Antisoft malware?

Status
Not open for further replies.
+ 2010-01-22 14:11 . 2009-12-21 19:09 184320 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iepeers.dll
+ 2010-01-22 14:11 . 2009-12-21 19:09 387584 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iedkcs32.dll
+ 2010-01-22 14:11 . 2009-12-21 13:22 173056 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ie4uinit.exe
+ 2010-02-11 01:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB978037\update\updspapi.dll
+ 2010-02-11 01:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB978037\update\update.exe
+ 2010-02-11 01:58 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB978037\spuninst.exe
+ 2010-02-11 01:57 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB977914\update\updspapi.dll
+ 2010-02-11 01:57 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB977914\update\update.exe
+ 2010-02-11 01:57 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB977914\spuninst.exe
+ 2010-02-11 01:56 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB977165\update\updspapi.dll
+ 2010-02-11 01:56 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB977165\update\update.exe
+ 2010-02-11 01:56 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB977165\spuninst.exe
+ 2009-11-04 04:02 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB976749-IE8\update\updspapi.dll
+ 2009-11-04 04:02 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB976749-IE8\update\update.exe
+ 2009-11-04 04:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB976749-IE8\spuninst.exe
+ 2010-02-25 03:07 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB976662-IE8\update\updspapi.dll
+ 2010-02-25 03:07 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB976662-IE8\update\update.exe
+ 2010-02-25 03:07 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB976662-IE8\spuninst.exe
+ 2010-02-24 12:47 . 2009-12-09 05:51 726528 c:\windows\$hf_mig$\KB976662-IE8\SP3QFE\jscript.dll
+ 2009-12-10 07:57 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB976325-IE8\update\updspapi.dll
+ 2009-12-10 07:57 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB976325-IE8\update\update.exe
+ 2009-12-10 07:57 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB976325-IE8\spuninst.exe
+ 2009-12-10 07:22 . 2009-10-29 07:45 916480 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
+ 2009-12-10 07:22 . 2009-10-29 07:45 206848 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\occache.dll
+ 2009-12-10 07:22 . 2009-10-29 07:45 594432 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\msfeeds.dll
+ 2009-12-10 07:22 . 2009-10-29 07:45 246272 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\ieproxy.dll
+ 2009-12-10 07:22 . 2009-10-29 07:45 184320 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\iepeers.dll
+ 2009-12-10 07:22 . 2009-10-29 07:45 387584 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\iedkcs32.dll
+ 2009-12-10 07:22 . 2009-10-28 14:10 173056 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\ie4uinit.exe
+ 2010-02-11 01:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975713\update\updspapi.dll
+ 2010-02-11 01:58 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975713\update\update.exe
+ 2010-02-11 01:58 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975713\spuninst.exe
+ 2009-12-08 09:01 . 2009-12-08 09:01 474112 c:\windows\$hf_mig$\KB975713\SP3QFE\shlwapi.dll
+ 2010-03-11 02:49 . 2009-05-26 17:10 382840 c:\windows\$hf_mig$\KB975561\update\updspapi.dll
+ 2010-03-11 02:49 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB975561\update\update.exe
+ 2010-03-11 02:49 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975561\spuninst.exe
+ 2010-02-11 01:58 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
+ 2010-02-11 01:57 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975560\update\update.exe
+ 2010-02-11 01:57 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975560\spuninst.exe
+ 2009-10-14 06:07 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975467\update\updspapi.dll
+ 2009-10-14 06:07 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975467\update\update.exe
+ 2009-10-14 06:07 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975467\spuninst.exe
+ 2009-09-11 14:13 . 2009-09-11 14:13 136704 c:\windows\$hf_mig$\KB975467\SP3QFE\msv1_0.dll
+ 2009-10-14 06:10 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975025\update\updspapi.dll
+ 2009-10-14 06:10 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975025\update\update.exe
+ 2009-10-14 06:10 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975025\spuninst.exe
+ 2009-10-14 06:10 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974571\update\updspapi.dll
+ 2009-10-14 06:10 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974571\update\update.exe
+ 2009-10-14 06:10 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974571\spuninst.exe
+ 2009-10-14 06:14 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974455-IE8\update\updspapi.dll
+ 2009-10-14 06:14 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB974455-IE8\update\update.exe
+ 2009-10-14 06:14 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB974455-IE8\spuninst.exe
+ 2009-10-14 05:43 . 2009-08-29 08:01 916480 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
+ 2009-10-14 05:43 . 2009-08-29 08:01 206848 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\occache.dll
+ 2009-10-14 05:43 . 2009-08-29 08:01 594432 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeeds.dll
+ 2009-10-14 05:42 . 2009-08-29 08:01 246272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieproxy.dll
+ 2009-10-14 05:42 . 2009-08-29 08:01 184320 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iepeers.dll
+ 2009-10-14 05:42 . 2009-08-29 08:01 387584 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iedkcs32.dll
+ 2009-10-14 05:42 . 2009-08-28 10:07 173056 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ie4uinit.exe
+ 2009-12-10 07:56 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974392\update\updspapi.dll
+ 2009-12-10 07:56 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974392\update\update.exe
+ 2009-12-10 07:56 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974392\spuninst.exe
+ 2009-10-13 10:38 . 2009-10-13 10:38 270336 c:\windows\$hf_mig$\KB974392\SP3QFE\oakley.dll
+ 2009-12-10 03:32 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974318\update\updspapi.dll
+ 2009-12-10 03:32 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974318\update\update.exe
+ 2009-12-10 03:32 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974318\spuninst.exe
+ 2009-10-12 13:28 . 2009-10-12 13:28 150016 c:\windows\$hf_mig$\KB974318\SP3QFE\rastls.dll
+ 2009-10-14 06:11 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974112\update\updspapi.dll
+ 2009-10-14 06:11 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974112\update\update.exe
+ 2009-10-14 06:11 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974112\spuninst.exe
+ 2009-08-26 08:03 . 2009-08-26 08:03 247326 c:\windows\$hf_mig$\KB974112\SP3QFE\strmdll.dll
+ 2009-12-10 03:31 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973904\update\updspapi.dll
+ 2009-12-10 03:31 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973904\update\update.exe
+ 2009-12-10 03:31 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973904\spuninst.exe
+ 2009-12-09 21:32 . 2009-07-29 14:01 119648 c:\windows\$hf_mig$\KB973904\SP3QFE\msconv97.dll
+ 2009-08-28 16:20 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB973869\update\updspapi.dll
+ 2009-08-28 16:20 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973869\update\update.exe
+ 2009-08-28 16:20 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973869\spuninst.exe
+ 2009-08-28 16:16 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973815\update\updspapi.dll
+ 2009-08-28 16:16 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973815\update\update.exe
+ 2009-08-28 16:16 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973815\spuninst.exe
+ 2009-08-05 08:52 . 2009-08-05 08:52 204800 c:\windows\$hf_mig$\KB973815\SP3QFE\mswebdvd.dll
+ 2009-11-26 02:21 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973687\update\updspapi.dll
+ 2009-11-26 02:21 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973687\update\update.exe
+ 2009-11-26 02:21 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973687\spuninst.exe
+ 2009-10-14 06:08 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973525\update\updspapi.dll
+ 2009-10-14 06:08 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973525\update\update.exe
+ 2009-10-14 06:08 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973525\spuninst.exe
+ 2009-08-28 16:20 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973507\update\updspapi.dll
+ 2009-08-28 16:20 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973507\update\update.exe
+ 2009-08-28 16:20 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973507\spuninst.exe
+ 2009-08-28 16:20 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973354\update\updspapi.dll
+ 2009-08-28 16:20 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973354\update\update.exe
+ 2009-08-28 16:20 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973354\spuninst.exe
+ 2009-08-28 16:36 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB973346\update\updspapi.dll
+ 2009-08-28 16:36 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973346\update\update.exe
+ 2009-08-28 16:36 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973346\spuninst.exe
+ 2010-01-14 10:02 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB972270\update\updspapi.dll
+ 2010-01-14 10:02 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB972270\update\update.exe
+ 2010-01-14 10:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB972270\spuninst.exe
+ 2010-01-13 10:09 . 2009-10-15 16:39 119808 c:\windows\$hf_mig$\KB972270\SP3QFE\t2embed.dll
+ 2009-08-28 18:24 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB972260-IE8\update\updspapi.dll
+ 2009-08-28 18:24 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB972260-IE8\update\update.exe
+ 2009-08-28 18:24 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB972260-IE8\spuninst.exe
+ 2009-08-28 16:48 . 2009-07-03 17:06 915456 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
+ 2009-08-28 16:48 . 2009-07-03 17:06 206848 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\occache.dll
+ 2009-08-28 16:48 . 2009-07-03 17:06 594432 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\msfeeds.dll
+ 2009-08-28 16:48 . 2009-07-03 17:06 246272 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\ieproxy.dll
+ 2009-08-28 16:48 . 2009-07-03 17:06 184320 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\iepeers.dll
+ 2009-08-28 16:48 . 2009-07-03 17:06 386048 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\iedkcs32.dll
+ 2009-08-28 16:48 . 2009-07-03 11:38 173056 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\ie4uinit.exe
+ 2009-09-09 23:06 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB971961-IE8\update\updspapi.dll
+ 2009-09-09 23:06 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB971961-IE8\update\update.exe
+ 2009-09-09 23:06 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971961-IE8\spuninst.exe
+ 2009-09-09 10:21 . 2009-06-22 06:47 726528 c:\windows\$hf_mig$\KB971961-IE8\SP3QFE\jscript.dll
+ 2009-12-10 07:56 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971737\update\updspapi.dll
+ 2009-12-10 07:56 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971737\update\update.exe
+ 2009-12-10 07:56 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971737\spuninst.exe
+ 2009-08-25 09:27 . 2009-08-25 09:27 354816 c:\windows\$hf_mig$\KB971737\SP3QFE\winhttp.dll
+ 2009-08-28 16:40 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971657\update\updspapi.dll
+ 2009-08-28 16:40 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971657\update\update.exe
+ 2009-08-28 16:40 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971657\spuninst.exe
+ 2009-06-10 06:17 . 2009-06-10 06:17 134144 c:\windows\$hf_mig$\KB971657\SP3QFE\wkssvc.dll
+ 2009-08-28 16:21 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB971633\update\updspapi.dll
+ 2009-08-28 16:21 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB971633\update\update.exe
+ 2009-08-28 16:21 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971633\spuninst.exe
+ 2009-08-28 16:40 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971557\update\updspapi.dll
+ 2009-08-28 16:40 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971557\update\update.exe
 
