache\iexplore.exe + 2009-05-05 16:50 . 2009-03-08 02:11 445952 c:\windows\system32\dllcache\ieapfltr.dll - 2009-05-05 16:50 . 2009-03-08 03:11 445952 c:\windows\system32\dllcache\ieapfltr.dll - 2009-04-28 04:51 . 2009-03-08 03:32 163840 c:\windows\system32\dllcache\ieakui.dll + 2009-04-28 04:51 . 2009-03-08 02:32 163840 c:\windows\system32\dllcache\ieakui.dll - 2009-04-28 04:51 . 2009-03-08 03:33 229376 c:\windows\system32\dllcache\ieaksie.dll + 2009-04-28 04:51 . 2009-03-08 02:33 229376 c:\windows\system32\dllcache\ieaksie.dll + 2009-04-28 04:51 . 2009-03-08 02:33 125952 c:\windows\system32\dllcache\ieakeng.dll - 2009-04-28 04:51 . 2009-03-08 03:33 125952 c:\windows\system32\dllcache\ieakeng.dll + 2008-04-14 05:42 . 2008-04-14 12:00 193024 c:\windows\system32\dllcache\fsquirt.exe - 2009-04-28 04:51 . 2009-08-29 07:36 133120 c:\windows\system32\dllcache\extmgr.dll + 2009-04-28 04:51 . 2012-04-23 14:46 133120 c:\windows\system32\dllcache\extmgr.dll + 2009-04-27 21:58 . 2008-04-14 12:00 103424 c:\windows\system32\dllcache\eqnclass.dll + 2009-04-28 04:51 . 2009-03-08 02:31 216064 c:\windows\system32\dllcache\dxtrans.dll - 2009-04-28 04:51 . 2009-03-08 03:31 216064 c:\windows\system32\dllcache\dxtrans.dll - 2009-04-28 04:51 . 2009-03-08 03:31 348160 c:\windows\system32\dllcache\dxtmsft.dll + 2009-04-28 04:51 . 2009-03-08 02:31 348160 c:\windows\system32\dllcache\dxtmsft.dll + 2009-04-27 21:58 . 2008-04-14 12:00 176157 c:\windows\system32\dllcache\dgrpsetu.dll + 2009-04-27 21:58 . 2008-04-14 12:00 109456 c:\windows\system32\dllcache\avifile.dll + 2009-04-28 04:51 . 2009-03-08 02:32 128512 c:\windows\system32\dllcache\advpack.dll - 2009-04-28 04:51 . 2009-03-08 03:32 128512 c:\windows\system32\dllcache\advpack.dll + 2009-04-27 21:58 . 2008-04-14 12:00 176157 c:\windows\system32\dgrpsetu.dll + 2011-06-28 09:18 . 2011-06-28 09:18 282624 c:\windows\system32\beidwinscard.dll + 2011-06-28 09:18 . 2011-06-28 09:18 163840 c:\windows\system32\beidssleay32.dll + 2011-06-28 09:18 . 2011-06-28 09:18 200791 c:\windows\system32\beidlibopensc.dll + 2011-06-28 09:18 . 2011-06-28 09:18 868352 c:\windows\system32\beidlibeay32.dll + 2011-06-28 08:59 . 2011-06-28 08:59 114688 c:\windows\system32\beidlibaxctrl.dll + 2011-06-28 09:18 . 2011-06-28 09:18 270336 c:\windows\system32\beidgui.dll + 2006-10-19 01:47 . 2006-10-19 01:47 276992 c:\windows\system32\audiodev.dll + 2009-04-28 04:51 . 2009-03-08 02:32 128512 c:\windows\system32\advpack.dll - 2009-04-28 04:51 . 2009-03-08 03:32 128512 c:\windows\system32\advpack.dll + 2009-04-27 21:58 . 2008-04-14 12:00 146432 c:\windows\system\WINSPOOL.DRV + 2009-04-27 21:58 . 2008-04-14 12:00 126912 c:\windows\system\MSVIDEO.DLL + 2009-04-27 21:58 . 2008-04-14 12:00 109456 c:\windows\system\AVIFILE.DLL + 2008-07-29 22:40 . 2008-07-29 22:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe + 2008-07-29 22:40 . 2008-07-29 22:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll + 2008-07-29 17:47 . 2008-07-29 17:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll + 2008-07-29 17:47 . 2008-07-29 17:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll + 2008-07-29 17:47 . 2008-07-29 17:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll + 2008-07-29 17:47 . 2008-07-29 17:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll + 2008-07-29 17:47 . 2008-07-29 17:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll + 2008-07-29 17:47 . 2008-07-29 17:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll + 2008-07-29 17:47 . 2008-07-29 17:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll + 2008-07-29 17:47 . 2008-07-29 17:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll + 2008-07-29 17:47 . 2008-07-29 17:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll + 2008-07-29 17:47 . 2008-07-29 17:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll + 2008-07-29 17:47 . 2008-07-29 17:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll + 2008-07-29 17:47 . 2008-07-29 17:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll + 2008-07-29 17:47 . 2008-07-29 17:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll + 2008-07-29 17:47 . 2008-07-29 17:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll + 2008-07-29 17:47 . 2008-07-29 17:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll + 2008-07-29 17:47 . 2008-07-29 17:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll + 2008-07-29 17:47 . 2008-07-29 17:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll + 2008-07-29 17:47 . 2008-07-29 17:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll + 2008-07-29 17:47 . 2008-07-29 17:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll + 2008-07-29 17:47 . 2008-07-29 17:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll + 2008-07-29 17:47 . 2008-07-29 17:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll + 2008-07-29 17:47 . 2008-07-29 17:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll + 2008-07-29 17:47 . 2008-07-29 17:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll + 2008-07-29 17:47 . 2008-07-29 17:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll + 2008-07-29 17:47 . 2008-07-29 17:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll + 2008-07-29 17:47 . 2008-07-29 17:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll + 2008-07-29 17:47 . 2008-07-29 17:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll + 2008-07-29 17:47 . 2008-07-29 17:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll + 2008-07-29 17:47 . 2008-07-29 17:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll + 2008-07-29 17:47 . 2008-07-29 17:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll + 2008-07-29 17:47 . 2008-07-29 17:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll + 2008-07-29 17:47 . 2008-07-29 17:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll + 2008-07-29 17:47 . 2008-07-29 17:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll + 2008-07-29 17:47 . 2008-07-29 17:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll + 2008-07-29 17:47 . 2008-07-29 17:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll + 2008-07-29 17:47 . 2008-07-29 17:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll + 2008-07-29 17:47 . 2008-07-29 17:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll + 2008-07-29 17:47 . 2008-07-29 17:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll + 2008-07-29 17:47 . 2008-07-29 17:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll + 2008-07-29 17:47 . 2008-07-29 17:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll + 2008-07-29 17:47 . 2008-07-29 17:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll + 2008-07-29 17:47 . 2008-07-29 17:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll + 2008-07-29 17:47 . 2008-07-29 17:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll + 2008-07-29 17:47 . 2008-07-29 17:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll + 2008-07-29 17:47 . 2008-07-29 17:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe + 2008-07-29 17:47 . 2008-07-29 17:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll + 2008-07-29 17:47 . 2008-07-29 17:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll + 2008-07-29 22:15 . 2008-07-29 22:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat + 2008-07-29 22:40 . 2008-07-29 22:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll + 2008-07-29 22:40 . 2008-07-29 22:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll + 2008-07-29 19:35 . 2008-07-29 19:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll + 2008-07-29 20:10 . 2008-07-29 20:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll + 2008-07-29 18:16 . 2008-07-29 18:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe + 2008-07-29 18:16 . 2008-07-29 18:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe + 2008-07-29 18:16 . 2008-07-29 18:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe + 2008-07-29 18:16 . 2008-07-29 18:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll + 2008-07-29 18:16 . 2008-07-29 18:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll + 2008-07-29 18:24 . 2008-07-29 18:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe + 2008-07-29 18:16 . 2008-07-29 18:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe + 2008-07-25 10:17 . 2008-07-25 10:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2008-07-25 10:17 . 2008-07-25 10:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2008-07-25 10:17 . 2008-07-25 10:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll + 2008-07-25 10:17 . 2008-07-25 10:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2008-07-25 10:17 . 2008-07-25 10:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2008-07-25 10:17 . 2008-07-25 10:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll + 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2008-07-25 10:17 . 2008-07-25 10:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2008-07-25 10:17 . 2008-07-25 10:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll + 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2008-07-25 10:17 . 2008-07-25 10:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2008-07-25 10:17 . 2008-07-25 10:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2008-07-25 10:16 . 2008-07-25 10:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2008-07-25 10:17 . 2008-07-25 10:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2008-11-25 03:59 . 2008-11-25 03:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2008-07-25 10:17 . 2008-07-25 10:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll + 2008-07-25 10:17 . 2008-07-25 10:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2008-07-25 10:17 . 2008-07-25 10:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2008-07-25 10:16 . 2008-07-25 10:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2008-07-25 10:17 . 2008-07-25 10:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2008-07-25 10:17 . 2008-07-25 10:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2008-07-25 10:17 . 2008-07-25 10:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2008-07-25 10:17 . 2008-07-25 10:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2008-07-25 10:17 . 2008-07-25 10:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2008-07-25 10:17 . 2008-07-25 10:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll + 2008-07-25 10:17 . 2008-07-25 10:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2008-07-25 10:17 . 2008-07-25 10:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-07-25 10:16 . 2008-07-25 10:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll + 2008-07-25 10:16 . 2008-07-25 10:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2008-07-25 10:16 . 2008-07-25 10:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2008-07-25 10:17 . 2008-07-25 10:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2008-07-25 10:17 . 2008-07-25 10:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2008-07-25 10:17 . 2008-07-25 10:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll + 2008-07-25 10:17 . 2008-07-25 10:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2008-07-25 10:16 . 2008-07-25 10:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2008-07-25 10:16 . 2008-07-25 10:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe + 2008-07-25 10:17 . 2008-07-25 10:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2008-07-25 10:16 . 2008-07-25 10:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2008-07-25 10:17 . 2008-07-25 10:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll + 2008-07-25 10:16 . 2008-07-25 10:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll + 2004-07-15 15:23 . 2004-07-15 15:23 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe + 2004-07-15 18:31 . 2004-07-15 18:31 573440 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll + 2004-07-15 18:28 . 2004-07-15 18:28 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll + 2004-07-15 18:28 . 2004-07-15 18:28 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll + 2004-07-15 18:31 . 2004-07-15 18:31 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll + 2004-07-15 18:28 . 2004-07-15 18:28 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll + 2004-07-15 18:31 . 2004-07-15 18:31 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll + 2004-07-15 18:31 . 2004-07-15 18:31 372736 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Management.dll + 2004-07-15 18:28 . 2004-07-15 18:28 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll + 2004-07-15 18:31 . 2004-07-15 18:31 303104 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll + 2004-07-15 04:35 . 2004-07-15 04:35 319488 c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll + 2003-03-05 09:02 . 2003-03-05 09:02 122880 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusres.dll + 2003-03-05 08:57 . 2003-03-05 08:57 253952 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusion.dll + 2003-03-05 09:02 . 2003-03-05 09:02 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW660\_msvcr71.dll + 2007-04-14 00:56 . 2007-04-14 00:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW660\_mscorjit.dll + 2004-07-15 04:24 . 2004-07-15 04:24 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW660\_fusion.dll + 2007-04-14 01:30 . 2007-04-14 01:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW660\_aspnet_isapi.dll + 2003-03-05 09:02 . 2003-03-05 09:02 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3248\_msvcr71.dll + 2004-07-15 04:25 . 2004-07-15 04:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3248\_mscorjit.dll + 2004-07-15 04:24 . 2004-07-15 04:24 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3248\_fusion.dll + 2004-07-15 05:49 . 2004-07-15 05:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3248\_aspnet_isapi.dll + 2003-03-05 09:02 . 2003-03-05 09:02 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll + 2004-07-15 04:33 . 2004-07-15 04:33 143360 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll + 2003-03-05 08:57 . 2003-03-05 08:57 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscormmc.dll + 2004-07-15 04:32 . 2004-07-15 04:32 233472 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll + 2004-07-15 18:28 . 2004-07-15 18:28 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll + 2004-07-15 18:28 . 2004-07-15 18:28 720896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll + 2004-07-15 04:35 . 2004-07-15 04:35 196608 c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe + 2004-07-15 04:24 . 2004-07-15 04:24 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll + 2003-03-05 08:57 . 2003-03-05 08:57 798720 c:\windows\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll + 2003-03-05 09:02 . 2003-03-05 09:02 524288 c:\windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll + 2004-07-15 15:23 . 2004-07-15 15:23 626688 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll + 2003-03-05 08:57 . 2003-03-05 08:57 219136 c:\windows\Microsoft.NET\Framework\v1.1.4322\c_g18030.dll + 2003-03-05 08:58 . 2003-03-05 08:58 155648 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\Vsavb7rtUI.dll + 2003-03-05 08:58 . 2003-03-05 08:58 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\vbc7ui.dll + 2012-08-06 14:26 . 2012-08-06 14:26 822784 c:\windows\Installer\f47c.msi + 2009-02-12 11:58 . 2009-02-12 11:58 549888 c:\windows\Installer\67e186.msp + 2012-07-09 22:52 . 2012-07-09 22:52 607232 c:\windows\Installer\43f99f.msi + 2008-12-13 08:58 . 2008-12-13 08:58 754688 c:\windows\Installer\40bde8.msp + 2008-07-29 20:23 . 2008-07-29 20:23 250880 c:\windows\Installer\3fdf4b.msp + 2008-07-29 20:28 . 2008-07-29 20:28 278016 c:\windows\Installer\3fdf49.msp + 2008-07-29 18:40 . 2008-07-29 18:40 291840 c:\windows\Installer\3fdf47.msp + 2008-07-29 16:35 . 2008-07-29 16:35 553472 c:\windows\Installer\3d810d.msp + 2008-07-29 16:33 . 2008-07-29 16:33 506368 c:\windows\Installer\3d810b.msp + 2008-07-29 16:37 . 2008-07-29 16:37 911360 c:\windows\Installer\3d810a.msp + 2012-06-27 00:06 . 2012-06-27 00:06 301056 c:\windows\Installer\239e84.msi + 2007-10-06 07:45 . 2007-10-06 07:45 203264 c:\windows\Installer\1fe074.msp + 2008-01-23 15:53 . 2008-01-23 15:53 814592 c:\windows\Installer\1fe043.msp + 2008-07-28 13:45 . 2008-07-28 13:45 162304 c:\windows\Installer\1fe018.msp + 2009-03-20 10:48 . 2009-03-20 10:48 183808 c:\windows\Installer\1d36d.msp + 2009-11-11 01:14 . 2012-07-11 10:38 409600 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe - 2009-11-11 01:14 . 2012-05-11 22:36 409600 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe - 2009-11-11 01:14 . 2012-05-11 22:36 286720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe + 2009-11-11 01:14 . 2012-07-11 10:38 286720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2009-11-11 01:14 . 2012-05-11 22:36 249856 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe + 2009-11-11 01:14 . 2012-07-11 10:38 249856 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2009-11-11 01:14 . 2012-05-11 22:36 794624 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2009-11-11 01:14 . 2012-07-11 10:38 794624 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2009-11-11 01:14 . 2012-07-11 10:38 135168 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe - 2009-11-11 01:14 . 2012-05-11 22:36 135168 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe + 2009-11-11 01:14 . 2012-07-11 10:38 593920 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe - 2009-11-11 01:14 . 2012-05-11 22:36 593920 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2012-06-27 00:06 . 2012-06-27 00:06 109563 c:\windows\Installer\{0F842B77-56EA-4AAF-8295-81A022350B5E}\SCEP.exe + 2012-06-27 00:06 . 2012-06-27 00:06 123352 c:\windows\Installer\{0F842B77-56EA-4AAF-8295-81A022350B5E}\MSE.exe + 2012-06-27 00:06 . 2012-06-27 00:06 109563 c:\windows\Installer\{0F842B77-56EA-4AAF-8295-81A022350B5E}\INTUNE.exe + 2012-06-27 00:06 . 2012-06-27 00:06 109563 c:\windows\Installer\{0F842B77-56EA-4AAF-8295-81A022350B5E}\FEP.exe + 2012-06-27 00:06 . 2012-06-27 00:06 109563 c:\windows\Installer\{0F842B77-56EA-4AAF-8295-81A022350B5E}\EPP.exe + 2007-03-22 18:22 . 2007-03-22 18:22 103264 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\TRANSMGR.DLL + 2007-05-10 12:34 . 2007-05-10 12:34 562528 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\PUBCONV.DLL + 2007-05-31 12:36 . 2007-05-31 12:36 612184 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\PTXT9.DLL + 2007-05-31 12:35 . 2007-05-31 12:35 133976 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\PRTF9.DLL + 2007-04-19 12:53 . 2007-04-19 12:53 149856 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\OUTLPH.DLL + 2007-05-31 12:42 . 2007-05-31 12:42 200032 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\OUTLOOK.EXE + 2007-04-19 12:53 . 2007-04-19 12:53 106336 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\OUTLMIME.DLL + 2007-04-19 12:53 . 2007-04-19 12:53 109408 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\OUTLCTL.DLL + 2005-05-04 04:06 . 2005-05-04 04:06 199408 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\MSMDUN80.DLL + 2005-05-04 04:06 . 2005-05-04 04:06 465640 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\MSDMENG.DLL + 2007-04-19 13:01 . 2007-04-19 13:01 238424 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\MSCDM.DLL + 2007-01-16 19:32 . 2007-01-16 19:32 136032 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\MSAEXP30.DLL + 2007-04-19 12:54 . 2007-04-19 12:54 183136 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\MIMEDIR.DLL + 2007-04-19 12:53 . 2007-04-19 12:53 127328 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\IMPMAIL.DLL + 2007-04-19 13:09 . 2007-04-19 13:09 167256 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\IETAG.DLL + 2007-04-19 12:53 . 2007-04-19 12:53 137568 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\ENVELOPE.DLL + 2007-04-19 12:54 . 2007-04-19 12:54 169312 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\ACCWIZ.DLL + 2003-08-06 20:26 . 2003-08-06 20:26 445488 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\SOA.DLL + 2003-07-21 18:46 . 2003-07-21 18:46 390712 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\RTFHTML.DLL + 2003-07-15 05:50 . 2003-07-15 05:50 551480 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\PUBCONV.DLL + 2003-07-15 05:51 . 2003-07-15 05:51 604728 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\PTXT9.DLL + 2003-07-15 05:40 . 2003-07-15 05:40 130104 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\PRTF9.DLL + 2003-07-15 10:18 . 2003-07-15 10:18 430136 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\PP4X322.DLL + 2003-07-15 05:43 . 2003-07-15 05:43 139320 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OUTLPH.DLL + 2003-07-15 05:45 . 2003-07-15 05:45 196152 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OUTLOOK.EXE + 2003-07-08 18:48 . 2003-07-08 18:48 115288 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DLL + 2003-07-15 05:44 . 2003-07-15 05:44 102968 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OUTLCTL.DLL + 2003-07-15 10:14 . 2003-07-15 10:14 242240 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OISGRAPH.DLL + 2003-07-15 10:14 . 2003-07-15 10:14 828472 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OISAPP.DLL + 2003-07-15 10:14 . 2003-07-15 10:14 283696 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OIS.EXE + 2003-07-15 06:00 . 2003-07-15 06:00 145984 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSWEBCAP.DLL + 2003-07-24 05:40 . 2003-07-24 05:40 482872 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSTORES.DLL + 2003-07-15 05:56 . 2003-07-15 05:56 124984 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSTORE.EXE + 2003-07-15 06:02 . 2003-07-15 06:02 627256 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSTORDB.EXE + 2003-06-19 15:05 . 2003-06-19 15:05 364648 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSPVIEW.EXE + 2003-07-15 10:18 . 2003-07-15 10:18 376888 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSORUN.DLL + 2003-07-23 21:35 . 2003-07-23 21:35 127032 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOCFU.DLL + 2003-07-15 02:14 . 2003-07-15 02:14 106552 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOCF.DLL + 2003-07-14 21:57 . 2003-07-14 21:57 120888 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSOAUTH.DLL + 2003-07-15 10:14 . 2003-07-15 10:14 139328 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSJSPP40.DLL + 2003-07-14 21:58 . 2003-07-14 21:58 230968 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSCDM.DLL + 2003-07-15 10:13 . 2003-07-15 10:13 130112 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSAEXP30.DLL + 2003-07-15 05:46 . 2003-07-15 05:46 176696 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MIMEDIR.DLL + 2003-05-28 22:42 . 2003-05-28 22:42 342616 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\METCONV.DLL + 2003-06-18 16:31 . 2003-06-18 16:31 443904 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MDIVWCTL.DLL + 2003-06-18 16:31 . 2003-06-18 16:31 252928 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MDIINK.DLL + 2003-06-19 00:31 . 2003-06-19 00:31 758784 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MDIGRAPH.DLL + 2003-05-28 22:42 . 2003-05-28 22:42 514680 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\INTLNAME.DLL + 2003-07-24 05:32 . 2003-07-24 05:32 121400 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\IMPMAIL.DLL + 2003-07-15 05:53 . 2003-07-15 05:53 161336 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\IETAG.DLL + 2003-07-26 02:14 . 2003-07-26 02:14 799288 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\FPWEC.DLL + 2003-07-15 05:40 . 2003-07-15 05:40 179768 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\FPERSON.DLL + 2003-07-15 06:36 . 2003-07-15 06:36 186424 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\FPDTC.DLL + 2003-07-31 22:19 . 2003-07-31 22:19 131648 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\ENVELOPE.DLL + 2003-07-15 02:14 . 2003-07-15 02:14 350264 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\CDLMSO.DLL + 2003-07-15 10:18 . 2003-07-15 10:18 141360 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\ATP.DLL + 2003-07-15 10:13 . 2003-07-15 10:13 166456 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\ACCWIZ.DLL + 2007-06-20 14:04 . 2007-06-20 14:04 173408 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F378_WkProof.dll + 2007-06-20 14:04 . 2007-06-20 14:04 161120 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F366_wkcvqr01.dll + 2007-06-21 14:48 . 2007-06-21 14:48 972128 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F365_wkcvqd01.dll + 2007-06-20 14:04 . 2007-06-20 14:04 132448 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F22623_WkImg90.dll + 2007-06-21 14:48 . 2007-06-21 14:48 972128 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F20987_wkwpqd.dll + 2007-06-20 14:04 . 2007-06-20 14:04 161120 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F20985_wkwpqrtf.dll + 2006-10-27 00:49 . 2006-10-27 00:49 509200 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\WRD12CVR.DLL + 2006-10-27 00:12 . 2006-10-27 00:12 396592 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\MOC.EXE + 2012-08-01 00:02 . 2009-03-08 02:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll + 2012-08-01 00:02 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\updspapi.dll + 2012-08-01 00:02 . 2008-07-08 13:02 755576 c:\windows\ie8updates\KB982381-IE8\update.exe - 2010-06-12 16:47 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll + 2012-08-01 00:02 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll + 2012-08-01 00:02 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe - 2010-06-12 16:47 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe + 2012-08-01 00:02 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst.exe + 2012-08-01 00:02 . 2009-03-08 02:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll - 2010-06-12 16:47 . 2010-02-25 06:24 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll + 2012-08-01 00:02 . 2009-03-08 02:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll + 2012-08-01 00:02 . 2009-03-08 02:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll - 2010-06-12 16:47 . 2010-02-25 06:24 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll + 2012-08-01 00:02 . 2009-03-08 02:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll + 2012-08-01 00:02 . 2009-03-08 02:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll - 2010-06-12 16:47 . 2009-03-08 03:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll + 2012-08-01 00:02 . 2009-03-08 02:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll + 2012-08-01 00:02 . 2009-03-08 12:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll + 2012-08-01 00:02 . 2009-03-08 02:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe - 2010-06-12 16:47 . 2010-02-24 09:54 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe + 2012-08-01 00:04 . 2011-11-04 19:20 916992 c:\windows\ie8updates\KB2699988-IE8\wininet.dll - 2012-06-14 00:12 . 2012-03-01 11:01 916992 c:\windows\ie8updates\KB2699988-IE8\wininet.dll + 2012-08-01 00:04 . 2011-11-04 19:20 105984 c:\windows\ie8updates\KB2699988-IE8\url.dll - 2012-06-14 00:12 . 2012-03-01 11:01 105984 c:\windows\ie8updates\KB2699988-IE8\url.dll + 2012-08-01 00:04 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2699988-IE8\updspapi.dll + 2012-08-01 00:04 . 2010-07-05 13:15 755576 c:\windows\ie8updates\KB2699988-IE8\update.exe - 2012-06-14 00:12 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2699988-IE8\spuninst\updspapi.dll + 2012-08-01 00:04 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2699988-IE8\spuninst\updspapi.dll + 2012-08-01 00:04 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2699988-IE8\spuninst\spuninst.exe - 2012-06-14 00:12 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2699988-IE8\spuninst\spuninst.exe + 2012-08-01 00:04 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2699988-IE8\spuninst.exe + 2012-08-01 00:04 . 2011-11-04 19:20 206848 c:\windows\ie8updates\KB2699988-IE8\occache.dll - 2012-06-14 00:12 . 2012-03-01 11:01 206848 c:\windows\ie8updates\KB2699988-IE8\occache.dll - 2012-06-14 00:12 . 2012-03-01 11:01 611840 c:\windows\ie8updates\KB2699988-IE8\mstime.dll + 2012-08-01 00:04 . 2011-11-04 19:20 611840 c:\windows\ie8updates\KB2699988-IE8\mstime.dll - 2012-06-14 00:12 . 2012-03-01 11:01 602112 c:\windows\ie8updates\KB2699988-IE8\msfeeds.dll + 2012-08-01 00:04 . 2011-11-04 19:20 602112 c:\windows\ie8updates\KB2699988-IE8\msfeeds.dll + 2012-08-01 00:04 . 2009-03-08 02:35 521216 c:\windows\ie8updates\KB2699988-IE8\jsdbgui.dll - 2012-06-14 00:12 . 2009-03-08 03:35 521216 c:\windows\ie8updates\KB2699988-IE8\jsdbgui.dll + 2012-08-01 00:04 . 2011-11-04 19:20 247808 c:\windows\ie8updates\KB2699988-IE8\ieproxy.dll - 2012-06-14 00:12 . 2012-03-01 11:01 247808 c:\windows\ie8updates\KB2699988-IE8\ieproxy.dll - 2012-06-14 00:12 . 2012-03-01 11:01 184320 c:\windows\ie8updates\KB2699988-IE8\iepeers.dll + 2012-08-01 00:04 . 2011-11-04 19:20 184320 c:\windows\ie8updates\KB2699988-IE8\iepeers.dll + 2012-08-01 00:04 . 2011-11-04 19:20 743424 c:\windows\ie8updates\KB2699988-IE8\iedvtool.dll - 2012-06-14 00:12 . 2012-03-01 11:01 743424 c:\windows\ie8updates\KB2699988-IE8\iedvtool.dll - 2012-06-14 00:12 . 2012-03-01 11:01 387584 c:\windows\ie8updates\KB2699988-IE8\iedkcs32.dll + 2012-08-01 00:04 . 2011-11-04 19:20 387584 c:\windows\ie8updates\KB2699988-IE8\iedkcs32.dll - 2012-06-14 00:12 . 2012-02-29 12:17 174080 c:\windows\ie8updates\KB2699988-IE8\ie4uinit.exe + 2012-08-01 00:04 . 2011-11-04 11:24 174080 c:\windows\ie8updates\KB2699988-IE8\ie4uinit.exe + 2012-08-01 00:03 . 2010-05-06 10:41 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll - 2011-12-23 12:35 . 2011-08-22 23:48 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll + 2012-08-01 00:03 . 2009-03-08 02:34 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll - 2011-12-23 12:35 . 2011-08-22 23:48 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll + 2012-08-01 00:03 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\updspapi.dll + 2012-08-01 00:03 . 2010-07-05 13:15 755576 c:\windows\ie8updates\KB2618444-IE8\update.exe - 2011-12-23 12:35 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll + 2012-08-01 00:03 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll + 2012-08-01 00:03 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe - 2011-12-23 12:35 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe + 2012-08-01 00:03 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst.exe + 2012-08-01 00:03 . 2010-05-06 10:41 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll - 2011-12-23 12:35 . 2011-08-22 23:48 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll + 2012-08-01 00:03 . 2010-05-06 10:41 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll - 2011-12-23 12:35 . 2011-08-22 23:48 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll + 2012-08-01 00:03 . 2010-05-06 10:41 599040 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll + 2012-08-01 00:03 . 2010-05-06 10:41 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll - 2011-12-23 12:35 . 2011-08-22 23:48 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll - 2011-12-23 12:35 . 2011-08-22 23:48 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll + 2012-08-01 00:03 . 2010-05-06 10:41 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll + 2012-08-01 00:03 . 2010-05-06 10:41 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll - 2011-12-23 12:35 . 2011-08-22 23:48 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll - 2011-12-23 12:35 . 2011-08-22 23:48 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll + 2012-08-01 00:03 . 2010-05-06 10:41 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll + 2012-08-01 00:03 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe + 2012-08-01 00:03 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2598845-IE8\updspapi.dll + 2012-08-01 00:03 . 2010-07-05 13:15 755576 c:\windows\ie8updates\KB2598845-IE8\update.exe + 2012-08-01 00:03 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2598845-IE8\spuninst\updspapi.dll + 2012-08-01 00:03 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2598845-IE8\spuninst\spuninst.exe + 2012-08-01 00:03 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2598845-IE8\spuninst.exe - 2011-06-16 22:35 . 2009-03-08 03:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll + 2012-08-01 00:14 . 2009-03-08 02:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll + 2012-08-01 00:14 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\updspapi.dll + 2012-08-01 00:14 . 2010-07-05 13:15 755576 c:\windows\ie8updates\KB2544521-IE8\update.exe + 2012-08-01 00:14 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll - 2011-06-16 22:35 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll + 2012-08-01 00:14 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe - 2011-06-16 22:35 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe + 2012-08-01 00:14 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst.exe + 2012-08-01 00:14 . 2009-03-08 02:33 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll - 2011-04-17 20:24 . 2010-03-10 06:15 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll + 2012-08-01 00:14 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\updspapi.dll + 2012-08-01 00:14 . 2010-07-05 13:15 755576 c:\windows\ie8updates\KB2510531-IE8\update.exe + 2012-08-01 00:14 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll - 2011-04-17 20:24 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll + 2012-08-01 00:14 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe - 2011-04-17 20:24 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe + 2012-08-01 00:14 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst.exe - 2011-04-17 20:24 . 2009-12-09 05:53 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll + 2012-08-01 00:14 . 2009-03-08 02:33 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll - 2009-11-10 05:09 . 2009-08-29 07:36 832512 c:\windows\ie8\wininet.dll + 2012-08-01 00:00 . 2012-05-15 15:39 832512 c:\windows\ie8\wininet.dll - 2009-11-10 05:09 . 2007-08-13 22:45 206336 c:\windows\ie8\winfxdocobj.exe + 2012-08-01 00:00 . 2007-08-13 22:45 206336 c:\windows\ie8\winfxdocobj.exe - 2009-11-10 05:09 . 2009-08-29 07:36 233472 c:\windows\ie8\webcheck.dll + 2012-08-01 00:00 . 2012-04-23 14:46 233472 c:\windows\ie8\webcheck.dll + 2012-08-01 00:00 . 2011-04-30 08:50 766464 c:\windows\ie8\vgx.dll + 2012-08-01 00:00 . 2011-03-04 06:45 434176 c:\windows\ie8\vbscript.dll + 2012-08-01 00:00 . 2012-04-23 14:46 106496 c:\windows\ie8\url.dll - 2009-11-10 05:09 . 2009-01-07 17:21 382496 c:\windows\ie8\spuninst\updspapi.dll + 2012-08-01 00:00 . 2009-01-07 16:21 382496 c:\windows\ie8\spuninst\updspapi.dll - 2009-11-10 05:09 . 2009-01-07 17:20 231456 c:\windows\ie8\spuninst\spuninst.exe + 2012-08-01 00:00 . 2009-01-07 16:20 231456 c:\windows\ie8\spuninst\spuninst.exe - 2009-11-10 05:09 . 2006-09-06 21:43 213216 c:\windows\ie8\spuninst.exe + 2012-08-01 00:00 . 2006-09-06 21:43 213216 c:\windows\ie8\spuninst.exe - 2009-11-10 05:09 . 2009-08-29 07:36 102912 c:\windows\ie8\occache.dll + 2012-08-01 00:00 . 2012-04-23 14:46 102912 c:\windows\ie8\occache.dll - 2009-11-10 05:09 . 2009-08-29 07:36 671232 c:\windows\ie8\mstime.dll + 2012-08-01 00:00 . 2012-04-23 14:46 671232 c:\windows\ie8\mstime.dll + 2012-08-01 00:00 . 2012-04-23 14:46 193024 c:\windows\ie8\msrating.dll - 2009-11-10 05:09 . 2009-08-29 07:36 193024 c:\windows\ie8\msrating.dll - 2009-11-10 05:09 . 2007-08-13 22:54 156160 c:\windows\ie8\msls31.dll + 2012-08-01 00:00 . 2007-08-13 22:54 156160 c:\windows\ie8\msls31.dll + 2012-08-01 00:00 . 2012-04-23 14:46 479744 c:\windows\ie8\mshtmled.dll + 2012-08-01 00:00 . 2012-04-23 14:46 496128 c:\windows\ie8\msfeeds.dll + 2012-08-01 00:00 . 2011-03-04 06:45 512000 c:\windows\ie8\jscript.dll - 2009-11-10 05:09 . 2009-08-13 15:16 512000 c:\windows\ie8\jscript.dll + 2012-08-01 00:00 . 2012-04-22 06:40 634488 c:\windows\ie8\iexplore.exe + 2012-08-01 00:00 . 2007-08-13 22:54 180736 c:\windows\ie8\ieui.dll - 2009-11-10 05:09 . 2007-08-13 22:54 180736 c:\windows\ie8\ieui.dll + 2012-08-01 00:00 . 2012-04-23 14:46 268288 c:\windows\ie8\iertutil.dll - 2009-11-10 05:09 . 2009-08-29 07:36 268288 c:\windows\ie8\iertutil.dll - 2009-11-10 05:09 . 2007-08-13 22:54 287744 c:\windows\ie8\ieproxy.dll + 2012-08-01 00:00 . 2007-08-13 22:54 287744 c:\windows\ie8\ieproxy.dll + 2012-08-01 00:00 . 2012-04-23 14:46 192512 c:\windows\ie8\iepeers.dll + 2012-08-01 00:00 . 2012-04-23 14:46 384512 c:\windows\ie8\iedkcs32.dll + 2012-08-01 00:00 . 2012-04-23 14:46 380928 c:\windows\ie8\ieapfltr.dll - 2009-11-10 05:09 . 2009-08-29 07:36 380928 c:\windows\ie8\ieapfltr.dll - 2009-11-10 05:09 . 2009-08-27 05:18 161792 c:\windows\ie8\ieakui.dll + 2012-08-01 00:00 . 2012-04-22 06:39 161792 c:\windows\ie8\ieakui.dll + 2012-08-01 00:00 . 2012-04-23 14:46 230400 c:\windows\ie8\ieaksie.dll - 2009-11-10 05:09 . 2009-08-29 07:36 230400 c:\windows\ie8\ieaksie.dll + 2012-08-01 00:00 . 2012-04-23 14:46 153088 c:\windows\ie8\ieakeng.dll - 2009-11-10 05:09 . 2009-08-29 07:36 153088 c:\windows\ie8\ieakeng.dll - 2009-11-10 05:09 . 2009-08-29 07:36 214528 c:\windows\ie8\dxtrans.dll + 2012-08-01 00:00 . 2012-04-23 14:46 214528 c:\windows\ie8\dxtrans.dll + 2012-08-01 00:00 . 2012-04-23 14:46 347136 c:\windows\ie8\dxtmsft.dll - 2009-11-10 05:09 . 2009-08-29 07:36 347136 c:\windows\ie8\dxtmsft.dll - 2009-11-10 05:09 . 2009-08-29 07:36 124928 c:\windows\ie8\advpack.dll + 2012-08-01 00:00 . 2012-04-23 14:46 124928 c:\windows\ie8\advpack.dll + 2012-06-20 21:02 . 2008-10-16 20:38 826368 c:\windows\ie7updates\KB2699988-IE7\wininet.dll + 2012-06-20 21:02 . 2008-10-16 20:38 233472 c:\windows\ie7updates\KB2699988-IE7\webcheck.dll + 2012-06-20 21:02 . 2008-10-16 20:38 105984 c:\windows\ie7updates\KB2699988-IE7\url.dll + 2012-06-20 21:02 . 2012-03-08 15:40 382840 c:\windows\ie7updates\KB2699988-IE7\spuninst\updspapi.dll + 2012-06-20 21:02 . 2012-03-08 15:40 231288 c:\windows\ie7updates\KB2699988-IE7\spuninst\spuninst.exe + 2012-06-20 21:02 . 2008-10-16 20:38 102912 c:\windows\ie7updates\KB2699988-IE7\occache.dll + 2012-06-20 21:02 . 2008-10-16 20:38 671232 c:\windows\ie7updates\KB2699988-IE7\mstime.dll + 2012-06-20 21:02 . 2008-10-16 20:38 193024 c:\windows\ie7updates\KB2699988-IE7\msrating.dll + 2012-06-20 21:02 . 2008-10-16 20:38 477696 c:\windows\ie7updates\KB2699988-IE7\mshtmled.dll + 2012-06-20 21:02 . 2008-10-16 20:38 459264 c:\windows\ie7updates\KB2699988-IE7\msfeeds.dll + 2012-06-20 21:02 . 2008-10-15 07:06 633632 c:\windows\ie7updates\KB2699988-IE7\iexplore.exe + 2012-06-20 21:02 . 2008-10-16 20:38 267776 c:\windows\ie7updates\KB2699988-IE7\iertutil.dll + 2012-06-20 21:02 . 2007-08-13 22:54 191488 c:\windows\ie7updates\KB2699988-IE7\iepeers.dll + 2012-06-20 21:02 . 2008-10-16 20:38 384512 c:\windows\ie7updates\KB2699988-IE7\iedkcs32.dll + 2012-06-20 21:02 . 2008-10-16 20:38 383488 c:\windows\ie7updates\KB2699988-IE7\ieapfltr.dll + 2012-06-20 21:02 . 2008-10-15 07:04 161792 c:\windows\ie7updates\KB2699988-IE7\ieakui.dll + 2012-06-20 21:02 . 2008-10-16 20:38 230400 c:\windows\ie7updates\KB2699988-IE7\ieaksie.dll + 2012-06-20 21:02 . 2008-10-16 20:38 153088 c:\windows\ie7updates\KB2699988-IE7\ieakeng.dll + 2012-06-20 21:02 . 2008-10-16 20:38 133120 c:\windows\ie7updates\KB2699988-IE7\extmgr.dll + 2012-06-20 21:02 . 2008-10-16 20:38 214528 c:\windows\ie7updates\KB2699988-IE7\dxtrans.dll + 2012-06-20 21:02 . 2008-10-16 20:38 347136 c:\windows\ie7updates\KB2699988-IE7\dxtmsft.dll + 2012-06-20 21:02 . 2008-10-16 20:38 124928 c:\windows\ie7updates\KB2699988-IE7\advpack.dll + 2012-06-20 21:05 . 2008-05-27 17:23 765952 c:\windows\ie7updates\KB2544521-IE7\vgx.dll + 2012-06-20 21:05 . 2010-07-05 13:16 382840 c:\windows\ie7updates\KB2544521-IE7\spuninst\updspapi.dll + 2012-06-20 21:05 . 2010-07-05 13:15 231288 c:\windows\ie7updates\KB2544521-IE7\spuninst\spuninst.exe + 2009-04-28 04:49 . 2008-04-14 12:00 144384 c:\windows\I386\IMAGEHLP.DLL + 2009-04-28 04:49 . 2008-04-14 12:00 415896 c:\windows\I386\HWCOMP.DAT + 2009-04-28 04:49 . 2008-04-14 12:00 125952 c:\windows\I386\EXTS.DLL + 2009-04-28 04:49 . 2008-04-14 12:00 162128 c:\windows\I386\DRW\DWWIN.EXE + 2009-04-28 04:48 . 2008-04-14 12:00 640000 c:\windows\I386\DBGHELP.DLL + 2009-04-28 04:48 . 2008-04-14 12:00 847872 c:\windows\I386\DBGENG.DLL + 2009-04-28 04:48 . 2008-04-14 12:00 580608 c:\windows\I386\AUTOFMT.EXE + 2009-04-28 04:48 . 2008-04-14 12:00 588800 c:\windows\I386\AUTOCHK.EXE + 2009-04-28 04:48 . 2008-04-14 12:00 322560 c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL + 2009-04-28 04:48 . 2008-04-14 12:00 921088 c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL + 2009-04-28 04:48 . 2008-04-14 12:00 401462 c:\windows\I386\ASMS\6000\MSFT\VCRTL\MSVCP60.DLL + 2009-04-28 04:48 . 2008-04-14 12:00 995384 c:\windows\I386\ASMS\6000\MSFT\VCRTL\MFC42U.DLL + 2009-04-28 04:48 . 2008-04-14 12:00 995383 c:\windows\I386\ASMS\6000\MSFT\VCRTL\MFC42.DLL + 2009-04-28 04:48 . 2008-09-12 05:32 327192 c:\windows\I386\$OEM$\TEXTMODE\IASTOR.SYS + 2012-06-19 19:17 . 2002-07-25 15:05 172032 c:\windows\Downloaded Program Files\isusweb.dll + 2012-06-19 19:17 . 2002-07-25 15:13 196608 c:\windows\Downloaded Program Files\dwusplay.exe + 2012-07-11 10:43 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2719985$\spuninst\updspapi.dll + 2012-07-11 10:43 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2719985$\spuninst\spuninst.exe + 2012-07-11 10:43 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2718523$\spuninst\updspapi.dll + 2012-07-11 10:43 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2718523$\spuninst\spuninst.exe + 2012-07-11 10:38 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2698365$\spuninst\updspapi.dll + 2012-07-11 10:38 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2698365$\spuninst\spuninst.exe + 2012-07-11 10:38 . 2010-11-09 14:52 536576 c:\windows\$NtUninstallKB2698365$\msado15.dll + 2012-07-11 10:44 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2691442$\spuninst\updspapi.dll + 2012-07-11 10:44 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2691442$\spuninst\spuninst.exe + 2012-07-11 10:43 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2655992$\spuninst\updspapi.dll + 2012-07-11 10:43 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2655992$\spuninst\spuninst.exe + 2012-07-11 10:43 . 2011-11-16 14:21 152064 c:\windows\$NtUninstallKB2655992$\schannel.dll + 2012-06-20 21:04 . 2008-05-09 10:53 430080 c:\windows\$NtUninstallKB2510581$\vbscript.dll + 2012-06-20 21:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2510581$\spuninst\updspapi.dll + 2012-06-20 21:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2510581$\spuninst\spuninst.exe + 2012-06-20 21:04 . 2009-08-13 15:16 512000 c:\windows\$NtUninstallKB2510581$\jscript.dll + 2009-03-21 23:29 . 2009-03-21 23:29 991744 c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll + 2009-02-10 23:26 . 2009-02-10 23:26 617472 c:\windows\$hf_mig$\KB956572\SP3QFE\advapi32.dll + 2008-04-12 04:22 . 2008-04-12 04:22 691712 c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll + 2012-07-11 10:43 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2719985\update\updspapi.dll + 2012-07-11 10:43 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2719985\update\update.exe + 2012-07-11 10:43 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2719985\spuninst.exe + 2012-07-11 10:43 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2718523\update\updspapi.dll + 2012-07-11 10:43 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2718523\update\update.exe + 2012-07-11 10:43 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2718523\spuninst.exe + 2012-06-20 21:02 . 2012-03-08 15:40 382840 c:\windows\$hf_mig$\KB2699988-IE7\update\updspapi.dll + 2012-06-20 21:02 . 2012-03-08 15:40 755576 c:\windows\$hf_mig$\KB2699988-IE7\update\update.exe + 2012-06-20 21:02 . 2012-03-08 15:40 231288 c:\windows\$hf_mig$\KB2699988-IE7\spuninst.exe + 2012-05-15 15:37 . 2012-05-15 15:37 841216 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\wininet.dll + 2012-04-23 14:45 . 2012-04-23 14:45 233472 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\webcheck.dll + 2012-04-23 14:45 . 2012-04-23 14:45 106496 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\url.dll + 2012-04-23 14:45 . 2012-04-23 14:45 102912 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\occache.dll + 2012-04-23 14:45 . 2012-04-23 14:45 671232 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\mstime.dll + 2012-04-23 14:45 . 2012-04-23 14:45 193024 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\msrating.dll + 2012-04-23 14:45 . 2012-04-23 14:45 479744 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\mshtmled.dll + 2012-04-23 14:45 . 2012-04-23 14:45 496128 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\msfeeds.dll + 2012-04-22 06:32 . 2012-04-22 06:32 634488 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\iexplore.exe + 2012-04-23 14:45 . 2012-04-23 14:45 268288 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\iertutil.dll + 2012-04-23 14:45 . 2012-04-23 14:45 193024 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\iepeers.dll + 2012-04-23 14:45 . 2012-04-23 14:45 388608 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\iedkcs32.dll + 2012-04-23 14:45 . 2012-04-23 14:45 380928 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\ieapfltr.dll + 2012-04-22 06:31 . 2012-04-22 06:31 161792 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\ieakui.dll + 2012-04-23 14:45 . 2012-04-23 14:45 230400 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\ieaksie.dll + 2012-04-23 14:45 . 2012-04-23 14:45 153088 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\ieakeng.dll + 2012-04-23 14:45 . 2012-04-23 14:45 132608 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\extmgr.dll + 2012-04-23 14:45 . 2012-04-23 14:45 214528 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\dxtrans.dll + 2012-04-23 14:45 . 2012-04-23 14:45 347136 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\dxtmsft.dll + 2012-04-23 14:45 . 2012-04-23 14:45 124928 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\advpack.dll + 2012-07-11 10:38 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2698365\update\updspapi.dll + 2012-07-11 10:38 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2698365\update\update.exe + 2012-07-11 10:38 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2698365\spuninst.exe + 2012-07-10 19:25 . 2012-05-28 18:15 102400 c:\windows\$hf_mig$\KB2698365\SP3QFE\msjro.dll + 2012-07-10 19:25 . 2012-05-28 18:15 200704 c:\windows\$hf_mig$\KB2698365\SP3QFE\msadox.dll + 2012-07-10 19:25 . 2012-05-28 18:15 180224 c:\windows\$hf_mig$\KB2698365\SP3QFE\msadomd.dll + 2012-07-10 19:25 . 2012-05-28 18:15 565248 c:\windows\$hf_mig$\KB2698365\SP3QFE\msado15.dll + 2012-07-10 19:25 . 