+ 2009-08-28 16:40 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971557\spuninst.exe
+ 2009-10-14 06:08 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971486\update\updspapi.dll
+ 2009-10-14 06:08 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971486\update\update.exe
+ 2009-10-14 06:08 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB971486\spuninst.exe
+ 2010-02-11 02:00 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB971468\update\updspapi.dll
+ 2010-02-11 02:00 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB971468\update\update.exe
+ 2010-02-11 02:00 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971468\spuninst.exe
+ 2010-02-10 19:03 . 2010-01-01 07:58 353792 c:\windows\$hf_mig$\KB971468\SP3QFE\srv.sys
+ 2009-12-10 03:33 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB970430\update\updspapi.dll
+ 2009-12-10 03:33 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB970430\update\update.exe
+ 2009-12-10 03:33 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB970430\spuninst.exe
+ 2009-10-20 15:21 . 2009-10-20 15:21 265728 c:\windows\$hf_mig$\KB970430\SP3QFE\http.sys
+ 2009-08-28 16:19 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB970238\update\updspapi.dll
+ 2009-08-28 16:19 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB970238\update\update.exe
+ 2009-08-28 16:19 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB970238\spuninst.exe
+ 2009-04-15 15:24 . 2009-04-15 15:24 585216 c:\windows\$hf_mig$\KB970238\SP3QFE\rpcrt4.dll
+ 2009-11-12 03:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969947\update\updspapi.dll
+ 2009-11-12 03:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB969947\update\update.exe
+ 2009-11-12 03:01 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB969947\spuninst.exe
+ 2009-10-14 06:11 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969059\update\updspapi.dll
+ 2009-10-14 06:11 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB969059\update\update.exe
+ 2009-10-14 06:11 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB969059\spuninst.exe
+ 2009-08-28 16:16 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB968537\update\updspapi.dll
+ 2009-08-28 16:16 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB968537\update\update.exe
+ 2009-08-28 16:16 . 2008-07-09 07:38 231288 c:\windows\$hf_mig$\KB968537\spuninst.exe
+ 2009-10-13 01:39 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB968389\update\updspapi.dll
+ 2009-10-13 01:39 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB968389\update\update.exe
+ 2009-10-13 01:39 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB968389\spuninst.exe
+ 2009-06-25 08:41 . 2009-06-25 08:41 147456 c:\windows\$hf_mig$\KB968389\SP3QFE\schannel.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 136704 c:\windows\$hf_mig$\KB968389\SP3QFE\msv1_0.dll
+ 2009-06-26 09:41 . 2009-06-26 09:41 730112 c:\windows\$hf_mig$\KB968389\SP3QFE\lsasrv.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 301568 c:\windows\$hf_mig$\KB968389\SP3QFE\kerberos.dll
+ 2009-08-28 16:19 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB967715\update\updspapi.dll
+ 2009-08-28 16:19 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB967715\update\update.exe
+ 2009-08-28 16:19 . 2008-07-09 07:38 231288 c:\windows\$hf_mig$\KB967715\spuninst.exe
+ 2009-08-28 16:40 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB961503\update\updspapi.dll
+ 2009-08-28 16:40 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB961503\update\update.exe
+ 2009-08-28 16:40 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB961503\spuninst.exe
+ 2009-08-28 16:21 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB961501\update\updspapi.dll
+ 2009-08-28 16:21 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB961501\update\update.exe
+ 2009-08-28 16:21 . 2008-07-09 07:38 231288 c:\windows\$hf_mig$\KB961501\spuninst.exe
+ 2009-05-07 15:14 . 2009-05-07 15:14 346112 c:\windows\$hf_mig$\KB961501\SP3QFE\localspl.dll
+ 2009-08-28 16:40 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB961371-v2\update\updspapi.dll
+ 2009-08-28 16:40 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB961371-v2\update\update.exe
+ 2009-08-28 16:40 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB961371-v2\spuninst.exe
+ 2009-07-29 04:30 . 2009-07-29 04:30 119808 c:\windows\$hf_mig$\KB961371-v2\SP3QFE\t2embed.dll
+ 2009-08-28 16:42 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB960859\update\updspapi.dll
+ 2009-08-28 16:42 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB960859\update\update.exe
+ 2009-08-28 16:42 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB960859\spuninst.exe
+ 2009-08-28 16:16 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB960803\update\updspapi.dll
+ 2009-08-28 16:16 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB960803\update\update.exe
+ 2009-08-28 16:16 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB960803\spuninst.exe
+ 2008-12-16 12:22 . 2008-12-16 12:22 354304 c:\windows\$hf_mig$\KB960803\SP3QFE\winhttp.dll
+ 2009-08-28 16:39 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB960225\update\updspapi.dll
+ 2009-08-28 16:39 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB960225\update\update.exe
+ 2009-08-28 16:39 . 2007-11-30 11:18 231288 c:\windows\$hf_mig$\KB960225\spuninst.exe
+ 2008-12-05 06:58 . 2008-12-05 06:58 144896 c:\windows\$hf_mig$\KB960225\SP3QFE\schannel.dll
+ 2009-08-28 16:43 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB959426\update\updspapi.dll
+ 2009-08-28 16:43 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB959426\update\update.exe
+ 2009-08-28 16:43 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB959426\spuninst.exe
+ 2009-03-21 13:59 . 2009-03-21 13:59 991744 c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
+ 2009-08-28 16:20 . 2007-11-30 11:18 382840 c:\windows\$hf_mig$\KB958687\update\updspapi.dll
+ 2009-08-28 16:20 . 2007-11-30 11:18 755576 c:\windows\$hf_mig$\KB958687\update\update.exe
+ 2009-08-28 16:20 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB958687\spuninst.exe
+ 2009-08-28 14:19 . 2008-12-11 12:33 333952 c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys
+ 2009-09-09 23:06 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956844\update\updspapi.dll
+ 2009-09-09 23:06 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB956844\update\update.exe
+ 2009-09-09 23:06 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956844\spuninst.exe
+ 2009-09-09 10:21 . 2009-06-21 21:49 153088 c:\windows\$hf_mig$\KB956844\SP3QFE\triedit.dll
+ 2009-08-28 16:36 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956744\update\updspapi.dll
+ 2009-08-28 16:36 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB956744\update\update.exe
+ 2009-08-28 16:36 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956744\spuninst.exe
+ 2009-08-28 16:21 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB956572\update\updspapi.dll
+ 2009-08-28 16:21 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB956572\update\update.exe
+ 2009-08-28 16:21 . 2008-07-09 07:38 231288 c:\windows\$hf_mig$\KB956572\spuninst.exe
+ 2009-08-28 14:20 . 2009-02-06 10:15 227840 c:\windows\$hf_mig$\KB956572\SP3QFE\wmiprvse.exe
+ 2009-08-28 14:20 . 2009-02-09 10:56 453120 c:\windows\$hf_mig$\KB956572\SP3QFE\wmiprvsd.dll
+ 2009-08-28 14:20 . 2009-02-06 11:06 110592 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
+ 2009-08-28 14:20 . 2009-02-09 10:56 401408 c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
+ 2009-08-28 14:20 . 2009-03-06 13:49 284160 c:\windows\$hf_mig$\KB956572\SP3QFE\pdh.dll
+ 2009-08-28 14:20 . 2009-02-09 10:56 715264 c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
+ 2009-08-28 14:20 . 2009-02-09 10:56 729088 c:\windows\$hf_mig$\KB956572\SP3QFE\lsasrv.dll
+ 2009-08-28 14:20 . 2009-02-09 10:56 473600 c:\windows\$hf_mig$\KB956572\SP3QFE\fastprox.dll
+ 2009-02-10 18:26 . 2009-02-10 18:26 617472 c:\windows\$hf_mig$\KB956572\SP3QFE\advapi32.dll
+ 2010-01-14 10:04 . 2009-05-26 17:10 382840 c:\windows\$hf_mig$\KB955759\update\updspapi.dll
+ 2010-01-14 10:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB955759\update\update.exe
+ 2010-01-14 10:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB955759\spuninst.exe
+ 2010-01-13 10:10 . 2009-11-21 15:40 471552 c:\windows\$hf_mig$\KB955759\SP3QFE\aclayers.dll
+ 2009-08-28 16:20 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB952004\update\updspapi.dll
+ 2009-08-28 16:20 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB952004\update\update.exe
+ 2009-08-28 16:20 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB952004\spuninst.exe
+ 2008-06-12 14:09 . 2008-06-12 14:09 161792 c:\windows\$hf_mig$\KB952004\SP3QFE\msdtcuiu.dll
+ 2008-06-12 14:09 . 2008-06-12 14:09 956928 c:\windows\$hf_mig$\KB952004\SP3QFE\msdtctm.dll
+ 2008-06-12 14:09 . 2008-06-12 14:09 428032 c:\windows\$hf_mig$\KB952004\SP3QFE\msdtcprx.dll
+ 2009-08-28 16:19 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2009-08-28 16:19 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2009-08-28 16:19 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2008-06-20 11:16 . 2008-06-20 11:16 225856 c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2008-06-20 11:59 . 2008-06-20 11:59 361600 c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 17:43 . 2008-06-20 17:43 245248 c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 17:43 . 2008-06-20 17:43 147968 c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 11:48 . 2008-06-20 11:48 138496 c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2009-08-28 16:16 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB923561\update\updspapi.dll
+ 2009-08-28 16:16 . 2008-11-15 17:18 755576 c:\windows\$hf_mig$\KB923561\update\update.exe
+ 2009-08-28 16:16 . 2008-07-09 07:38 231288 c:\windows\$hf_mig$\KB923561\spuninst.exe
+ 2009-08-28 14:18 . 2008-04-21 12:15 215552 c:\windows\$hf_mig$\KB923561\SP3QFE\wordpad.exe
+ 2009-10-14 05:42 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2009-08-28 14:20 . 2008-04-15 17:47 1724416 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
+ 2006-12-02 00:25 . 2006-12-02 00:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-02 00:25 . 2006-12-02 00:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2009-07-21 00:03 . 2009-07-21 00:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2009-09-04 15:55 . 2008-05-10 01:42 1036288 c:\windows\twain_32\Lexmark\5600-6600 Series\lxdudrs.dll
+ 2009-08-28 16:27 . 2008-07-06 12:06 1676288 c:\windows\system32\xpssvcs.dll
+ 2006-11-10 17:43 . 2009-08-06 18:23 1929952 c:\windows\system32\wuaueng.dll
+ 2004-08-04 12:00 . 2009-05-20 03:56 2458112 c:\windows\system32\WMVCore.dll
- 2004-08-04 12:00 . 2008-06-18 05:03 2458112 c:\windows\system32\WMVCore.dll
+ 2004-08-04 12:00 . 2009-08-14 13:21 1850624 c:\windows\system32\win32k.sys
+ 2009-10-20 07:20 . 2009-08-28 18:42 2065696 c:\windows\system32\usbaaplrc.dll
+ 2004-08-04 12:00 . 2010-02-25 06:24 1209344 c:\windows\system32\urlmon.dll
+ 2009-08-28 16:27 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
+ 2009-08-28 16:27 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2009-08-28 16:27 . 2008-07-06 16:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2009-08-28 16:27 . 2008-07-06 16:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2009-09-04 15:56 . 2008-05-07 09:49 1388544 c:\windows\system32\spool\drivers\w32x86\lexmark5600_6600_ser0565\lxdupswb.dll
+ 2009-09-04 15:56 . 2008-05-07 09:49 4038656 c:\windows\system32\spool\drivers\w32x86\lexmark5600_6600_ser0565\lxduprpb.dll
+ 2009-09-04 15:56 . 2008-05-07 09:49 3702784 c:\windows\system32\spool\drivers\w32x86\lexmark5600_6600_ser0565\lxdulpab.dll
+ 2009-09-04 15:56 . 2008-05-07 09:47 1388544 c:\windows\system32\spool\drivers\w32x86\lexmark5600_6600_ser0565\lxdulpa.dll
+ 2009-09-04 15:56 . 2008-04-03 03:07 1388544 c:\windows\system32\spool\drivers\w32x86\lexmark5600_6600_ser0565\lxduhpec.dll
+ 2009-08-28 16:27 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2009-09-04 15:53 . 2008-04-15 04:14 1079808 c:\windows\system32\spool\drivers\w32x86\3\mfc80u.dll
+ 2009-09-04 15:56 . 2008-05-07 09:49 1388544 c:\windows\system32\spool\drivers\w32x86\3\lxdupswb.dll
+ 2009-09-04 15:56 . 2008-05-07 09:49 4038656 c:\windows\system32\spool\drivers\w32x86\3\lxduprpb.dll
+ 2009-09-04 15:56 . 2008-05-07 09:49 3702784 c:\windows\system32\spool\drivers\w32x86\3\lxdulpab.dll
+ 2009-09-04 15:56 . 2008-05-07 09:47 1388544 c:\windows\system32\spool\drivers\w32x86\3\lxdulpa.dll
+ 2009-09-04 15:56 . 2008-04-03 03:07 1388544 c:\windows\system32\spool\drivers\w32x86\3\lxduhpec.dll
 
+ 2004-08-04 12:00 . 2008-06-17 19:02 8461312 c:\windows\system32\shell32.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 8461312 c:\windows\system32\shell32.dll
+ 2004-08-04 12:00 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 1435648 c:\windows\system32\query.dll
+ 2004-08-04 12:00 . 2009-11-27 17:11 1291776 c:\windows\system32\quartz.dll
+ 2008-12-27 14:04 . 2009-07-31 10:05 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-21 00:05 . 2009-07-21 00:05 1348432 c:\windows\system32\msxml4.dll
+ 2004-08-04 12:00 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll
+ 2006-11-10 17:41 . 2009-06-10 08:19 2066432 c:\windows\system32\mstscax.dll
+ 2004-08-04 12:00 . 2010-02-25 06:24 5944832 c:\windows\system32\mshtml.dll
+ 2009-07-18 03:21 . 2009-07-18 03:21 3883424 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-09-04 15:52 . 2008-05-24 00:16 1069056 c:\windows\system32\lxduserv.dll
+ 2009-09-04 15:55 . 2008-05-10 01:42 1036288 c:\windows\system32\lxdudrs.dll
+ 2006-10-17 11:57 . 2010-02-25 06:24 1985536 c:\windows\system32\iertutil.dll
+ 2006-09-05 23:01 . 2009-02-06 20:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2009-08-04 18:52 . 2009-08-04 18:52 1193832 c:\windows\system32\FM20.DLL
+ 2009-10-20 07:20 . 2009-08-28 18:42 2065696 c:\windows\system32\DRVSTORE\usbaapl_6DA28B91FF48C57089E4D2436654AFA4ECAD0622\usbaaplrc.dll
+ 2009-10-20 07:20 . 2009-08-28 18:42 1417504 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\wdfcoinstaller01005.dll
+ 2009-08-28 16:27 . 2008-07-06 12:06 1676288 c:\windows\system32\dllcache\xpssvcs.dll
+ 2006-11-10 17:43 . 2009-08-06 18:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2004-08-04 12:00 . 2009-05-20 03:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
- 2004-08-04 12:00 . 2008-06-18 05:03 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-12-27 12:59 . 2009-08-14 13:21 1850624 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-04 12:00 . 2010-02-25 06:24 1209344 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2008-06-17 19:02 8461312 c:\windows\system32\dllcache\shell32.dll
+ 2009-01-07 17:20 . 2009-01-07 17:20 1497088 c:\windows\system32\dllcache\shdocvw.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2008-05-07 05:12 . 2009-11-27 17:11 1291776 c:\windows\system32\dllcache\quartz.dll
+ 2008-12-27 12:59 . 2010-02-17 08:10 2189952 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-12-27 12:59 . 2010-02-16 13:25 2024448 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-12-27 12:59 . 2010-02-16 13:25 2066816 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-12-27 12:59 . 2010-02-16 14:08 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-12-27 14:04 . 2009-07-31 10:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2004-08-04 12:00 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2006-11-10 17:41 . 2009-06-10 08:19 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2009-08-28 14:19 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2004-08-04 12:00 . 2010-02-25 06:24 5944832 c:\windows\system32\dllcache\mshtml.dll
+ 2010-03-10 21:50 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2007-04-25 08:41 . 2010-02-25 06:24 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2007-04-17 09:28 . 2009-02-06 20:07 3698584 c:\windows\system32\dllcache\ieapfltr.dat
+ 2009-08-28 14:15 . 2008-04-14 00:12 1614848 c:\windows\system32\dllcache\cache\sfcfiles.dll
+ 2009-08-28 14:15 . 2008-08-14 10:09 2145280 c:\windows\system32\dllcache\cache\ntoskrnl.exe
+ 2009-08-28 14:15 . 2008-08-14 09:33 2023936 c:\windows\system32\dllcache\cache\ntkrnlpa.exe
+ 2009-08-28 14:15 . 2008-12-13 06:40 3593216 c:\windows\system32\dllcache\cache\mshtml.dll
+ 2009-08-28 14:15 . 2008-04-14 00:12 1033728 c:\windows\system32\dllcache\cache\explorer.exe
+ 2009-01-07 17:20 . 2009-01-07 17:20 1022976 c:\windows\system32\dllcache\browseui.dll
+ 2010-01-14 12:18 . 2009-11-24 23:54 1280480 c:\windows\system32\aswBoot.exe
+ 2008-07-29 23:40 . 2008-07-29 23:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 18:47 . 2008-07-29 18:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 18:47 . 2008-07-29 18:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 18:47 . 2008-07-29 18:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-29 23:40 . 2008-07-29 23:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-05 19:35 . 2008-12-05 19:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-29 21:10 . 2008-07-29 21:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-29 21:10 . 2008-07-29 21:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-12-05 20:12 . 2008-12-05 20:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 11:16 . 2008-07-25 11:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 11:17 . 2008-07-25 11:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 04:59 . 2008-11-25 04:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 11:17 . 2008-07-25 11:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 04:59 . 2008-11-25 04:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 11:17 . 2008-07-25 11:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 11:17 . 2008-07-25 11:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 11:17 . 2008-07-25 11:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2009-08-07 23:51 . 2009-08-07 23:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-07 23:51 . 2009-08-07 23:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 11:16 . 2008-07-25 11:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2009-11-20 15:00 . 2009-11-20 15:00 5521408 c:\windows\Installer\f85c2e.msp
+ 2010-01-17 10:51 . 2010-01-17 10:51 1981952 c:\windows\Installer\b00d8.msi
+ 2009-12-11 10:29 . 2009-12-11 10:29 5521408 c:\windows\Installer\90f2b.msp
+ 2008-12-13 09:57 . 2008-12-13 09:57 8397824 c:\windows\Installer\7468cc.msp
+ 2008-07-29 19:26 . 2008-07-29 19:26 1043456 c:\windows\Installer\735c71.msp
+ 2008-07-29 20:37 . 2008-07-29 20:37 2679808 c:\windows\Installer\735c6f.msp
+ 2008-07-29 21:15 . 2008-07-29 21:15 3697664 c:\windows\Installer\735c6d.msp
+ 2008-07-29 19:34 . 2008-07-29 19:34 1448448 c:\windows\Installer\735c6c.msp
+ 2008-07-29 20:22 . 2008-07-29 20:22 4137984 c:\windows\Installer\735c6b.msp
+ 2008-07-29 19:18 . 2008-07-29 19:18 3376640 c:\windows\Installer\735c6a.msp
+ 2008-07-29 17:45 . 2008-07-29 17:45 2543616 c:\windows\Installer\702e16.msp
+ 2008-07-29 17:29 . 2008-07-29 17:29 2926080 c:\windows\Installer\702e15.msp
+ 2008-07-29 17:41 . 2008-07-29 17:41 6487040 c:\windows\Installer\702e14.msp
+ 2008-07-29 17:39 . 2008-07-29 17:39 3403264 c:\windows\Installer\702e13.msp
+ 2008-07-29 17:43 . 2008-07-29 17:43 1013248 c:\windows\Installer\702e11.msp
+ 2008-07-29 17:31 . 2008-07-29 17:31 6083072 c:\windows\Installer\702e0e.msp
+ 2010-03-18 12:30 . 2010-03-18 12:30 4449280 c:\windows\Installer\570e5.msi
+ 2008-06-19 17:28 . 2008-06-19 17:28 1573376 c:\windows\Installer\46c48.msp
+ 2007-07-21 12:26 . 2007-07-21 12:26 7574016 c:\windows\Installer\46c24.msp
+ 2008-10-20 09:18 . 2008-10-20 09:18 6474240 c:\windows\Installer\46c1c.msp
+ 2009-10-22 12:46 . 2009-10-22 12:46 6821888 c:\windows\Installer\3de1da5.msp
+ 2009-08-18 12:58 . 2009-08-18 12:58 8301056 c:\windows\Installer\3de1d8f.msp
+ 2009-10-06 18:40 . 2009-10-06 18:40 7681024 c:\windows\Installer\3de1d86.msp
+ 2009-10-22 12:28 . 2009-10-22 12:28 5521408 c:\windows\Installer\3de1d70.msp
+ 2009-12-16 22:58 . 2009-12-16 22:58 5382144 c:\windows\Installer\39e7ee3.msp
+ 2009-10-20 07:24 . 2009-10-20 07:24 1659392 c:\windows\Installer\349397.msi
+ 2009-10-20 07:21 . 2009-10-20 07:21 3310592 c:\windows\Installer\3490fd.msi
+ 2009-11-23 03:37 . 2009-11-23 03:37 9473024 c:\windows\Installer\3438c67.msi
+ 2009-08-25 13:57 . 2009-08-25 13:57 5518336 c:\windows\Installer\32c49d1.msp
+ 2010-01-19 17:51 . 2010-01-19 17:51 5524480 c:\windows\Installer\2ea25e6.msp
+ 2010-01-19 18:29 . 2010-01-19 18:29 5050368 c:\windows\Installer\2ea25d0.msp
+ 2009-08-05 01:11 . 2009-08-05 01:11 5518848 c:\windows\Installer\2b5530.msp
+ 2009-05-01 14:49 . 2009-05-01 14:49 4328960 c:\windows\Installer\2b551a.msp
+ 2009-07-01 12:21 . 2009-07-01 12:21 8891904 c:\windows\Installer\2b5502.msp
+ 2009-05-12 12:01 . 2009-05-12 12:01 6818816 c:\windows\Installer\2b54e9.msp
+ 2009-05-04 06:46 . 2009-05-04 06:46 8299008 c:\windows\Installer\278297.msp
+ 2009-04-24 11:31 . 2009-04-24 11:31 1425920 c:\windows\Installer\27828d.msp
+ 2009-04-24 11:30 . 2009-04-24 11:30 2583552 c:\windows\Installer\278282.msp
+ 2009-07-27 03:31 . 2009-07-27 03:31 3738624 c:\windows\Installer\278277.msp
+ 2010-02-04 18:11 . 2010-02-04 18:11 5526528 c:\windows\Installer\26a451d.msp
+ 2010-01-27 17:53 . 2010-01-27 17:53 6820864 c:\windows\Installer\26a4507.msp
+ 2010-02-21 01:00 . 2010-02-21 01:00 8480768 c:\windows\Installer\26a44f1.msp
+ 2009-04-23 16:57 . 2009-04-23 16:57 7672832 c:\windows\Installer\216a95.msp
+ 2009-08-21 09:14 . 2009-08-21 09:14 8363008 c:\windows\Installer\2108bf.msp
+ 2009-08-20 04:02 . 2009-08-20 04:02 5204992 c:\windows\Installer\2108a3.msp
+ 2009-09-29 08:08 . 2009-09-29 08:08 6747648 c:\windows\Installer\21088d.msp
+ 2009-09-21 15:53 . 2009-09-21 15:53 5518848 c:\windows\Installer\210860.msp
+ 2010-03-11 11:03 . 2010-03-11 11:03 5524480 c:\windows\Installer\1d5ee2a.msp
+ 2010-03-11 20:16 . 2010-03-11 20:16 4148224 c:\windows\Installer\1d5ee14.msp
+ 2009-08-28 17:13 . 2009-08-28 17:13 1549312 c:\windows\Installer\1ac43c.msi
+ 2007-04-19 13:49 . 2007-04-19 13:49 1661280 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\PPTVIEW.EXE
+ 2007-05-10 13:45 . 2007-05-10 13:45 8069464 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OWC11.DLL
+ 2007-03-14 13:10 . 2007-03-14 13:10 7255384 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OWC10.DLL
+ 2007-06-06 10:53 . 2007-06-06 10:53 1195888 c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\FM20.DLL
+ 2007-03-21 17:58 . 2007-03-21 17:58 4145520 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\WRD12CNV.DLL
+ 2007-05-10 09:11 . 2007-05-10 09:11 1767256 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2006-10-27 14:18 . 2006-10-27 14:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OGL.DLL
+ 2007-03-21 17:56 . 2007-03-21 17:56 8425856 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2010-04-01 01:17 . 2009-12-21 19:14 1208832 c:\windows\ie8updates\KB980182-IE8\urlmon.dll
+ 2010-04-01 01:17 . 2009-12-21 19:14 5942784 c:\windows\ie8updates\KB980182-IE8\mshtml.dll
 