2012-05-28 18:15 143360 c:\windows\$hf_mig$\KB2698365\SP3QFE\msadco.dll + 2012-07-11 10:44 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2691442\update\updspapi.dll + 2012-07-11 10:44 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2691442\update\update.exe + 2012-07-11 10:44 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2691442\spuninst.exe + 2012-07-11 10:43 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2655992\update\updspapi.dll + 2012-07-11 10:43 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2655992\update\update.exe + 2012-07-11 10:43 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2655992\spuninst.exe + 2012-06-04 04:31 . 2012-06-04 04:31 153088 c:\windows\$hf_mig$\KB2655992\SP3QFE\schannel.dll + 2012-06-20 21:20 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2598845-IE8\update\updspapi.dll + 2012-06-20 21:20 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2598845-IE8\update\update.exe + 2012-06-20 21:20 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2598845-IE8\spuninst.exe + 2012-06-20 21:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544521-IE7\update\updspapi.dll + 2012-06-20 21:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544521-IE7\update\update.exe + 2012-06-20 21:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544521-IE7\spuninst.exe + 2012-06-19 13:05 . 2011-04-30 08:49 766464 c:\windows\$hf_mig$\KB2544521-IE7\SP3QFE\vgx.dll + 2012-06-20 21:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2510581\update\updspapi.dll + 2012-06-20 21:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2510581\update\update.exe + 2012-06-20 21:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2510581\spuninst.exe + 2011-03-04 06:42 . 2011-03-04 06:42 434176 c:\windows\$hf_mig$\KB2510581\SP3QFE\vbscript.dll + 2011-03-04 06:42 . 2011-03-04 06:42 512000 c:\windows\$hf_mig$\KB2510581\SP3QFE\jscript.dll + 2008-06-20 11:16 . 2008-06-20 11:16 225856 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip6.sys + 2008-06-20 11:59 . 2008-06-20 11:59 361600 c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys + 2008-06-20 17:43 . 2008-06-20 17:43 245248 c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll + 2008-10-16 15:07 . 2008-10-16 15:07 138496 c:\windows\$hf_mig$\KB2509553\SP3QFE\afd.sys + 2009-04-27 21:58 . 2008-04-14 12:00 1724416 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll + 2009-04-27 21:58 . 2008-04-14 12:00 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll + 2006-12-01 23:25 . 2006-12-01 23:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 23:25 . 2006-12-01 23:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2005-09-23 01:16 . 2005-09-23 01:16 1079808 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll + 2005-09-23 01:16 . 2005-09-23 01:16 1093632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll + 2012-06-19 18:58 . 2007-03-29 22:00 1028096 c:\windows\twain_32\escndv\es0080\esui.dll + 2012-06-19 18:58 . 2006-07-31 22:00 1658880 c:\windows\twain_32\escndv\es0080\esimgdet.dll + 2012-06-19 18:58 . 2007-03-07 22:00 3518464 c:\windows\twain_32\escndv\es0080\escires.dll + 2010-02-09 09:54 . 2010-02-09 09:54 2293760 c:\windows\system32\xerces-c_3_1.dll + 2006-10-19 01:47 . 2006-10-19 01:47 2603008 c:\windows\system32\WpdShext.dll + 2006-10-19 01:47 . 2006-10-19 01:47 1382912 c:\windows\system32\WMVSDECD.dll + 2006-10-19 01:47 . 2006-10-19 01:47 1574912 c:\windows\system32\WMVENCOD.dll + 2006-10-19 01:47 . 2006-10-19 01:47 1543680 c:\windows\system32\WMVDECOD.dll + 2006-10-19 01:47 . 2006-10-19 01:47 1661440 c:\windows\system32\wmpencen.dll + 2012-06-19 19:02 . 2007-03-15 06:00 1187840 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FUICCEE.DLL + 2012-06-19 19:02 . 2007-03-30 04:20 1480704 c:\windows\system32\spool\drivers\w32x86\epsonstylus_dx8400127c\E_FSR0CEE.DLL + 2012-06-23 11:59 . 2001-08-17 20:36 1853952 c:\windows\system32\spool\drivers\w32x86\3\HPFIMG50.DLL + 2012-06-19 19:02 . 2007-03-15 06:00 1187840 c:\windows\system32\spool\drivers\w32x86\3\E_FUICCEE.DLL + 2012-06-19 19:02 . 2007-03-30 04:20 1480704 c:\windows\system32\spool\drivers\w32x86\3\E_FSR0CEE.DLL + 2009-04-28 04:51 . 2012-06-08 14:26 8462848 c:\windows\system32\shell32.dll + 2007-11-14 10:38 . 2007-11-14 10:38 4014080 c:\windows\system32\qt-mt334.dll + 2011-06-12 13:09 . 2011-06-12 13:09 2206720 c:\windows\system32\python27.dll + 2008-04-14 00:54 . 2012-05-04 13:16 2148352 c:\windows\system32\ntoskrnl.exe + 2008-04-14 00:01 . 2012-05-04 12:32 2026496 c:\windows\system32\ntkrnlpa.exe + 2012-08-02 18:52 . 2012-08-02 18:52 9465032 c:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll + 2007-12-17 17:30 . 2007-12-17 17:30 1044480 c:\windows\system32\libeay32_0_9_8g.dll + 2007-08-13 22:34 . 2012-05-11 14:42 2000384 c:\windows\system32\iertutil.dll + 2007-02-12 20:10 . 2009-02-06 19:07 3698584 c:\windows\system32\ieapfltr.dat + 2009-04-28 05:02 . 2012-06-02 13:19 1933848 c:\windows\system32\dllcache\wuaueng.dll + 2009-04-28 04:51 . 2012-06-13 13:19 1866112 c:\windows\system32\dllcache\win32k.sys + 2009-04-28 04:51 . 2012-06-08 14:26 8462848 c:\windows\system32\dllcache\shell32.dll + 2009-02-07 23:02 . 2012-05-04 12:32 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe + 2009-04-28 04:51 . 2012-06-05 15:50 1372672 c:\windows\system32\dllcache\msxml6.dll - 2009-04-28 04:51 . 2009-07-31 09:05 1372672 c:\windows\system32\dllcache\msxml6.dll - 2009-04-28 04:51 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll + 2009-04-28 04:51 . 2012-06-05 15:50 1172480 c:\windows\system32\dllcache\msxml3.dll + 2009-05-05 16:50 . 2009-02-06 19:07 3698584 c:\windows\system32\dllcache\ieapfltr.dat - 2009-05-05 16:50 . 2009-02-06 20:07 3698584 c:\windows\system32\dllcache\ieapfltr.dat + 2008-07-29 22:40 . 2008-07-29 22:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe + 2008-07-29 17:47 . 2008-07-29 17:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll + 2008-07-29 17:47 . 2008-07-29 17:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll + 2008-07-29 17:47 . 2008-07-29 17:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll + 2008-07-29 22:40 . 2008-07-29 22:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe + 2008-12-05 18:35 . 2008-12-05 18:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll + 2008-07-29 20:10 . 2008-07-29 20:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll + 2008-07-29 20:10 . 2008-07-29 20:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll + 2008-07-25 10:16 . 2008-07-25 10:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2008-07-25 10:17 . 2008-07-25 10:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2008-11-25 03:59 . 2008-11-25 03:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2008-07-25 10:17 . 2008-07-25 10:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2008-07-25 10:16 . 2008-07-25 10:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2004-07-15 12:15 . 2004-07-15 12:15 1032192 c:\windows\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll + 2004-07-15 18:29 . 2004-07-15 18:29 1339392 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.XML.dll + 2004-07-15 18:29 . 2004-07-15 18:29 1703936 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Design.dll + 2004-07-15 18:32 . 2004-07-15 18:32 1294336 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.dll + 2007-04-14 00:57 . 2007-04-14 00:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW660\_mscorwks.dll + 2007-04-14 00:57 . 2007-04-14 00:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW660\_mscorsvr.dll + 2007-04-14 00:50 . 2007-04-14 00:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW660\_mscorlib.dll + 2004-07-15 04:28 . 2004-07-15 04:28 2502656 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3248\_mscorwks.dll + 2004-07-15 04:26 . 2004-07-15 04:26 2510848 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3248\_mscorsvr.dll + 2004-07-15 18:29 . 2004-07-15 18:29 2138112 c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3248\_mscorlib.dll + 2003-03-05 08:57 . 2003-03-05 08:57 1564672 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.dll + 2012-08-06 14:14 . 2012-08-06 14:14 1464320 c:\windows\Installer\f474.msi + 2005-10-26 13:59 . 2005-10-26 13:59 2883072 c:\windows\Installer\a32e21.msp + 2012-06-29 12:33 . 2012-06-29 12:33 6063616 c:\windows\Installer\48dd17.msp + 2008-12-13 08:57 . 2008-12-13 08:57 8397824 c:\windows\Installer\40bdd1.msp + 2008-07-29 18:26 . 2008-07-29 18:26 1043456 c:\windows\Installer\3fdf4a.msp + 2008-07-29 19:37 . 2008-07-29 19:37 2679808 c:\windows\Installer\3fdf48.msp + 2008-07-29 20:15 . 2008-07-29 20:15 3697664 c:\windows\Installer\3fdf46.msp + 2008-07-29 18:34 . 2008-07-29 18:34 1448448 c:\windows\Installer\3fdf45.msp + 2008-07-29 19:22 . 2008-07-29 19:22 4137984 c:\windows\Installer\3fdf44.msp + 2008-07-29 18:18 . 2008-07-29 18:18 3376640 c:\windows\Installer\3fdf43.msp + 2008-07-29 16:45 . 2008-07-29 16:45 2543616 c:\windows\Installer\3d8111.msp + 2008-07-29 16:29 . 2008-07-29 16:29 2926080 c:\windows\Installer\3d8110.msp + 2008-07-29 16:41 . 2008-07-29 16:41 6487040 c:\windows\Installer\3d810f.msp + 2008-07-29 16:39 . 2008-07-29 16:39 3403264 c:\windows\Installer\3d810e.msp + 2008-07-29 16:43 . 2008-07-29 16:43 1013248 c:\windows\Installer\3d810c.msp + 2008-07-29 16:31 . 2008-07-29 16:31 6083072 c:\windows\Installer\3d8109.msp + 2008-06-19 17:28 . 2008-06-19 17:28 1573376 c:\windows\Installer\30ea33.msp + 2008-10-20 09:18 . 2008-10-20 09:18 6474240 c:\windows\Installer\30ea20.msp + 2012-07-10 10:27 . 2012-07-10 10:27 1516544 c:\windows\Installer\2c1085d.msi + 2012-06-27 00:06 . 2012-06-27 00:06 1826304 c:\windows\Installer\239e8c.msi + 2012-06-19 19:16 . 2012-06-19 19:16 1129472 c:\windows\Installer\226c2a1.msi + 2012-06-19 19:08 . 2012-06-19 19:08 1590784 c:\windows\Installer\226c297.msi + 2009-04-24 11:31 . 2009-04-24 11:31 1425920 c:\windows\Installer\1fe0ed.msp + 2008-04-01 13:33 . 2008-04-01 13:33 5479936 c:\windows\Installer\1fe0e2.msp + 2009-04-24 11:30 . 2009-04-24 11:30 2583552 c:\windows\Installer\1fe0b3.msp + 2008-01-14 15:53 . 2008-01-14 15:53 5213696 c:\windows\Installer\1fe092.msp + 2008-10-25 08:15 . 2008-10-25 08:15 6227456 c:\windows\Installer\1fe06d.msp + 2007-11-14 15:00 . 2007-11-14 15:00 4117504 c:\windows\Installer\1fe003.msp + 2007-05-09 16:19 . 2007-05-09 16:19 2585936 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\VBE6.DLL + 2007-04-19 12:49 . 2007-04-19 12:49 1661280 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\PPTVIEW.EXE + 2007-05-31 12:35 . 2007-05-31 12:35 6420320 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE + 2007-05-10 12:45 . 2007-05-10 12:45 8069464 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\OWC11.DLL + 2007-03-14 12:10 . 2007-03-14 12:10 7255384 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\OWC10.DLL + 2007-05-31 12:43 . 2007-05-31 12:43 7613280 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\OUTLLIB.DLL + 2007-04-19 13:09 . 2007-04-19 13:09 1061720 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\OMFC.DLL + 2007-05-10 12:35 . 2007-05-10 12:35 6747480 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\MSPUB.EXE + 2006-09-27 01:01 . 2006-09-27 01:01 2113536 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\MSOLAP80.DLL + 2005-05-04 04:06 . 2005-05-04 04:06 1411816 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\MSDMINE.DLL + 2007-05-10 12:43 . 2007-05-10 12:43 6688096 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\MSACCESS.EXE + 2007-04-30 13:57 . 2007-04-30 13:57 7084384 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\INFOPATH.EXE + 2007-06-06 09:53 . 2007-06-06 09:53 1195888 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\FM20.DLL + 2003-07-03 14:19 . 2003-07-03 14:19 2502656 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\VBE6.DLL + 2003-08-03 17:52 . 2003-08-03 17:52 2808376 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\STSLIST.DLL + 2003-07-31 22:21 . 2003-07-31 22:21 1782840 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\PPTVIEW.EXE + 2003-07-30 19:40 . 2003-07-30 19:40 6133312 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\POWERPNT.EXE + 2003-08-01 22:09 . 2003-08-01 22:09 8086072 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OWC11.DLL + 2003-08-04 20:19 . 2003-08-04 20:19 7330360 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OWC10.DLL + 2003-08-10 06:06 . 2003-08-10 06:06 7522360 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OUTLLIB.DLL + 2003-07-07 20:36 . 2003-07-07 20:36 2058343 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OUTLFLTR.DAT + 2003-07-15 06:05 . 2003-07-15 06:05 1054264 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\OMFC.DLL + 2003-07-28 19:24 . 2003-07-28 19:24 5677112 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSPUB.EXE + 2003-06-18 16:31 . 2003-06-18 16:31 1033216 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSPCORE.DLL + 2003-08-15 07:54 . 2003-08-15 07:54 6627392 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSACCESS.EXE + 2003-08-01 22:07 . 2003-08-01 22:07 4815424 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\INFOPATH.EXE + 2003-07-15 06:11 . 2003-07-15 06:11 2139192 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\GRAPH.EXE + 2003-07-26 02:00 . 2003-07-26 02:00 1157696 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\FPSRVUTL.DLL + 2003-07-24 06:01 . 2003-07-24 06:01 1949240 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\FPCUTL.DLL + 2007-06-21 14:44 . 2007-06-21 14:44 2901344 c:\windows\Installer\$PatchCache$\Managed\0DC8CB51B56A0D742ADD098A4295F08A\9.7.621\F22194_wksssdb.dll + 2006-10-27 19:11 . 2006-10-27 19:11 4235560 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\WRD12CNV.DLL + 2006-10-27 01:08 . 2006-10-27 01:08 1764112 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\PPCNV.DLL + 2006-10-27 19:18 . 2006-10-27 19:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\OGL.DLL + 2006-10-27 00:42 . 2006-10-27 00:42 8423224 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\OARTCONV.DLL + 2012-08-01 00:02 . 2009-03-08 02:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll + 2012-08-01 00:02 . 2009-03-08 02:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll + 2012-08-01 00:02 . 2009-03-08 02:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll - 2012-06-14 00:12 . 2012-03-01 11:01 1212416 c:\windows\ie8updates\KB2699988-IE8\urlmon.dll + 2012-08-01 00:04 . 2011-11-04 19:20 1212416 c:\windows\ie8updates\KB2699988-IE8\urlmon.dll + 2012-08-01 00:04 . 2011-11-04 19:20 5978112 c:\windows\ie8updates\KB2699988-IE8\mshtml.dll + 2012-08-01 00:04 . 2011-11-04 19:20 2000384 c:\windows\ie8updates\KB2699988-IE8\iertutil.dll - 2012-06-14 00:12 . 2012-03-01 11:01 2000384 c:\windows\ie8updates\KB2699988-IE8\iertutil.dll + 2012-08-01 00:03 . 2010-05-06 10:41 1209344 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll + 2012-08-01 00:03 . 2010-05-06 10:41 5950976 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll + 2012-08-01 00:03 . 2010-05-06 10:41 1985536 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll + 2012-08-01 00:00 . 2012-04-23 14:46 1168896 c:\windows\ie8\urlmon.dll + 2012-08-01 00:00 . 2012-04-23 14:46 3618816 c:\windows\ie8\mshtml.dll + 2012-08-01 00:00 . 2012-04-23 14:46 6105088 c:\windows\ie8\ieframe.dll - 2009-11-10 05:09 . 2009-06-29 08:33 2452872 c:\windows\ie8\ieapfltr.dat + 2012-08-01 00:00 . 2009-06-29 08:33 2452872 c:\windows\ie8\ieapfltr.dat + 2012-06-20 21:02 . 2008-10-16 20:38 1160192 c:\windows\ie7updates\KB2699988-IE7\urlmon.dll + 2012-06-20 21:02 . 2008-12-13 06:40 3593216 c:\windows\ie7updates\KB2699988-IE7\mshtml.dll + 2012-06-20 21:02 . 2008-10-16 20:38 6066176 c:\windows\ie7updates\KB2699988-IE7\ieframe.dll + 2012-06-20 21:02 . 2007-04-17 09:32 2455488 c:\windows\ie7updates\KB2699988-IE7\ieapfltr.dat + 2009-04-28 04:48 . 2008-04-14 12:00 1724416 c:\windows\I386\ASMS\1000\MSFT\WINDOWS\GDIPLUS\GDIPLUS.DLL + 2009-02-07 23:02 . 2012-05-04 12:32 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2012-07-11 10:43 . 2009-07-31 09:05 1372672 c:\windows\$NtUninstallKB2719985$\msxml6.dll + 2012-07-11 10:43 . 2010-06-14 07:41 1172480 c:\windows\$NtUninstallKB2719985$\msxml3.dll + 2012-07-11 10:43 . 2012-05-15 13:20 1863168 c:\windows\$NtUninstallKB2718523$\win32k.sys + 2012-07-11 10:44 . 2011-01-21 14:44 8462336 c:\windows\$NtUninstallKB2691442$\shell32.dll + 2009-04-17 10:50 . 2009-04-17 10:50 1847808 c:\windows\$hf_mig$\KB968537\SP3QFE\win32k.sys + 2009-02-21 17:09 . 2009-02-21 17:09 3596800 c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll + 2008-10-16 10:34 . 2008-10-16 10:34 3067904 c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll + 2008-08-14 20:11 . 2008-08-14 20:11 2189184 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe + 2008-08-14 19:39 . 2008-08-14 19:39 2066048 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe + 2009-02-07 23:35 . 2009-02-07 23:35 2189184 c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe + 2008-06-25 13:54 . 2008-06-25 13:54 3067904 c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll + 2012-06-05 15:48 . 2012-06-05 15:48 1447936 c:\windows\$hf_mig$\KB2719985\SP3QFE\msxml6.dll + 2012-06-05 15:48 . 2012-06-05 15:48 1172480 c:\windows\$hf_mig$\KB2719985\SP3QFE\msxml3.dll + 2012-07-10 19:26 . 2012-06-13 13:29 1875072 c:\windows\$hf_mig$\KB2718523\SP3QFE\win32k.sys + 2012-04-23 14:45 . 2012-04-23 14:45 1172992 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\urlmon.dll + 2012-04-23 14:45 . 2012-04-23 14:45 3620864 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\mshtml.dll + 2012-04-23 14:45 . 2012-04-23 14:45 6108672 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\ieframe.dll + 2010-07-05 20:32 . 2010-07-05 20:32 2452872 c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\ieapfltr.dat + 2012-06-08 14:24 . 2012-06-08 14:24 8463872 c:\windows\$hf_mig$\KB2691442\SP3QFE\shell32.dll + 2009-11-10 05:07 . 2012-07-11 10:39 57442464 c:\windows\system32\MRT.exe + 2007-08-13 22:54 . 2012-05-11 18:12 11111424 c:\windows\system32\ieframe.dll + 2012-08-06 13:15 . 2012-08-06 13:15 48514048 c:\windows\Installer\ee9082.msi + 2008-09-24 11:05 . 2008-09-24 11:05 16381440 c:\windows\Installer\a32e0b.msp + 2008-08-11 10:49 . 2008-08-11 10:49 22457344 c:\windows\Installer\67e172.msp + 2008-12-13 09:21 . 2008-12-13 09:21 10473472 c:\windows\Installer\40bddc.msp + 2008-08-11 10:51 . 2008-08-11 10:51 15916544 c:\windows\Installer\30ea3c.msp + 2009-02-25 18:07 . 2009-02-25 18:07 11646464 c:\windows\Installer\30ea29.msp + 2009-04-04 06:35 . 2009-04-04 06:35 38325760 c:\windows\Installer\23bc1.msp + 2008-06-04 12:29 . 2008-06-04 12:29 16905728 c:\windows\Installer\1fe0c9.msp + 2008-01-14 14:24 . 2008-01-14 14:24 10721280 c:\windows\Installer\1fe058.msp + 2007-10-14 22:33 . 2007-10-14 22:33 26646016 c:\windows\Installer\1d23c.msp + 2007-05-31 12:37 . 2007-05-31 12:37 12310368 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\WINWORD.EXE + 2007-06-18 16:16 . 2007-06-18 16:16 12259160 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\MSO.DLL + 2007-05-31 12:41 . 2007-05-31 12:41 10352472 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\EXCEL.EXE + 2003-08-06 20:24 . 2003-08-06 20:24 12037688 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\WINWORD.EXE + 2003-08-08 07:23 . 2003-08-08 07:23 12172336 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\MSO.DLL + 2003-08-13 09:34 . 2003-08-13 09:34 10073144 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.5614\EXCEL.EXE + 2006-10-27 01:13 . 2006-10-27 01:13 14674216 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\XL12CNV.EXE + 2006-10-27 19:26 . 2006-10-27 19:26 16870712 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\MSO.DLL + 2012-08-01 00:02 . 2009-03-08 02:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll + 2012-08-01 00:04 . 2011-11-04 19:20 11081728 c:\windows\ie8updates\KB2699988-IE8\ieframe.dll + 2012-08-01 00:03 . 2010-05-06 10:41 11076096 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll + 2007-07-27 08:24 . 2007-07-27 08:24 127991808 c:\windows\Installer\1d362.msp . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072] "AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784] "AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304] "AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920] "SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "RTHDCPL"="RTHDCPL.EXE" [2009-04-27 17881088] "ModemListener"="c:\program files\Mobilni Internet\ModemListener.exe" [2010-07-13 98304] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-05-22 296056] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "beidsccertprop"="c:\program files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe" [2012-02-21 31768] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\PoivY.com\\PoivY\\PoivY.exe"= "c:\\Program Files\\SmsDiscount.com\\SmsDiscount\\SmsDiscount.exe"= "c:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . S0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [29/07/2012 20:52 65848] S1 RapportCerberus_42020;RapportCerberus_42020;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_42020.sys [6/08/2012 16:15 228376] S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [29/07/2012 20:52 71480] S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [29/07/2012 20:52 166840] S2 Browser Manager;Browser Manager;c:\documents and settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [13/08/2012 18:37 1697312] S2 DeviceManager;DeviceManager;c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start --> c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start [?] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/06/2012 11:11 655944] S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [29/07/2012 20:52 976728] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [10/07/2012 12:26 33536] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [19/06/2012 10:08 250056] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5/05/2009 18:00 1684736] S3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28/04/2009 3:59 38912] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/06/2012 11:11 22344] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [13/08/2012 19:17 113120] S3 qcusbser;Modem Interface USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbser.sys [18/07/2011 14:07 103552] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [5/05/2009 19:16 232872] S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [16/03/2009 23:27 39040] . Contents of the 'Scheduled Tasks' folder . 2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-19 18:52] . 2012-08-14 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . 2012-08-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-07-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-06-23 c:\windows\Tasks\WavePadReminder.job - c:\program files\NCH Software\WavePad\wavepad.exe [2012-05-30 20:36] . . ------- Supplementary Scan ------- . IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Jan\Application Data\Mozilla\Firefox\Profiles\lxmafyry.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=113480&tt=120812_bandext_3312_4&babsrc=HP_ss&mntrId=648d7a1a000000000000002618fcbe43 . - - - - ORPHANS REMOVED - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-14 13:13 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•A~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Completion time: 2012-08-14 13:16:05 ComboFix-quarantined-files.txt 2012-08-14 11:16 ComboFix2.txt 2012-06-18 20:32 ComboFix3.txt 2012-06-10 14:19 ComboFix4.txt 2012-06-09 21:32 . Pre-Run: 30.012.567.552 bytes free Post-Run: 30.548.840.448 bytes free . - - End Of File - - E71409E16FE2F99EE76495A6BE58701F

14 augustus 2012
16 antwoorden

i search babylon (zoekmachine in IE en Firefox)

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

In veilige modus zijn de 3 regels verwijderd kunnen worden. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:08:23, on 14/08/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Jan\Desktop\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: WebBlock Class - {C6B08E8D-3F9A-4710-9F38-E4BF827C6AC2} - C:\Program Files\Ashkon Software\Website Block\webblock.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ModemListener] C:\Program Files\Mobilni Internet\ModemListener.exe start O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SFE.tmp" /EF "HKCU" O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Browser Manager - Unknown owner - C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe O23 - Service: DeviceManager - Unknown owner - C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- End of file - 7459 bytes

14 augustus 2012
16 antwoorden

i search babylon (zoekmachine in IE en Firefox)

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

Het log van MBAM: Malwarebytes Anti-Malware 1.62.0.1300 Malwarebytes : Free anti-malware download Database version: v2012.08.14.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Jan :: JANLAPTOP [administrator] Protection: Enabled 14/08/2012 8:42:26 mbam-log-2012-08-14 (08-42-26).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 204848 Time elapsed: 15 minute(s), 16 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Het HJTlog. Ik heb gzien dat onderstaande 3 regels, die ik moest verwijderen in HJT, terug in de nieuwe log staan. O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O20 - AppInit_DLLs: c:\docume~1\alluse~1\applic~1\browse~1\22565~1.25\{16cdf~1\browse~1.dll Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:00:44, on 14/08/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\EeePC\ACPI\AsEPCMon.exe C:\Program Files\EeePC\ACPI\AsTray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Mobilni Internet\ModemListener.exe C:\WINDOWS\system32\igfxext.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE C:\Program Files\Java\jre6\bin\jucheck.exe C:\Documents and Settings\Jan\Desktop\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: WebBlock Class - {C6B08E8D-3F9A-4710-9F38-E4BF827C6AC2} - C:\Program Files\Ashkon Software\Website Block\webblock.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ModemListener] C:\Program Files\Mobilni Internet\ModemListener.exe start O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SFE.tmp" /EF "HKCU" O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\docume~1\alluse~1\applic~1\browse~1\22565~1.25\{16cdf~1\browse~1.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Browser Manager - Unknown owner - C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe O23 - Service: DeviceManager - Unknown owner - C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- End of file - 9120 bytes

14 augustus 2012
16 antwoorden

i search babylon (zoekmachine in IE en Firefox)

Jean Robbe plaatste een topic in Archief Bestrijding malware & virussen

Zojuist een ongewenste zoekmachine op de pc gekregen. Hopelijk weten jullie raad om deze te verwijderen. Ik heb alvast mijn HJT-log geplaatst. Alvast bedankt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:12:01, on 13/08/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe C:\Program Files\EeePC\ACPI\AsEPCMon.exe C:\Program Files\EeePC\ACPI\AsTray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Mobilni Internet\ModemListener.exe C:\WINDOWS\system32\igfxext.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE C:\Program Files\Java\jre6\bin\jucheck.exe C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Jan\My Documents\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: WebBlock Class - {C6B08E8D-3F9A-4710-9F38-E4BF827C6AC2} - C:\Program Files\Ashkon Software\Website Block\webblock.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ModemListener] C:\Program Files\Mobilni Internet\ModemListener.exe start O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_SFE.tmp" /EF "HKCU" O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\docume~1\alluse~1\applic~1\browse~1\22565~1.25\{16cdf~1\browse~1.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Browser Manager - Unknown owner - C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe O23 - Service: DeviceManager - Unknown owner - C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- End of file - 9429 bytes

13 augustus 2012
16 antwoorden

SearchYa

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

Ja, de SearchYa zoekmachine en werkbalk komen nog te voorschijn bij het openen van firefox.