+ 2010-04-01 01:17 . 2009-12-21 19:14 1985536 c:\windows\ie8updates\KB980182-IE8\iertutil.dll
+ 2010-01-23 01:02 . 2009-10-29 07:45 1208832 c:\windows\ie8updates\KB978207-IE8\urlmon.dll
+ 2010-01-23 01:02 . 2009-10-29 07:45 5940736 c:\windows\ie8updates\KB978207-IE8\mshtml.dll
+ 2010-01-23 01:02 . 2009-10-29 07:45 1985536 c:\windows\ie8updates\KB978207-IE8\iertutil.dll
+ 2009-11-04 04:02 . 2009-08-29 08:08 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll
+ 2009-12-10 07:57 . 2009-08-29 08:08 1208832 c:\windows\ie8updates\KB976325-IE8\urlmon.dll
+ 2009-12-10 07:57 . 2009-10-22 09:19 5939712 c:\windows\ie8updates\KB976325-IE8\mshtml.dll
+ 2009-12-10 07:57 . 2009-08-29 08:08 1985536 c:\windows\ie8updates\KB976325-IE8\iertutil.dll
+ 2009-10-14 06:14 . 2009-07-03 17:09 1208832 c:\windows\ie8updates\KB974455-IE8\urlmon.dll
+ 2009-10-14 06:14 . 2009-07-19 13:18 5937152 c:\windows\ie8updates\KB974455-IE8\mshtml.dll
+ 2009-10-14 06:14 . 2009-07-03 17:09 1985536 c:\windows\ie8updates\KB974455-IE8\iertutil.dll
+ 2009-08-28 18:24 . 2009-03-08 03:34 1206784 c:\windows\ie8updates\KB972260-IE8\urlmon.dll
+ 2009-08-28 18:24 . 2009-03-08 03:41 5937152 c:\windows\ie8updates\KB972260-IE8\mshtml.dll
+ 2009-08-28 18:24 . 2009-03-08 03:32 1985024 c:\windows\ie8updates\KB972260-IE8\iertutil.dll
+ 2009-08-28 15:37 . 2008-10-16 20:38 1160192 c:\windows\ie8\urlmon.dll
+ 2009-08-28 15:37 . 2008-12-13 06:40 3593216 c:\windows\ie8\mshtml.dll
+ 2009-08-28 15:37 . 2008-10-16 20:38 6066176 c:\windows\ie8\ieframe.dll
+ 2009-08-28 15:37 . 2007-04-17 09:28 2455488 c:\windows\ie8\ieapfltr.dat
+ 2008-12-27 12:59 . 2010-02-17 08:10 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-12-27 12:59 . 2010-02-16 13:25 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-12-27 12:59 . 2010-02-16 13:25 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-12-27 12:59 . 2010-02-16 14:08 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-11-09 23:37 . 2009-11-09 23:37 7257088 c:\windows\Downloaded Installations\{EBE7B70B-67CF-4935-808F-9339F92DF158}\World Community Grid - BOINC for Windows.msi
+ 2010-01-30 07:25 . 2010-01-30 07:25 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll
+ 2010-01-30 07:28 . 2010-01-30 07:28 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll
+ 2010-01-29 04:49 . 2010-01-29 04:49 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27A.tmp\System.dll
+ 2010-01-30 07:24 . 2010-01-30 07:24 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2010-01-30 07:28 . 2010-01-30 07:28 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
+ 2010-01-30 07:55 . 2010-01-30 07:55 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d\System.WorkflowServices.ni.dll
+ 2010-01-30 07:54 . 2010-01-30 07:54 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030\System.Workflow.Runtime.ni.dll
+ 2010-01-30 07:54 . 2010-01-30 07:54 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef\System.Workflow.ComponentModel.ni.dll
+ 2010-01-30 07:54 . 2010-01-30 07:54 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\65328898148a720d394f802f192fc2a0\System.Workflow.Activities.ni.dll
+ 2010-01-30 07:54 . 2010-01-30 07:54 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\ea07ac791bb5cb9f83679e3dd1a0c0cc\System.Web.Services.ni.dll
+ 2010-01-30 07:54 . 2010-01-30 07:54 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\System.Web.Mobile.ni.dll
+ 2010-01-30 07:54 . 2010-01-30 07:54 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\981dea02bc63c0c083e335adf9018788\System.Web.Extensions.ni.dll
+ 2010-01-30 07:27 . 2010-01-30 07:27 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll
+ 2010-01-30 07:53 . 2010-01-30 07:53 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\e182695d05ea57257568bc5f3208aca7\System.ServiceModel.Web.ni.dll
+ 2010-01-30 07:50 . 2010-01-30 07:50 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\67ad55827f2542552b576170f0a7dc56\System.Runtime.Serialization.ni.dll
+ 2010-01-30 07:27 . 2010-01-30 07:27 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll
+ 2010-01-30 07:50 . 2010-01-30 07:50 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll
+ 2010-01-30 07:27 . 2010-01-30 07:27 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
+ 2010-01-30 07:53 . 2010-01-30 07:53 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f47ebb9db460874b1bcbfc391dc970b1\System.DirectoryServices.ni.dll
+ 2010-01-30 07:53 . 2010-01-30 07:53 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\c94a427baa7683f4221b91f90c18461b\System.Deployment.ni.dll
+ 2010-01-30 07:26 . 2010-01-30 07:26 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
+ 2010-01-30 07:51 . 2010-01-30 07:51 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\272152f0cc139490729e215611a4b244\System.Data.SqlXml.ni.dll
+ 2010-01-30 07:53 . 2010-01-30 07:53 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\112a48e34620a0210eb850040da8a31b\System.Data.Services.ni.dll
+ 2010-01-30 07:27 . 2010-01-30 07:27 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll
+ 2010-01-30 07:53 . 2010-01-30 07:53 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\9012cac7819660f61f1c69cf8e4f2ccf\System.Data.Entity.ni.dll
+ 2010-01-30 07:26 . 2010-01-30 07:26 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll
+ 2010-01-30 07:26 . 2010-01-30 07:26 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll
+ 2010-01-30 07:26 . 2010-01-30 07:26 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll
+ 2010-01-30 07:24 . 2010-01-30 07:24 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll
+ 2010-01-30 07:51 . 2010-01-30 07:51 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6eee9b772b6d12d3dbd82f118c2ab2e5\Microsoft.VisualBasic.ni.dll
+ 2010-01-30 07:51 . 2010-01-30 07:51 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19e9b439636d0744597fff1331cad04\Microsoft.Transactions.Bridge.ni.dll
+ 2010-01-30 07:53 . 2010-01-30 07:53 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\5b1af7b5be24c7ace065fe1c81c2b650\Microsoft.JScript.ni.dll
+ 2010-01-30 07:51 . 2010-01-30 07:51 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9eec1cc7ac37e0c7f3205e8156149c5a\Microsoft.Build.Tasks.ni.dll
+ 2010-01-30 07:51 . 2010-01-30 07:51 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\28c0730288453d57d5dcd62903c4d31b\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-01-30 07:51 . 2010-01-30 07:51 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5dd4f58999eed37c12aee7ea9f9863ac\Microsoft.Build.Engine.ni.dll