19 juni 2012
15 antwoorden

SearchYa

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

ComboFix 12-06-09.02 - Jan 18/06/2012 22:26:28.3.2 - x86 MINIMAL Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.681 [GMT 2:00] Running from: c:\documents and settings\Jan\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Jan\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . - REDUCED FUNCTIONALITY MODE - . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\Cache c:\windows\system32\Cache\257f32dc13da2f6f.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\2c53092c95605355.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\a8556537add6dfc5.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\Thumbs.db E:\Autorun.inf . . ((((((((((((((((((((((((( Files Created from 2012-05-18 to 2012-06-18 ))))))))))))))))))))))))))))))) . . 2012-06-18 20:10 . 2012-06-18 20:10 -------- d-----w- c:\documents and settings\Jan\Local Settings\Application Data\AVG Secure Search 2012-06-18 20:10 . 2012-06-18 20:10 -------- d-----w- c:\documents and settings\Jan\Application Data\AVG Secure Search 2012-06-18 20:10 . 2012-06-18 20:10 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search 2012-06-18 20:09 . 2012-06-18 20:10 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2012-06-18 20:09 . 2012-06-18 20:10 -------- d-----w- c:\program files\AVG Secure Search 2012-06-18 20:08 . 2012-06-18 20:13 -------- d-----w- c:\windows\system32\drivers\AVG 2012-06-13 22:48 . 2012-05-11 14:42 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-06-05 21:21 . 2012-06-05 21:22 -------- d-----w- c:\program files\CCleaner 2012-06-05 21:07 . 2012-06-05 21:08 -------- d-----w- c:\documents and settings\The Real Admin 2012-06-04 09:12 . 2012-06-04 09:12 -------- d-----w- c:\documents and settings\Jan\Application Data\Malwarebytes 2012-06-04 09:11 . 2012-06-04 09:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-06-04 09:11 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-04 09:11 . 2012-06-04 09:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-04 08:41 . 2012-06-04 08:41 -------- d-----w- c:\documents and settings\Jan\Application Data\DriverCure 2012-06-04 08:41 . 2012-06-04 08:41 -------- d-----w- c:\documents and settings\Jan\Application Data\SpeedyPC Software 2012-06-04 08:41 . 2012-06-04 08:49 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software 2012-06-04 01:17 . 2012-06-04 01:17 58 ----a-w- C:\user.js 2012-06-03 23:40 . 2012-06-04 20:44 -------- d-----w- c:\documents and settings\Jan\Local Settings\Application Data\Google 2012-06-03 23:40 . 2012-06-04 21:21 -------- d-----w- c:\program files\Google 2012-06-03 23:40 . 2012-06-03 23:40 -------- d-----w- c:\program files\Western Digital 2012-06-03 11:43 . 2012-06-03 11:43 -------- d-----w- c:\documents and settings\Jan\Application Data\AVG2012 2012-06-03 11:24 . 2012-06-18 20:11 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012 2012-06-03 11:07 . 2012-06-18 20:11 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\program files\NCH Software 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\program files\NCH Swift Sound 2012-05-27 22:14 . 2012-05-27 22:14 -------- d-----w- c:\documents and settings\Jan\Application Data\MakeitOne 2012-05-27 22:14 . 2012-05-27 22:14 -------- d-----w- c:\program files\MakeitOne 2012-05-22 08:48 . 2012-05-22 08:48 -------- d-----w- c:\program files\Common Files\xing shared 2012-05-22 08:46 . 2012-05-22 08:46 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-05-22 08:46 . 2012-05-22 08:46 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-05-21 00:50 . 2012-05-21 00:50 -------- d-----w- C:\amd64 2012-05-21 00:50 . 2012-05-21 00:50 -------- d-----w- C:\i386 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-31 13:22 . 2009-04-28 04:51 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08 . 2009-04-28 04:51 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20 . 2009-04-28 04:51 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:42 . 2009-04-28 04:51 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:42 . 2009-04-28 04:51 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38 . 2009-04-28 04:51 385024 ----a-w- c:\windows\system32\html.iec 2012-05-04 13:16 . 2008-04-14 00:54 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32 . 2008-04-14 00:01 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46 . 2009-04-28 05:01 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-19 02:50 . 2012-04-19 02:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2012-04-29 21:15 . 2012-02-21 17:23 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-06-09_21.20.01 ))))))))))))))))))))))))))))))))))))))))) . - 2009-04-28 04:51 . 2012-05-28 22:06 85784 c:\windows\system32\perfc009.dat + 2009-04-28 04:51 . 2012-06-14 00:24 85784 c:\windows\system32\perfc009.dat + 2009-04-28 04:51 . 2012-05-11 14:42 67072 c:\windows\system32\mshtmled.dll - 2009-04-28 04:51 . 2012-03-01 11:01 25600 c:\windows\system32\jsproxy.dll + 2009-04-28 04:51 . 2012-05-11 14:42 25600 c:\windows\system32\jsproxy.dll + 2009-11-10 05:09 . 2012-05-11 14:42 12800 c:\windows\system32\dllcache\xpshims.dll - 2009-11-10 05:09 . 2012-03-01 11:01 12800 c:\windows\system32\dllcache\xpshims.dll + 2009-04-28 04:51 . 2012-05-11 14:42 67072 c:\windows\system32\dllcache\mshtmled.dll + 2009-05-05 16:50 . 2012-05-11 14:42 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2009-05-05 16:50 . 2012-03-01 11:01 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2009-04-28 04:51 . 2012-03-01 11:01 43520 c:\windows\system32\dllcache\licmgr10.dll + 2009-04-28 04:51 . 2012-05-11 14:42 43520 c:\windows\system32\dllcache\licmgr10.dll + 2009-04-28 04:51 . 2012-05-11 14:42 25600 c:\windows\system32\dllcache\jsproxy.dll - 2009-04-28 04:51 . 2012-03-01 11:01 25600 c:\windows\system32\dllcache\jsproxy.dll + 2012-06-14 00:12 . 2012-03-01 11:01 12800 c:\windows\ie8updates\KB2699988-IE8\xpshims.dll + 2012-06-14 00:12 . 2012-03-01 11:01 66560 c:\windows\ie8updates\KB2699988-IE8\mshtmled.dll + 2012-06-14 00:12 . 2012-03-01 11:01 55296 c:\windows\ie8updates\KB2699988-IE8\msfeedsbs.dll + 2012-06-14 00:12 . 2012-03-01 11:01 43520 c:\windows\ie8updates\KB2699988-IE8\licmgr10.dll + 2012-06-14 00:12 . 2012-03-01 11:01 25600 c:\windows\ie8updates\KB2699988-IE8\jsproxy.dll + 2012-06-14 00:11 . 2012-06-14 00:11 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f05130e3\System.Drawing.Design.dll + 2012-06-14 05:16 . 2012-06-14 05:16 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\fe6157b21b1f87deffcad313d447de27\WindowsLiveWriter.ni.exe + 2012-06-14 05:17 . 2012-06-14 05:17 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ea703b3cc3bd6c91db6292a76e20bed2\WindowsLive.Writer.Api.ni.dll + 2012-06-14 05:19 . 2012-06-14 05:19 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3b34fc2c8c94ffe21f75168980b69dfe\System.Web.DynamicData.Design.ni.dll + 2012-06-14 00:23 . 2012-06-14 00:23 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2012-05-11 22:43 . 2012-05-15 19:23 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2012-05-15 19:23 . 2012-05-15 19:23 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2012-06-14 00:23 . 2012-06-14 00:23 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2012-05-15 19:24 . 2012-05-15 19:24 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2012-06-14 00:24 . 2012-06-14 00:24 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2012-05-15 19:23 . 2012-05-15 19:23 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2012-06-14 00:24 . 2012-06-14 00:24 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2012-05-15 19:24 . 2012-05-15 19:24 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2012-06-14 00:24 . 2012-06-14 00:24 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2012-06-14 00:24 . 2012-06-14 00:24 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2012-05-15 19:24 . 2012-05-15 19:24 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2012-05-15 19:24 . 2012-05-15 19:24 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2012-06-14 00:24 . 2012-06-14 00:24 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2012-06-14 00:24 . 2012-06-14 00:24 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2012-05-15 19:24 . 2012-05-15 19:24 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2012-06-14 00:24 . 2012-06-14 00:24 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2012-05-15 19:23 . 2012-05-15 19:23 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2012-06-14 00:23 . 2012-06-14 00:23 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2012-05-15 19:23 . 2012-05-15 19:23 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2012-05-15 19:23 . 2012-05-15 19:23 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2012-06-14 00:24 . 2012-06-14 00:24 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2012-05-15 19:23 . 2012-05-15 19:23 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2012-06-14 00:24 . 2012-06-14 00:24 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2012-06-14 00:24 . 2012-06-14 00:24 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2012-05-15 19:23 . 2012-05-15 19:23 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2012-06-14 00:24 . 2012-06-14 00:24 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2012-05-15 19:23 . 2012-05-15 19:23 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2012-05-15 19:23 . 2012-05-15 19:23 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2012-06-14 00:24 . 2012-06-14 00:24 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2012-06-14 00:24 . 2012-06-14 00:24 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2012-05-15 19:24 . 2012-05-15 19:24 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2012-06-14 00:24 . 2012-06-14 00:24 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2012-05-15 19:23 . 2012-05-15 19:23 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2012-06-14 00:24 . 2012-06-14 00:24 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2012-05-15 19:23 . 2012-05-15 19:23 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2012-06-14 00:24 . 2012-06-14 00:24 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2012-05-15 19:24 . 2012-05-15 19:24 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2012-05-15 19:24 . 2012-05-15 19:24 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2012-06-14 00:24 . 2012-06-14 00:24 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2009-04-28 04:51 . 2012-05-11 14:42 105984 c:\windows\system32\url.dll - 2009-04-28 04:51 . 2012-03-01 11:01 105984 c:\windows\system32\url.dll - 2009-04-28 04:51 . 2012-05-28 22:06 475930 c:\windows\system32\perfh009.dat + 2009-04-28 04:51 . 2012-06-14 00:24 475930 c:\windows\system32\perfh009.dat - 2009-04-28 04:51 . 2012-03-01 11:01 206848 c:\windows\system32\occache.dll + 2009-04-28 04:51 . 2012-05-11 14:42 206848 c:\windows\system32\occache.dll + 2009-04-28 04:51 . 2012-05-11 14:42 611840 c:\windows\system32\mstime.dll - 2009-04-28 04:51 . 2012-03-01 11:01 611840 c:\windows\system32\mstime.dll + 2009-04-28 04:51 . 2012-05-11 14:42 184320 c:\windows\system32\iepeers.dll - 2009-04-28 04:51 . 2012-03-01 11:01 184320 c:\windows\system32\iepeers.dll + 2009-04-28 04:51 . 2012-05-11 14:42 387584 c:\windows\system32\iedkcs32.dll - 2009-04-28 04:51 . 2012-03-01 11:01 387584 c:\windows\system32\iedkcs32.dll - 2009-04-28 04:51 . 2012-02-29 12:17 174080 c:\windows\system32\ie4uinit.exe + 2009-04-28 04:51 . 2012-05-11 11:38 174080 c:\windows\system32\ie4uinit.exe - 2009-04-28 04:51 . 2012-03-01 11:01 916992 c:\windows\system32\dllcache\wininet.dll + 2009-04-28 04:51 . 2012-05-16 15:08 916992 c:\windows\system32\dllcache\wininet.dll + 2009-04-28 04:51 . 2012-05-11 14:42 105984 c:\windows\system32\dllcache\url.dll - 2009-04-28 04:51 . 2012-03-01 11:01 105984 c:\windows\system32\dllcache\url.dll + 2009-04-28 05:01 . 2012-05-02 13:46 139656 c:\windows\system32\dllcache\rdpwd.sys + 2009-04-28 04:51 . 2012-05-11 14:42 206848 c:\windows\system32\dllcache\occache.dll - 2009-04-28 04:51 . 2012-03-01 11:01 206848 c:\windows\system32\dllcache\occache.dll - 2009-04-28 04:51 . 2012-03-01 11:01 611840 c:\windows\system32\dllcache\mstime.dll + 2009-04-28 04:51 . 2012-05-11 14:42 611840 c:\windows\system32\dllcache\mstime.dll + 2009-05-05 16:50 . 2012-05-11 14:42 629760 c:\windows\system32\dllcache\msfeeds.dll + 2009-11-10 05:09 . 2012-05-11 14:42 247808 c:\windows\system32\dllcache\ieproxy.dll - 2009-11-10 05:09 . 2012-03-01 11:01 247808 c:\windows\system32\dllcache\ieproxy.dll + 2009-04-28 04:51 . 2012-05-11 14:42 184320 c:\windows\system32\dllcache\iepeers.dll - 2009-04-28 04:51 . 2012-03-01 11:01 184320 c:\windows\system32\dllcache\iepeers.dll - 2010-06-10 04:17 . 2012-03-01 11:01 743424 c:\windows\system32\dllcache\iedvtool.dll + 2010-06-10 04:17 . 2012-05-11 14:42 743424 c:\windows\system32\dllcache\iedvtool.dll + 2009-04-28 04:51 . 2012-05-11 14:42 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2009-04-28 04:51 . 2012-03-01 11:01 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2009-04-28 04:51 . 2012-05-11 11:38 174080 c:\windows\system32\dllcache\ie4uinit.exe - 2009-04-28 04:51 . 2012-02-29 12:17 174080 c:\windows\system32\dllcache\ie4uinit.exe + 2012-04-21 05:15 . 2012-04-21 05:15 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll - 2012-01-31 01:38 . 2012-01-31 01:38 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll - 2012-01-27 15:35 . 2012-01-27 15:35 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll + 2012-04-25 15:45 . 2012-04-25 15:45 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll + 2012-04-21 19:55 . 2012-04-21 19:55 980480 c:\windows\Installer\4b971b.msp + 2012-06-14 00:12 . 2012-03-01 11:01 916992 c:\windows\ie8updates\KB2699988-IE8\wininet.dll + 2012-06-14 00:12 . 2012-03-01 11:01 105984 c:\windows\ie8updates\KB2699988-IE8\url.dll + 2012-06-14 00:12 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2699988-IE8\spuninst\updspapi.dll + 2012-06-14 00:12 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2699988-IE8\spuninst\spuninst.exe + 2012-06-14 00:12 . 2012-03-01 11:01 206848 c:\windows\ie8updates\KB2699988-IE8\occache.dll + 2012-06-14 00:12 . 2012-03-01 11:01 611840 c:\windows\ie8updates\KB2699988-IE8\mstime.dll + 2012-06-14 00:12 . 2012-03-01 11:01 602112 c:\windows\ie8updates\KB2699988-IE8\msfeeds.dll + 2012-06-14 00:12 . 2009-03-08 03:35 521216 c:\windows\ie8updates\KB2699988-IE8\jsdbgui.dll + 2012-06-14 00:12 . 2012-03-01 11:01 247808 c:\windows\ie8updates\KB2699988-IE8\ieproxy.dll + 2012-06-14 00:12 . 2012-03-01 11:01 184320 c:\windows\ie8updates\KB2699988-IE8\iepeers.dll + 2012-06-14 00:12 . 2012-03-01 11:01 743424 c:\windows\ie8updates\KB2699988-IE8\iedvtool.dll + 2012-06-14 00:12 . 2012-03-01 11:01 387584 c:\windows\ie8updates\KB2699988-IE8\iedkcs32.dll + 2012-06-14 00:12 . 2012-02-29 12:17 174080 c:\windows\ie8updates\KB2699988-IE8\ie4uinit.exe + 2012-06-14 00:11 . 2012-06-14 00:11 843776 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_395022a6\System.Drawing.dll + 2012-06-14 00:11 . 2012-06-14 00:11 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_5041efaf\System.Drawing.Design.dll + 2012-06-14 05:18 . 2012-06-14 05:18 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\0eb13bef5a6fee89efc5c393af3f2a93\WindowsLiveLocal.WriterPlugin.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f37031533e147b83b6f01748b16a8fa6\WindowsLive.Writer.Localization.ni.dll + 2012-06-14 05:18 . 2012-06-14 05:18 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e8bbaa3f2be48eb571871a39c3a6fdaf\WindowsLive.Writer.FileDestinations.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\caed48c98449344f1eb7b1d0f618fb3b\WindowsLive.Writer.Mshtml.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c6f2297d833909ed6faff6a3dd51040b\WindowsLive.Writer.Passport.ni.dll + 2012-06-14 05:18 . 2012-06-14 05:18 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\69c035a1d1c2589db04b6730b24b01ce\WindowsLive.Writer.HtmlEditor.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5dc96a9c03c0bdf7ffbb2d40e23af2cf\WindowsLive.Writer.BrowserControl.ni.dll + 2012-06-14 05:18 . 2012-06-14 05:18 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5a6d68d22990bbd53c4c0fdffa00d8e4\WindowsLive.Writer.BlogClient.ni.dll + 2012-06-14 05:18 . 2012-06-14 05:18 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\57e951e8f81c3dc190c659f93aa8c36e\WindowsLive.Writer.SpellChecker.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\549fb874b7f98fe85f30ddbccccb121a\WindowsLive.Writer.Interop.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3dc324722c5ea97c692d4ecb10870c75\WindowsLive.Writer.Extensibility.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0a0293d71df51b824e510ae5ab616473\WindowsLive.Writer.Controls.ni.dll + 2012-06-14 05:18 . 2012-06-14 05:18 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\161e09c12960017d1865f51452f2bd91\WindowsLive.Client.ni.dll + 2012-06-14 05:15 . 2012-06-14 05:15 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\86e11a59f02b2dda27ec2e7cba351744\WindowsFormsIntegration.ni.dll + 2012-06-14 05:18 . 2012-06-14 05:18 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\698c2093d7ac57af935b399d1c0b1790\System.Web.Routing.ni.dll + 2012-06-14 05:19 . 2012-06-14 05:19 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\75248baf640115daeb0e580f1c5ff98b\System.Web.Extensions.Design.ni.dll + 2012-06-14 05:19 . 2012-06-14 05:19 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\40c3b61ac38613e2b4b0f196e86185eb\System.Web.Entity.ni.dll + 2012-06-14 05:19 . 2012-06-14 05:19 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\39cc9a830f7f08fd9f397be452fd78b0\System.Web.Entity.Design.ni.dll + 2012-06-14 05:19 . 2012-06-14 05:19 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\88b1fd4792e7b698b788594d8e5e3c09\System.Web.DynamicData.ni.dll + 2012-06-14 05:18 . 2012-06-14 05:18 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6333d22a2ea347432d46c40d93194c68\System.Web.Abstractions.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll + 2012-06-14 05:14 . 2012-06-14 05:14 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\96a3fc1f74a00b618b70bd1701600408\System.Drawing.Design.ni.dll + 2012-06-14 00:17 . 2012-06-14 00:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\badd66e1d2b8416e9bb868ad059203c6\System.Configuration.Install.ni.dll + 2012-06-14 05:16 . 2012-06-14 05:16 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\c0045c1c7c29c7e7cc7bd60001b729a7\AspNetMMCExt.ni.dll + 2012-06-14 00:23 . 2012-06-14 00:23 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2012-05-15 19:23 . 2012-05-15 19:23 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2012-05-15 19:23 . 2012-05-15 19:23 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2012-06-14 00:23 . 2012-06-14 00:23 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2012-06-14 00:24 . 2012-06-14 00:24 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2012-05-15 19:23 . 2012-05-15 19:23 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2012-06-14 00:24 . 2012-06-14 00:24 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2012-05-15 19:24 . 2012-05-15 19:24 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2012-05-15 19:24 . 2012-05-15 19:24 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2012-06-14 00:24 . 2012-06-14 00:24 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2012-06-14 00:24 . 2012-06-14 00:24 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2012-05-15 19:24 . 2012-05-15 19:24 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2012-05-15 19:24 . 2012-05-15 19:24 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2012-06-14 00:24 . 2012-06-14 00:24 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2012-05-15 19:24 . 2012-05-15 19:24 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-06-14 00:24 . 2012-06-14 00:24 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2012-06-14 00:24 . 2012-06-14 00:24 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2012-05-15 19:24 . 2012-05-15 19:24 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2012-05-15 19:23 . 2012-05-15 19:23 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2012-06-14 00:23 . 2012-06-14 00:23 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2012-06-14 00:23 . 2012-06-14 00:23 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2012-05-15 19:23 . 2012-05-15 19:23 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2012-05-15 19:24 . 2012-05-15 19:24 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2012-06-14 00:24 . 2012-06-14 00:24 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2012-05-15 19:24 . 2012-05-15 19:24 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-06-14 00:24 . 2012-06-14 00:24 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2012-06-14 00:24 . 2012-06-14 00:24 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2012-05-15 19:24 . 2012-05-15 19:24 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2012-06-14 00:24 . 2012-06-14 00:24 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2012-05-15 19:24 . 2012-05-15 19:24 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2012-06-14 00:24 . 2012-06-14 00:24 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2012-05-15 19:23 . 2012-05-15 19:23 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2012-06-14 00:24 . 2012-06-14 00:24 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2012-05-11 22:43 . 2012-05-15 19:23 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2012-06-14 00:24 . 2012-06-14 00:24 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2012-05-15 19:23 . 2012-05-15 19:23 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2012-06-14 00:24 . 2012-06-14 00:24 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2012-05-15 19:23 . 2012-05-15 19:23 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2012-05-15 19:24 . 2012-05-15 19:24 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2012-06-14 00:24 . 2012-06-14 00:24 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2012-05-15 19:24 . 2012-05-15 19:24 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2012-06-14 00:24 . 2012-06-14 00:24 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2012-05-15 19:23 . 2012-05-15 19:23 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2012-06-14 00:23 . 2012-06-14 00:23 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2012-06-14 00:24 . 2012-06-14 00:24 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2012-05-15 19:24 . 2012-05-15 19:24 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2012-05-15 19:24 . 2012-05-15 19:24 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-06-14 00:24 . 2012-06-14 00:24 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2012-06-14 00:24 . 2012-06-14 00:24 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2012-05-15 19:24 . 2012-05-15 19:24 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2012-06-14 00:24 . 2012-06-14 00:24 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2012-05-15 19:24 . 2012-05-15 19:24 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2012-05-15 19:26 . 2012-05-15 19:26 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll + 2012-06-14 00:10 . 2012-06-14 00:10 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll - 2009-04-28 04:51 . 2012-03-01 11:01 1212416 c:\windows\system32\urlmon.dll + 2009-04-28 04:51 . 2012-05-11 14:42 1212416 c:\windows\system32\urlmon.dll + 2009-04-28 04:51 . 2012-05-11 14:42 6007808 c:\windows\system32\mshtml.dll + 2009-04-28 04:51 . 2012-05-15 13:20 1863168 c:\windows\system32\dllcache\win32k.sys - 2009-04-28 04:51 . 2012-03-01 11:01 1212416 c:\windows\system32\dllcache\urlmon.dll + 2009-04-28 04:51 . 2012-05-11 14:42 1212416 c:\windows\system32\dllcache\urlmon.dll - 2009-05-05 16:23 . 2012-04-11 13:10 2192640 c:\windows\system32\dllcache\ntoskrnl.exe + 2009-05-05 16:23 . 2012-05-04 13:12 2192640 c:\windows\system32\dllcache\ntoskrnl.exe + 2009-05-05 16:23 . 2012-05-04 12:32 2026496 c:\windows\system32\dllcache\ntkrpamp.exe - 2009-05-05 16:23 . 2012-04-11 12:35 2026496 c:\windows\system32\dllcache\ntkrpamp.exe + 2009-05-05 16:23 . 2012-05-04 13:16 2148352 c:\windows\system32\dllcache\ntkrnlmp.exe - 2009-05-05 16:23 . 2012-04-11 13:14 2148352 c:\windows\system32\dllcache\ntkrnlmp.exe + 2009-04-28 04:51 . 2012-05-11 14:42 6007808 c:\windows\system32\dllcache\mshtml.dll - 2009-05-05 16:50 . 2012-03-01 11:01 2000384 c:\windows\system32\dllcache\iertutil.dll + 2009-05-05 16:50 . 2012-05-11 14:42 2000384 c:\windows\system32\dllcache\iertutil.dll - 2011-12-25 01:50 . 2011-12-25 01:50 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2012-03-20 03:23 . 2012-03-20 03:23 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2012-03-20 03:23 . 2012-03-20 03:23 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll - 2008-07-25 10:17 . 2008-07-25 10:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll - 2012-01-31 02:46 . 2012-01-31 02:46 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp + 2012-04-26 00:32 . 2012-04-26 00:32 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp + 2012-06-18 20:10 . 2012-06-18 20:10 5161984 c:\windows\Installer\7ab39.msi + 2012-06-18 20:07 . 2012-06-18 20:07 2208768 c:\windows\Installer\7ab35.msi + 2012-06-18 17:37 . 2012-06-18 17:37 2208768 c:\windows\Installer\60355.msi + 2012-04-25 17:32 . 2012-04-25 17:32 7069184 c:\windows\Installer\4b9714.msp + 2012-03-20 21:57 . 2012-03-20 21:57 6188544 c:\windows\Installer\4b970a.msp + 2012-06-14 00:12 . 2012-03-01 11:01 1212416 c:\windows\ie8updates\KB2699988-IE8\urlmon.dll + 2012-06-14 00:12 . 2012-03-01 11:01 5978624 c:\windows\ie8updates\KB2699988-IE8\mshtml.dll + 2012-06-14 00:12 . 2012-03-01 11:01 2000384 c:\windows\ie8updates\KB2699988-IE8\iertutil.dll - 2009-05-05 16:23 . 2012-04-11 13:10 2192640 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2009-05-05 16:23 . 2012-05-04 13:12 2192640 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2009-05-05 16:23 . 2012-05-04 12:32 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe - 2009-05-05 16:23 . 2012-04-11 12:35 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe - 2009-05-05 16:23 . 2012-04-11 13:14 2148352 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2009-05-05 16:23 . 2012-05-04 13:16 2148352 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2012-06-14 00:11 . 2012-06-14 00:11 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_3347df83\System.Windows.Forms.dll + 2012-06-14 00:12 . 2012-06-14 00:12 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_05a75e60\System.Windows.Forms.dll + 2012-06-14 00:12 . 2012-06-14 00:12 2252800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_d1bbf39a\System.Drawing.dll + 2012-06-14 00:11 . 2012-06-14 00:11 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7e8d9b10\System.Design.dll + 2012-06-14 00:12 . 2012-06-14 00:12 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_6b80aa19\System.Design.dll + 2012-06-14 05:17 . 2012-06-14 05:17 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d391561f2f9cdc6764878d52251009b5\WindowsLive.Writer.CoreServices.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\811f5f78aeb1ba31a8004b29a10a2d25\WindowsLive.Writer.PostEditor.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\73c7f6ddd714e95e2325ec1c0e17cbd3\WindowsLive.Writer.ApplicationFramework.ni.dll + 2012-06-14 05:19 . 2012-06-14 05:19 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bd5bd406670d483b82bd51249eee59e3\System.WorkflowServices.ni.dll + 2012-06-14 00:21 . 2012-06-14 00:21 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\77361ebe9ad8ff77cc9a8d7f8363eb05\System.Workflow.Runtime.ni.dll + 2012-06-14 05:19 . 2012-06-14 05:19 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1c12dfa7826b331b243b7b45daf9904d\System.Workflow.ComponentModel.ni.dll + 2012-06-14 05:19 . 2012-06-14 05:19 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\514bf0e69e2c9fc8509cd23236057356\System.Workflow.Activities.ni.dll + 2012-06-14 00:17 . 2012-06-14 00:17 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll + 2012-06-14 05:19 . 2012-06-14 05:19 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\77f8cde07b131839f1841be702837e8e\System.Web.Mobile.ni.dll + 2012-06-14 05:19 . 2012-06-14 05:19 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\242b168aaca18197eca371ec269e23ac\System.Web.Extensions.ni.dll + 2012-06-14 05:14 . 2012-06-14 05:14 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d380f1813e27c2a086e62f0218669d67\System.Printing.ni.dll + 2012-06-14 05:14 . 2012-06-14 05:14 1592320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\7a53d68ad544f8e9edfdbd5a90a48fd3\System.Deployment.ni.dll + 2012-06-14 05:14 . 2012-06-14 05:14 2146304 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\443dd7f0b84c3de54b1a72be655e307c\ReachFramework.ni.dll + 2012-06-14 05:14 . 2012-06-14 05:14 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\48ddcafff1a5603fb3289e90330275c0\PresentationUI.ni.dll + 2012-06-14 05:18 . 2012-06-14 05:18 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll + 2012-06-14 05:18 . 2012-06-14 05:18 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\4e463dcf2a03c71913a61b44c32e2389\Microsoft.Build.Tasks.ni.dll + 2012-06-14 05:18 . 2012-06-14 05:18 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\395b4a85c7941ac4dd9d1c6f5eb444c7\Microsoft.Build.Tasks.v3.5.ni.dll - 2012-05-15 19:24 . 2012-05-15 19:24 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2012-06-14 00:24 . 2012-06-14 00:24 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2012-05-15 19:24 . 2012-05-15 19:24 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2012-06-14 00:24 . 2012-06-14 00:24 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2012-05-15 19:23 . 2012-05-15 19:23 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2012-06-14 00:23 . 2012-06-14 00:23 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2012-05-15 19:23 . 2012-05-15 19:23 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-06-14 00:23 . 2012-06-14 00:23 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2012-06-14 00:23 . 2012-06-14 00:23 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2012-05-15 19:23 . 2012-05-15 19:23 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2012-06-14 00:24 . 2012-06-14 00:24 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2012-05-15 19:24 . 2012-05-15 19:24 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2012-05-15 19:24 . 2012-05-15 19:24 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2012-06-14 00:24 . 2012-06-14 00:24 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2009-11-10 05:07 . 2012-06-14 00:12 56731752 c:\windows\system32\MRT.exe + 2009-05-05 16:49 . 2012-05-11 18:12 11111424 c:\windows\system32\dllcache\ieframe.dll + 2012-06-14 00:12 . 2012-03-02 04:01 11082752 c:\windows\ie8updates\KB2699988-IE8\ieframe.dll + 2012-06-14 05:15 . 2012-06-14 05:15 12433920 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll + 2012-06-14 05:17 . 2012-06-14 05:17 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll + 2012-06-14 05:14 . 2012-06-14 05:14 10682368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f73a8455f384e90f6925309336fece24\System.Design.ni.dll + 2012-06-14 05:14 . 2012-06-14 05:14 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e4ecfaaf5417aceecb7fa8abddf06113\PresentationFramework.ni.dll + 2012-06-14 05:13 . 2012-06-14 05:13 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f33e2a4d9b385234406fa2d662f78875\PresentationCore.ni.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-18 20:09 2067328 ----a-w- c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-06-18 2067328] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072] "AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784] "AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304] "AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920] "SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "RTHDCPL"="RTHDCPL.EXE" [2009-04-27 17881088] "ModemListener"="c:\program files\Mobilni Internet\ModemListener.exe" [2010-07-13 98304] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-05-22 296056] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-18 1116544] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\PoivY.com\\PoivY\\PoivY.exe"= "c:\\Program Files\\SmsDiscount.com\\SmsDiscount\\SmsDiscount.exe"= "c:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 4:50 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 4:46 31952] S0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [11/03/2012 13:48 56208] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 5:25 235216] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [19/03/2012 5:17 301248] S1 RapportCerberus_34302;RapportCerberus_34302;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys [8/01/2012 13:57 228208] S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [11/03/2012 13:48 71440] S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [11/03/2012 13:48 164112] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [30/04/2012 9:44 5106744] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4:53 193288] S2 DeviceManager;DeviceManager;c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start --> c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start [?] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/06/2012 11:11 654408] S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [11/03/2012 13:48 931640] S2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [18/06/2012 22:10 932736] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5/05/2009 18:00 1684736] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 139856] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32 24144] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 17232] S3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28/04/2009 3:59 38912] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/06/2012 11:11 22344] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [29/04/2012 23:15 129976] S3 qcusbser;Modem Interface USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbser.sys [18/07/2011 14:07 103552] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [5/05/2009 19:16 232872] S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [16/03/2009 23:27 39040] . Contents of the 'Scheduled Tasks' folder . 2012-06-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-05-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-06-02 c:\windows\Tasks\WavePadReminder.job - c:\program files\NCH Software\WavePad\wavepad.exe [2012-05-30 20:36] . 2012-05-30 c:\windows\Tasks\WavePadSevenDays.job - c:\program files\NCH Software\WavePad\wavepad.exe [2012-05-30 20:36] . . ------- Supplementary Scan ------- . IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.0.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll FF - ProfilePath - c:\documents and settings\Jan\Application Data\Mozilla\Firefox\Profiles\hvb4tjam.default\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B33723462-2057-49fd-bb53-6bf855890778%7D&mid=aa82d3aa6d3d871141c54132f3784327-d020b6ef17d6b91b53f5e336f3e15b7082edbed9&ds=AVG&v=11.0.0.9〈=nl&pr=fr&d=2012-06-03%2013%3A25%3A46&sap=ku&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.searchya_i.excTlbr - false . - - - - ORPHANS REMOVED - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-18 22:29 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•A~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Completion time: 2012-06-18 22:32:00 ComboFix-quarantined-files.txt 2012-06-18 20:31 ComboFix2.txt 2012-06-10 14:19 ComboFix3.txt 2012-06-09 21:32 . Pre-Run: 61.528.649.728 bytes free Post-Run: 61.594.251.264 bytes free . - - End Of File - - BE3B9BBC1D32F9A8FBB406FF86F26EB1