+ 2010-01-29 04:44 . 2010-01-29 04:44 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-01-30 00:57 . 2010-01-30 00:57 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-01-30 00:57 . 2010-01-30 00:57 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-01-29 04:44 . 2010-01-29 04:44 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2010-01-29 04:44 . 2010-01-29 04:44 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2010-01-30 00:56 . 2010-01-30 00:56 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-01-29 04:50 . 2010-01-29 04:50 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-01-29 04:49 . 2010-01-29 04:49 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-01-30 00:56 . 2010-01-30 00:56 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-01-29 04:46 . 2010-01-29 04:46 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2010-01-29 04:49 . 2010-01-29 04:49 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-01-30 00:56 . 2010-01-30 00:56 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-01-30 00:57 . 2010-01-30 00:57 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-01-29 04:44 . 2010-01-29 04:44 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-01-30 00:57 . 2010-01-30 00:57 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-02-11 01:56 . 2009-08-04 15:13 2145280 c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
+ 2010-02-11 01:56 . 2009-08-04 14:20 2023936 c:\windows\$NtUninstallKB977165$\ntkrpamp.exe
+ 2010-02-11 01:56 . 2009-08-04 14:20 2023936 c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
+ 2010-02-11 01:56 . 2009-08-04 15:13 2145280 c:\windows\$NtUninstallKB977165$\ntkrnlmp.exe
+ 2010-03-11 02:49 . 2008-04-14 00:12 3558912 c:\windows\$NtUninstallKB975561$\moviemk.exe
+ 2010-02-11 01:57 . 2009-06-03 19:09 1291264 c:\windows\$NtUninstallKB975560$\quartz.dll
+ 2009-11-26 02:21 . 2008-09-10 01:14 1307648 c:\windows\$NtUninstallKB973687$\msxml6.dll
+ 2009-11-26 02:21 . 2008-09-04 17:15 1106944 c:\windows\$NtUninstallKB973687$\msxml3.dll
+ 2009-08-28 16:20 . 2008-04-14 00:12 1314816 c:\windows\$NtUninstallKB973354$\msoe.dll
+ 2009-08-28 16:21 . 2008-05-07 05:12 1288192 c:\windows\$NtUninstallKB971633$\quartz.dll
+ 2009-10-14 06:08 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
+ 2009-10-14 06:08 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrpamp.exe
+ 2009-10-14 06:08 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
+ 2009-10-14 06:08 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntkrnlmp.exe
+ 2009-11-12 03:01 . 2009-04-17 12:26 1847168 c:\windows\$NtUninstallKB969947$\win32k.sys
+ 2009-10-14 06:11 . 2008-04-14 00:12 1435648 c:\windows\$NtUninstallKB969059$\query.dll
+ 2009-09-09 23:07 . 2008-06-18 05:03 2458112 c:\windows\$NtUninstallKB968816_WM9$\wmvcore.dll
+ 2009-08-28 16:16 . 2008-09-15 12:12 1846400 c:\windows\$NtUninstallKB968537$\win32k.sys
+ 2009-08-28 16:19 . 2008-04-14 00:12 8461312 c:\windows\$NtUninstallKB967715$\shell32.dll
+ 2009-08-28 16:36 . 2008-04-14 00:11 2061824 c:\windows\$NtUninstallKB956744$\mstscax.dll
+ 2009-08-28 16:21 . 2008-08-14 10:09 2145280 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
+ 2009-08-28 16:21 . 2008-08-14 09:33 2023936 c:\windows\$NtUninstallKB956572$\ntkrpamp.exe
+ 2009-08-28 16:21 . 2008-08-14 09:33 2023936 c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
+ 2009-08-28 16:21 . 2008-08-14 10:09 2145280 c:\windows\$NtUninstallKB956572$\ntkrnlmp.exe
+ 2010-03-31 10:25 . 2010-02-25 06:19 1209856 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\urlmon.dll
+ 2010-03-31 10:25 . 2010-02-25 06:19 5946880 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
+ 2010-03-31 10:25 . 2010-02-25 06:19 1986048 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\iertutil.dll
+ 2010-01-22 14:11 . 2009-12-21 19:09 1209344 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\urlmon.dll
+ 2010-01-22 14:11 . 2009-12-21 19:09 5945856 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
+ 2010-01-22 14:11 . 2009-12-21 19:09 1986048 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\iertutil.dll
+ 2009-12-08 23:52 . 2009-12-08 23:52 2189312 c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
+ 2010-02-10 19:02 . 2009-12-08 17:40 2023936 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrpamp.exe
+ 2009-12-08 23:10 . 2009-12-08 23:10 2066176 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
+ 2010-02-10 19:02 . 2009-12-08 18:20 2145280 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlmp.exe
+ 2009-11-04 01:23 . 2009-10-22 09:18 5943296 c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
+ 2009-12-10 07:22 . 2009-10-29 07:45 1209344 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\urlmon.dll
+ 2009-12-10 07:22 . 2009-10-29 07:45 5944320 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
+ 2009-12-10 07:22 . 2009-10-29 07:45 1986048 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\iertutil.dll
+ 2010-03-10 21:50 . 2009-10-23 14:53 3558912 c:\windows\$hf_mig$\KB975561\SP3QFE\moviemk.exe
+ 2009-11-27 17:23 . 2009-11-27 17:23 1291776 c:\windows\$hf_mig$\KB975560\SP3QFE\quartz.dll
+ 2009-10-14 05:42 . 2009-08-29 08:01 1209344 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\urlmon.dll
+ 2009-10-14 05:42 . 2009-08-29 08:01 5942272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
+ 2009-10-14 05:42 . 2009-08-29 08:01 1986048 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iertutil.dll
+ 2009-11-25 10:35 . 2009-07-31 04:24 1447424 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml6.dll
+ 2009-11-25 10:35 . 2009-07-31 04:24 1172480 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml3.dll
+ 2009-07-10 17:54 . 2009-07-10 17:54 1315328 c:\windows\$hf_mig$\KB973354\SP3QFE\msoe.dll
+ 2009-08-28 16:48 . 2009-07-03 17:06 1208832 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\urlmon.dll
+ 2009-08-28 16:48 . 2009-07-19 13:17 5938176 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
+ 2009-08-28 16:48 . 2009-07-03 17:06 1985536 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\iertutil.dll
+ 2009-06-03 19:12 . 2009-06-03 19:12 1291264 c:\windows\$hf_mig$\KB971633\SP3QFE\quartz.dll
+ 2009-10-14 05:41 . 2009-08-04 13:56 2189312 c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
+ 2009-10-14 05:41 . 2009-08-04 13:17 2023936 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrpamp.exe
+ 2009-08-04 17:47 . 2009-08-04 17:47 2066176 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
+ 2009-10-14 05:41 . 2009-08-04 13:54 2145280 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlmp.exe
+ 2009-08-14 12:19 . 2009-08-14 12:19 1859712 c:\windows\$hf_mig$\KB969947\SP3QFE\win32k.sys
+ 2009-07-17 16:01 . 2009-07-17 16:01 1435648 c:\windows\$hf_mig$\KB969059\SP3QFE\query.dll
+ 2009-04-17 10:50 . 2009-04-17 10:50 1847808 c:\windows\$hf_mig$\KB968537\SP3QFE\win32k.sys
+ 2008-06-17 19:04 . 2008-06-17 19:04 8461824 c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll
+ 2009-08-28 14:21 . 2009-06-09 15:21 2067968 c:\windows\$hf_mig$\KB956744\SP3QFE\lhmstscx.dll
+ 2009-02-07 18:35 . 2009-02-07 18:35 2189184 c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
+ 2009-08-28 14:20 . 2009-02-06 10:30 2023936 c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrpamp.exe
+ 2009-08-28 14:20 . 2009-02-06 10:30 2066176 c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
+ 2009-08-28 14:20 . 2009-02-06 11:03 2145280 c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlmp.exe
+ 2004-08-04 12:00 . 2009-07-13 22:43 10841088 c:\windows\system32\wmp.dll
+ 2006-11-30 14:24 . 2010-04-06 17:52 31971272 c:\windows\system32\MRT.exe
+ 2006-11-07 21:03 . 2010-02-25 10:54 11070976 c:\windows\system32\ieframe.dll
 
+ 2004-08-04 12:00 . 2009-07-13 22:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2007-04-25 08:41 . 2010-02-25 10:54 11070976 c:\windows\system32\dllcache\ieframe.dll
+ 2008-12-13 10:21 . 2008-12-13 10:21 10473472 c:\windows\Installer\7468d7.msp
+ 2008-08-11 10:51 . 2008-08-11 10:51 15916544 c:\windows\Installer\46c51.msp
+ 2008-08-11 10:49 . 2008-08-11 10:49 22457344 c:\windows\Installer\46c3e.msp
+ 2008-09-24 11:05 . 2008-09-24 11:05 16381440 c:\windows\Installer\46c35.msp
+ 2009-02-25 18:07 . 2009-02-25 18:07 11646464 c:\windows\Installer\46c2d.msp
+ 2007-10-14 22:33 . 2007-10-14 22:33 26646016 c:\windows\Installer\3d90863.msp
+ 2009-04-04 07:35 . 2009-04-04 07:35 38325760 c:\windows\Installer\3696064.msp
+ 2009-07-01 12:19 . 2009-07-01 12:19 10607104 c:\windows\Installer\2b5503.msp
+ 2010-03-22 15:03 . 2010-03-22 15:03 11732992 c:\windows\Installer\1d5ee33.msp
+ 2009-08-14 20:32 . 2009-08-14 20:32 11110912 c:\windows\Installer\18890e6.msp
+ 2009-04-03 18:46 . 2009-04-03 18:46 17314688 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\MSO.DLL
+ 2007-05-10 09:25 . 2007-05-10 09:25 14677368 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\XL12CNV.EXE
+ 2007-05-08 10:10 . 2007-05-08 10:10 16874376 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MSO.DLL
+ 2010-04-01 01:17 . 2009-12-21 19:14 11070464 c:\windows\ie8updates\KB980182-IE8\ieframe.dll
+ 2010-01-23 01:02 . 2009-10-29 07:45 11069952 c:\windows\ie8updates\KB978207-IE8\ieframe.dll
+ 2009-12-10 07:57 . 2009-08-29 08:08 11069440 c:\windows\ie8updates\KB976325-IE8\ieframe.dll
+ 2009-10-14 06:14 . 2009-07-19 17:48 11067392 c:\windows\ie8updates\KB974455-IE8\ieframe.dll
+ 2009-08-28 18:24 . 2009-03-08 03:39 11063808 c:\windows\ie8updates\KB972260-IE8\ieframe.dll
+ 2010-01-30 07:28 . 2010-01-30 07:28 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
+ 2010-01-30 07:54 . 2010-01-30 07:54 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5cea03cfb008f2eac1439a9905467f37\System.Web.ni.dll
+ 2010-01-30 07:51 . 2010-01-30 07:51 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\06d6eab93282d2b136a377bd50b7c5a9\System.ServiceModel.ni.dll
+ 2010-01-30 07:27 . 2010-01-30 07:27 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll
+ 2010-01-30 07:26 . 2010-01-30 07:26 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll
+ 2010-01-30 07:25 . 2010-01-30 07:25 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll
+ 2010-01-30 07:24 . 2010-01-30 07:24 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
+ 2009-08-28 16:19 . 2007-06-11 23:51 10834944 c:\windows\$NtUninstallKB973540_WM9$\wmp.dll
+ 2010-03-31 10:25 . 2010-02-25 06:19 11073024 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\ieframe.dll
+ 2009-12-22 14:09 . 2009-12-22 14:09 11070976 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\ieframe.dll
+ 2009-10-29 13:15 . 2009-10-29 13:15 11070464 c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\ieframe.dll
+ 2009-08-29 12:31 . 2009-08-29 12:31 11069952 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieframe.dll
+ 2009-08-28 16:48 . 2009-07-19 13:17 11068416 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-15 11:59 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-15 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadbandadvisor.exe"="c:\program files\Virgin Broadband\advisor\Broadbandadvisor.exe" [2007-08-07 2061552]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]
"lxdumon.exe"="c:\program files\Lexmark 5600-6600 Series\lxdumon.exe" [2008-05-30 676520]
"lxduamon"="c:\program files\Lexmark 5600-6600 Series\lxduamon.exe" [2008-05-30 16040]
"Lexmark 5600-6600 Series Fax Server"="c:\program files\Lexmark 5600-6600 Series\fm3032.exe" [2008-05-30 311976]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"flquqogp"="c:\documents and settings\kerry\Local Settings\Application Data\iwtnxrmxj\lkceppetssd.exe" [2010-05-11 269568]
"asam"="c:\documents and settings\kerry\Local Settings\Application Data\asam.exe" [2010-05-11 61184]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati6ibxx.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^broadband medic.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\broadband medic.lnk
backup=c:\windows\pss\broadband medic.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-06 23:46 57344 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-05-11 02:06 40048 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
2005-10-27 10:00 299008 ------w- c:\program files\Creative\Shared Files\CamTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeTaskScheduler]
2006-01-09 02:43 53340 ------w- c:\program files\Creative\Shared Files\CTSched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EssSpkPhone]
2001-10-19 10:49 49152 ----a-w- c:\windows\essspk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
2003-08-19 14:43 57344 ----a-w- c:\program files\Lexmark X1100 Series\lxbkbmgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2006-04-21 14:41 438359 ----a-w- c:\progra~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 23:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean Expert Scheduler]
2006-06-29 23:07 98304 ----a-w- c:\program files\Registry Clean Expert\RCHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2004-08-30 05:48 69632 ----a-w- c:\windows\SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2006-10-12 03:10 49263 ----a-w- c:\program files\Java\jre1.5.0_09\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinMX]
2006-03-10 10:24 1069056 ----a-w- c:\program files\WinMX\WinMX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
 