18 juni 2012
15 antwoorden

SearchYa

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

ComboFix 12-06-09.02 - Jan 10/06/2012 16:06:58.2.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.382 [GMT 2:00] Running from: c:\documents and settings\Jan\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Jan\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . ((((((((((((((((((((((((( Files Created from 2012-05-10 to 2012-06-10 ))))))))))))))))))))))))))))))) . . 2012-06-05 21:21 . 2012-06-05 21:22 -------- d-----w- c:\program files\CCleaner 2012-06-05 21:07 . 2012-06-05 21:08 -------- d-----w- c:\documents and settings\The Real Admin 2012-06-04 09:12 . 2012-06-04 09:12 -------- d-----w- c:\documents and settings\Jan\Application Data\Malwarebytes 2012-06-04 09:11 . 2012-06-04 09:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-06-04 09:11 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-04 09:11 . 2012-06-04 09:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-04 08:41 . 2012-06-04 08:41 -------- d-----w- c:\documents and settings\Jan\Application Data\DriverCure 2012-06-04 08:41 . 2012-06-04 08:41 -------- d-----w- c:\documents and settings\Jan\Application Data\SpeedyPC Software 2012-06-04 08:41 . 2012-06-04 08:49 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software 2012-06-04 01:17 . 2012-06-04 01:17 58 ----a-w- C:\user.js 2012-06-03 23:40 . 2012-06-04 20:44 -------- d-----w- c:\documents and settings\Jan\Local Settings\Application Data\Google 2012-06-03 23:40 . 2012-06-04 21:21 -------- d-----w- c:\program files\Google 2012-06-03 23:40 . 2012-06-03 23:40 -------- d-----w- c:\program files\Western Digital 2012-06-03 11:43 . 2012-06-03 11:43 -------- d-----w- c:\documents and settings\Jan\Application Data\AVG2012 2012-06-03 11:26 . 2012-06-03 11:26 -------- d-----w- c:\documents and settings\Jan\Local Settings\Application Data\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\documents and settings\Jan\Application Data\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\program files\AVG Secure Search 2012-06-03 11:24 . 2012-06-10 13:53 -------- d-----w- c:\windows\system32\drivers\AVG 2012-06-03 11:24 . 2012-06-03 11:52 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012 2012-06-03 11:07 . 2012-06-10 13:53 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\program files\NCH Software 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\program files\NCH Swift Sound 2012-05-27 22:14 . 2012-05-27 22:14 -------- d-----w- c:\documents and settings\Jan\Application Data\MakeitOne 2012-05-27 22:14 . 2012-05-27 22:14 -------- d-----w- c:\program files\MakeitOne 2012-05-22 08:48 . 2012-05-22 08:48 -------- d-----w- c:\program files\Common Files\xing shared 2012-05-22 08:46 . 2012-05-22 08:46 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-05-22 08:46 . 2012-05-22 08:46 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-05-21 00:50 . 2012-05-21 00:50 -------- d-----w- C:\amd64 2012-05-21 00:50 . 2012-05-21 00:50 -------- d-----w- C:\i386 2012-05-12 20:07 . 2012-05-20 09:19 -------- d-----w- c:\documents and settings\Jan\Application Data\GemistDownloader 2012-05-12 20:07 . 2012-05-12 20:07 -------- d-----w- c:\program files\GemistDownloader 2012-05-11 22:44 . 2012-05-11 22:51 -------- d-----w- C:\1f1a51f293989baf461db378445035b1 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-31 13:22 . 2009-04-28 04:51 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-04-19 02:50 . 2012-04-19 02:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2012-04-11 13:14 . 2008-04-14 00:54 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-11 13:12 . 2009-04-28 04:51 1862272 ----a-w- c:\windows\system32\win32k.sys 2012-04-11 12:35 . 2008-04-14 00:01 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-19 03:17 . 2012-03-19 03:17 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2012-04-29 21:15 . 2012-02-21 17:23 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-06-09_21.20.01 ))))))))))))))))))))))))))))))))))))))))) . + 2012-06-10 13:45 . 2012-06-10 13:45 16384 c:\windows\Temp\Perflib_Perfdata_7ec.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-03 11:25 2067328 ----a-w- c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-06-03 2067328] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072] "AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784] "AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304] "AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920] "SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "RTHDCPL"="RTHDCPL.EXE" [2009-04-27 17881088] "ModemListener"="c:\program files\Mobilni Internet\ModemListener.exe" [2010-07-13 98304] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-05-22 296056] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-03 1116544] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\PoivY.com\\PoivY\\PoivY.exe"= "c:\\Program Files\\SmsDiscount.com\\SmsDiscount\\SmsDiscount.exe"= "c:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 4:50 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 4:46 31952] R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [11/03/2012 13:48 56208] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 5:25 235216] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [19/03/2012 5:17 301248] R1 RapportCerberus_34302;RapportCerberus_34302;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys [8/01/2012 13:57 228208] R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [11/03/2012 13:48 71440] R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [11/03/2012 13:48 164112] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4:53 193288] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/06/2012 11:11 654408] R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [11/03/2012 13:48 931640] R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [3/06/2012 13:25 932736] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 17232] R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28/04/2009 3:59 38912] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/06/2012 11:11 22344] R3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [16/03/2009 23:27 39040] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [30/04/2012 9:44 5106744] S2 DeviceManager;DeviceManager;c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start --> c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start [?] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5/05/2009 18:00 1684736] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [29/04/2012 23:15 129976] S3 qcusbser;Modem Interface USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbser.sys [18/07/2011 14:07 103552] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [5/05/2009 19:16 232872] . Contents of the 'Scheduled Tasks' folder . 2012-06-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-05-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-06-02 c:\windows\Tasks\WavePadReminder.job - c:\program files\NCH Software\WavePad\wavepad.exe [2012-05-30 20:36] . 2012-05-30 c:\windows\Tasks\WavePadSevenDays.job - c:\program files\NCH Software\WavePad\wavepad.exe [2012-05-30 20:36] . . ------- Supplementary Scan ------- . IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll FF - ProfilePath - c:\documents and settings\Jan\Application Data\Mozilla\Firefox\Profiles\hvb4tjam.default\ FF - prefs.js: browser.search.selectedEngine - SearchYa! FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B33723462-2057-49fd-bb53-6bf855890778%7D&mid=aa82d3aa6d3d871141c54132f3784327-d020b6ef17d6b91b53f5e336f3e15b7082edbed9&ds=AVG&v=11.0.0.9〈=nl&pr=fr&d=2012-06-03%2013%3A25%3A46&sap=ku&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.searchya_i.hmpg - true FF - user.js: extensions.searchya_i.hmpgUrl - hxxp://searchya.com/?chnl=dcom-100&s=0&cr=1189743197&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyE FF - user.js: extensions.searchya_i.dfltSrch - true FF - user.js: extensions.searchya_i.srchPrvdr - SearchYa! FF - user.js: extensions.searchya_i.dnsErr - true FF - user.js: extensions.searchya_i.newTab - true FF - user.js: extensions.searchya_i.newTabUrl - hxxp://searchya.com/?chnl=dcom-100&s=2&cr=1189743197&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyE FF - user.js: extensions.searchya_i.tlbrSrchUrl - hxxp://searchya.com/?chnl=dcom-100&s=3&cr=1189743197&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyE&q= FF - user.js: extensions.searchya_i.id - 648d7a1a000000000000002618fcbe43 FF - user.js: extensions.searchya_i.instlDay - 15495 FF - user.js: extensions.searchya_i.vrsn - 1.5.13.0 FF - user.js: extensions.searchya_i.vrsni - 1.5.13.0 FF - user.js: extensions.searchya_i.vrsnTs - 1.5.13.03:16 FF - user.js: extensions.searchya_i.prtnrId - ironsrc FF - user.js: extensions.searchya_i.prdct - searchya FF - user.js: extensions.searchya_i.aflt - dcom FF - user.js: extensions.searchya_i.smplGrp - none FF - user.js: extensions.searchya_i.tlbrId - base FF - user.js: extensions.searchya_i.instlRef - dcom-100 FF - user.js: extensions.searchya_i.dfltLng - FF - user.js: extensions.searchya_i.excTlbr - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-10 16:16 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(920) c:\windows\system32\COMRes.dll . - - - - - - - > 'explorer.exe'(2788) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2012-06-10 16:19:28 ComboFix-quarantined-files.txt 2012-06-10 14:19 ComboFix2.txt 2012-06-09 21:32 . Pre-Run: 62.676.754.432 bytes free Post-Run: 62.628.442.112 bytes free . - - End Of File - - A11151B7A93769AF921E99309504EA04