"ITMRTSVC"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre1.5.0_09\\bin\\javaw.exe"=
"c:\\Program Files\\WinMX\\WinMX.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\American Conquest\\dmcr.exe"=
"c:\\Program Files\\Ubisoft\\GSC Game World\\Alexander\\Data\\engine.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Serif\\WebPlus\\10.0\\Program\\WebPlus.exe"=
"c:\\Program Files\\FileZilla\\FileZilla.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector\\PDR.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold 2\\Stronghold2.exe"=
"%windir%\\system32\\drivers\\svchost.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\lxducoms.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
S0 ati6ibxx;ati6ibxx;c:\windows\system32\Drivers\ati6ibxx.sys --> c:\windows\system32\Drivers\ati6ibxx.sys [?]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [14/01/2010 13:19 114768]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14/01/2010 13:19 20560]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [27/06/2009 08:29 222968]
S2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe -service --> c:\windows\system32\lxducoms.exe -service [?]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxduserv.exe [04/09/2009 16:56 98984]
S3 Aldebaran;Aldebaran - Storage Filter Drivers;\??\c:\windows\system32\Drivers\Aldebaran.sys --> c:\windows\system32\Drivers\Aldebaran.sys [?]
S3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]
S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [26/12/2007 23:21 162176]
.
Contents of the 'Scheduled Tasks' folder
2010-05-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.q-serve.com/signup.htm
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHANS REMOVED - - - -
HKCU-RunOnce-NeroHomeFirstStart - c:\program files\Common Files\Ahead\Lib\NMFirstStart.exe
MSConfigStartUp--FreedomNeedsReboot - c:\program files\Virgin Broadband\PCguard\ZkRunOnceR.exe
MSConfigStartUp-cogad - c:\documents and settings\kerry\Application Data\cogad\cogad.exe
MSConfigStartUp-Microsoft Startup Manager - c:\windows\system32\sysservice.exe
MSConfigStartUp-prunnet - c:\windows\system32\prunnet.exe
MSConfigStartUp-Trickler - c:\program files\divx\divx pro codec\gain_trickler_3202.exe

**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-05-11 15:34
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1454471165-1788223648-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,95,a3,ff,d2,1b,75,e1,4e,87,ce,5c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,95,a3,ff,d2,1b,75,e1,4e,87,ce,5c,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(588)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\l3codeca.acm
c:\windows\system32\scg726.acm
c:\windows\system32\alf2cd.acm
c:\windows\system32\AC3ACM.acm
c:\windows\system32\sirenacm.dll
.
Completion time: 2010-05-11 15:38:10
ComboFix-quarantined-files.txt 2010-05-11 14:38
ComboFix2.txt 2009-08-28 14:17
Pre-Run: 79,424,704,512 bytes free
Post-Run: 79,591,903,232 bytes free
- - End Of File - - D5DF2D46A91FFA4CADB5526295AFD1A6
 
Well thats all of it didnt know there was so much sorry about that,

This is now poping up in safemode the antisoft malware program, stoping us from doing highjackthis, but ill try and get it running
 
Here is the HIGHJACKTHIS log

Logfile of HijackThis v1.99.1
Scan saved at 16:23:03, on 11/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\kerry\My Documents\hijackthis_sfx\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Lexmark Printable Web - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Broadbandadvisor.exe] "C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe" /AUTORUN
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [lxdumon.exe] "C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe"
O4 - HKLM\..\Run: [lxduamon] "C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe"
O4 - HKLM\..\Run: [Lexmark 5600-6600 Series Fax Server] "C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [flquqogp] C:\Documents and Settings\kerry\Local Settings\Application Data\iwtnxrmxj\lkceppetssd.exe
O4 - HKLM\..\Run: [asam] C:\Documents and Settings\Administrator\Local Settings\Application Data\asam.exe
O4 - HKLM\..\Run: [ixbdhntx] C:\Documents and Settings\Administrator\Local Settings\Application Data\lbakdayih\tlduisstssd.exe
O4 - HKLM\..\Run: [fjscgslq] C:\Documents and Settings\kerry\Local Settings\Application Data\wjogyytnf\wmcjfdbtssd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files\WebcamMax\WebcamMax.exe" -a
O4 - HKCU\..\Run: [flquqogp] C:\Documents and Settings\kerry\Local Settings\Application Data\iwtnxrmxj\lkceppetssd.exe
O4 - HKCU\..\Run: [asam] C:\Documents and Settings\kerry\Local Settings\Application Data\asam.exe
O4 - HKCU\..\Run: [fjscgslq] C:\Documents and Settings\kerry\Local Settings\Application Data\wjogyytnf\wmcjfdbtssd.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International
O14 - IERESET.INF: START_PAGE_URL=http://www.q-serve.com/signup.htm
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1202422673453
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - Adobe - Adobe Acrobat: Create PDF file, edit PDF file, convert PDF to word, convert PDF to doc
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktanks/sis/BTDownloadCtrl.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: lxduCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe
O23 - Service: lxdu_device - - C:\WINDOWS\system32\lxducoms.exe
 
What about Malwarebytes?

Copy my post, save it to notepad and then close all browsers

Remove these entries

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search/%s

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=127.0.0.1:5555

R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O4 - HKLM\..\Run: [flquqogp] C:\Documents and Settings\kerry\Local Settings\Application Data\iwtnxrmxj\lkceppetssd.exe

O4 - HKLM\..\Run: [asam] C:\Documents and Settings\Administrator\Local Settings\Application Data\asam.exe

O4 - HKLM\..\Run: [ixbdhntx] C:\Documents and Settings\Administrator\Local Settings\Application Data\lbakdayih\tlduisstssd.exe

O4 - HKLM\..\Run: [fjscgslq] C:\Documents and Settings\kerry\Local Settings\Application Data\wjogyytnf\wmcjfdbtssd.exe

O4 - HKCU\..\Run: [flquqogp] C:\Documents and Settings\kerry\Local Settings\Application Data\iwtnxrmxj\lkceppetssd.exe

O4 - HKCU\..\Run: [asam] C:\Documents and Settings\kerry\Local Settings\Application Data\asam.exe

O4 - HKCU\..\Run: [fjscgslq] C:\Documents and Settings\kerry\Local Settings\Application Data\wjogyytnf\wmcjfdbtssd.exe

O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/soft...ch/alaunch.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - Adobe - Adobe Acrobat: Create PDF file, edit PDF file, convert PDF to word, convert PDF to doc

O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thi...wnloadCtrl.cab

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

After you remove these download hijackthis 2.04, you are uisng an old copy.

Then run CCleaner and make sure all entries are checked and then run the registry cleaner

Run Cleanup!

Then go to start, run, type msconfig and press enter. Go to the Startup tab, click disable all, then recheck your antivirus entry, then reboot

Reboot back into safemode

Then run Combofix, Malwarebytes, Microsoft Security Essentials, and hijackthis again and post their logs. Remove all infections found with malwarebytes and MSE.
 
Osiris said:
What about Malwarebytes?

Copy my post, save it to notepad and then close all browsers

Remove these entries

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search/%s

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=127.0.0.1:5555

R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O4 - HKLM\..\Run: [flquqogp] C:\Documents and Settings\kerry\Local Settings\Application Data\iwtnxrmxj\lkceppetssd.exe

O4 - HKLM\..\Run: [asam] C:\Documents and Settings\Administrator\Local Settings\Application Data\asam.exe

O4 - HKLM\..\Run: [ixbdhntx] C:\Documents and Settings\Administrator\Local Settings\Application Data\lbakdayih\tlduisstssd.exe

O4 - HKLM\..\Run: [fjscgslq] C:\Documents and Settings\kerry\Local Settings\Application Data\wjogyytnf\wmcjfdbtssd.exe

O4 - HKCU\..\Run: [flquqogp] C:\Documents and Settings\kerry\Local Settings\Application Data\iwtnxrmxj\lkceppetssd.exe

O4 - HKCU\..\Run: [asam] C:\Documents and Settings\kerry\Local Settings\Application Data\asam.exe

O4 - HKCU\..\Run: [fjscgslq] C:\Documents and Settings\kerry\Local Settings\Application Data\wjogyytnf\wmcjfdbtssd.exe

O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/soft...ch/alaunch.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - Adobe - Adobe Acrobat: Create PDF file, edit PDF file, convert PDF to word, convert PDF to doc

O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thi...wnloadCtrl.cab

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

After you remove these download hijackthis 2.04, you are uisng an old copy.

Then run CCleaner and make sure all entries are checked and then run the registry cleaner

Run Cleanup!

Then go to start, run, type msconfig and press enter. Go to the Startup tab, click disable all, then recheck your antivirus entry, then reboot

Reboot back into safemode

Then run Combofix, Malwarebytes, Microsoft Security Essentials, and hijackthis again and post their logs. Remove all infections found with malwarebytes and MSE.
Click to expand...

Ok will do that, im useing my computer to talk to you so it will be easyer
Will post the logs when my dad has done that

Cheers for the help will get back to you ASAP
 
Status
Not open for further replies.

Similar threads

B
i keep getting an alert from AVG every minute or so. super annoying!
2
Replies
18
Views
2K
alyssa.robert235
A
O
hello & mostly clueless & would appreciate mac security help after trojan attack!
Replies
0
Views
930
once2023
O
R
did internet fail to do what it was intended to do originally?
Replies
2
Views
161
pete.i
P
B
Multiple Seagate External Drives Not Working(Windows+Mac)
Replies
2
Views
439
Joe C
Joe C
S
Would it benefit me joining Discord chat groups?
Replies
0
Views
885
Scissorman
S
Back
Top Bottom