10 juni 2012
15 antwoorden

SearchYa

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

ComboFix 12-06-09.02 - Jan 09/06/2012 23:08:15.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.333 [GMT 2:00] Running from: c:\documents and settings\Jan\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfapx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfarx.dll c:\documents and settings\All Users\Application Data\TEMP\AVG\avgntdumpx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avgrunasx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avi7.avg c:\documents and settings\All Users\Application Data\TEMP\AVG\compat.ini c:\documents and settings\All Users\Application Data\TEMP\AVG\htmlayout.dll c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_es.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaconf.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfacz.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfada.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaes.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfafr.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfage.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfahu.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaid.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfain.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfait.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfajp.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfako.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfams.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfanl.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapb.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapl.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapt.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaru.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasc.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfask.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasp.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfatr.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaus.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfavera.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaverx.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazh.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazt.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\microavi.avg c:\documents and settings\All Users\Application Data\TEMP\AVG\miniavi.avg c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini c:\documents and settings\Jan\WINDOWS . . ((((((((((((((((((((((((( Files Created from 2012-05-09 to 2012-06-09 ))))))))))))))))))))))))))))))) . . 2012-06-05 21:21 . 2012-06-05 21:22 -------- d-----w- c:\program files\CCleaner 2012-06-05 21:07 . 2012-06-05 21:08 -------- d-----w- c:\documents and settings\The Real Admin 2012-06-04 09:12 . 2012-06-04 09:12 -------- d-----w- c:\documents and settings\Jan\Application Data\Malwarebytes 2012-06-04 09:11 . 2012-06-04 09:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-06-04 09:11 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-04 09:11 . 2012-06-04 09:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-04 08:41 . 2012-06-04 08:41 -------- d-----w- c:\documents and settings\Jan\Application Data\DriverCure 2012-06-04 08:41 . 2012-06-04 08:41 -------- d-----w- c:\documents and settings\Jan\Application Data\SpeedyPC Software 2012-06-04 08:41 . 2012-06-04 08:49 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software 2012-06-04 01:17 . 2012-06-04 01:17 58 ----a-w- C:\user.js 2012-06-03 23:40 . 2012-06-04 20:44 -------- d-----w- c:\documents and settings\Jan\Local Settings\Application Data\Google 2012-06-03 23:40 . 2012-06-04 21:21 -------- d-----w- c:\program files\Google 2012-06-03 23:40 . 2012-06-03 23:40 -------- d-----w- c:\program files\Western Digital 2012-06-03 11:43 . 2012-06-03 11:43 -------- d-----w- c:\documents and settings\Jan\Application Data\AVG2012 2012-06-03 11:26 . 2012-06-03 11:26 -------- d-----w- c:\documents and settings\Jan\Local Settings\Application Data\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\documents and settings\Jan\Application Data\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\program files\AVG Secure Search 2012-06-03 11:24 . 2012-06-09 20:45 -------- d-----w- c:\windows\system32\drivers\AVG 2012-06-03 11:24 . 2012-06-03 11:52 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012 2012-06-03 11:07 . 2012-06-09 20:45 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\program files\NCH Software 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\program files\NCH Swift Sound 2012-05-27 22:14 . 2012-05-27 22:14 -------- d-----w- c:\documents and settings\Jan\Application Data\MakeitOne 2012-05-27 22:14 . 2012-05-27 22:14 -------- d-----w- c:\program files\MakeitOne 2012-05-22 08:48 . 2012-05-22 08:48 -------- d-----w- c:\program files\Common Files\xing shared 2012-05-22 08:46 . 2012-05-22 08:46 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-05-22 08:46 . 2012-05-22 08:46 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-05-21 00:50 . 2012-05-21 00:50 -------- d-----w- C:\amd64 2012-05-21 00:50 . 2012-05-21 00:50 -------- d-----w- C:\i386 2012-05-12 20:07 . 2012-05-20 09:19 -------- d-----w- c:\documents and settings\Jan\Application Data\GemistDownloader 2012-05-12 20:07 . 2012-05-12 20:07 -------- d-----w- c:\program files\GemistDownloader 2012-05-11 22:44 . 2012-05-11 22:51 -------- d-----w- C:\1f1a51f293989baf461db378445035b1 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-31 13:22 . 2009-04-28 04:51 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-04-19 02:50 . 2012-04-19 02:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2012-04-11 13:14 . 2008-04-14 00:54 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-11 13:12 . 2009-04-28 04:51 1862272 ----a-w- c:\windows\system32\win32k.sys 2012-04-11 12:35 . 2008-04-14 00:01 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-19 03:17 . 2012-03-19 03:17 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2012-04-29 21:15 . 2012-02-21 17:23 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys [-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys [-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys . [-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys [-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys . [-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys . [-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys [-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys . [-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\I386\NTFS.SYS [-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys [-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys . [-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys . [-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll . [-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe . [-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll . [-] 2008-04-14 12:00 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll [-] 2008-04-14 12:00 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll . [-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll . [-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll . [-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe . [-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe [-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe . [-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe . [-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys [-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys . [-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll [-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL [-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll . [-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll . [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-04-14 12:00 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll . [-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll . [-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll . [-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll . [-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll . [-] 2012-03-01 . DADE53318D8E5335EE2E1745F1C3FC4D . 5978624 . . [8.00.6001.19222] . . c:\windows\system32\mshtml.dll [-] 2012-03-01 . DADE53318D8E5335EE2E1745F1C3FC4D . 5978624 . . [8.00.6001.19222] . . c:\windows\system32\dllcache\mshtml.dll [-] 2012-03-01 . 5DBB0C997AD276BCE9D30CD609BDBF67 . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll [-] 2011-12-17 . A9259CD226283CD4F798C00909754A94 . 5979136 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\mshtml.dll [-] 2011-12-17 . 49B88A833ECA99EFBFFC5AAE5CC998ED . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll [-] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll [-] 2011-11-04 . 699421E2E1313C18671A703953CAE14B . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll [-] 2011-10-03 . 4963CB503600FC3BCBDBFBA51FBA1FAC . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll [-] 2011-10-03 . 1240A6B7B470BED0AA6C9FEC7AB0EA26 . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll [-] 2011-07-25 . 23B3C8E9F3F280180573569253CE98AB . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll [-] 2011-07-25 . BCE7CCEBAD6C8955D2B4C3B246BD0E57 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll [-] 2011-05-30 . 22BA5235EA846EDA87F68A1DCC2BFCF9 . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll [-] 2011-05-30 . D0B1DB576941CB0B6669B8752FFAC79A . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll [-] 2011-02-22 . 3422847AA07E37076A87D0B7D5044DC6 . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll [-] 2011-02-22 . C2EF2335F1B6C2BE20A67D9098F6C9A1 . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll [-] 2010-12-20 . 1EDCEC5D649DBAC37ED9FFB5A14CEB0C . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll [-] 2010-12-20 . 2A2C070EC691CE410533A1DA7AA3CD86 . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll [-] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll [-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\ie8updates\KB2482017-IE8\mshtml.dll [-] 2010-09-10 . DE41132DA8E5A3CD57201C6F2175EC05 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll [-] 2010-09-10 . 8A03CC037E6B7D1796192815231B0C3F . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll . [-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL [-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll [-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll . [-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll [-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll [-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll . [-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll . [-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll . [-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll . [-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll . [-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe . [-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll . [-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll . [-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe . [-] 2012-03-01 . 009E7B4C284F080608D7286484015EE5 . 916992 . . [8.00.6001.19222] . . c:\windows\system32\wininet.dll [-] 2012-03-01 . 009E7B4C284F080608D7286484015EE5 . 916992 . . [8.00.6001.19222] . . c:\windows\system32\dllcache\wininet.dll [-] 2012-03-01 . 4EC67FAB39F37626AD6D9895FC094ABF . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll [-] 2011-12-17 . F362D50FBDC6E34918DF41BDE1770E5C . 916992 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll [-] 2011-12-17 . 84A48E9818E8440DDBFD8EEC37C8A937 . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll [-] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll [-] 2011-11-04 . 4E4716CAF514717814D07113AD0425B6 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll [-] 2011-08-22 . 1A377838B4B468E37C3EEB5BAA24F925 . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll [-] 2011-08-22 . 19630AEBBFAEB06984CAB91848270AAF . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll [-] 2011-06-23 . AF4EDDC6C0446FCE5681B5DED52B8F0E . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll [-] 2011-06-23 . 509CF67AE762A38E23A5455A0053853C . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll [-] 2011-04-25 . CC951C2212A200475A587A440E0AA804 . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll [-] 2011-04-25 . 7F4F1697001B9E9A7924D219DC215903 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll [-] 2011-02-22 . A9FA95F0D7F511959AC721E4843E5967 . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll [-] 2011-02-22 . F192D49EEFE297FA858B2C774BA2291D . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll [-] 2010-12-20 . 88014D62B5E3CDB0AC67948D86C926C8 . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll [-] 2010-12-20 . 5504B4ECCE892EB82CD2C5FA71940AC1 . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll [-] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll [-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll [-] 2010-09-10 . 36FE8ABC59AAFBE20CBE54BC372F9429 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll [-] 2010-09-10 . 0555E190DCD06B8998E6DDCA42DAEB82 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . 60237E50D575FBA9BEC9BC043F157149 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . D3DEB6B2B424AC93DE3801EAEB21A9A5 . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll [-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll [-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 75240F6EDBCE7B85DF66874407D38A4F . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll [-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3GDR\wininet.dll [-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll [-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3QFE\wininet.dll [-] 2009-08-29 . DB111200015F08DDDB8857E11C6A80E3 . 832512 . . [7.00.6000.16915] . . c:\windows\ie8\wininet.dll . [-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll . [-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll . [-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe . [-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\regedit.exe [-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\I386\REGEDIT.EXE [-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe . [-] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll [-] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll [-] 2011-11-01 . 7D9DDE1AB4B00DDB173F5A16E9206517 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll [-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll [-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll [-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll . [-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll [-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll [-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll [-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll . [-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll [-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll . [-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe . [-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll [-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll [-] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll [-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll . [-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll . [-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe . [-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll . [-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll . [-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll . [-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys [-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys . [-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll . [-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll . [-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll . [-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll . [-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll [-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll . [-] 2008-04-14 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [-] 2008-04-14 05:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys [-] 2008-04-14 05:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys . [-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys [-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys . [-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll [-] 2008-04-14 12:00 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll . [-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll . [-] 2008-04-14 12:00 . C7E39EA41233E9F5B86C8DA3A9F1E4A8 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2006-10-19 01:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2006-10-19 01:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll . [-] 2012-04-11 . 063A0F8A90D8E2B802E5243FE9AABCF3 . 2069120 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe [-] 2012-04-11 . 0C9E44D256948FA68AE10D67984862CE . 2069120 . . [5.1.2600.6206] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2012-04-11 . 0C9E44D256948FA68AE10D67984862CE . 2069120 . . [5.1.2600.6206] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2012-04-11 . 61CCE48F7BD00E0E4D5CDE206F2DDC1B . 2026496 . . [5.1.2600.6206] . . c:\windows\system32\ntkrnlpa.exe [-] 2011-10-25 . DB19FFF0C805664CB95062C027B11FE9 . 2069376 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe [-] 2011-10-25 . 36CAC3C8C4C10F4E21BFEABBFE7ACFFC . 2027008 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe [-] 2010-12-09 . F67CD97282E0ABFAF91A9A1359B16F2D . 2069376 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe [-] 2010-12-09 . 9ED77E2307F6EC6F174C063C15AA3B8C . 2027008 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe [-] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe [-] 2010-04-27 . 49E936E1398D1A536E84CD5D068F0F09 . 2024448 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe [-] 2010-02-16 . E8B8801DE921912EBDEEFC76662F7EAD . 2024448 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe [-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-08 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-08 . 089F1E207B067A4DDEB2EEC37BBB1AA7 . 2023936 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . 32B1A971183EC22DD91EEDA61C499E7C . 2023936 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe [-] 2009-02-06 . 65D4220799E6FC2CB079070A6393CC0E . 2023936 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-04-14 . 7F653A89F6E89E3AE0D49830EECE35D4 . 2023936 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe . [-] 2008-04-14 12:00 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2008-04-14 12:00 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll . [-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll . [-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll . [-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll . [-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll . [-] 2008-04-14 12:00 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2008-04-14 12:00 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll . [-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll . [-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll [-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll . [-] 2012-04-11 . 8D061BB825BC606C2B1C6F7452D1BAAA . 2192640 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe [-] 2012-04-11 . A144D60B35E6DD14CCB9649B5E0D1092 . 2148352 . . [5.1.2600.6206] . . c:\windows\system32\ntoskrnl.exe [-] 2012-04-11 . 536168936EBF326E36C655EC5AE34B03 . 2192640 . . [5.1.2600.6206] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2012-04-11 . 536168936EBF326E36C655EC5AE34B03 . 2192640 . . [5.1.2600.6206] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2011-10-25 . 3B663B9B193D7E1DE39A466020F1FD91 . 2148864 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe [-] 2011-10-25 . F512C662874D7545E5BD8005E6800A44 . 2192768 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe [-] 2010-12-09 . A531BBD3DE13121C1380ED7DC99082DB . 2192768 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe [-] 2010-12-09 . 60E16152D847D7A7B7D3DA4C4B8E2120 . 2148864 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe [-] 2010-04-27 . 466A3E1239F4A9428797730E81A7A865 . 2146304 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe [-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe [-] 2010-02-16 . 048DB3459FAB4CA741DCC84E1F374D65 . 2146304 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe [-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-08 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-08 . 9696C553F994340CD6AA5C5A724C3A19 . 2145280 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-08-04 . 78FCC97CD878D4CF5B5D2158A5A7CF92 . 2145280 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe [-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-06 . 0CBA44D0938D57F334C0862424148B70 . 2145280 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-04-14 . 40F8880122A030A7E9E1FEDEA833B33D . 2145280 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe . [-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll . [-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll [-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll . [-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll [-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll . [-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll [-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll . [-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll [-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-03 11:25 2067328 ----a-w- c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-06-03 2067328] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072] "AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784] "AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304] "AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920] "SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "RTHDCPL"="RTHDCPL.EXE" [2009-04-27 17881088] "ModemListener"="c:\program files\Mobilni Internet\ModemListener.exe" [2010-07-13 98304] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-05-22 296056] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-03 1116544] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\PoivY.com\\PoivY\\PoivY.exe"= "c:\\Program Files\\SmsDiscount.com\\SmsDiscount\\SmsDiscount.exe"= "c:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 4:50 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 4:46 31952] R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [11/03/2012 13:48 56208] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 5:25 235216] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [19/03/2012 5:17 301248] R1 RapportCerberus_34302;RapportCerberus_34302;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys [8/01/2012 13:57 228208] R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [11/03/2012 13:48 71440] R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [11/03/2012 13:48 164112] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4:53 193288] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/06/2012 11:11 654408] R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [11/03/2012 13:48 931640] R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [3/06/2012 13:25 932736] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 17232] R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28/04/2009 3:59 38912] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/06/2012 11:11 22344] R3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [16/03/2009 23:27 39040] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [30/04/2012 9:44 5106744] S2 DeviceManager;DeviceManager;c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start --> c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start [?] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5/05/2009 18:00 1684736] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [29/04/2012 23:15 129976] S3 qcusbser;Modem Interface USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbser.sys [18/07/2011 14:07 103552] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [5/05/2009 19:16 232872] . Contents of the 'Scheduled Tasks' folder . 2012-06-09 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-05-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-06-02 c:\windows\Tasks\WavePadReminder.job - c:\program files\NCH Software\WavePad\wavepad.exe [2012-05-30 20:36] . 2012-05-30 c:\windows\Tasks\WavePadSevenDays.job - c:\program files\NCH Software\WavePad\wavepad.exe [2012-05-30 20:36] . . ------- Supplementary Scan ------- . IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll FF - ProfilePath - c:\documents and settings\Jan\Application Data\Mozilla\Firefox\Profiles\hvb4tjam.default\ FF - prefs.js: browser.search.selectedEngine - SearchYa! FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B33723462-2057-49fd-bb53-6bf855890778%7D&mid=aa82d3aa6d3d871141c54132f3784327-d020b6ef17d6b91b53f5e336f3e15b7082edbed9&ds=AVG&v=11.0.0.9〈=nl&pr=fr&d=2012-06-03%2013%3A25%3A46&sap=ku&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.searchya_i.hmpg - true FF - user.js: extensions.searchya_i.hmpgUrl - hxxp://searchya.com/?chnl=dcom-100&s=0&cr=1189743197&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyE FF - user.js: extensions.searchya_i.dfltSrch - true FF - user.js: extensions.searchya_i.srchPrvdr - SearchYa! FF - user.js: extensions.searchya_i.dnsErr - true FF - user.js: extensions.searchya_i.newTab - true FF - user.js: extensions.searchya_i.newTabUrl - hxxp://searchya.com/?chnl=dcom-100&s=2&cr=1189743197&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyE FF - user.js: extensions.searchya_i.tlbrSrchUrl - hxxp://searchya.com/?chnl=dcom-100&s=3&cr=1189743197&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyE&q= FF - user.js: extensions.searchya_i.id - 648d7a1a000000000000002618fcbe43 FF - user.js: extensions.searchya_i.instlDay - 15495 FF - user.js: extensions.searchya_i.vrsn - 1.5.13.0 FF - user.js: extensions.searchya_i.vrsni - 1.5.13.0 FF - user.js: extensions.searchya_i.vrsnTs - 1.5.13.03:16 FF - user.js: extensions.searchya_i.prtnrId - ironsrc FF - user.js: extensions.searchya_i.prdct - searchya FF - user.js: extensions.searchya_i.aflt - dcom FF - user.js: extensions.searchya_i.smplGrp - none FF - user.js: extensions.searchya_i.tlbrId - base FF - user.js: extensions.searchya_i.instlRef - dcom-100 FF - user.js: extensions.searchya_i.dfltLng - FF - user.js: extensions.searchya_i.excTlbr - false . - - - - ORPHANS REMOVED - - - - . WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe MSConfigStartUp-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-09 23:19 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•A~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(920) c:\windows\system32\igfxdev.dll . Completion time: 2012-06-09 23:32:22 ComboFix-quarantined-files.txt 2012-06-09 21:32 . Pre-Run: 60.817.563.648 bytes free Post-Run: 62.580.760.576 bytes free . WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - 7A5987F700B40C6BE0818AE64510D70A ---------- Post toegevoegd om 00:26 ---------- Vorige post was om 00:25 ---------- ComboFix 12-06-09.02 - Jan 09/06/2012 23:08:15.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.333 [GMT 2:00] Running from: c:\documents and settings\Jan\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfapx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfarx.dll c:\documents and settings\All Users\Application Data\TEMP\AVG\avgntdumpx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avgrunasx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avi7.avg c:\documents and settings\All Users\Application Data\TEMP\AVG\compat.ini c:\documents and settings\All Users\Application Data\TEMP\AVG\htmlayout.dll c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_es.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaconf.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfacz.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfada.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaes.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfafr.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfage.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfahu.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaid.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfain.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfait.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfajp.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfako.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfams.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfanl.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapb.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapl.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapt.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaru.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasc.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfask.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasp.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfatr.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaus.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfavera.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaverx.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazh.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazt.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\microavi.avg c:\documents and settings\All Users\Application Data\TEMP\AVG\miniavi.avg c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini c:\documents and settings\Jan\WINDOWS . . ((((((((((((((((((((((((( Files Created from 2012-05-09 to 2012-06-09 ))))))))))))))))))))))))))))))) . . 2012-06-05 21:21 . 2012-06-05 21:22 -------- d-----w- c:\program files\CCleaner 2012-06-05 21:07 . 2012-06-05 21:08 -------- d-----w- c:\documents and settings\The Real Admin 2012-06-04 09:12 . 2012-06-04 09:12 -------- d-----w- c:\documents and settings\Jan\Application Data\Malwarebytes 2012-06-04 09:11 . 2012-06-04 09:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-06-04 09:11 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-04 09:11 . 2012-06-04 09:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-04 08:41 . 2012-06-04 08:41 -------- d-----w- c:\documents and settings\Jan\Application Data\DriverCure 2012-06-04 08:41 . 2012-06-04 08:41 -------- d-----w- c:\documents and settings\Jan\Application Data\SpeedyPC Software 2012-06-04 08:41 . 2012-06-04 08:49 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software 2012-06-04 01:17 . 2012-06-04 01:17 58 ----a-w- C:\user.js 2012-06-03 23:40 . 2012-06-04 20:44 -------- d-----w- c:\documents and settings\Jan\Local Settings\Application Data\Google 2012-06-03 23:40 . 2012-06-04 21:21 -------- d-----w- c:\program files\Google 2012-06-03 23:40 . 2012-06-03 23:40 -------- d-----w- c:\program files\Western Digital 2012-06-03 11:43 . 2012-06-03 11:43 -------- d-----w- c:\documents and settings\Jan\Application Data\AVG2012 2012-06-03 11:26 . 2012-06-03 11:26 -------- d-----w- c:\documents and settings\Jan\Local Settings\Application Data\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\documents and settings\Jan\Application Data\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2012-06-03 11:25 . 2012-06-03 11:25 -------- d-----w- c:\program files\AVG Secure Search 2012-06-03 11:24 . 2012-06-09 20:45 -------- d-----w- c:\windows\system32\drivers\AVG 2012-06-03 11:24 . 2012-06-03 11:52 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012 2012-06-03 11:07 . 2012-06-09 20:45 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\program files\NCH Software 2012-05-30 20:36 . 2012-05-30 20:36 -------- d-----w- c:\program files\NCH Swift Sound 2012-05-27 22:14 . 2012-05-27 22:14 -------- d-----w- c:\documents and settings\Jan\Application Data\MakeitOne 2012-05-27 22:14 . 2012-05-27 22:14 -------- d-----w- c:\program files\MakeitOne 2012-05-22 08:48 . 2012-05-22 08:48 -------- d-----w- c:\program files\Common Files\xing shared 2012-05-22 08:46 . 2012-05-22 08:46 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-05-22 08:46 . 2012-05-22 08:46 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-05-21 00:50 . 2012-05-21 00:50 -------- d-----w- C:\amd64 2012-05-21 00:50 . 2012-05-21 00:50 -------- d-----w- C:\i386 2012-05-12 20:07 . 2012-05-20 09:19 -------- d-----w- c:\documents and settings\Jan\Application Data\GemistDownloader 2012-05-12 20:07 . 2012-05-12 20:07 -------- d-----w- c:\program files\GemistDownloader 2012-05-11 22:44 . 2012-05-11 22:51 -------- d-----w- C:\1f1a51f293989baf461db378445035b1 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-31 13:22 . 2009-04-28 04:51 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-04-19 02:50 . 2012-04-19 02:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2012-04-11 13:14 . 2008-04-14 00:54 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-11 13:12 . 2009-04-28 04:51 1862272 ----a-w- c:\windows\system32\win32k.sys 2012-04-11 12:35 . 2008-04-14 00:01 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-19 03:17 . 2012-03-19 03:17 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2012-04-29 21:15 . 2012-02-21 17:23 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys [-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys [-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys . [-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys [-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys . [-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys . [-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys [-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys . [-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\I386\NTFS.SYS [-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys [-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys . [-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys . [-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll . [-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe . [-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll . [-] 2008-04-14 12:00 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll [-] 2008-04-14 12:00 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll . [-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll . [-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll . [-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe . [-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe [-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe [-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe . [-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe . [-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys [-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys . [-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll [-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL [-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll [-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll . [-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll . [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-04-14 12:00 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll . [-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll . [-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll . [-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll . [-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll . [-] 2012-03-01 . DADE53318D8E5335EE2E1745F1C3FC4D . 5978624 . . [8.00.6001.19222] . . c:\windows\system32\mshtml.dll [-] 2012-03-01 . DADE53318D8E5335EE2E1745F1C3FC4D . 5978624 . . [8.00.6001.19222] . . c:\windows\system32\dllcache\mshtml.dll [-] 2012-03-01 . 5DBB0C997AD276BCE9D30CD609BDBF67 . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll [-] 2011-12-17 . A9259CD226283CD4F798C00909754A94 . 5979136 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\mshtml.dll [-] 2011-12-17 . 49B88A833ECA99EFBFFC5AAE5CC998ED . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll [-] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll [-] 2011-11-04 . 699421E2E1313C18671A703953CAE14B . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll [-] 2011-10-03 . 4963CB503600FC3BCBDBFBA51FBA1FAC . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll [-] 2011-10-03 . 1240A6B7B470BED0AA6C9FEC7AB0EA26 . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll [-] 2011-07-25 . 23B3C8E9F3F280180573569253CE98AB . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll [-] 2011-07-25 . BCE7CCEBAD6C8955D2B4C3B246BD0E57 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll [-] 2011-05-30 . 22BA5235EA846EDA87F68A1DCC2BFCF9 . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll [-] 2011-05-30 . D0B1DB576941CB0B6669B8752FFAC79A . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll [-] 2011-02-22 . 3422847AA07E37076A87D0B7D5044DC6 . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll [-] 2011-02-22 . C2EF2335F1B6C2BE20A67D9098F6C9A1 . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll [-] 2010-12-20 . 1EDCEC5D649DBAC37ED9FFB5A14CEB0C . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll [-] 2010-12-20 . 2A2C070EC691CE410533A1DA7AA3CD86 . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll [-] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll [-] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\ie8updates\KB2482017-IE8\mshtml.dll [-] 2010-09-10 . DE41132DA8E5A3CD57201C6F2175EC05 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll [-] 2010-09-10 . 8A03CC037E6B7D1796192815231B0C3F . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll . [-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL [-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll [-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll . [-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll [-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll [-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll . [-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll . [-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll . [-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll . [-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll . [-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe . [-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll . [-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll . [-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe . [-] 2012-03-01 . 009E7B4C284F080608D7286484015EE5 . 916992 . . [8.00.6001.19222] . . c:\windows\system32\wininet.dll [-] 2012-03-01 . 009E7B4C284F080608D7286484015EE5 . 916992 . . [8.00.6001.19222] . . c:\windows\system32\dllcache\wininet.dll [-] 2012-03-01 . 4EC67FAB39F37626AD6D9895FC094ABF . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll [-] 2011-12-17 . F362D50FBDC6E34918DF41BDE1770E5C . 916992 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll [-] 2011-12-17 . 84A48E9818E8440DDBFD8EEC37C8A937 . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll [-] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll [-] 2011-11-04 . 4E4716CAF514717814D07113AD0425B6 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll [-] 2011-08-22 . 1A377838B4B468E37C3EEB5BAA24F925 . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll [-] 2011-08-22 . 19630AEBBFAEB06984CAB91848270AAF . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll [-] 2011-06-23 . AF4EDDC6C0446FCE5681B5DED52B8F0E . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll [-] 2011-06-23 . 509CF67AE762A38E23A5455A0053853C . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll [-] 2011-04-25 . CC951C2212A200475A587A440E0AA804 . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll [-] 2011-04-25 . 7F4F1697001B9E9A7924D219DC215903 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll [-] 2011-02-22 . A9FA95F0D7F511959AC721E4843E5967 . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll [-] 2011-02-22 . F192D49EEFE297FA858B2C774BA2291D . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll [-] 2010-12-20 . 88014D62B5E3CDB0AC67948D86C926C8 . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll [-] 2010-12-20 . 5504B4ECCE892EB82CD2C5FA71940AC1 . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll [-] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll [-] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll [-] 2010-09-10 . 36FE8ABC59AAFBE20CBE54BC372F9429 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll [-] 2010-09-10 . 0555E190DCD06B8998E6DDCA42DAEB82 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . 60237E50D575FBA9BEC9BC043F157149 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll [-] 2010-06-24 . D3DEB6B2B424AC93DE3801EAEB21A9A5 . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll [-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll [-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll [-] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll [-] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll [-] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll [-] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll [-] 2009-10-29 . 75240F6EDBCE7B85DF66874407D38A4F . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll [-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll [-] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3GDR\wininet.dll [-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll [-] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\SoftwareDistribution\Download\f5ce3558cdad2d0de1884dee71734a4a\SP3QFE\wininet.dll [-] 2009-08-29 . DB111200015F08DDDB8857E11C6A80E3 . 832512 . . [7.00.6000.16915] . . c:\windows\ie8\wininet.dll . [-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll . [-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll . [-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe . [-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\regedit.exe [-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\I386\REGEDIT.EXE [-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe . [-] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll [-] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll [-] 2011-11-01 . 7D9DDE1AB4B00DDB173F5A16E9206517 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll [-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll [-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll [-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll . [-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll [-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll [-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll [-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll . [-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll [-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll . [-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe . [-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll [-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll [-] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll [-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll . [-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll . [-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe . [-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll . [-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll . [-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll . [-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys [-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys . [-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll . [-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll . [-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll . [-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll . [-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll [-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll . [-] 2008-04-14 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [-] 2008-04-14 05:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys [-] 2008-04-14 05:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys . [-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys [-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys . [-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll [-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll [-] 2008-04-14 12:00 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll . [-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll . [-] 2008-04-14 12:00 . C7E39EA41233E9F5B86C8DA3A9F1E4A8 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2006-10-19 01:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2006-10-19 01:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll . [-] 2012-04-11 . 063A0F8A90D8E2B802E5243FE9AABCF3 . 2069120 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe [-] 2012-04-11 . 0C9E44D256948FA68AE10D67984862CE . 2069120 . . [5.1.2600.6206] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2012-04-11 . 0C9E44D256948FA68AE10D67984862CE . 2069120 . . [5.1.2600.6206] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2012-04-11 . 61CCE48F7BD00E0E4D5CDE206F2DDC1B . 2026496 . . [5.1.2600.6206] . . c:\windows\system32\ntkrnlpa.exe [-] 2011-10-25 . DB19FFF0C805664CB95062C027B11FE9 . 2069376 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe [-] 2011-10-25 . 36CAC3C8C4C10F4E21BFEABBFE7ACFFC . 2027008 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe [-] 2010-12-09 . F67CD97282E0ABFAF91A9A1359B16F2D . 2069376 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe [-] 2010-12-09 . 9ED77E2307F6EC6F174C063C15AA3B8C . 2027008 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe [-] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe [-] 2010-04-27 . 49E936E1398D1A536E84CD5D068F0F09 . 2024448 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe [-] 2010-02-16 . E8B8801DE921912EBDEEFC76662F7EAD . 2024448 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe [-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-08 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-08 . 089F1E207B067A4DDEB2EEC37BBB1AA7 . 2023936 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . 32B1A971183EC22DD91EEDA61C499E7C . 2023936 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe [-] 2009-02-06 . 65D4220799E6FC2CB079070A6393CC0E . 2023936 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-04-14 . 7F653A89F6E89E3AE0D49830EECE35D4 . 2023936 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe . [-] 2008-04-14 12:00 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2008-04-14 12:00 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll . [-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll . [-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll . [-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll . [-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll . [-] 2008-04-14 12:00 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2008-04-14 12:00 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll . [-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll . [-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll [-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll . [-] 2012-04-11 . 8D061BB825BC606C2B1C6F7452D1BAAA . 2192640 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe [-] 2012-04-11 . A144D60B35E6DD14CCB9649B5E0D1092 . 2148352 . . [5.1.2600.6206] . . c:\windows\system32\ntoskrnl.exe [-] 2012-04-11 . 536168936EBF326E36C655EC5AE34B03 . 2192640 . . [5.1.2600.6206] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2012-04-11 . 536168936EBF326E36C655EC5AE34B03 . 2192640 . . [5.1.2600.6206] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2011-10-25 . 3B663B9B193D7E1DE39A466020F1FD91 . 2148864 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe [-] 2011-10-25 . F512C662874D7545E5BD8005E6800A44 . 2192768 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe [-] 2010-12-09 . A531BBD3DE13121C1380ED7DC99082DB . 2192768 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe [-] 2010-12-09 . 60E16152D847D7A7B7D3DA4C4B8E2120 . 2148864 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe [-] 2010-04-27 . 466A3E1239F4A9428797730E81A7A865 . 2146304 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe [-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe [-] 2010-02-16 . 048DB3459FAB4CA741DCC84E1F374D65 . 2146304 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe [-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-08 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-08 . 9696C553F994340CD6AA5C5A724C3A19 . 2145280 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-08-04 . 78FCC97CD878D4CF5B5D2158A5A7CF92 . 2145280 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe [-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-06 . 0CBA44D0938D57F334C0862424148B70 . 2145280 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-04-14 . 40F8880122A030A7E9E1FEDEA833B33D . 2145280 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe . [-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll . [-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll [-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll . [-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll [-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll . [-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll [-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll . [-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll [-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-03 11:25 2067328 ----a-w- c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-06-03 2067328] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072] "AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784] "AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304] "AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-06 1434920] "SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-03-06 79144] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "RTHDCPL"="RTHDCPL.EXE" [2009-04-27 17881088] "ModemListener"="c:\program files\Mobilni Internet\ModemListener.exe" [2010-07-13 98304] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-05-22 296056] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-03 1116544] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\PoivY.com\\PoivY\\PoivY.exe"= "c:\\Program Files\\SmsDiscount.com\\SmsDiscount\\SmsDiscount.exe"= "c:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 4:50 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 4:46 31952] R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [11/03/2012 13:48 56208] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 5:25 235216] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [19/03/2012 5:17 301248] R1 RapportCerberus_34302;RapportCerberus_34302;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys [8/01/2012 13:57 228208] R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [11/03/2012 13:48 71440] R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [11/03/2012 13:48 164112] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/02/2012 4:53 193288] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/06/2012 11:11 654408] R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [11/03/2012 13:48 931640] R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [3/06/2012 13:25 932736] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23/12/2011 13:32 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 17232] R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28/04/2009 3:59 38912] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/06/2012 11:11 22344] R3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [16/03/2009 23:27 39040] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [30/04/2012 9:44 5106744] S2 DeviceManager;DeviceManager;c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start --> c:\program files\Common Files\DeviceHelper\DeviceManager.exe -start [?] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5/05/2009 18:00 1684736] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [29/04/2012 23:15 129976] S3 qcusbser;Modem Interface USB Device for Legacy Serial Communication;c:\windows\system32\drivers\qcusbser.sys [18/07/2011 14:07 103552] S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [5/05/2009 19:16 232872] . Contents of the 'Scheduled Tasks' folder . 2012-06-09 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-05-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3068895285-2536122168-2362634043-1006.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21] . 2012-06-02 c:\windows\Tasks\WavePadReminder.job - c:\program files\NCH Software\WavePad\wavepad.exe [2012-05-30 20:36] . 2012-05-30 c:\windows\Tasks\WavePadSevenDays.job - c:\program files\NCH Software\WavePad\wavepad.exe [2012-05-30 20:36] . . ------- Supplementary Scan ------- . IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll FF - ProfilePath - c:\documents and settings\Jan\Application Data\Mozilla\Firefox\Profiles\hvb4tjam.default\ FF - prefs.js: browser.search.selectedEngine - SearchYa! FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B33723462-2057-49fd-bb53-6bf855890778%7D&mid=aa82d3aa6d3d871141c54132f3784327-d020b6ef17d6b91b53f5e336f3e15b7082edbed9&ds=AVG&v=11.0.0.9〈=nl&pr=fr&d=2012-06-03%2013%3A25%3A46&sap=ku&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.searchya_i.hmpg - true FF - user.js: extensions.searchya_i.hmpgUrl - hxxp://searchya.com/?chnl=dcom-100&s=0&cr=1189743197&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyE FF - user.js: extensions.searchya_i.dfltSrch - true FF - user.js: extensions.searchya_i.srchPrvdr - SearchYa! FF - user.js: extensions.searchya_i.dnsErr - true FF - user.js: extensions.searchya_i.newTab - true FF - user.js: extensions.searchya_i.newTabUrl - hxxp://searchya.com/?chnl=dcom-100&s=2&cr=1189743197&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyE FF - user.js: extensions.searchya_i.tlbrSrchUrl - hxxp://searchya.com/?chnl=dcom-100&s=3&cr=1189743197&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyE&q= FF - user.js: extensions.searchya_i.id - 648d7a1a000000000000002618fcbe43 FF - user.js: extensions.searchya_i.instlDay - 15495 FF - user.js: extensions.searchya_i.vrsn - 1.5.13.0 FF - user.js: extensions.searchya_i.vrsni - 1.5.13.0 FF - user.js: extensions.searchya_i.vrsnTs - 1.5.13.03:16 FF - user.js: extensions.searchya_i.prtnrId - ironsrc FF - user.js: extensions.searchya_i.prdct - searchya FF - user.js: extensions.searchya_i.aflt - dcom FF - user.js: extensions.searchya_i.smplGrp - none FF - user.js: extensions.searchya_i.tlbrId - base FF - user.js: extensions.searchya_i.instlRef - dcom-100 FF - user.js: extensions.searchya_i.dfltLng - FF - user.js: extensions.searchya_i.excTlbr - false . - - - - ORPHANS REMOVED - - - - . WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe MSConfigStartUp-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-06-09 23:19 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•A~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(920) c:\windows\system32\igfxdev.dll . Completion time: 2012-06-09 23:32:22 ComboFix-quarantined-files.txt 2012-06-09 21:32 . Pre-Run: 60.817.563.648 bytes free Post-Run: 62.580.760.576 bytes free . WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - 7A5987F700B40C6BE0818AE64510D70A

9 juni 2012
15 antwoorden

SearchYa

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

Dag Kweezie, Firefox en IE openen nog met de browser en toolbar van SearchYa. Ik heb CCleaner 5 keer laten werken tot het geen fouten meer aangaf.

5 juni 2012
15 antwoorden

SearchYa

Jean Robbe reageerde op Jean Robbe's topic in Archief Bestrijding malware & virussen

De log van MBAM: Malwarebytes Anti-Malware (Trial) 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Database version: v2012.06.04.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Protection: Enabled 5/06/2012 0:12:48 mbam-log-2012-06-05 (00-12-48).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 193393 Time elapsed: 13 minute(s), 30 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Log Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:41:59, on 5/06/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe C:\Program Files\AVG\AVG2012\avgidsagent.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe C:\Program Files\EeePC\ACPI\AsEPCMon.exe C:\Program Files\EeePC\ACPI\AsTray.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Mobilni Internet\ModemListener.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Jan\Desktop\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll O2 - BHO: WebBlock Class - {C6B08E8D-3F9A-4710-9F38-E4BF827C6AC2} - C:\Program Files\Ashkon Software\Website Block\webblock.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [synAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ModemListener] C:\Program Files\Mobilni Internet\ModemListener.exe start O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Media Finder] "C:\Program Files\Media Finder\MF.exe" /opentotray O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: DeviceManager - Unknown owner - C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe -- End of file - 9255 bytes

4 juni 2012
15 antwoorden

Inloggen

Items

Registratiedatum

Laatst bezocht

Jean Robbe's prestaties

Leerling (3/14)

Recente badges

Reputatie

i search babylon (zoekmachine in IE en Firefox)

i search babylon (zoekmachine in IE en Firefox)

i search babylon (zoekmachine in IE en Firefox)

i search babylon (zoekmachine in IE en Firefox)

i search babylon (zoekmachine in IE en Firefox)

i search babylon (zoekmachine in IE en Firefox)

i search babylon (zoekmachine in IE en Firefox)

i search babylon (zoekmachine in IE en Firefox)

i search babylon (zoekmachine in IE en Firefox)

SearchYa

SearchYa

SearchYa

SearchYa

SearchYa

SearchYa

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie