Show Posts

1

Tech Clinic / Annoying virus keeps reappearing

« on: July 20, 2010, 03:22:18 AM »

Oh, and after that I used the ComboFix /uninstall command and it worked as well

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/wink.gif\' class=\'bbc_emoticon\' alt=\'

\' />

To be better protected from spywares and malwares, I'm now using the HOSTS file from mvps.org, the one in the pinned topic here, and I've also installed the newest versions of all Adobe softwares (Shockwave Player, Flash Player etc.) and Java, just in case I had old versions.

Again, thanks a lot! You're awesome

2

Tech Clinic / Annoying virus keeps reappearing

« on: July 20, 2010, 03:10:30 AM »

Thanks a lot, it worked! I've successfully uninstalled the old version of Reader and installed the newest one

That ComboFix thing really is something, ha?

Here's the log:

ComboFix 10-07-19.02 - עדן 07/20/2010 10:35:58.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1255.972.1037.18.511.169 [GMT 3:00]
Running from: c:\documents and settings\עדן\שולחן העבודה\ComboFix.exe
Command switches used :: c:\documents and settings\עדן\שולחן העבודה\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2010-06-20 to 2010-07-20 )))))))))))))))))))))))))))))))
.

2010-07-19 09:11 . 2010-07-19 10:41   --------   d-----w-   c:\windows\system32\NtmsData
2010-07-19 08:39 . 2010-07-19 08:39   --------   d-----w-   C:\_OTL
2010-07-16 19:47 . 2010-07-16 19:47   --------   d-----w-   c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2010-07-16 19:47 . 2010-07-16 19:47   --------   d-----w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com
2010-07-16 19:46 . 2010-07-17 06:50   --------   d-----w-   c:\program files\SUPERAntiSpyware
2010-07-16 19:17 . 2010-07-16 19:17   --------   d-----w-   c:\program files\Uniblue
2010-07-16 17:18 . 2010-07-16 17:17   423656   ----a-w-   c:\windows\system32\deployJava1.dll
2010-07-16 13:48 . 2010-07-16 13:48   --------   d-----w-   c:\documents and settings\עדן\Application Data\Uniblue
2010-07-14 10:58 . 2010-06-14 14:31   744448   -c----w-   c:\windows\system32\dllcache\helpsvc.exe
2010-07-11 20:37 . 2010-07-11 20:37   --------   d-----w-   c:\program files\TeamSpeak 3 Client

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-19 20:36 . 2009-11-08 14:55   --------   d-----w-   c:\documents and settings\עדן\Application Data\uTorrent
2010-07-19 19:08 . 2004-08-08 14:10   --------   d-----w-   c:\program files\Common Files\Adobe
2010-07-19 14:46 . 2010-02-16 13:03   --------   d-----w-   c:\program files\MaxKO
2010-07-19 11:24 . 2008-03-01 19:55   --------   d-----w-   c:\documents and settings\All Users.WINDOWS\Application Data\Avira
2010-07-19 11:03 . 2010-01-15 15:24   --------   d-----w-   c:\program files\ko4life
2010-07-16 19:54 . 2010-07-16 19:47   63488   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-16 19:54 . 2010-07-16 19:47   117760   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-16 19:47 . 2010-07-16 19:47   52224   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-07-16 17:19 . 2010-07-16 17:19   503808   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\msvcp71.dll
2010-07-16 17:19 . 2010-07-16 17:19   499712   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\jmc.dll
2010-07-16 17:19 . 2010-07-16 17:19   348160   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\msvcr71.dll
2010-07-16 17:19 . 2010-07-16 17:19   61440   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5c395654-n\decora-sse.dll
2010-07-16 17:19 . 2010-07-16 17:19   12800   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5c395654-n\decora-d3d.dll
2010-07-16 17:19 . 2005-01-03 13:06   --------   d-----w-   c:\program files\Common Files\Java
2010-07-16 17:09 . 2004-06-04 23:04   --------   d-----w-   c:\program files\Java
2010-07-16 09:30 . 2007-08-26 16:57   --------   d-----w-   c:\program files\VentriloMIX
2010-07-13 18:56 . 2009-11-27 18:33   --------   d-----w-   c:\program files\Mp3tag
2010-07-01 12:16 . 2009-05-26 17:55   --------   d-----w-   c:\documents and settings\עדן\Application Data\NoNameScript-May26
2010-07-01 12:15 . 2009-06-19 08:14   --------   d-----w-   c:\program files\mIRC
2010-06-23 21:15 . 2004-08-27 12:00   67296   ----a-w-   c:\windows\system32\perfc00d.dat
2010-06-23 21:15 . 2004-08-27 12:00   345584   ----a-w-   c:\windows\system32\perfh00d.dat
2010-06-21 09:29 . 2010-06-19 19:31   --------   d-----w-   c:\program files\SexyKO
2010-06-15 19:33 . 2009-12-15 14:49   --------   d-----w-   c:\documents and settings\עדן\Application Data\Mp3 Audio Editor
2010-06-14 14:39 . 2009-11-08 14:56   --------   d-----w-   c:\program files\uTorrent
2010-06-14 14:31 . 2005-12-08 07:22   744448   ----a-w-   c:\windows\PCHEALTH\HELPCTR\Binaries\helpsvc.exe
2010-05-14 15:47 . 2010-05-14 15:47   286720   ------w-   c:\windows\Setup1.exe
2010-05-14 15:47 . 2010-05-14 15:47   73216   ----a-w-   c:\windows\ST6UNST.EXE
2010-05-06 10:35 . 2004-08-27 12:00   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-05-04 09:01 . 2005-12-08 08:13   60576   ----a-w-   c:\documents and settings\עדן\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-02 08:08 . 2004-08-27 12:00   1851136   ----a-w-   c:\windows\system32\win32k.sys
2010-04-29 12:39 . 2009-06-06 18:06   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 12:39 . 2009-06-06 18:06   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2005-01-29 12:14 . 2005-01-29 12:14   48640   --sha-w-   c:\program files\Thumbs.db
2003-01-13 09:20 . 2004-09-12 12:48   278528   ----a-w-   c:\program files\internet explorer\plugins\PanoViewer.dll
1999-04-30 14:00 . 2004-09-12 12:48   98304   ----a-w-   c:\program files\internet explorer\plugins\UPjpeg.dll
.

------- Sigcheck -------

[-] 2008-04-14 . CD194374A5A584E32346297DE305F77B . 1429504 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 468D2A8B5F62E25F81C3150263D8E558 . 1202176 . . [6.00.2900.5512] . . c:\windows\system32\VITrans\explorer.exe
[7] 2008-04-14 . 468D2A8B5F62E25F81C3150263D8E558 . 1202176 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 7C66CE267EDD66607B2275FE44235A31 . 1201664 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 1FB3EE7C4D70AACE3063A1E1E0FF7FCF . 1201664 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[7] 2004-08-27 . A275BB2B4CF43625B9F38AD312F5C5A6 . 1200640 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-07-17_17.10.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 21:02 . 2009-07-11 21:02   51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2010-07-19 18:56 . 2010-07-19 18:56   87702 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
- 2008-06-23 16:05 . 2008-06-17 13:11   94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2010-05-05 14:05 . 2010-05-05 14:05   94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2010-04-29 10:11 . 2010-04-29 10:11   79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2010-05-05 14:38 . 2010-05-05 14:38   65816 c:\windows\system32\Adobe\Director\SWDNLD.EXE
- 2008-06-23 16:05 . 2008-06-17 13:13   9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2010-05-05 14:07 . 2010-05-05 14:07   9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05   225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2010-07-19 19:00 . 2010-07-19 19:00   231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
+ 2010-07-19 19:00 . 2010-07-19 19:00   311760 c:\windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.dll
+ 2010-04-29 10:11 . 2010-04-29 10:11   136568 c:\windows\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 2010-05-05 14:05 . 2010-05-05 14:05   114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
- 2008-06-23 16:05 . 2008-06-17 13:15   114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2010-05-05 14:36 . 2010-05-05 14:36   467224 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1157609.exe
+ 2010-05-05 14:08 . 2010-05-05 14:08   446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
- 2008-06-23 16:05 . 2008-06-17 13:15   446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2010-05-05 14:06 . 2010-05-05 14:06   372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2010-04-29 10:11 . 2010-04-29 10:11   753152 c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2010-05-05 14:05 . 2010-05-05 14:05   503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2010-05-05 14:37 . 2010-05-05 14:37   213272 c:\windows\system32\Adobe\Director\SwDir.dll
+ 2010-05-05 14:07 . 2010-05-05 14:07   131072 c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2010-07-19 09:01 . 2010-07-19 09:01   219648 c:\windows\Installer\b1deb.msi
+ 2010-07-19 19:08 . 2010-07-19 19:08   691200 c:\windows\Installer\491ad9.msi
+ 2010-07-19 19:08 . 2010-07-19 19:08   295606 c:\windows\Installer\{AC76BA86-7AD7-5464-3428-800000000003}\ARPPRODUCTICON.exe
+ 2009-07-11 21:02 . 2009-07-11 21:02   3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2010-05-05 13:40 . 2010-05-05 13:40   1011712 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2010-04-29 10:11 . 2010-04-29 10:11   1975408 c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2010-05-05 13:44 . 2010-05-05 13:44   1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
- 2008-06-23 16:05 . 2008-06-17 12:36   1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2010-06-20 08:01 . 2010-06-20 08:01   8040960 c:\windows\Installer\635eca.msp
+ 2010-04-04 06:54 . 2010-04-04 06:54   11850240 c:\windows\Installer\635ec9.msp
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\עדן\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-06-13 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-27 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-27 455168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-30 4603904]
"nwiz"="nwiz.exe" [2004-09-30 921600]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-09-30 86016]
"SoundMan"="SOUNDMAN.EXE" [2004-09-16 69632]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"DrvIcon"="c:\program files\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):73,65,76,65,6e,75,69,2e,65,78,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^תפריט התחלה^תוכניות^הפעלה^DSLMON.lnk]
path=c:\documents and settings\All Users.WINDOWS\תפריט התחלה\תוכניות\הפעלה\DSLMON.lnk
backup=c:\windows\pss\DSLMON.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^תפריט התחלה^תוכניות^הפעלה^Microsoft Office.lnk]
path=c:\documents and settings\All Users.WINDOWS\תפריט התחלה\תוכניות\הפעלה\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^עדן^תפריט התחלה^תוכניות^הפעלה^Adobe Gamma.lnk]
path=c:\documents and settings\עדן\תפריט התחלה\תוכניות\הפעלה\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^עדן^תפריט התחלה^תוכניות^הפעלה^Xfire.lnk]
path=c:\documents and settings\עדן\תפריט התחלה\תוכניות\הפעלה\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-14 23:04   39792   ----a-w-   c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-12-29 12:05   486856   ----a-w-   c:\program files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-27 12:00   208952   ----a-w-   c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 12:39   1090952   ----a-w-   c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:17   1695232   ------w-   c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40   155648   ----a-w-   c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 21:08   417792   ----a-w-   c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vilaunch]
2009-09-09 19:19   146412   ----a-w-   c:\windows\system32\vilaunch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37   37888   ----a-w-   c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"NBService"=3 (0x3)
"ICQ Service"=2 (0x2)
"Adobe LM Service"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Tactical Ops\\TacticalOps 3\\System\\TacticalOps.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Documents and Settings\\עדן\\Application Data\\Juniper Networks\\Juniper Terminal Services Client\\dsTermServ.exe"=
"c:\\Program Files\\Juniper Networks\\Secure Application Manager\\dsSamProxy.exe"=
"c:\\Program Files\\Tactical Ops\\TacticalOps 4\\System\\TacticalOps.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\UT2004\\System\\UT2004.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R1 NEOFLTR_640_14811;Juniper Networks TDI Filter Driver (NEOFLTR_640_14811);c:\windows\system32\drivers\NEOFLTR_640_14811.sys [27/10/2009 13:26 77608]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 21:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 21:41 67656]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\SUPERAntiSpyware\SABKUTIL.sys --> c:\program files\SUPERAntiSpyware\SABKUTIL.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 XDva002;XDva002;\??\c:\windows\system32\XDva002.sys --> c:\windows\system32\XDva002.sys [?]
S3 XDva007;XDva007;\??\c:\windows\system32\XDva007.sys --> c:\windows\system32\XDva007.sys [?]
S3 XDva009;XDva009;\??\c:\windows\system32\XDva009.sys --> c:\windows\system32\XDva009.sys [?]
S3 XDva010;XDva010;\??\c:\windows\system32\XDva010.sys --> c:\windows\system32\XDva010.sys [?]
S3 XDva020;XDva020;\??\c:\windows\system32\XDva020.sys --> c:\windows\system32\XDva020.sys [?]
S3 XDva025;XDva025;\??\c:\windows\system32\XDva025.sys --> c:\windows\system32\XDva025.sys [?]
S3 XDva031;XDva031;\??\c:\windows\system32\XDva031.sys --> c:\windows\system32\XDva031.sys [?]
S3 XDva032;XDva032;\??\c:\windows\system32\XDva032.sys --> c:\windows\system32\XDva032.sys [?]
S3 XDva033;XDva033;\??\c:\windows\system32\XDva033.sys --> c:\windows\system32\XDva033.sys [?]
S3 XDva039;XDva039;\??\c:\windows\system32\XDva039.sys --> c:\windows\system32\XDva039.sys [?]
S3 XDva041;XDva041;\??\c:\windows\system32\XDva041.sys --> c:\windows\system32\XDva041.sys [?]
S3 XDva049;XDva049;\??\c:\windows\system32\XDva049.sys --> c:\windows\system32\XDva049.sys [?]
S3 XDva054;XDva054;\??\c:\windows\system32\XDva054.sys --> c:\windows\system32\XDva054.sys [?]
S3 XDva062;XDva062;\??\c:\windows\system32\XDva062.sys --> c:\windows\system32\XDva062.sys [?]
S3 XDva078;XDva078;\??\c:\windows\system32\XDva078.sys --> c:\windows\system32\XDva078.sys [?]
S3 XDva089;XDva089;\??\c:\windows\system32\XDva089.sys --> c:\windows\system32\XDva089.sys [?]
S3 XDva090;XDva090;\??\c:\windows\system32\XDva090.sys --> c:\windows\system32\XDva090.sys [?]
S3 XDva136;XDva136;\??\c:\windows\system32\XDva136.sys --> c:\windows\system32\XDva136.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/05/2007 12:01 715248]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
IE: &יצא ל- Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {138FBCB5-DF29-4828-B640-71D6034CC076} = 192.117.235.236 62.219.186.7
DPF: {03EC4525-6918-4674-9EFF-738EEB3E189F} - hxxp://maxshein10.cctvuser.com/plusviewer.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://ssl.sonol.co.il/dana-cached/sc/JuniperSetupClient.cab
FF - ProfilePath - c:\documents and settings\עדן\Application Data\Mozilla\Firefox\Profiles\sx612zxc.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-20 10:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1960408961-261903793-1801674531-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1960408961-261903793-1801674531-1004\Software\Microsoft\ M*i*c*r*o*s*o*f*t* *M*a*n*a*g*e*m*e*n*t* *C*o*n*s*o*l*e*\Recent File List]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"File1"="c:\\WINDOWS\\system32\\devmgmt.msc"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(508)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(564)
c:\windows\system32\wdigest.dll

- - - - - - - > 'explorer.exe'(2976)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-07-20 10:50:38
ComboFix-quarantined-files.txt 2010-07-20 07:50
ComboFix2.txt 2010-07-17 17:17
ComboFix3.txt 2009-09-05 08:19
ComboFix4.txt 2009-06-06 20:40

Pre-Run: 6,988,042,240 bytes free
Post-Run: 7,087,841,280 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 7ACF2C59C80CE525FA48481DF2AFD53E

3

Tech Clinic / Annoying virus keeps reappearing

« on: July 19, 2010, 02:58:04 PM »

About that Adobe error, I looked it up on google and tried everything to make it work so it would let me uninstall that bloody software, but nothing. I even tried setting special permissions on regedit for that specific folder (as instructed here: http://kb2.adobe.com/cps/329/329137.html) and it didn't work either, it said "Access Denied" or something like "Could not set permissions".

As for uninstalling ComboFix, I tried to navigate to my desktop on cmd and use that command, but it seemed to start up and just run the program instead of uninstall it, so I closed it.

4

Tech Clinic / Annoying virus keeps reappearing

« on: July 19, 2010, 06:10:30 AM »

[size="2"]The ComboFix /uninstall command didn't work, it gave me an error saying something like "Cannot find 'ComboFix'...".

Also, I couldn't uninstall Adobe Reader, it gave me this error: http://i28.tinypic.com/s1sytv.jpg So I didn't download and install a newer version.[/size]

As you can see in the Avira AV log, I ignored most of the "infected" files since I know these are false positives, they are part of a game I'm playing and it's a known thing.

About Avira AV, it's pretty good, but I was looking for an option to skip folders on scans and I couldn't find it. I have a few folders that contain a lot of files and they are completely safe from being infected, it takes around 30-40 minutes to scan those files and it's a waste of time. That's the only thing I didn't like about Avira.

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\ not found.
File G:\RECYCLER\usbassist.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\ not found.
File G:\RECYCLER\usbassist.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"AntiVirusDisableNotify"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"UpdatesDisableNotify"|dword:00000000 /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\עדן\Local Settings\temp\957822.exe not found.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Eden
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: עדן
->Temp folder emptied: 546047 bytes
->Temporary Internet Files folder emptied: 4741463 bytes
->Java cache emptied: 28360452 bytes
->FireFox cache emptied: 74705646 bytes
->Google Chrome cache emptied: 226282859 bytes
->Flash cache emptied: 88246 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2330417 bytes
%systemroot%\System32 .tmp files removed: 3648529 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 665 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 325.00 mb

OTL by OldTimer - Version 3.2.9.0 log created on 07192010_113955

Files\Folders moved on Reboot...
File move failed. C:\Documents and Settings\Eden\Local Settings\Temp\hsperfdata_Eden\1528 scheduled to be moved on reboot.

Registry entries deleted on Reboot...

----------------------------------------------------------------------------------------------------------------------

Avira AntiVir Personal
Report file date: יום שני 19 יולי 2010 12:10

Scanning for 2360894 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode    : Normally booted
Username : SYSTEM
Computer name : TAP-7409E23BDD

Version information:
BUILD.DAT    : 10.0.0.567    32097 Bytes 19/04/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 10:37:38
AVSCAN.DLL : 10.0.3.0    46440 Bytes 01/04/2010 10:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 16:33:04
LUKERES.DLL    : 10.0.0.1    12648 Bytes 10/02/2010 21:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 07:05:36
VBASE001.VDF : 7.10.1.0    1372672 Bytes 19/11/2009 17:27:49
VBASE002.VDF : 7.10.3.1    3143680 Bytes 20/01/2010 15:37:42
VBASE003.VDF : 7.10.3.75    996864 Bytes 26/01/2010 14:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 09:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 09:08:17
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 09:08:18
VBASE007.VDF : 7.10.7.219 2048 Bytes 02/06/2010 09:08:18
VBASE008.VDF : 7.10.7.220 2048 Bytes 02/06/2010 09:08:18
VBASE009.VDF : 7.10.7.221 2048 Bytes 02/06/2010 09:08:18
VBASE010.VDF : 7.10.7.222 2048 Bytes 02/06/2010 09:08:18
VBASE011.VDF : 7.10.7.223 2048 Bytes 02/06/2010 09:08:18
VBASE012.VDF : 7.10.7.224 2048 Bytes 02/06/2010 09:08:18
VBASE013.VDF : 7.10.8.37    270336 Bytes 10/06/2010 09:08:18
VBASE014.VDF : 7.10.8.69    138752 Bytes 14/06/2010 09:08:18
VBASE015.VDF : 7.10.8.102 130560 Bytes 16/06/2010 09:08:18
VBASE016.VDF : 7.10.8.135 152064 Bytes 21/06/2010 09:08:18
VBASE017.VDF : 7.10.8.163 432128 Bytes 23/06/2010 09:08:18
VBASE018.VDF : 7.10.8.194 133632 Bytes 27/06/2010 09:08:18
VBASE019.VDF : 7.10.8.220 134656 Bytes 29/06/2010 09:08:22
VBASE020.VDF : 7.10.8.252 171520 Bytes 04/07/2010 09:08:33
VBASE021.VDF : 7.10.9.19    131072 Bytes 06/07/2010 09:08:38
VBASE022.VDF : 7.10.9.36    297472 Bytes 07/07/2010 09:08:42
VBASE023.VDF : 7.10.9.60    150016 Bytes 11/07/2010 09:08:44
VBASE024.VDF : 7.10.9.79    113152 Bytes 13/07/2010 09:08:46
VBASE025.VDF : 7.10.9.99    158720 Bytes 16/07/2010 09:08:48
VBASE026.VDF : 7.10.9.100 2048 Bytes 16/07/2010 09:08:48
VBASE027.VDF : 7.10.9.101 2048 Bytes 16/07/2010 09:08:48
VBASE028.VDF : 7.10.9.102 2048 Bytes 16/07/2010 09:08:49
VBASE029.VDF : 7.10.9.103 2048 Bytes 16/07/2010 09:08:49
VBASE030.VDF : 7.10.9.104 2048 Bytes 16/07/2010 09:08:49
VBASE031.VDF : 7.10.9.110 147456 Bytes 19/07/2010 09:08:50
Engineversion : 8.2.4.12
AEVDF.DLL    : 8.1.2.0    106868 Bytes 19/07/2010 09:09:16
AESCRIPT.DLL : 8.1.3.40    1360250 Bytes 19/07/2010 09:09:15
AESCN.DLL    : 8.1.6.1    127347 Bytes 19/07/2010 09:09:13
AESBX.DLL    : 8.1.3.1    254324 Bytes 19/07/2010 09:09:17
AERDL.DLL    : 8.1.4.6    541043 Bytes 19/07/2010 09:09:12
AEPACK.DLL : 8.2.2.6    430452 Bytes 19/07/2010 09:09:10
AEOFFICE.DLL : 8.1.1.6    201081 Bytes 19/07/2010 09:09:08
AEHEUR.DLL : 8.1.1.38    2724214 Bytes 19/07/2010 09:09:07
AEHELP.DLL : 8.1.11.6 242038 Bytes 19/07/2010 09:08:59
AEGEN.DLL    : 8.1.3.14 381299 Bytes 19/07/2010 09:08:58
AEEMU.DLL    : 8.1.2.0    393588 Bytes 19/07/2010 09:08:56
AECORE.DLL : 8.1.15.4 192886 Bytes 19/07/2010 09:08:55
AEBB.DLL : 8.1.1.0 53618 Bytes 19/07/2010 09:08:53
AVWINLL.DLL    : 10.0.0.0    19304 Bytes 14/01/2010 10:03:38
AVPREF.DLL : 10.0.0.0    44904 Bytes 14/01/2010 10:03:35
AVREP.DLL    : 10.0.0.8    62209 Bytes 18/02/2010 14:47:40
AVREG.DLL    : 10.0.3.0    53096 Bytes 01/04/2010 10:35:46
AVSCPLR.DLL    : 10.0.3.0    83816 Bytes 01/04/2010 10:39:51
AVARKT.DLL : 10.0.0.14    227176 Bytes 01/04/2010 10:22:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 07:53:30
SQLITE3.DLL    : 3.6.19.0 355688 Bytes 28/01/2010 10:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 13:38:56
NETNT.DLL    : 10.0.0.0    11624 Bytes 19/02/2010 12:41:00
RCIMAGE.DLL    : 10.0.0.26 2550120 Bytes 28/01/2010 11:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 12:14:29

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: יום שני 19 יולי 2010 12:10

Starting search for hidden objects.

The scan of running processes will be started
Scan process 'msdtc.exe' - '42' Module(s) have been scanned
Scan process 'dllhost.exe' - '63' Module(s) have been scanned
Scan process 'dllhost.exe' - '47' Module(s) have been scanned
Scan process 'vssvc.exe' - '50' Module(s) have been scanned
Scan process 'avscan.exe' - '69' Module(s) have been scanned
Scan process 'avcenter.exe' - '64' Module(s) have been scanned
Scan process 'avgnt.exe' - '55' Module(s) have been scanned
Scan process 'sched.exe' - '55' Module(s) have been scanned
Scan process 'avshadow.exe' - '28' Module(s) have been scanned
Scan process 'avguard.exe' - '58' Module(s) have been scanned
Scan process 'NOTEPAD.EXE' - '28' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '23' Module(s) have been scanned
Scan process 'ctfmon.exe' - '27' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '37' Module(s) have been scanned
Scan process 'jusched.exe' - '23' Module(s) have been scanned
Scan process 'DrvIcon.exe' - '20' Module(s) have been scanned
Scan process 'rundll32.exe' - '36' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '27' Module(s) have been scanned
Scan process 'RUNDLL32.EXE' - '30' Module(s) have been scanned
Scan process 'notepad.exe' - '28' Module(s) have been scanned
Scan process 'alg.exe' - '35' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'Explorer.EXE' - '121' Module(s) have been scanned
Scan process 'spoolsv.exe' - '55' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '166' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '55' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'services.exe' - '38' Module(s) have been scanned
Scan process 'winlogon.exe' - '79' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '2256' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\Documents and Settings\עדן\שולחן העבודה\rofl\Matroska.rar

Archive type: RAR

Archive type: RAR

[WARNING] The file was ignored!
C:\Program Files\SexyKO\Packed\KnightOnLine.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\SexyKO\s-shield.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\SexyKO\KnightOnLine.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\patch1565\MaxKOC.exe
[DETECTION] Is the TR/PSW.Dybalom.bkh.1 Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\patch1565\MaxKO.exe
[DETECTION] Is the TR/PSW.Dybalom.bkh.1 Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\Fantasy's 85 Patch\Data\MaxKOC.exe
[DETECTION] Is the TR/Crypt.TPM.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\Data\MaxKOC.exe
[DETECTION] Is the TR/Crypt.TPM.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\MaxKOC.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\MaxKO.exe
[DETECTION] Is the TR/Black.Gen2 Trojan
[WARNING] The file was ignored!
C:\Program Files\ko4life\ko4life\dor.rar
[DETECTION] Is the TR/Crypt.TPM.Gen Trojan
[NOTE] The file was deleted!
C:\Program Files\ko4life\Launcher.exe
[DETECTION] Is the TR/Black.Gen2 Trojan
[NOTE] The file was deleted!
C:\Program Files\ko4life\Ko4life.exe
[DETECTION] Is the TR/Crypt.TPM.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\עדן\שולחן העבודה\rofl\Matroska.rar
[DETECTION] Is the TR/Banker.Bancos.nci Trojan
[NOTE] The file was deleted!

End of the scan: יום שני 19 יולי 2010 14:03
Used time: 1:31:39 Hour(s)

The scan has been done completely.

8728 Scanned directories
273218 Files were scanned
15 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
4 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
273203 Files not concerned
1324 Archives were scanned
10 Warnings
4 Notes
567455 Objects were scanned with rootkit scan
0 Hidden objects were found

5

Tech Clinic / Annoying virus keeps reappearing

« on: July 17, 2010, 01:32:31 PM »

[quote name='guestolo' date='17 July 2010 - 09:08 PM' timestamp='1279390129' post='470753']
I see you once had Norton's AV(Internet Security) installed, but have since removed it
What are you planning to use for AntiVirus software?
Do you need a free solution?
[/quote]

I don't usually use any AV software as all it does is problems and a mess (from what I've experienced with Norton in the past). Instead, I'd rather run full scans with SAS, MBAM and ESET online scanner every once in a while. However, if you recommend that I do use one, I'm willing to try a free solution considering it's your recommendation

It's feeling a lot better now. I've noticed it's removed the temp folder that contained the virus completely, it really helped since it freed around 6 GB that I needed to use.

Thank you so very much for your help!!! This is not the first time you've helped me

You're the best! <3

6

Tech Clinic / Annoying virus keeps reappearing

« on: July 17, 2010, 12:32:48 PM »

+ 2008-04-14 02:17 . 2008-04-14 02:17   116736 c:\windows\ServicePackFiles\i386\dpvvox.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   211456 c:\windows\ServicePackFiles\i386\dpvoice.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   375296 c:\windows\ServicePackFiles\i386\dpnet.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   229888 c:\windows\ServicePackFiles\i386\dplayx.dll
+ 2008-04-14 01:50 . 2008-04-14 01:50   102912 c:\windows\ServicePackFiles\i386\dpcdll.dll
+ 2008-04-13 18:39 . 2008-04-13 18:39   206976 c:\windows\ServicePackFiles\i386\dot4.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   650752 c:\windows\ServicePackFiles\i386\dot3ui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   131072 c:\windows\ServicePackFiles\i386\dot3svc.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   147968 c:\windows\ServicePackFiles\i386\dnsapi.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   104448 c:\windows\ServicePackFiles\i386\dmusic.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   103424 c:\windows\ServicePackFiles\i386\dmsynth.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   105984 c:\windows\ServicePackFiles\i386\dmstyle.dll
+ 2008-04-14 01:56 . 2008-04-14 01:56   153472 c:\windows\ServicePackFiles\i386\dmio.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   181248 c:\windows\ServicePackFiles\i386\dmime.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   200704 c:\windows\ServicePackFiles\i386\dmdskmgr.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   285184 c:\windows\ServicePackFiles\i386\dmdlgs.dll
+ 2008-04-14 01:56 . 2008-04-14 01:56   799872 c:\windows\ServicePackFiles\i386\dmboot.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   224768 c:\windows\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   163840 c:\windows\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   180224 c:\windows\ServicePackFiles\i386\dinput8.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   157696 c:\windows\ServicePackFiles\i386\dinput.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   535552 c:\windows\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   379904 c:\windows\ServicePackFiles\i386\dhcpmon.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   126976 c:\windows\ServicePackFiles\i386\dhcpcsvc.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   110080 c:\windows\ServicePackFiles\i386\dgnet.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   124416 c:\windows\ServicePackFiles\i386\dfrgui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   105472 c:\windows\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   279040 c:\windows\ServicePackFiles\i386\devmgr.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   279552 c:\windows\ServicePackFiles\i386\ddraw.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   110592 c:\windows\ServicePackFiles\i386\dbnetlib.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   640000 c:\windows\ServicePackFiles\i386\dbghelp.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   165376 c:\windows\ServicePackFiles\i386\datime.dll
+ 2009-10-04 11:07 . 2008-03-25 04:50   554008 c:\windows\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   824320 c:\windows\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   250368 c:\windows\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   323072 c:\windows\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   139264 c:\windows\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   101376 c:\windows\ServicePackFiles\i386\cscdll.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   494080 c:\windows\ServicePackFiles\i386\cryptui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   598528 c:\windows\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   259584 c:\windows\ServicePackFiles\i386\credui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   357888 c:\windows\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   539648 c:\windows\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   167424 c:\windows\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   274944 c:\windows\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   750592 c:\windows\ServicePackFiles\i386\comres.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   228352 c:\windows\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   252928 c:\windows\ServicePackFiles\i386\compatui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   403456 c:\windows\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   617472 c:\windows\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   195072 c:\windows\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   182784 c:\windows\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   342016 c:\windows\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   389120 c:\windows\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   100864 c:\windows\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   498688 c:\windows\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   110592 c:\windows\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   148480 c:\windows\ServicePackFiles\i386\cic.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   188480 c:\windows\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   452096 c:\windows\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   196608 c:\windows\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   151040 c:\windows\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   625664 c:\windows\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   226304 c:\windows\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   148480 c:\windows\ServicePackFiles\i386\capesnpn.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   121856 c:\windows\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   385024 c:\windows\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   218112 c:\windows\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 01:52 . 2008-04-14 01:52   272384 c:\windows\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:51 . 2008-04-13 18:51   101120 c:\windows\ServicePackFiles\i386\bthpan.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   233472 c:\windows\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   580608 c:\windows\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   602624 c:\windows\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   588800 c:\windows\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 02:15 . 2008-04-14 02:15   285696 c:\windows\ServicePackFiles\i386\atmfd.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   516768 c:\windows\ServicePackFiles\i386\ativvaxx.dll
+ 2009-10-04 11:05 . 2004-08-03 20:29   104960 c:\windows\ServicePackFiles\i386\atinrvxx.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   870784 c:\windows\ServicePackFiles\i386\ati3d1ag.dll
+ 2009-10-04 11:05 . 2004-08-26 15:47   700928 c:\windows\ServicePackFiles\i386\ati2mtag.sys
+ 2009-10-04 11:05 . 2004-08-26 15:47   326912 c:\windows\ServicePackFiles\i386\ati2mtaa.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   201728 c:\windows\ServicePackFiles\i386\ati2dvag.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   377984 c:\windows\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   229376 c:\windows\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   327680 c:\windows\ServicePackFiles\i386\aqueue.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   125952 c:\windows\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   256512 c:\windows\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   214016 c:\windows\ServicePackFiles\i386\agentctl.dll
+ 2008-04-13 19:19 . 2008-04-13 19:19   138112 c:\windows\ServicePackFiles\i386\afd.sys
+ 2008-04-13 16:39 . 2008-04-13 16:39   142592 c:\windows\ServicePackFiles\i386\aec.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   679424 c:\windows\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   263680 c:\windows\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   143360 c:\windows\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   175616 c:\windows\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   116224 c:\windows\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   193024 c:\windows\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   245248 c:\windows\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 01:49 . 2008-04-14 01:49   187264 c:\windows\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   111104 c:\windows\ServicePackFiles\i386\aclui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   141312 c:\windows\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   451072 c:\windows\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   182272 c:\windows\ServicePackFiles\i386\accwiz.exe
+ 2009-10-04 11:05 . 2004-08-03 20:32   231552 c:\windows\ServicePackFiles\i386\ac97ali.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   136192 c:\windows\ServicePackFiles\i386\aaclient.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   100352 c:\windows\ServicePackFiles\i386\6to4svc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   228352 c:\windows\regedit.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   110592 c:\windows\PeerNet\sqlse20.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   110592 c:\windows\PeerNet\sqlse20.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   462848 c:\windows\PeerNet\sqlqp20.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   462848 c:\windows\PeerNet\sqlqp20.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   151552 c:\windows\PeerNet\sqldb20.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   151552 c:\windows\PeerNet\sqldb20.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   150528 c:\windows\PCHEALTH\UploadLB\Binaries\UploadM.exe
+ 2005-12-08 07:22 . 2008-04-14 02:18   150528 c:\windows\PCHEALTH\UploadLB\Binaries\uploadm.exe
+ 2005-12-08 07:22 . 2008-04-14 02:17   102912 c:\windows\PCHEALTH\HELPCTR\Binaries\pchshell.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   374272 c:\windows\PCHEALTH\HELPCTR\Binaries\msinfo.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   168448 c:\windows\PCHEALTH\HELPCTR\Binaries\msconfig.exe
+ 2005-12-08 07:22 . 2008-04-14 02:17   769024 c:\windows\PCHEALTH\HELPCTR\Binaries\helpctr.exe
+ 2007-01-17 17:20 . 2008-04-13 18:53   558080 c:\windows\network diagnostic\xpnetdiag.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   256512 c:\windows\msagent\agentsvr.exe
- 2004-08-27 12:00 . 2006-10-12 11:09   256512 c:\windows\msagent\agentsvr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   214016 c:\windows\msagent\agentctl.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   214016 c:\windows\msagent\agentctl.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40   196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 16:47 . 2008-07-29 16:47   110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 16:47 . 2008-07-29 16:47   177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-29 21:15 . 2008-07-29 21:15   225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-29 21:40 . 2008-07-29 21:40   233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40   168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-29 18:35 . 2008-07-29 18:35   864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2010-03-30 21:16 . 2010-03-30 21:16   130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2010-04-07 20:48 . 2010-04-07 20:48   970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2010-04-07 20:48 . 2010-04-07 20:48   110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16   163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
- 2007-10-11 07:55 . 2007-10-11 07:55   397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24   881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16   168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2010-03-23 02:31 . 2010-03-23 02:31   435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-02-09 09:22 . 2010-02-09 09:22   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59   486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59   364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51   989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2009-11-26 19:41 . 2007-10-07 13:36   258048 c:\windows\libFLAC.dll
+ 2009-12-12 13:21 . 2009-12-12 13:21   724992 c:\windows\iun6002.exe
+ 2006-11-19 16:58 . 2006-11-19 16:58   131584 c:\windows\Installer\ef8dc1.msi
+ 2009-10-18 13:36 . 2009-10-18 13:36   169472 c:\windows\Installer\bdf3e4.msi
+ 2009-03-20 09:48 . 2009-03-20 09:48   183808 c:\windows\Installer\9dd5f9.msp
+ 2010-02-24 21:14 . 2010-02-24 21:14   543232 c:\windows\Installer\9dd3a.msp
+ 2006-06-12 13:24 . 2006-06-12 13:24   289792 c:\windows\Installer\90a2d.msp
+ 2004-08-25 09:13 . 2004-08-25 09:13   107008 c:\windows\Installer\909f0.msp
+ 2004-03-10 17:31 . 2004-03-10 17:31   764928 c:\windows\Installer\90932.msp
+ 2009-06-07 20:28 . 2009-06-07 20:28   228352 c:\windows\Installer\80887e.msi
+ 2008-02-03 03:50 . 2008-02-03 03:50   871424 c:\windows\Installer\6d75c.msi
+ 2009-04-01 07:27 . 2009-04-01 07:27   140288 c:\windows\Installer\4c02d.msi
+ 2009-04-01 07:27 . 2009-04-01 07:27   202752 c:\windows\Installer\4c022.msi
+ 2009-04-01 07:27 . 2009-04-01 07:27   152576 c:\windows\Installer\4c01d.msi
+ 2009-04-01 07:26 . 2009-04-01 07:26   107008 c:\windows\Installer\4c00e.msi
+ 2009-04-01 07:26 . 2009-04-01 07:26   301056 c:\windows\Installer\4c009.msi
+ 2009-10-04 12:46 . 2009-10-04 12:46   195584 c:\windows\Installer\3f79a7.msi
+ 2009-10-04 12:46 . 2009-10-04 12:46   248832 c:\windows\Installer\3f79a2.msi
+ 2008-12-13 07:58 . 2008-12-13 07:58   754688 c:\windows\Installer\3f799c.msp
+ 2009-10-04 12:36 . 2009-10-04 12:36   648192 c:\windows\Installer\3f7979.msi
+ 2008-03-13 11:15 . 2008-03-13 11:15   537600 c:\windows\Installer\3dda79.msi
+ 2008-07-29 19:23 . 2008-07-29 19:23   250880 c:\windows\Installer\3d5422.msp
+ 2008-07-29 19:28 . 2008-07-29 19:28   278016 c:\windows\Installer\3d5420.msp
+ 2008-07-29 17:40 . 2008-07-29 17:40   291840 c:\windows\Installer\3d541e.msp
+ 2009-10-04 12:34 . 2009-10-04 12:34   137728 c:\windows\Installer\3d5418.msi
+ 2008-07-29 15:35 . 2008-07-29 15:35   553472 c:\windows\Installer\371396.msp
+ 2008-07-29 15:33 . 2008-07-29 15:33   506368 c:\windows\Installer\371394.msp
+ 2008-07-29 15:37 . 2008-07-29 15:37   911360 c:\windows\Installer\371393.msp
+ 2010-04-07 19:34 . 2010-04-07 19:34   381952 c:\windows\Installer\36ebd5e.msi
+ 2009-04-20 13:18 . 2009-04-20 13:18   209408 c:\windows\Installer\305bf8.msp
+ 2009-02-10 08:10 . 2009-02-10 08:10   499712 c:\windows\Installer\305bbc.msp
+ 2008-07-22 23:40 . 2008-07-22 23:40   101376 c:\windows\Installer\305b7f.msp
+ 2008-05-12 09:06 . 2008-05-12 09:06   633856 c:\windows\Installer\305b6b.msp
+ 2008-03-06 19:57 . 2008-03-06 19:57   451584 c:\windows\Installer\2fab3e7.msi
+ 2009-11-05 12:43 . 2009-11-05 12:43   498176 c:\windows\Installer\2e535d2.msp
+ 2008-01-30 05:35 . 2008-01-30 05:35   331264 c:\windows\Installer\25150e.msi
+ 2008-02-08 21:16 . 2008-02-08 21:16   470528 c:\windows\Installer\1e3bc80.msi
+ 2009-10-03 15:18 . 2009-10-03 15:18   430080 c:\windows\Installer\1aa457d.msi
+ 2009-10-03 15:18 . 2009-10-03 15:18   155648 c:\windows\Installer\1aa4561.msi
+ 2009-10-31 06:22 . 2009-10-31 06:22   602624 c:\windows\Installer\1a9946.msi
+ 2005-12-08 07:54 . 2005-12-08 07:54   264704 c:\windows\Installer\184bde.msi
+ 2010-02-05 20:12 . 2010-02-05 20:12   796672 c:\windows\Installer\1671b9d.msi
+ 2010-07-16 17:19 . 2010-07-16 17:19   180224 c:\windows\Installer\127d70a.msi
+ 2010-07-16 17:17 . 2010-07-16 17:17   676352 c:\windows\Installer\127d705.msi
+ 2009-10-31 19:34 . 2009-12-02 06:56   295606 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   114688 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   114688 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   167936 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   167936 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   271872 c:\windows\ime\SPTIP.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   271872 c:\windows\ime\sptip.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   130048 c:\windows\ime\SOFTKBD.DLL
+ 2004-08-27 12:00 . 2008-04-14 02:17   130048 c:\windows\ime\softkbd.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   102456 c:\windows\ime\shared\imlang.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   102456 c:\windows\ime\shared\imlang.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   220160 c:\windows\ime\mscandui.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   220160 c:\windows\ime\mscandui.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   106496 c:\windows\ime\imkr6_1\imekrcic.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   106496 c:\windows\ime\imkr6_1\imekrcic.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   274489 c:\windows\ime\imjp8_1\imjputyc.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   274489 c:\windows\ime\imjp8_1\imjputyc.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   716856 c:\windows\ime\imjp8_1\imjpcus.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   716856 c:\windows\ime\imjp8_1\imjpcus.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   368696 c:\windows\ime\imjp8_1\imjpcic.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   368696 c:\windows\ime\imjp8_1\imjpcic.dll
+ 2005-12-08 08:47 . 2008-04-14 02:16   426041 c:\windows\ime\imjp8_1\applets\voicepad.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   426041 c:\windows\ime\imjp8_1\applets\voicepad.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   315455 c:\windows\ime\imjp8_1\applets\imskf.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   173568 c:\windows\ime\CHTIME\Applets\chtskf.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   173568 c:\windows\ime\CHTIME\Applets\CHTSKF.DLL
- 2005-12-08 08:47 . 2004-08-27 12:00   175104 c:\windows\ime\chsime\applets\PINTLCSA.DLL
+ 2005-12-08 08:47 . 2008-04-14 02:16   175104 c:\windows\ime\chsime\applets\pintlcsa.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-06-10 14:24 . 2010-02-22 14:26   374648 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-06-10 14:24 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-06-10 14:23 . 2010-02-25 06:18   206848 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-06-10 14:24 . 2010-02-25 06:18   247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-06-10 14:24 . 2009-03-08 02:35   742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-06-10 14:24 . 2010-02-25 06:18   387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-06-10 14:24 . 2010-02-24 09:55   173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-04-14 20:07 . 2009-03-08 02:33   420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2010-04-14 20:07 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2010-04-14 20:07 . 2009-05-26 11:41   230264 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2010-03-31 09:13 . 2009-12-21 19:08   916480 c:\windows\ie8updates\KB980182-IE8\wininet.dll
+ 2010-03-31 09:13 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB980182-IE8\spuninst\updspapi.dll
+ 2010-03-31 09:13 . 2009-05-26 11:41   230264 c:\windows\ie8updates\KB980182-IE8\spuninst\spuninst.exe
+ 2010-03-31 09:13 . 2009-12-21 19:08   206848 c:\windows\ie8updates\KB980182-IE8\occache.dll
+ 2010-03-31 09:13 . 2009-03-08 02:32   611840 c:\windows\ie8updates\KB980182-IE8\mstime.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   594432 c:\windows\ie8updates\KB980182-IE8\msfeeds.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   246272 c:\windows\ie8updates\KB980182-IE8\ieproxy.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   184320 c:\windows\ie8updates\KB980182-IE8\iepeers.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   387584 c:\windows\ie8updates\KB980182-IE8\iedkcs32.dll
+ 2010-03-31 09:13 . 2009-12-21 13:20   173056 c:\windows\ie8updates\KB980182-IE8\ie4uinit.exe
+ 2010-01-22 09:16 . 2009-10-29 07:42   916480 c:\windows\ie8updates\KB978207-IE8\wininet.dll
+ 2010-01-22 09:16 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB978207-IE8\spuninst\updspapi.dll
+ 2010-01-22 09:16 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB978207-IE8\spuninst\spuninst.exe
+ 2010-01-22 09:16 . 2009-10-29 07:42   206848 c:\windows\ie8updates\KB978207-IE8\occache.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   594432 c:\windows\ie8updates\KB978207-IE8\msfeeds.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   246272 c:\windows\ie8updates\KB978207-IE8\ieproxy.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   184320 c:\windows\ie8updates\KB978207-IE8\iepeers.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   387584 c:\windows\ie8updates\KB978207-IE8\iedkcs32.dll
+ 2010-01-22 09:16 . 2009-10-28 14:40   173056 c:\windows\ie8updates\KB978207-IE8\ie4uinit.exe
+ 2009-11-04 13:10 . 2008-07-08 13:05   374648 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll
+ 2009-11-04 13:10 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe
+ 2010-02-24 07:01 . 2008-07-08 13:05   374648 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-02-24 07:01 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-02-24 07:01 . 2009-06-22 06:47   726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   916480 c:\windows\ie8updates\KB976325-IE8\wininet.dll
+ 2009-12-09 20:33 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB976325-IE8\spuninst\updspapi.dll
+ 2009-12-09 20:33 . 2009-05-26 11:41   230264 c:\windows\ie8updates\KB976325-IE8\spuninst\spuninst.exe
+ 2009-12-09 20:33 . 2009-08-29 07:58   206848 c:\windows\ie8updates\KB976325-IE8\occache.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   594432 c:\windows\ie8updates\KB976325-IE8\msfeeds.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   246272 c:\windows\ie8updates\KB976325-IE8\ieproxy.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   184320 c:\windows\ie8updates\KB976325-IE8\iepeers.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   387584 c:\windows\ie8updates\KB976325-IE8\iedkcs32.dll
+ 2009-12-09 20:33 . 2009-08-28 10:36   173056 c:\windows\ie8updates\KB976325-IE8\ie4uinit.exe
+ 2009-10-14 15:05 . 2009-07-03 16:57   915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll
+ 2009-10-14 15:05 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll
+ 2009-10-14 15:05 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe
+ 2009-10-14 15:05 . 2009-07-03 16:57   206848 c:\windows\ie8updates\KB974455-IE8\occache.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll
+ 2009-10-14 15:05 . 2009-07-03 11:01   173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe
+ 2009-10-04 12:58 . 2008-07-08 13:05   374648 c:\windows\ie8updates\KB973874-IE8\spuninst\updspapi.dll
+ 2009-10-04 12:58 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB973874-IE8\spuninst\spuninst.exe
+ 2009-10-05 13:15 . 2009-03-08 02:34   914944 c:\windows\ie8updates\KB972260-IE8\wininet.dll
+ 2009-10-05 13:15 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll
+ 2009-10-05 13:15 . 2009-05-26 11:41   230264 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe
+ 2009-10-05 13:15 . 2009-03-08 02:34   109568 c:\windows\ie8updates\KB972260-IE8\occache.dll
+ 2009-10-05 13:15 . 2009-03-08 02:32   594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll
+ 2009-10-05 13:15 . 2009-03-08 02:33   246784 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll
+ 2009-10-05 13:15 . 2009-03-08 02:31   183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll
+ 2009-10-05 13:15 . 2009-03-08 12:09   391536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll
+ 2009-10-05 13:15 . 2009-03-08 02:32   173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe
+ 2009-10-05 13:16 . 2008-07-08 13:05   374648 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2009-10-05 13:16 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2009-10-05 13:16 . 2009-03-08 02:33   726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   827392 c:\windows\ie8\wininet.dll
+ 2009-10-04 12:55 . 2006-10-17 10:05   206336 c:\windows\ie8\winfxdocobj.exe
+ 2009-10-04 12:55 . 2009-06-29 15:58   233472 c:\windows\ie8\webcheck.dll
+ 2009-10-04 12:55 . 2007-07-12 23:30   765952 c:\windows\ie8\vgx.dll
+ 2009-10-04 12:55 . 2008-05-09 10:56   430080 c:\windows\ie8\vbscript.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   105984 c:\windows\ie8\url.dll
+ 2009-10-04 12:57 . 2009-01-07 16:21   374304 c:\windows\ie8\spuninst\updspapi.dll
+ 2009-10-04 12:57 . 2009-01-07 16:21   230432 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-10-04 12:55 . 2006-09-06 14:43   212192 c:\windows\ie8\spuninst.exe
+ 2009-10-04 12:55 . 2009-06-29 15:58   102912 c:\windows\ie8\occache.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   671232 c:\windows\ie8\mstime.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   193024 c:\windows\ie8\msrating.dll
+ 2009-10-04 12:55 . 2006-11-07 19:03   156160 c:\windows\ie8\msls31.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   477696 c:\windows\ie8\mshtmled.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   459264 c:\windows\ie8\msfeeds.dll
+ 2009-10-04 12:55 . 2008-05-09 10:56   512000 c:\windows\ie8\jscript.dll
+ 2009-10-04 12:55 . 2009-06-29 08:35   634632 c:\windows\ie8\iexplore.exe
+ 2009-10-04 12:55 . 2006-11-07 19:03   180736 c:\windows\ie8\ieui.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   268288 c:\windows\ie8\iertutil.dll
+ 2009-10-04 12:55 . 2006-11-07 19:03   287744 c:\windows\ie8\ieproxy.dll
+ 2009-10-04 12:55 . 2006-11-07 19:03   191488 c:\windows\ie8\iepeers.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   385024 c:\windows\ie8\iedkcs32.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   380928 c:\windows\ie8\ieapfltr.dll
+ 2009-10-04 12:55 . 2009-06-29 08:33   161792 c:\windows\ie8\ieakui.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   230400 c:\windows\ie8\ieaksie.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   153088 c:\windows\ie8\ieakeng.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   214528 c:\windows\ie8\dxtrans.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   347136 c:\windows\ie8\dxtmsft.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   124928 c:\windows\ie8\advpack.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   826368 c:\windows\ie7updates\KB972260-IE7\wininet.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   233472 c:\windows\ie7updates\KB972260-IE7\webcheck.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   105984 c:\windows\ie7updates\KB972260-IE7\url.dll
+ 2009-10-04 12:45 . 2009-05-26 11:41   374648 c:\windows\ie7updates\KB972260-IE7\spuninst\updspapi.dll
+ 2009-10-04 12:45 . 2008-07-08 13:04   230264 c:\windows\ie7updates\KB972260-IE7\spuninst\spuninst.exe
+ 2009-10-04 12:45 . 2008-04-23 04:16   102912 c:\windows\ie7updates\KB972260-IE7\occache.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   671232 c:\windows\ie7updates\KB972260-IE7\mstime.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   193024 c:\windows\ie7updates\KB972260-IE7\msrating.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   478208 c:\windows\ie7updates\KB972260-IE7\mshtmled.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   459264 c:\windows\ie7updates\KB972260-IE7\msfeeds.dll
+ 2009-10-04 12:45 . 2008-04-22 07:41   625664 c:\windows\ie7updates\KB972260-IE7\iexplore.exe
+ 2009-10-04 12:45 . 2008-04-23 04:16   267776 c:\windows\ie7updates\KB972260-IE7\iertutil.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   384512 c:\windows\ie7updates\KB972260-IE7\iedkcs32.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   383488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dll
+ 2009-10-04 12:45 . 2008-04-20 05:07   161792 c:\windows\ie7updates\KB972260-IE7\ieakui.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   230400 c:\windows\ie7updates\KB972260-IE7\ieaksie.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   153088 c:\windows\ie7updates\KB972260-IE7\ieakeng.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   133120 c:\windows\ie7updates\KB972260-IE7\extmgr.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   214528 c:\windows\ie7updates\KB972260-IE7\dxtrans.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   347136 c:\windows\ie7updates\KB972260-IE7\dxtmsft.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   124928 c:\windows\ie7updates\KB972260-IE7\advpack.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   279040 c:\windows\Help\tshoot.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   279040 c:\windows\Help\tshoot.dll
+ 2009-10-04 12:33 . 2008-03-13 04:52   761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-10-04 12:33 . 2008-07-06 12:06   744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-10-04 12:33 . 2008-07-06 12:06   373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-10-04 12:33 . 2008-07-06 12:06   198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-10-04 12:33 . 2008-07-06 12:06   765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-06-09 07:48 . 2010-02-24 13:11   455680 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-10-20 16:20 . 2009-10-20 16:20   265728 c:\windows\Driver Cache\i386\http.sys
- 2008-06-15 10:35 . 2008-06-14 17:59   271488 c:\windows\Driver Cache\i386\bthport.sys
+ 2008-06-15 10:35 . 2008-06-14 17:33   271488 c:\windows\Driver Cache\i386\bthport.sys
+ 2009-04-03 07:26 . 2009-04-03 07:26   354608 c:\windows\Downloaded Program Files\sysreqlab_nvd.dll
+ 2009-10-14 11:36 . 2009-10-14 11:36   398632 c:\windows\Downloaded Program Files\JuniperExt.exe
+ 2010-06-10 15:54 . 2010-06-10 15:54   321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe
+ 2010-06-23 21:22 . 2010-06-23 21:22   240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b3a9fac9aea3ad913781fafbdcbb0cae\WindowsFormsIntegration.ni.dll
+ 2009-10-14 15:06 . 2009-10-14 15:06   187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2010-06-23 21:21 . 2010-06-23 21:21   447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\4131a3627fec69291dbaed236f30dc65\UIAutomationClient.ni.dll
+ 2010-06-10 15:58 . 2010-06-10 15:58   400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\747e84d81d1de2041661f0f71b04734a\System.Xml.Linq.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll
+ 2010-06-10 14:21 . 2010-06-10 14:21   202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e8ef769b3e899e62b26daadee50b97ed\System.Web.Extensions.Design.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ad04fe1182e55e7c01066b62a4bee6b5\System.Web.Entity.Design.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll
+ 2010-06-10 14:19 . 2010-06-10 14:19   627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll
+ 2010-06-10 14:14 . 2010-06-10 14:14   212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
+ 2010-06-10 14:15 . 2010-06-10 14:15   679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll
+ 2010-06-10 14:15 . 2010-06-10 14:15   311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-06-10 14:20 . 2010-06-10 14:20   771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2077ce69bd24a095dd54683ae26454d4\System.Runtime.Remoting.ni.dll
+ 2010-06-10 15:56 . 2010-06-10 15:56   621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\f90965b9d9a6a6604c9a66f57c37c026\System.Net.ni.dll
+ 2010-06-10 15:58 . 2010-06-10 15:58   593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\07da2b0e44d62f3c65d6516f4e2f94bb\System.Messaging

7

Tech Clinic / Annoying virus keeps reappearing

« on: July 17, 2010, 12:31:18 PM »

+ 2008-04-14 02:17 . 2008-04-14 02:17   4096 c:\windows\ServicePackFiles\i386\msdaenum.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   4096 c:\windows\ServicePackFiles\i386\msdadc.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   3584 c:\windows\ServicePackFiles\i386\msafd.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   5120 c:\windows\ServicePackFiles\i386\mmcfxcr.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   7680 c:\windows\ServicePackFiles\i386\migregdb.exe
+ 2008-04-13 18:40 . 2008-04-13 18:40   7040 c:\windows\ServicePackFiles\i386\ltotape.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   4096 c:\windows\ServicePackFiles\i386\ksuser.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   8192 c:\windows\ServicePackFiles\i386\koc.dll
+ 2008-04-13 18:31 . 2008-04-13 18:31   7424 c:\windows\ServicePackFiles\i386\kd1394.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\kbdukx.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7680 c:\windows\ServicePackFiles\i386\kbdsmsno.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7680 c:\windows\ServicePackFiles\i386\kbdsmsfi.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdpash.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\kbdno1.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdnepr.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\kbdnec.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdmlt48.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdmlt47.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   5632 c:\windows\ServicePackFiles\i386\kbdmaori.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdlk41j.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6656 c:\windows\ServicePackFiles\i386\kbdlk41a.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdiultn.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6656 c:\windows\ServicePackFiles\i386\kbdinmal.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdinben.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdinbe1.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\kbdibm02.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\kbdfi1.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdbhc.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdax2.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbd106n.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbd106.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbd101.dll
+ 2008-04-14 01:56 . 2008-04-14 01:56   5504 c:\windows\ServicePackFiles\i386\intelide.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   8192 c:\windows\ServicePackFiles\i386\igmpagnt.dll
+ 2008-04-13 16:44 . 2008-04-13 16:44   2560 c:\windows\ServicePackFiles\i386\iconlib.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   3584 c:\windows\ServicePackFiles\i386\icmp.dll
+ 2008-04-13 18:41 . 2008-04-13 18:41   8576 c:\windows\ServicePackFiles\i386\i2omgmt.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   7168 c:\windows\ServicePackFiles\i386\hccoin.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   5632 c:\windows\ServicePackFiles\i386\fxsres.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   8704 c:\windows\ServicePackFiles\i386\fxsperf.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   9344 c:\windows\ServicePackFiles\i386\framebuf.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   7680 c:\windows\ServicePackFiles\i386\forcedos.exe
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\f3ahvoas.dll
+ 2008-04-14 01:57 . 2008-04-14 01:57   3584 c:\windows\ServicePackFiles\i386\dsprpres.dll
+ 2009-10-04 11:07 . 2004-08-27 12:00   4656 c:\windows\ServicePackFiles\i386\ds16gt.dll
+ 2008-04-13 18:45 . 2008-04-13 18:45   2944 c:\windows\ServicePackFiles\i386\drmkaud.sys
+ 2008-04-14 02:15 . 2008-04-14 02:15   3072 c:\windows\ServicePackFiles\i386\dpnlobby.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   3072 c:\windows\ServicePackFiles\i386\dpnaddr.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   9216 c:\windows\ServicePackFiles\i386\dot3dlg.dll
+ 2008-04-13 18:40 . 2008-04-13 18:40   8320 c:\windows\ServicePackFiles\i386\dlttape.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   5120 c:\windows\ServicePackFiles\i386\dllhost.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   6144 c:\windows\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   8704 c:\windows\ServicePackFiles\i386\dciman32.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33   1804 c:\windows\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 02:17 . 2008-04-14 02:17   8192 c:\windows\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   6144 c:\windows\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   6144 c:\windows\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   9728 c:\windows\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   5632 c:\windows\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 18:40 . 2008-04-13 18:40   8192 c:\windows\ServicePackFiles\i386\changer.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   7168 c:\windows\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   7168 c:\windows\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   8192 c:\windows\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   8704 c:\windows\ServicePackFiles\i386\batt.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3775 c:\windows\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3711 c:\windows\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3135 c:\windows\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3647 c:\windows\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3615 c:\windows\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3967 c:\windows\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   4255 c:\windows\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   4096 c:\windows\ServicePackFiles\i386\actmovie.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2008-01-18 15:13 . 2008-01-18 15:13   2247 c:\windows\Installer\tsclientmsitrans\tscdsbl.bat
+ 2005-12-08 10:52 . 2010-07-14 11:03   3584 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   3584 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   8192 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   8192 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   2560 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   2560 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2009-10-04 12:58 . 2009-03-08 02:35   2048 c:\windows\ie8updates\KB973874-IE8\iecompat.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08   8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-02-08 21:37 . 2008-02-08 21:37   5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-02-08 21:38 . 2008-02-08 21:38   6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-11-17 18:15 . 2004-08-27 12:00   7168 c:\windows\$NtUninstallwmp11$\asferror.dll
+ 2009-12-17 06:41 . 2004-08-27 12:00   7168 c:\windows\$NtUninstallwmp11$\asferror.dll
+ 2010-02-10 15:14 . 2004-08-27 12:00   8192 c:\windows\$NtUninstallKB977914$\tsbyuv.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\wuauserv.dll
+ 2009-10-04 11:14 . 2004-08-26 15:53   8192 c:\windows\$NtServicePackUninstall$\wshirda.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\wmm2res2.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7680 c:\windows\$NtServicePackUninstall$\wmm2ext.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\wmm2eres.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\wmiapres.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\wmi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\winver.exe
+ 2009-10-04 11:13 . 2004-08-27 12:00   4352 c:\windows\$NtServicePackUninstall$\swenum.sys
+ 2009-10-04 11:13 . 2006-06-14 08:47   6400 c:\windows\$NtServicePackUninstall$\splitter.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   8704 c:\windows\$NtServicePackUninstall$\snmptrap.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\snmpmib.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   8192 c:\windows\$NtServicePackUninstall$\smbinst.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   5120 c:\windows\$NtServicePackUninstall$\sfc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\sensapi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\security.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   9216 c:\windows\$NtServicePackUninstall$\scrnsave.scr
+ 2009-10-04 11:14 . 2006-06-26 17:41   8192 c:\windows\$NtServicePackUninstall$\rasadhlp.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   9216 c:\windows\$NtServicePackUninstall$\proxycfg.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   8192 c:\windows\$NtServicePackUninstall$\ntlsapi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   9600 c:\windows\$NtServicePackUninstall$\ndistapi.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\nddeapir.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\mtxex.dll
+ 2009-10-04 11:14 . 2004-08-03 22:58   4992 c:\windows\$NtServicePackUninstall$\mspqm.sys
+ 2009-10-04 11:14 . 2004-08-03 22:58   5376 c:\windows\$NtServicePackUninstall$\mspclock.sys
+ 2009-10-04 11:14 . 2004-08-03 22:58   7552 c:\windows\$NtServicePackUninstall$\mskssrv.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   4608 c:\windows\$NtServicePackUninstall$\msimg32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\msidle.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4126 c:\windows\$NtServicePackUninstall$\msdxmlc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\msdtc.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\msdaurl.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\msdasc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\msdaer.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\msdaenum.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\msdadc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   3584 c:\windows\$NtServicePackUninstall$\msafd.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4639 c:\windows\$NtServicePackUninstall$\mplayer2.exe
+ 2009-10-04 11:14 . 2005-07-25 23:46   7680 c:\windows\$NtServicePackUninstall$\migregdb.exe
+ 2009-10-04 11:14 . 2004-08-26 15:53   4096 c:\windows\$NtServicePackUninstall$\ksuser.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   7424 c:\windows\$NtServicePackUninstall$\kd1394.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\kbdukx.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7680 c:\windows\$NtServicePackUninstall$\kbdsmsno.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7680 c:\windows\$NtServicePackUninstall$\kbdsmsfi.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\kbdno1.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\kbdnec.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbdmlt48.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbdmlt47.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\kbdmaori.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbdlk41j.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\kbdlk41a.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\kbdinmal.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\kbdinben.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbdinbe1.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\kbdibm02.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\kbdfi1.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbdax2.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbd106n.dll
+ 2009-10-04 11:14 . 2001-08-17 14:55   6144 c:\windows\$NtServicePackUninstall$\kbd106.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbd101.dll
+ 2009-10-04 11:14 . 2004-08-26 17:49   5504 c:\windows\$NtServicePackUninstall$\intelide.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   8192 c:\windows\$NtServicePackUninstall$\igmpagnt.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\iconlib.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   3584 c:\windows\$NtServicePackUninstall$\icmp.dll
+ 2009-10-04 11:14 . 2001-08-17 12:02   9600 c:\windows\$NtServicePackUninstall$\hidusb.sys
+ 2009-10-04 11:15 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\hccoin.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\fxsres.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   8704 c:\windows\$NtServicePackUninstall$\fxsperf.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   9344 c:\windows\$NtServicePackUninstall$\framebuf.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\forcedos.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\f3ahvoas.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   3584 c:\windows\$NtServicePackUninstall$\dsprpres.dll
+ 2009-10-04 11:14 . 2004-08-03 23:07   2944 c:\windows\$NtServicePackUninstall$\drmkaud.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   3584 c:\windows\$NtServicePackUninstall$\dpnlobby.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   3584 c:\windows\$NtServicePackUninstall$\dpnaddr.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   5120 c:\windows\$NtServicePackUninstall$\dllhost.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   5120 c:\windows\$NtServicePackUninstall$\dcomcnfg.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   8704 c:\windows\$NtServicePackUninstall$\dciman32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   1788 c:\windows\$NtServicePackUninstall$\dcache.bin
+ 2009-10-04 11:14 . 2004-08-27 12:00   8192 c:\windows\$NtServicePackUninstall$\d3d8thk.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\csrss.exe
+ 2009-10-04 11:15 . 2004-08-27 12:00   5120 c:\windows\$NtServicePackUninstall$\comrereg.exe
+ 2009-10-04 11:15 . 2004-08-27 12:00   9728 c:\windows\$NtServicePackUninstall$\comrepl.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\cisvc.exe
+ 2009-10-04 11:15 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\bitsprx3.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   8192 c:\windows\$NtServicePackUninstall$\bitsprx2.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   8704 c:\windows\$NtServicePackUninstall$\batt.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\actmovie.exe
+ 2009-11-27 16:29 . 2009-11-27 16:29   8704 c:\windows\$hf_mig$\KB977914\SP3QFE\tsbyuv.dll
+ 2009-06-09 07:49 . 2008-05-05 04:25   4608 c:\windows\$hf_mig$\KB923561\SP3QFE\sprv040d.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2005-12-08 08:45 . 2004-08-27 12:00   129536 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_he_d193ac0c\rtcres.dll
+ 2008-04-14 01:58 . 2008-04-14 01:58   129536 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_he_d193ac0c\rtcres.dll
- 2005-12-08 08:45 . 2004-08-27 12:00   989184 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   989184 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2005-12-08 08:45 . 2004-08-27 12:00   852992 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   852992 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   343040 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 00:54 . 2008-07-29 00:54   225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02   159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2009-07-11 23:12 . 2009-07-11 23:12   632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-11 23:09 . 2009-07-11 23:09   554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-11 23:08 . 2009-07-11 23:08   479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
- 2007-02-17 17:04 . 2007-01-19 12:51   401462 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   401462 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   995383 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-02-17 17:04 . 2007-01-19 12:51   995383 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   282112 c:\windows\winhlp32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   282112 c:\windows\winhlp32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   474112 c:\windows\system32\zipfldr.dll
+ 2008-07-29 19:26 . 2008-07-29 19:26   301568 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2006-10-14 18:21 . 2008-07-06 12:06   575488 c:\windows\system32\xpsshhdr.dll
+ 2004-08-27 12:00 . 2008-04-13 18:35   181760 c:\windows\system32\xpsp1res.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   181760 c:\windows\system32\xpsp1res.dll
+ 2004-08-27 12:00 . 2008-04-13 18:40   418304 c:\windows\system32\xpob2res.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   418304 c:\windows\system32\xpob2res.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   129024 c:\windows\system32\xmlprov.dll
- 2007-01-17 17:21 . 2006-07-14 15:51   121856 c:\windows\system32\xmllite.dll
+ 2007-01-17 17:21 . 2009-01-07 16:21   121856 c:\windows\system32\xmllite.dll
+ 2004-08-26 17:53 . 2008-04-14 02:17   483840 c:\windows\system32\wzcsvc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   382464 c:\windows\system32\wzcdlg.dll
+ 2005-12-08 07:22 . 2009-08-06 17:24   209632 c:\windows\system32\wuweb.dll
+ 2005-12-08 07:22 . 2009-08-06 17:24   327896 c:\windows\system32\wucltui.dll
+ 2005-12-08 07:22 . 2009-08-06 17:23   575704 c:\windows\system32\wuapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   108032 c:\windows\system32\wshbth.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   108032 c:\windows\system32\wshbth.dll
+ 2004-08-27 12:00 . 2008-05-08 11:24   155648 c:\windows\system32\wscript.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   263680 c:\windows\system32\wow32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   263680 c:\windows\system32\wow32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   303616 c:\windows\system32\wmstream.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   303616 c:\windows\system32\wmstream.dll
+ 2004-08-27 12:00 . 2009-04-01 21:02   604160 c:\windows\system32\wmspdmod.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   115200 c:\windows\system32\wmsdmoe.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   115200 c:\windows\system32\wmsdmoe.dll
+ 2009-10-04 11:28 . 2004-08-27 12:00   221184 c:\windows\system32\wmpns.dll
+ 2006-10-24 10:30 . 2008-04-14 02:17   276992 c:\windows\system32\wmphoto.dll
- 2006-10-24 10:30 . 2006-10-24 10:30   276992 c:\windows\system32\WMPhoto.dll
- 2006-10-18 19:47 . 2006-10-18 19:47   295936 c:\windows\system32\wmpeffects.dll
+ 2006-10-18 19:47 . 2008-06-24 16:12   295936 c:\windows\system32\wmpeffects.dll
+ 2004-08-27 12:00 . 2009-07-13 21:43   286208 c:\windows\system32\wmpdxm.dll
+ 2004-08-27 12:00 . 2008-06-18 03:03   938496 c:\windows\system32\WMNetmgr.dll
+ 2004-08-27 12:00 . 2006-10-18 19:47   227328 c:\windows\system32\wmerror.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   172032 c:\windows\system32\wldap32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   172032 c:\windows\system32\wldap32.dll
- 2004-08-27 12:00 . 2006-08-17 12:28   132096 c:\windows\system32\wkssvc.dll
+ 2004-08-27 12:00 . 2009-06-10 06:15   132096 c:\windows\system32\wkssvc.dll
+ 2004-08-27 12:00 . 2009-12-24 07:00   177664 c:\windows\system32\wintrust.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   331264 c:\windows\system32\winsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   146432 c:\windows\system32\winspool.drv
- 2004-08-27 12:00 . 2004-08-27 12:00   146432 c:\windows\system32\winspool.drv
+ 2004-08-27 12:00 . 2008-04-14 02:17   172544 c:\windows\system32\winmm.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   172544 c:\windows\system32\winmm.dll
+ 2005-12-08 07:20 . 2004-08-27 12:00   122880 c:\windows\system32\WINmine.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   504320 c:\windows\system32\winlogon.exe
+ 2004-08-27 12:00 . 2009-08-25 09:18   354816 c:\windows\system32\winhttp.dll
+ 2006-10-17 10:05 . 2009-03-08 02:34   208384 c:\windows\system32\WinFXDocObj.exe
+ 2006-10-24 10:29 . 2008-04-14 02:17   346112 c:\windows\system32\windowscodecsext.dll
+ 2006-10-24 10:30 . 2008-04-14 02:17   712704 c:\windows\system32\windowscodecs.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   102400 c:\windows\system32\win32spl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   111104 c:\windows\system32\wiavideo.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   111104 c:\windows\system32\wiavideo.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   758272 c:\windows\system32\wiashext.dll
- 2004-08-27 12:00 . 2006-12-19 18:17   333312 c:\windows\system32\wiaservc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   333312 c:\windows\system32\wiaservc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   124416 c:\windows\system32\wiadss.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   124416 c:\windows\system32\wiadss.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   462336 c:\windows\system32\wiadefui.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   462336 c:\windows\system32\wiadefui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   486400 c:\windows\system32\wiaacmgr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   135168 c:\windows\system32\webvw.dll
+ 2004-08-27 12:00 . 2009-03-08 02:34   236544 c:\windows\system32\webcheck.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   144896 c:\windows\system32\wbem\wmisvc.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   144896 c:\windows\system32\wbem\wmisvc.dll
+ 2005-12-08 07:20 . 2009-02-06 10:10   227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2005-12-08 07:20 . 2009-02-09 10:53   453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   144896 c:\windows\system32\wbem\wmiprov.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   144896 c:\windows\system32\wbem\wmiprov.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   132096 c:\windows\system32\wbem\wmipdskq.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   132096 c:\windows\system32\wbem\wmipdskq.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   156672 c:\windows\system32\wbem\wmipcima.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   156672 c:\windows\system32\wbem\wmipcima.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   140800 c:\windows\system32\wbem\wmidcprv.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   140800 c:\windows\system32\wbem\wmidcprv.dll
+ 2005-12-08 07:20 . 2008-04-14 02:18   126464 c:\windows\system32\wbem\wmiapsrv.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   126464 c:\windows\system32\wbem\wmiapsrv.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   196608 c:\windows\system32\wbem\wmiadap.exe
+ 2005-12-08 07:20 . 2008-04-14 02:18   196608 c:\windows\system32\wbem\wmiadap.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   197120 c:\windows\system32\wbem\wbemupgd.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   197120 c:\windows\system32\wbem\wbemupgd.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   116736 c:\windows\system32\wbem\wbemtest.exe
+ 2005-12-08 07:20 . 2008-04-14 02:18   116736 c:\windows\system32\wbem\wbemtest.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   273920 c:\windows\system32\wbem\wbemess.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   273920 c:\windows\system32\wbem\wbemess.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   178176 c:\windows\system32\wbem\wbemdisp.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   178176 c:\windows\system32\wbem\wbemdisp.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   531456 c:\windows\system32\wbem\wbemcore.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   214528 c:\windows\system32\wbem\wbemcomn.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   214528 c:\windows\system32\wbem\wbemcomn.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   195072 c:\windows\system32\wbem\wbemcntl.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   195072 c:\windows\system32\wbem\wbemcntl.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   131584 c:\windows\system32\wbem\viewprov.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   131584 c:\windows\system32\wbem\viewprov.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   178176 c:\windows\system32\wbem\repdrvfs.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   237056 c:\windows\system32\wbem\provthrd.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   237056 c:\windows\system32\wbem\provthrd.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   212992 c:\windows\system32\wbem\ntevt.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   212992 c:\windows\system32\wbem\ntevt.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   123904 c:\windows\system32\wbem\mofd.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   123904 c:\windows\system32\wbem\mofd.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   185344 c:\windows\system32\wbem\framedyn.dll
+ 2005-12-08 07:20 . 2009-02-09 10:53   473600 c:\windows\system32\wbem\fastprox.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   247808 c:\windows\system32\wbem\esscli.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   247808 c:\windows\system32\wbem\esscli.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   215552 c:\windows\system32\wavemsp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   175104 c:\windows\system32\w32time.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   289792 c:\windows\system32\vssvc.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   289792 c:\windows\system32\vssvc.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   430592 c:\windows\system32\vssapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   430592 c:\windows\system32\vssapi.dll
+ 2009-11-16 06:08 . 2006-05-11 18:21   626688 c:\windows\system32\vp7vfw.dll
+ 2009-11-12 18:24 . 2009-09-09 23:18   350830 c:\windows\system32\viwc.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   336384 c:\windows\system32\VITrans\zipfldr.dll
+ 2009-11-12 18:19 . 2009-08-06 17:23   575704 c:\windows\system32\VITrans\wuapi.dll
+ 2009-11-12 18:19 . 2008-05-08 11:24   155648 c:\windows\system32\VITrans\wscript.exe
+ 2009-11-12 18:19 . 2008-04-21 21:15   214016 c:\windows\system32\VITrans\wordpad.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   119808 c:\windows\system32\VITrans\WINmine.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   585728 c:\windows\system32\VITrans\wiashext.dll
+ 2009-11-12 18:19 . 2008-04-14 02:18   428032 c:\windows\system32\VITrans\wiaacmgr.exe
+ 2009-11-12 18:19 . 2009-03-08 02:34   236544 c:\windows\system32\VITrans\webcheck.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   218624 c:\windows\system32\VITrans\uxtheme.dll
+ 2009-11-12 18:19 . 2008-04-14 02:18   135168 c:\windows\system32\VITrans\taskmgr.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   121856 c:\windows\system32\VITrans\stobject.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   538624 c:\windows\system32\VITrans\spider.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   138752 c:\windows\system32\VITrans\sndvol32.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   437760 c:\windows\system32\VITrans\shimgvw.dll
+ 2009-11-12 18:19 . 2008-04-13 17:17   977920 c:\windows\system32\VITrans\setupapi.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   382464 c:\windows\system32\VITrans\rstrui.exe
+ 2009-11-12 18:24 . 2003-12-12 21:43   881664 c:\windows\system32\VITrans\ResHacker.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   144896 c:\windows\system32\VITrans\regedit.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   649216 c:\windows\system32\VITrans\rasdlg.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   170496 c:\windows\system32\VITrans\photowiz.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   677888 c:\windows\system32\VITrans\mstsc.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   272384 c:\windows\system32\VITrans\mstask.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   340992 c:\windows\system32\VITrans\mspaint.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   126976 c:\windows\system32\VITrans\mshearts.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   991232 c:\windows\system32\VITrans\msgina.dll
+ 2009-11-12 18:19 . 2008-04-13 16:45   216064 c:\windows\system32\VITrans\moricons.dll
+ 2009-11-12 18:19 . 2009-03-08 12:09   638816 c:\windows\system32\VITrans\IEXPLORE.EXE
+ 2009-11-12 18:19 . 2008-04-14 02:17   381440 c:\windows\system32\VITrans\fontext.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   342016 c:\windows\system32\VITrans\cmdial32.dll
+ 2009-11-12 18:19 . 2004-08-27 12:00   114688 c:\windows\system32\VITrans\calc.exe
+ 2009-11-12 18:24 . 2009-09-09 19:19   146412 c:\windows\system32\vilaunch.exe
+ 1998-06-15 21:00 . 1998-06-15 21:00   934672 c:\windows\system32\vfpodbc.dll
+ 2004-08-27 12:00 . 2010-03-10 06:16   420352 c:\windows\system32\vbscript.dll
+ 1998-06-17 22:00 . 1998-06-17 22:00   102912 c:\windows\system32\VB6STKIT.DLL
+ 2004-08-27 12:00 . 2008-04-25 17:41   218624 c:\windows\system32\uxtheme.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   218624 c:\windows\system32\uxtheme.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   406016 c:\windows\system32\usp10.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   173568 c:\windows\system32\usmt\sysmoda.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   193024 c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   199680 c:\windows\system32\usmt\scripta.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   214016 c:\windows\system32\usmt\script.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   241152 c:\windows\system32\usmt\migwiza.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   238080 c:\windows\system32\usmt\migwiz.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   103936 c:\windows\system32\usmt\migload.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   261120 c:\windows\system32\usmt\migisma.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   274432 c:\windows\system32\usmt\migism.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   115200 c:\windows\system32\usmt\guitrna.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   133120 c:\windows\system32\usmt\guitrn.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   727040 c:\windows\system32\userenv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   576512 c:\windows\system32\user32.dll
- 2004-08-27 12:00 . 2008-04-23 04:16   105984 c:\windows\system32\url.dll
+ 2004-08-27 12:00 . 2009-03-08 02:34   105984 c:\windows\system32\url.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   239104 c:\windows\system32\upnpui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   239104 c:\windows\system32\upnpui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   185344 c:\windows\system32\upnphost.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   133632 c:\windows\system32\upnp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   316416 c:\windows\system32\untfs.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   316416 c:\windows\system32\untfs.dll
- 2004-08-27 12:00 . 2005-08-23 03:38   122880 c:\windows\system32\umpnpmgr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   122880 c:\windows\system32\umpnpmgr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   275456 c:\windows\system32\ulib.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   275456 c:\windows\system32\ulib.dll
+ 2009-11-12 18:19 . 2006-12-03 15:15   111104 c:\windows\system32\Uharc.exe
- 2004-08-27 12:00 . 2005-07-26 04:40   101376 c:\windows\system32\txflog.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   101376 c:\windows\system32\txflog.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   347136 c:\windows\system32\tourstart.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   347136 c:\windows\system32\tourstart.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   382976 c:\windows\system32\themeui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   382976 c:\windows\system32\themeui.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   295424 c:\windows\system32\termsrv.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   295424 c:\windows\system32\termsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   358400 c:\windows\system32\termmgr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   358400 c:\windows\system32\termmgr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   189952 c:\windows\system32\taskmgr.exe
- 2004-08-27 12:00 . 2005-07-08 16:29   248832 c:\windows\system32\tapisrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   248832 c:\windows\system32\tapisrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   181760 c:\windows\system32\tapi32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   181760 c:\windows\system32\tapi32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   857088 c:\windows\system32\tapi3.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   857088 c:\windows\system32\tapi3.dll
+ 2004-08-27 12:00 . 2009-10-15 16:32   119808 c:\windows\system32\t2embed.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   983552 c:\windows\system32\syssetup.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   105984 c:\windows\system32\sysocmgr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   105984 c:\windows\system32\sysocmgr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   187904 c:\windows\system32\syncui.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   187904 c:\windows\system32\syncui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   711168 c:\windows\system32\sxs.dll
- 2004-08-27 12:00 . 2006-10-20 01:38   711168 c:\windows\system32\sxs.dll
+ 2004-08-27 12:00 . 2009-08-26 08:01   247326 c:\windows\system32\strmdll.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   114688 c:\windows\system32\stobject.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   135680 c:\windows\system32\sti_ci.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   135680 c:\windows\system32\sti_ci.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   679936 c:\windows\system32\sstext3d.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   679936 c:\windows\system32\sstext3d.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   606208 c:\windows\system32\sspipes.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   606208 c:\windows\system32\sspipes.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   389120 c:\windows\system32\ssflwbox.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   389120 c:\windows\system32\ssflwbox.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   704512 c:\windows\system32\ss3dfo.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   704512 c:\windows\system32\ss3dfo.scr
+ 2005-12-08 07:22 . 2008-04-14 02:17   170496 c:\windows\system32\srsvc.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   237568 c:\windows\system32\srrstr.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   237568 c:\windows\system32\srrstr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   180800 c:\windows\system32\sqlunirl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   180800 c:\windows\system32\sqlunirl.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   442368 c:\windows\system32\sqlsrv32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   442368 c:\windows\system32\sqlsrv32.dll
+ 2009-11-17 19:02 . 2009-11-26 19:38   515760 c:\windows\system32\SpoonUninstall.exe
+ 2008-01-30 06:19 . 2008-07-06 12:06   765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2008-01-30 06:19 . 2008-07-06 12:06   765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2008-01-30 06:19 . 2008-07-06 12:06   748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2008-01-30 06:19 . 2008-07-06 12:06   748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2008-01-30 06:19 . 2008-07-06 12:06   147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2006-10-14 14:44 . 2008-07-06 10:50   597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
- 2006-10-14 14:40 . 2007-03-22 19:03   761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2006-10-14 14:40 . 2008-03-13 04:52   761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2006-10-14 14:42 . 2008-07-06 12:06   744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2006-10-14 14:42 . 2008-07-06 12:06   373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2006-10-14 14:42 . 2008-07-06 12:06   198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2006-10-14 14:43 . 2008-07-06 12:06   765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   542720 c:\windows\system32\spider.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   181248 c:\windows\system32\snmpsnap.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   181248 c:\windows\system32\snmpsnap.dll
+ 2005-12-08 07:20 . 2004-08-27 12:00   141312 c:\windows\system32\sndvol32.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   130560 c:\windows\system32\sndrec32.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   130560 c:\windows\system32\sndrec32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   360960 c:\windows\system32\smlogcfg.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   188508 c:\windows\system32\slgen.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   286792 c:\windows\system32\slextspk.dll
+ 2009-11-16 06:08 . 2002-12-10 01:20   102439 c:\windows\system32\sipr3260.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   135168 c:\windows\system32\shsvcs.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   151040 c:\windows\system32\shmedia.dll
+ 2004-08-27 12:00 . 2009-12-08 09:24   474112 c:\windows\system32\shlwapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   492544 c:\windows\system32\shimgvw.dll
+ 2004-08-27 12:00 . 2008-04-14 01:55   540160 c:\windows\system32\shdoclc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   540160 c:\windows\system32\shdoclc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   138752 c:\windows\system32\sfc_os.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   138752 c:\windows\system32\sfc_os.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   130048 c:\windows\system32\Setup\tsoc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   101376 c:\windows\system32\Setup\setupqry.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   101376 c:\windows\system32\Setup\setupqry.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   122880 c:\windows\system32\Setup\imsinsnt.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   503808 c:\windows\system32\Setup\iis.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   503808 c:\windows\system32\Setup\iis.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   132608 c:\windows\system32\Setup\fxsocm.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   132608 c:\windows\system32\Setup\fxsocm.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   274944 c:\windows\system32\Setup\comsetup.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   141312 c:\windows\system32\sessmgr.exe
+ 2004-08-27 12:00 . 2009-02-09 11:25   110592 c:\windows\system32\services.exe
+ 2004-08-27 12:00 . 2008-05-09 10:56   172032 c:\windows\system32\scrrun.dll
+ 2004-08-27 12:00 . 2008-05-09 10:56   180224 c:\windows\system32\scrobj.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   190976 c:\windows\system32\schedsvc.dll
+ 2004-08-27 12:00 . 2009-06-25 08:26   147456 c:\windows\system32\schannel.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   319488 c:\windows\system32\scesrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   183808 c:\windows\system32\scecli.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   170496 c:\windows\system32\sccsccp.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   170496 c:\windows\system32\sccsccp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   159232 c:\windows\system32\sbeio.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   159232 c:\windows\system32\sbeio.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   270848 c:\windows\system32\sbe.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   270848 c:\windows\system32\sbe.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   421376 c:\windows\system32\samsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   421376 c:\windows\system32\samsrv.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   397056 c:\windows\system32\s3gnb.dll
+ 2004-08-27 12:00 . 2008-04-13 17:37   208384 c:\windows\system32\rsaenh.dll
+ 2004-08-27 12:00 . 2009-02-09 10:53   401408 c:\windows\system32\rpcss.dll
+ 2004-08-27 12:00 . 2009-04-15 14:53   585216 c:\windows\system32\rpcrt4.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   433664 c:\windows\system32\riched20.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   290304 c:\windows\system32\rhttpaa.dll
+ 2005-03-10 18:47 . 2005-03-10 18:47   356352 c:\windows\system32\rfmp4dec.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   422400 c:\windows\system32\Restore\rstrui.exe
+ 2009-10-04 11:16 . 2004-08-27 12:00   108032 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\wshBth.dll
+ 2009-10-04 11:16 . 2004-08-26 15:53   151552 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\irftp.exe
+ 2009-10-04 11:16 . 2004-08-03 20:58   100992 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\bthpan.sys
+ 2009-10-04 11:16 . 2004-08-27 12:00   193024 c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\fsquirt.exe
+ 2009-10-04 11:16 . 2008-06-14 17:59   271488 c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\bthport.sys
- 2004-08-27 12:00 . 2004-08-27 12:00   393728 c:\windows\system32\regwizc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   393728 c:\windows\system32\regwizc.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   147968 c:\windows\system32\rdchost.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   147968 c:\windows\system32\rdchost.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   101888 c:\windows\system32\rcbdyctl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   101888 c:\windows\system32\rcbdyctl.dll
+ 2004-08-27 12:00 . 2009-10-12 13:39   149504 c:\windows\system32\rastls.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   210944 c:\windows\system32\rasppp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   186368 c:\windows\system32\rasmans.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   875520 c:\windows\system32\rasdlg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   237056 c:\windows\system32\rasapi32.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   409088 c:\windows\system32\qmgr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   733696 c:\windows\system32\qedwipes.dll
+ 2004-08-27 12:00 . 2008-04-13 17:21   733696 c:\windows\system32\qedwipes.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   562688 c:\windows\system32\qedit.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   562688 c:\windows\system32\qedit.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   386560 c:\windows\system32\qdvd.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   279040 c:\windows\system32\qdv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   279040 c:\windows\system32\qdv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   192512 c:\windows\system32\qcap.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   192512 c:\windows\system32\qcap.dll
+ 2004-08-27 12:00 . 2006-10-18 19:47   211456 c:\windows\system32\qasf.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   287744 c:\windows\system32\qagentrt.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   150016 c:\windows\system32\qagent.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   436720 c:\windows\system32\pxwave.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   219632 c:\windows\system32\pxmas.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   551408 c:\windows\system32\pxdrv.dll
+ 2007-03-11 13:27 . 2009-04-28 20:20   129520 c:\windows\system32\pxafs.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   670192 c:\windows\system32\px.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   126976 c:\windows\system32\progman.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   126976 c:\windows\

8

Tech Clinic / Annoying virus keeps reappearing

« on: July 17, 2010, 12:29:48 PM »

+ 2005-12-08 08:46 . 2007-04-02 18:25   19456 c:\windows\msagent\intl\agt0405.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   19456 c:\windows\msagent\intl\agt0404.dll
+ 2005-12-08 08:47 . 2007-04-02 18:25   19456 c:\windows\msagent\intl\agt0404.dll
+ 2005-12-08 08:46 . 2007-04-02 18:25   19456 c:\windows\msagent\intl\agt0401.dll
- 2005-12-08 08:46 . 2004-08-27 12:00   19456 c:\windows\msagent\intl\agt0401.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   24064 c:\windows\msagent\agtintl.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   24064 c:\windows\msagent\agtintl.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   44032 c:\windows\msagent\agentsr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   44032 c:\windows\msagent\agentsr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   24064 c:\windows\msagent\agentpsh.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   24064 c:\windows\msagent\agentpsh.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   49152 c:\windows\msagent\agentmpx.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   49152 c:\windows\msagent\agentmpx.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   57344 c:\windows\msagent\agentdpv.dll
- 2004-08-27 12:00 . 2007-03-09 13:59   57344 c:\windows\msagent\agentdpv.dll
- 2004-08-27 12:00 . 2006-10-12 14:03   42496 c:\windows\msagent\agentdp2.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   42496 c:\windows\msagent\agentdp2.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   24064 c:\windows\msagent\agentanm.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   24064 c:\windows\msagent\agentanm.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40   70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40   91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40   40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-29 19:10 . 2008-07-29 19:10   46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 17:59 . 2008-07-29 17:59   32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
- 2007-10-09 10:58 . 2007-10-09 10:58   32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10   71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 17:32 . 2008-07-29 17:32   17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2010-04-07 20:48 . 2010-04-07 20:48   32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2007-10-11 07:55 . 2007-10-11 07:55   32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 09:17 . 2008-07-25 09:17   81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 09:17 . 2008-07-25 09:17   77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2010-03-23 02:31 . 2010-03-23 02:31   30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2009-11-26 19:47 . 2007-11-25 10:09   17920 c:\windows\InstallFilter.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   25600 c:\windows\Installer\tsclientmsitrans\tscupdc.dll
+ 2007-10-30 10:06 . 2007-10-30 10:06   13801 c:\windows\Installer\tsclientmsitrans\tscuinst.vbs
+ 2007-12-12 10:33 . 2007-12-12 10:33   18917 c:\windows\Installer\tsclientmsitrans\tscinst.vbs
+ 2006-01-07 14:48 . 2006-01-07 14:48   20480 c:\windows\Installer\d980e.msi
+ 2005-11-14 14:40 . 2005-11-14 14:40   65024 c:\windows\Installer\90a04.msp
+ 2009-04-01 07:26 . 2009-04-01 07:26   83456 c:\windows\Installer\4c018.msi
+ 2009-04-01 07:26 . 2009-04-01 07:26   59904 c:\windows\Installer\4c013.msi
+ 2008-07-29 19:07 . 2008-07-29 19:07   23040 c:\windows\Installer\3d5419.msp
+ 2009-10-04 12:31 . 2009-10-04 12:31   88576 c:\windows\Installer\371391.msi
+ 2008-12-16 12:47 . 2008-12-16 12:47   16896 c:\windows\Installer\26d6f2.msi
+ 2009-10-03 15:18 . 2009-10-03 15:18   27136 c:\windows\Installer\1aa4555.msi
- 2005-12-08 10:52 . 2008-05-17 16:42   90112 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   90112 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   45056 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   45056 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   22528 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   22528 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   30720 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   30720 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   16384 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   16384 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   34304 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   34304 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   81920 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   81920 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2010-06-10 14:24 . 2010-06-10 14:24   34632 c:\windows\Installer\{90120000-0020-040D-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-02-05 20:11 . 2010-02-05 20:11   27136 c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2009-10-03 15:18 . 2009-10-03 15:18   80395 c:\windows\Installer\{634328D0-C948-4C4D-BDE9-58015B941648}\MsblIco.Exe
- 2004-08-27 12:00 . 2004-08-27 12:00   62976 c:\windows\ime\SPGRMR.dll
+ 2004-08-27 12:00 . 2008-04-13 16:43   62976 c:\windows\ime\spgrmr.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   15360 c:\windows\ime\shared\res\padrs804.dll
+ 2005-12-08 08:47 . 2008-04-14 02:16   15360 c:\windows\ime\shared\res\padrs804.dll
+ 2005-12-08 08:47 . 2008-04-14 02:16   15872 c:\windows\ime\shared\res\padrs404.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   15872 c:\windows\ime\shared\res\PADRS404.DLL
+ 2005-12-08 08:47 . 2008-04-14 02:15   86016 c:\windows\ime\imkr6_1\applets\imekrmbx.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   86016 c:\windows\ime\imkr6_1\applets\imekrmbx.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   81976 c:\windows\ime\imjp8_1\imjpdct.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   81976 c:\windows\ime\imjp8_1\imjpdct.dll
+ 2005-12-08 08:47 . 2008-04-14 02:16   86073 c:\windows\ime\imjp8_1\applets\voicesub.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   86073 c:\windows\ime\imjp8_1\applets\voicesub.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   56320 c:\windows\ime\CHTIME\Applets\chtskdic.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   56320 c:\windows\ime\CHTIME\Applets\CHTSKDIC.DLL
- 2005-12-08 08:47 . 2004-08-27 12:00   97792 c:\windows\ime\CHTIME\Applets\CHTMBX.DLL
+ 2005-12-08 08:47 . 2008-04-14 02:15   97792 c:\windows\ime\CHTIME\Applets\chtmbx.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   53760 c:\windows\ime\chsime\applets\PINTLCSD.DLL
+ 2005-12-08 08:47 . 2008-04-14 02:16   53760 c:\windows\ime\chsime\applets\pintlcsd.dll
+ 2010-06-10 14:24 . 2010-02-25 06:18   12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   12800 c:\windows\ie8updates\KB980182-IE8\xpshims.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   55296 c:\windows\ie8updates\KB980182-IE8\msfeedsbs.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   25600 c:\windows\ie8updates\KB980182-IE8\jsproxy.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   12800 c:\windows\ie8updates\KB978207-IE8\xpshims.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   55296 c:\windows\ie8updates\KB978207-IE8\msfeedsbs.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   25600 c:\windows\ie8updates\KB978207-IE8\jsproxy.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   12800 c:\windows\ie8updates\KB976325-IE8\xpshims.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   55296 c:\windows\ie8updates\KB976325-IE8\msfeedsbs.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   25600 c:\windows\ie8updates\KB976325-IE8\jsproxy.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   12800 c:\windows\ie8updates\KB974455-IE8\xpshims.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll
+ 2009-10-05 13:15 . 2009-03-08 02:33   12288 c:\windows\ie8updates\KB972260-IE8\xpshims.dll
+ 2009-10-05 13:15 . 2009-03-08 02:31   55296 c:\windows\ie8updates\KB972260-IE8\msfeedsbs.dll
+ 2009-10-05 13:15 . 2009-03-08 02:33   25600 c:\windows\ie8updates\KB972260-IE8\jsproxy.dll
+ 2009-10-04 12:57 . 2009-03-08 17:22   58448 c:\windows\ie8\spuninst\iecustom.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   44544 c:\windows\ie8\pngfilt.dll
+ 2009-10-04 12:55 . 2006-10-17 09:28   48128 c:\windows\ie8\mshtmler.dll
+ 2009-10-04 12:55 . 2006-10-17 09:56   45568 c:\windows\ie8\mshta.exe
+ 2009-10-04 12:55 . 2006-10-17 09:58   12288 c:\windows\ie8\msfeedssync.exe
+ 2009-10-04 12:55 . 2009-06-29 15:58   52224 c:\windows\ie8\msfeedsbs.dll
+ 2009-10-04 12:55 . 2006-10-17 10:05   40960 c:\windows\ie8\licmgr10.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   27648 c:\windows\ie8\jsproxy.dll
+ 2009-10-04 12:55 . 2006-11-07 01:26   92672 c:\windows\ie8\inseng.dll
+ 2009-10-04 12:55 . 2006-10-17 09:57   36352 c:\windows\ie8\imgutil.dll
+ 2009-10-04 12:55 . 2006-11-07 01:26   55296 c:\windows\ie8\iesetup.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   44544 c:\windows\ie8\iernonce.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   78336 c:\windows\ie8\ieencode.dll
+ 2009-10-04 12:55 . 2009-06-29 11:07   70656 c:\windows\ie8\ie4uinit.exe
+ 2009-10-04 12:55 . 2009-06-29 15:58   63488 c:\windows\ie8\icardie.dll
+ 2009-10-04 12:55 . 2006-10-17 09:44   60416 c:\windows\ie8\hmmapi.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   17408 c:\windows\ie8\corpol.dll
+ 2009-10-04 12:55 . 2006-11-07 01:26   71680 c:\windows\ie8\admparse.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   44544 c:\windows\ie7updates\KB972260-IE7\pngfilt.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   52224 c:\windows\ie7updates\KB972260-IE7\msfeedsbs.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   27648 c:\windows\ie7updates\KB972260-IE7\jsproxy.dll
+ 2009-10-04 12:45 . 2008-04-22 07:39   13824 c:\windows\ie7updates\KB972260-IE7\ieudinit.exe
+ 2009-10-04 12:45 . 2008-04-23 04:16   44544 c:\windows\ie7updates\KB972260-IE7\iernonce.dll
+ 2009-10-04 12:45 . 2008-04-14 02:17   81920 c:\windows\ie7updates\KB972260-IE7\ieencode.dll
+ 2009-10-04 12:45 . 2008-04-22 07:41   70656 c:\windows\ie7updates\KB972260-IE7\ie4uinit.exe
+ 2009-10-04 12:45 . 2008-04-23 04:16   63488 c:\windows\ie7updates\KB972260-IE7\icardie.dll
+ 2009-10-04 12:45 . 2008-04-14 02:17   35328 c:\windows\ie7updates\KB972260-IE7\corpol.dll
- 2004-08-27 12:00 . 2005-05-26 23:22   10752 c:\windows\hh.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   10752 c:\windows\hh.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   33280 c:\windows\Help\sstub.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   33280 c:\windows\Help\sstub.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   34816 c:\windows\Help\sniffpol.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   34816 c:\windows\Help\sniffpol.dll
+ 2009-11-27 17:13 . 2009-11-27 17:13   17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08   48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2009-10-04 12:33 . 2008-07-06 12:06   89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2010-06-23 21:19 . 2010-06-23 21:19   60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ea1b4fbde0e772748c6ac42d627cf684\UIAutomationProvider.ni.dll
+ 2009-10-04 12:44 . 2009-10-04 12:44   47104 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP47B.tmp\PresentationFontCache.exe
+ 2010-06-24 06:12 . 2010-06-24 06:12   37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\f46915dfc57bc7e49c5402e9b8f7ec18\System.Windows.Presentation.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1464c662c302ea6372a885161b983732\System.Web.DynamicData.Design.ni.dll
+ 2010-06-10 15:54 . 2010-06-10 15:54   94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-10-14 15:42 . 2009-10-14 15:42   82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2010-06-23 21:18 . 2010-06-23 21:18   47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe
+ 2010-06-23 21:19 . 2010-06-23 21:19   39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\0375dfa28e2f6ef7e89df9edede4b83d\PresentationCFFRasterizer.ni.dll
+ 2010-06-10 15:56 . 2010-06-10 15:56   55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\4a52287444c36c89310856b38ff52fe0\Microsoft.Vsa.ni.dll
+ 2009-10-14 15:05 . 2009-10-14 15:05   15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\1ded203bd27031c3a5e3441f94b528c0\Microsoft.VisualC.ni.dll
+ 2009-10-14 15:06 . 2009-10-14 15:06   65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2009-10-14 15:42 . 2009-10-14 15:42   74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2009-10-14 15:42 . 2009-10-14 15:42   14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2009-10-14 15:05 . 2009-10-14 15:05   25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
+ 2009-10-04 12:34 . 2009-10-04 12:34   94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-10-04 12:34 . 2009-10-04 12:34   98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-10-04 12:34 . 2009-10-04 12:34   40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2010-06-23 21:12 . 2010-06-23 21:12   77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2010-06-10 14:14 . 2010-06-10 14:14   32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2008-02-08 21:41 . 2008-02-08 21:41   32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-10-04 12:34 . 2009-10-04 12:34   73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2010-06-23 21:12 . 2010-06-23 21:12   81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-06-23 21:14 . 2010-06-23 21:14   81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-10-04 12:34 . 2009-10-04 12:34   46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-10-04 12:34 . 2009-10-04 12:34   32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2008-02-08 21:41 . 2008-02-08 21:41   32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-06-23 21:12 . 2010-06-23 21:12   13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-06-23 21:12 . 2010-06-23 21:13   69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2007-11-17 18:16 . 2008-04-14 02:17   39424 c:\windows\AppPatch\acadproc.dll
- 2007-11-17 18:16 . 2006-10-04 14:05   39424 c:\windows\AppPatch\acadproc.dll
- 2007-11-17 18:15 . 2004-08-27 12:00   73728 c:\windows\$NtUninstallwmp11$\wmplayer.exe
+ 2009-12-17 06:41 . 2004-08-27 12:00   73728 c:\windows\$NtUninstallwmp11$\wmplayer.exe
- 2007-11-17 18:15 . 2004-09-22 16:46   28672 c:\windows\$NtUninstallwmp11$\wmpenc.exe
+ 2009-12-17 06:41 . 2004-09-22 16:46   28672 c:\windows\$NtUninstallwmp11$\wmpenc.exe
+ 2009-12-17 06:41 . 2004-08-27 12:00   98304 c:\windows\$NtUninstallwmp11$\wmpband.dll
- 2007-11-17 18:15 . 2004-08-27 12:00   98304 c:\windows\$NtUninstallwmp11$\wmpband.dll
+ 2010-05-27 02:57 . 2010-01-23 08:11   46080 c:\windows\$NtUninstallKB981793$\tzchange.exe
+ 2010-05-27 02:57 . 2010-04-22 22:23   16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll
+ 2010-06-10 14:19 . 2008-04-14 02:17   65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2010-04-14 20:07 . 2008-04-14 02:17   83968 c:\windows\$NtUninstallKB979309$\cabview.dll
+ 2010-02-24 07:00 . 2009-10-28 15:07   46080 c:\windows\$NtUninstallKB979306$\tzchange.exe
+ 2010-02-24 07:00 . 2010-01-23 10:41   16896 c:\windows\$NtUninstallKB979306$\spuninst\tzchange.dll
+ 2010-02-10 15:16 . 2008-04-14 02:17   32256 c:\windows\$NtUninstallKB978037$\csrsrv.dll
+ 2010-02-10 15:14 . 2004-08-27 12:00   25600 c:\windows\$NtUninstallKB977914$\msvidc32.dll
+ 2010-02-10 15:14 . 2008-04-14 02:17   11264 c:\windows\$NtUninstallKB977914$\msrle32.dll
+ 2010-02-10 15:14 . 2008-04-14 02:17   47616 c:\windows\$NtUninstallKB977914$\iyuv_32.dll
+ 2010-02-10 15:14 . 2009-06-10 14:14   84992 c:\windows\$NtUninstallKB977914$\avifil32.dll
+ 2009-11-25 10:06 . 2009-07-14 11:03   46080 c:\windows\$NtUninstallKB976098-v2$\tzchange.exe
+ 2009-11-25 10:06 . 2009-10-29 02:04   16896 c:\windows\$NtUninstallKB976098-v2$\spuninst\tzchange.dll
+ 2010-02-10 15:15 . 2008-04-14 02:17   16896 c:\windows\$NtUninstallKB975560$\msyuv.dll
+ 2009-10-14 15:07 . 2008-04-14 02:17   57344 c:\windows\$NtUninstallKB974571$\msasn1.dll
+ 2009-12-09 20:33 . 2008-04-14 02:17   79872 c:\windows\$NtUninstallKB974318$\raschap.dll
+ 2009-10-04 12:47 . 2008-04-14 02:17   58880 c:\windows\$NtUninstallKB973507$\atl.dll
+ 2010-01-13 05:39 . 2009-07-29 04:36   81920 c:\windows\$NtUninstallKB972270$\fontsub.dll
+ 2009-10-04 12:46 . 2008-04-14 02:17   84992 c:\windows\$NtUninstallKB971557$\avifil32.dll
+ 2009-10-04 12:49 . 2008-04-14 02:18   60416 c:\windows\$NtUninstallKB970653-v3$\tzchange.exe
+ 2009-10-04 12:49 . 2009-07-16 04:16   14336 c:\windows\$NtUninstallKB970653-v3$\spuninst\tzchange.dll
+ 2009-12-09 20:33 . 2008-04-14 02:17   75776 c:\windows\$NtUninstallKB970430$\strmfilt.dll
+ 2009-12-09 20:33 . 2008-04-14 02:17   24576 c:\windows\$NtUninstallKB970430$\httpapi.dll
+ 2009-10-04 12:46 . 2008-04-14 02:17   49152 c:\windows\$NtUninstallKB968389$\wdigest.dll
+ 2009-10-04 12:46 . 2009-02-03 19:58   56832 c:\windows\$NtUninstallKB968389$\secur32.dll
+ 2009-10-04 12:46 . 2008-04-13 18:31   92288 c:\windows\$NtUninstallKB968389$\ksecdd.sys
+ 2009-10-04 12:49 . 2008-04-14 02:17   80896 c:\windows\$NtUninstallKB961371-v2$\fontsub.dll
+ 2009-10-04 12:47 . 2008-04-14 02:17   75776 c:\windows\$NtUninstallKB960859$\telnet.exe
+ 2009-10-04 12:23 . 2008-04-14 02:17   56320 c:\windows\$NtUninstallKB959426$\secur32.dll
+ 2009-10-04 12:23 . 2004-08-27 12:00   31232 c:\windows\$NtUninstallKB956572$\sc.exe
+ 2009-10-04 12:19 . 2008-04-14 02:17   73728 c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2009-10-04 12:23 . 2008-04-14 02:17   91648 c:\windows\$NtUninstallKB952004$\mtxoci.dll
+ 2009-10-04 12:23 . 2008-04-14 02:17   66560 c:\windows\$NtUninstallKB952004$\mtxclu.dll
+ 2009-10-04 12:23 . 2008-04-14 02:17   58880 c:\windows\$NtUninstallKB952004$\msdtclog.dll
+ 2009-10-04 12:18 . 2008-04-14 02:17   90112 c:\windows\$NtUninstallKB951978$\wshext.dll
+ 2009-10-04 12:19 . 2008-04-14 02:17   82944 c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2009-07-17 11:50 . 2004-08-27 12:00   12672 c:\windows\$NtUninstallKB909394$\usb8023.sys
+ 2009-07-17 11:50 . 2004-08-27 12:00   30080 c:\windows\$NtUninstallKB909394$\rndismp.sys
+ 2009-10-04 11:14 . 2006-03-01 19:43   11776 c:\windows\$NtServicePackUninstall$\xolehlp.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   50176 c:\windows\$NtServicePackUninstall$\xmlprovi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   30720 c:\windows\$NtServicePackUninstall$\xcopy.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   91648 c:\windows\$NtServicePackUninstall$\xactsrv.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   51712 c:\windows\$NtServicePackUninstall$\wzcsapi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   18432 c:\windows\$NtServicePackUninstall$\wtsapi32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   51200 c:\windows\$NtServicePackUninstall$\wstdecod.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   22528 c:\windows\$NtServicePackUninstall$\wsock32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   42496 c:\windows\$NtServicePackUninstall$\wsnmp32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   19968 c:\windows\$NtServicePackUninstall$\wshtcpip.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   11776 c:\windows\$NtServicePackUninstall$\wshrm.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   14336 c:\windows\$NtServicePackUninstall$\wship6.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   65536 c:\windows\$NtServicePackUninstall$\wshext.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   28672 c:\windows\$NtServicePackUninstall$\wshcon.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   81408 c:\windows\$NtServicePackUninstall$\wscsvc.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   13824 c:\windows\$NtServicePackUninstall$\wscntfy.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   19968 c:\windows\$NtServicePackUninstall$\ws2help.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   82944 c:\windows\$NtServicePackUninstall$\ws2_32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   32256 c:\windows\$NtServicePackUninstall$\wpnpinst.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   32256 c:\windows\$NtServicePackUninstall$\wpabaln.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   20480 c:\windows\$NtServicePackUninstall$\wmpui.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   20480 c:\windows\$NtServicePackUninstall$\wmpcore.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   20480 c:\windows\$NtServicePackUninstall$\wmpcd.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   94720 c:\windows\$NtServicePackUninstall$\wmiutils.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   41472 c:\windows\$NtServicePackUninstall$\wmipsess.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   62976 c:\windows\$NtServicePackUninstall$\wmipjobj.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   62464 c:\windows\$NtServicePackUninstall$\wmipiprt.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   60928 c:\windows\$NtServicePackUninstall$\wmicookr.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   89088 c:\windows\$NtServicePackUninstall$\wmiaprpl.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   91648 c:\windows\$NtServicePackUninstall$\wlnotify.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   53760 c:\windows\$NtServicePackUninstall$\winsta.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   17408 c:\windows\$NtServicePackUninstall$\winshfhc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   97792 c:\windows\$NtServicePackUninstall$\winscard.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   16896 c:\windows\$NtServicePackUninstall$\winrnr.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   32768 c:\windows\$NtServicePackUninstall$\winipsec.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   75776 c:\windows\$NtServicePackUninstall$\wiascr.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   64512 c:\windows\$NtServicePackUninstall$\wextract.exe
+ 2009-10-04 11:14 . 2006-01-04 03:35   68096 c:\windows\$NtServicePackUninstall$\webclnt.dll
+ 2009-10-04 11:13 . 2006-06-14 09:00   82944 c:\windows\$NtServicePackUninstall$\wdmaud.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   23552 c:\windows\$NtServicePackUninstall$\wdmaud.drv
+ 2009-10-04 11:14 . 2006-03-24 04:37   49152 c:\windows\$NtServicePackUninstall$\wdigest.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   43520 c:\windows\$NtServicePackUninstall$\wbemsvc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   18944 c:\windows\$NtServicePackUninstall$\wbemprox.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   41984 c:\windows\$NtServicePackUninstall$\wbemperf.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   71680 c:\windows\$NtServicePackUninstall$\wbemcons.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   17664 c:\windows\$NtServicePackUninstall$\watchdog.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   34560 c:\windows\$NtServicePackUninstall$\wanarp.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   30208 c:\windows\$NtServicePackUninstall$\wabmig.exe
+ 2009-10-04 11:14 . 2007-05-16 15:12   85504 c:\windows\$NtServicePackUninstall$\wabimp.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   32768 c:\windows\$NtServicePackUninstall$\wabfind.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   46080 c:\windows\$NtServicePackUninstall$\wab.exe
+ 2009-10-04 11:15 . 2004-08-27 12:00   15872 c:\windows\$NtServicePackUninstall$\w3ssl.dll
+ 2009-10-04 11:13 . 2004-08-27 12:00   52224 c:\windows\$NtServicePackUninstall$\volsnap.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   86073 c:\windows\$NtServicePackUninstall$\voicesub.dll
+ 2009-10-04 11:13 . 2004-08-27 12:00   79744 c:\windows\$NtServicePackUninstall$\videoprt.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   20992 c:\windows\$NtServicePackUninstall$\vga.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   18944 c:\windows\$NtServicePackUninstall$\version.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   13312 c:\windows\$NtServicePackUninstall$\verifier.dll
+ 2009-10-04 11:15 . 2006-03-17 00:38   28672 c:\windows\$NtServicePackUninstall$\verclsid.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   51712 c:\windows\$NtServicePackUninstall$\vdmredir.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   26112 c:\windows\$NtServicePackUninstall$\vdmdbg.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   30749 c:\windows\$NtServicePackUninstall$\vbajet32.dll
+ 2009-10-04 11:14 . 2006-10-04 13:32   50176 c:\windows\$NtServicePackUninstall$\utilman.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   24576 c:\windows\$NtServicePackUninstall$\userinit.exe
+ 2009-10-04 11:14 . 2004-08-26 15:53   72704 c:\windows\$NtServicePackUninstall$\usbui.dll
+ 2009-10-04 11:13 . 2004-08-03 21:08   20480 c:\windows\$NtServicePackUninstall$\usbuhci.sys
+ 2009-10-04 11:13 . 2004-08-03 21:08   26496 c:\windows\$NtServicePackUninstall$\usbstor.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   16896 c:\windows\$NtServicePackUninstall$\usbmon.dll
+ 2009-10-04 11:13 . 2004-08-27 12:00   16000 c:\windows\$NtServicePackUninstall$\usbintel.sys
+ 2009-10-04 11:13 . 2004-08-03 21:08   57600 c:\windows\$NtServicePackUninstall$\usbhub.sys
+ 2009-10-04 11:15 . 2004-08-27 12:00   26624 c:\windows\$NtServicePackUninstall$\usbehci.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   31616 c:\windows\$NtServicePackUninstall$\usbccgp.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   23936 c:\windows\$NtServicePackUninstall$\usbcamd2.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   23808 c:\windows\$NtServicePackUninstall$\usbcamd.sys
+ 2009-10-04 11:13 . 2004-08-03 23:07   59264 c:\windows\$NtServicePackUninstall$\usbaudio.sys
+ 2009-10-04 11:15 . 2005-10-21 01:47   12800 c:\windows\$NtServicePackUninstall$\usb8023x.sys
+ 2009-10-04 11:13 . 2005-10-21 01:47   12800 c:\windows\$NtServicePackUninstall$\usb8023.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   18432 c:\windows\$NtServicePackUninstall$\ups.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   16896 c:\windows\$NtServicePackUninstall$\upnpcont.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   13824 c:\windows\$NtServicePackUninstall$\uniplat.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   73216 c:\windows\$NtServicePackUninstall$\unimdmat.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   76288 c:\windows\$NtServicePackUninstall$\uniime.dll
+ 2009-10-04 11:14 . 2006-10-04 13:38   35840 c:\windows\$NtServicePackUninstall$\umandlg.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   25600 c:\windows\$NtServicePackUninstall$\udhisapi.dll
+ 2009-10-04 11:13 . 2004-08-27 12:00   66176 c:\windows\$NtServicePackUninstall$\udfs.sys
+ 2009-10-04 11:15 . 2007-11-13 11:31   60416 c:\windows\$NtServicePackUninstall$\tzchange.exe
+ 2009-10-04 11:15 . 2004-08-27 12:00   44032 c:\windows\$NtServicePackUninstall$\twext.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   50688 c:\windows\$NtServicePackUninstall$\twain_32.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   12416 c:\windows\$NtServicePackUninstall$\tunmp.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   12168 c:\windows\$NtServicePackUninstall$\tsddd.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   93696 c:\windows\$NtServicePackUninstall$\tscfgwmi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   90624 c:\windows\$NtServicePackUninstall$\trkwks.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   11264 c:\windows\$NtServicePackUninstall$\tree.com
+ 2009-10-04 11:14 . 2004-08-27 12:00   12288 c:\windows\$NtServicePackUninstall$\tracert.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   10240 c:\windows\$NtServicePackUninstall$\tmigrate.dll
+ 2009-10-04 11:13 . 2004-08-26 15:53   40840 c:\windows\$NtServicePackUninstall$\termdd.sys
+ 2009-10-04 11:14 . 2005-05-10 23:45   75776 c:\windows\$NtServicePackUninstall$\telnet.exe
+ 2009-10-04 11:13 . 2004-08-27 12:00   21896 c:\windows\$NtServicePackUninstall$\tdtcp.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   12040 c:\windows\$NtServicePackUninstall$\tdpipe.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   18560 c:\windows\$NtServicePackUninstall$\tdi.sys
+ 2009-10-04 11:14 . 2003-03-24 14:52   16384 c:\windows\$NtServicePackUninstall$\tcptsat.dll
+ 2009-10-04 11:14 . 2003-03-24 14:52   32827 c:\windows\$NtServicePackUninstall$\tcptest.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   45056 c:\windows\$NtServicePackUninstall$\tcpmonui.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   46080 c:\windows\$NtServicePackUninstall$\tcpmon.dll
+ 2009

9

Tech Clinic / Annoying virus keeps reappearing

« on: July 17, 2010, 12:27:39 PM »

Alright, done. Right after I ran ComboFix.exe my PC rebooted and after the reboot I didn't see my desktop so I couldn't connect to the internet to download the recovery console, so I just skipped it and let it scan. The log is just enormous, here it is:

ComboFix 10-07-15.05 - עדן 07/17/2010 20:03:26.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1255.972.1037.18.511.317 [GMT 3:00]
Running from: c:\documents and settings\עדן\שולחן העבודה\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\עדן\Application Data\inst.exe
c:\documents and settings\All Users.WINDOWS\Application Data\mazuki.dll
c:\windows\system32\swdir.dll

.
((((((((((((((((((((((((( Files Created from 2010-06-17 to 2010-07-17 )))))))))))))))))))))))))))))))
.

2010-07-16 19:47 . 2010-07-16 19:47   --------   d-----w-   c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2010-07-16 19:47 . 2010-07-16 19:47   --------   d-----w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com
2010-07-16 19:46 . 2010-07-17 06:50   --------   d-----w-   c:\program files\SUPERAntiSpyware
2010-07-16 19:17 . 2010-07-16 19:17   --------   d-----w-   c:\program files\Uniblue
2010-07-16 17:18 . 2010-07-16 17:17   423656   ----a-w-   c:\windows\system32\deployJava1.dll
2010-07-16 13:48 . 2010-07-16 13:48   --------   d-----w-   c:\documents and settings\עדן\Application Data\Uniblue
2010-07-14 10:58 . 2010-06-14 14:31   744448   -c----w-   c:\windows\system32\dllcache\helpsvc.exe
2010-07-11 20:37 . 2010-07-11 20:37   --------   d-----w-   c:\program files\TeamSpeak 3 Client
2010-06-19 19:31 . 2010-06-21 09:29   --------   d-----w-   c:\program files\SexyKO

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-17 13:09 . 2010-02-16 13:03   --------   d-----w-   c:\program files\MaxKO
2010-07-16 19:54 . 2010-07-16 19:47   63488   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-16 19:54 . 2010-07-16 19:47   117760   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-16 19:47 . 2010-07-16 19:47   52224   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-07-16 19:30 . 2009-11-08 14:55   --------   d-----w-   c:\documents and settings\עדן\Application Data\uTorrent
2010-07-16 17:19 . 2010-07-16 17:19   503808   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\msvcp71.dll
2010-07-16 17:19 . 2010-07-16 17:19   499712   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\jmc.dll
2010-07-16 17:19 . 2010-07-16 17:19   348160   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\msvcr71.dll
2010-07-16 17:19 . 2010-07-16 17:19   61440   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5c395654-n\decora-sse.dll
2010-07-16 17:19 . 2010-07-16 17:19   12800   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5c395654-n\decora-d3d.dll
2010-07-16 17:19 . 2005-01-03 13:06   --------   d-----w-   c:\program files\Common Files\Java
2010-07-16 17:09 . 2004-06-04 23:04   --------   d-----w-   c:\program files\Java
2010-07-16 09:30 . 2007-08-26 16:57   --------   d-----w-   c:\program files\VentriloMIX
2010-07-13 18:56 . 2009-11-27 18:33   --------   d-----w-   c:\program files\Mp3tag
2010-07-01 12:16 . 2009-05-26 17:55   --------   d-----w-   c:\documents and settings\עדן\Application Data\NoNameScript-May26
2010-07-01 12:15 . 2009-06-19 08:14   --------   d-----w-   c:\program files\mIRC
2010-06-23 21:15 . 2004-08-27 12:00   67296   ----a-w-   c:\windows\system32\perfc00d.dat
2010-06-23 21:15 . 2004-08-27 12:00   345584   ----a-w-   c:\windows\system32\perfh00d.dat
2010-06-16 18:27 . 2005-12-08 08:39   98304   ----a-w-   c:\windows\DUMPb219.tmp
2010-06-15 19:33 . 2009-12-15 14:49   --------   d-----w-   c:\documents and settings\עדן\Application Data\Mp3 Audio Editor
2010-06-14 18:47 . 2005-12-08 08:39   98304   ----a-w-   c:\windows\DUMPb517.tmp
2010-06-14 14:39 . 2009-11-08 14:56   --------   d-----w-   c:\program files\uTorrent
2010-06-14 14:31 . 2005-12-08 07:22   744448   ----a-w-   c:\windows\PCHEALTH\HELPCTR\Binaries\helpsvc.exe
2010-06-12 13:22 . 2010-06-12 13:22   --------   d-----w-   c:\program files\SystemRequirementsLab
2010-05-19 18:01 . 2007-04-05 06:37   --------   d---a-w-   c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2010-05-14 15:47 . 2010-05-14 15:47   286720   ------w-   c:\windows\Setup1.exe
2010-05-14 15:47 . 2010-05-14 15:47   73216   ----a-w-   c:\windows\ST6UNST.EXE
2010-05-10 11:33 . 2009-06-07 20:30   56816   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
2010-05-06 10:35 . 2004-08-27 12:00   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-05-04 09:01 . 2005-12-08 08:13   60576   ----a-w-   c:\documents and settings\עדן\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-02 08:08 . 2004-08-27 12:00   1851136   ----a-w-   c:\windows\system32\win32k.sys
2010-04-29 12:39 . 2009-06-06 18:06   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 12:39 . 2009-06-06 18:06   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-04-20 05:30 . 2004-08-27 12:00   285696   ----a-w-   c:\windows\system32\atmfd.dll
2005-01-29 12:14 . 2005-01-29 12:14   48640   --sha-w-   c:\program files\Thumbs.db
2003-01-13 09:20 . 2004-09-12 12:48   278528   ----a-w-   c:\program files\internet explorer\plugins\PanoViewer.dll
1999-04-30 14:00 . 2004-09-12 12:48   98304   ----a-w-   c:\program files\internet explorer\plugins\UPjpeg.dll
.

------- Sigcheck -------

[-] 2008-04-14 . CD194374A5A584E32346297DE305F77B . 1429504 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 468D2A8B5F62E25F81C3150263D8E558 . 1202176 . . [6.00.2900.5512] . . c:\windows\system32\VITrans\explorer.exe
[7] 2008-04-14 . 468D2A8B5F62E25F81C3150263D8E558 . 1202176 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 7C66CE267EDD66607B2275FE44235A31 . 1201664 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 1FB3EE7C4D70AACE3063A1E1E0FF7FCF . 1201664 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[7] 2004-08-27 . A275BB2B4CF43625B9F38AD312F5C5A6 . 1200640 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-06-06_20.36.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 02:14 . 2008-04-14 02:14   57344 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19   54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 03:07 . 2008-07-29 03:07   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 03:07 . 2008-07-29 03:07   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2009-07-11 17:41 . 2009-07-11 17:41   97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-02-17 17:04 . 2007-01-19 12:51   74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   50688 c:\windows\twain_32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   50688 c:\windows\twain_32.dll
+ 2002-03-13 14:46 . 2002-03-13 14:46   53248 c:\windows\system32\zlib.dll
- 2005-12-08 07:20 . 2006-03-01 19:43   11776 c:\windows\system32\xolehlp.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   11776 c:\windows\system32\xolehlp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   50176 c:\windows\system32\xmlprovi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   50176 c:\windows\system32\xmlprovi.dll
+ 2009-11-30 19:33 . 2009-11-30 19:33   41872 c:\windows\system32\xfcodec.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   30720 c:\windows\system32\xcopy.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   30720 c:\windows\system32\xcopy.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   91648 c:\windows\system32\xactsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   91648 c:\windows\system32\xactsrv.dll
+ 2004-08-26 17:53 . 2008-04-14 02:17   52736 c:\windows\system32\wzcsapi.dll
+ 2005-05-26 02:16 . 2009-08-06 17:24   44768 c:\windows\system32\wups2.dll
+ 2005-12-08 07:22 . 2009-08-06 17:24   35552 c:\windows\system32\wups.dll
+ 2005-12-08 07:22 . 2009-08-06 17:24   53472 c:\windows\system32\wuauclt.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   18432 c:\windows\system32\wtsapi32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18432 c:\windows\system32\wtsapi32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   51200 c:\windows\system32\wstdecod.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   51200 c:\windows\system32\wstdecod.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   22528 c:\windows\system32\wsock32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   22528 c:\windows\system32\wsock32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   41984 c:\windows\system32\wsnmp32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   19456 c:\windows\system32\wshtcpip.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   11264 c:\windows\system32\wshrm.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   14336 c:\windows\system32\wship6.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   14336 c:\windows\system32\wship6.dll
+ 2004-08-27 12:00 . 2008-05-09 10:56   90112 c:\windows\system32\wshext.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   36864 c:\windows\system32\wshcon.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   80896 c:\windows\system32\wscsvc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   13824 c:\windows\system32\wscntfy.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   13824 c:\windows\system32\wscntfy.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   19968 c:\windows\system32\ws2help.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   19968 c:\windows\system32\ws2help.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   82432 c:\windows\system32\ws2_32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   11264 c:\windows\system32\wpnpinst.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   32256 c:\windows\system32\wpabaln.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   32256 c:\windows\system32\wpabaln.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   20480 c:\windows\system32\wmpui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20480 c:\windows\system32\wmpui.dll
- 2004-08-27 12:00 . 2006-12-01 09:16   99840 c:\windows\system32\wmpshell.dll
+ 2004-08-27 12:00 . 2006-10-18 19:47   99840 c:\windows\system32\wmpshell.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20480 c:\windows\system32\wmpcore.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20480 c:\windows\system32\wmpcore.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20480 c:\windows\system32\wmpcd.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20480 c:\windows\system32\wmpcd.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   91648 c:\windows\system32\wlnotify.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   91648 c:\windows\system32\wlnotify.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   69120 c:\windows\system32\wlanapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   53760 c:\windows\system32\winsta.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   53760 c:\windows\system32\winsta.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17408 c:\windows\system32\winshfhc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   17408 c:\windows\system32\winshfhc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   97792 c:\windows\system32\winscard.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   97792 c:\windows\system32\winscard.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   16896 c:\windows\system32\winrnr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   16896 c:\windows\system32\winrnr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   32256 c:\windows\system32\winipsec.dll
+ 1997-08-10 21:00 . 1997-08-10 21:00   30720 c:\windows\system32\WINDBVER.EXE
- 2004-08-27 12:00 . 2004-08-27 12:00   75776 c:\windows\system32\wiascr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   75776 c:\windows\system32\wiascr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   64512 c:\windows\system32\wextract.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   64512 c:\windows\system32\wextract.exe
- 2004-08-27 12:00 . 2006-01-04 03:35   68096 c:\windows\system32\webclnt.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   68096 c:\windows\system32\webclnt.dll
+ 2004-08-26 17:53 . 2008-04-14 02:18   23552 c:\windows\system32\wdmaud.drv
- 2004-08-26 17:53 . 2004-08-27 12:00   23552 c:\windows\system32\wdmaud.drv
+ 2004-08-27 12:00 . 2009-06-25 08:26   54272 c:\windows\system32\wdigest.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   94208 c:\windows\system32\wbem\wmiutils.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   41472 c:\windows\system32\wbem\wmipsess.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   41472 c:\windows\system32\wbem\wmipsess.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   62464 c:\windows\system32\wbem\wmipjobj.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   61952 c:\windows\system32\wbem\wmipiprt.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   60928 c:\windows\system32\wbem\wmicookr.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   60928 c:\windows\system32\wbem\wmicookr.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   88576 c:\windows\system32\wbem\wmiaprpl.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   43520 c:\windows\system32\wbem\wbemsvc.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   43520 c:\windows\system32\wbem\wbemsvc.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   18944 c:\windows\system32\wbem\wbemprox.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   18944 c:\windows\system32\wbem\wbemprox.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   41984 c:\windows\system32\wbem\wbemperf.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   41984 c:\windows\system32\wbem\wbemperf.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   71680 c:\windows\system32\wbem\wbemcons.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   71680 c:\windows\system32\wbem\wbemcons.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   86528 c:\windows\system32\wbem\stdprov.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   86528 c:\windows\system32\wbem\stdprov.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   36352 c:\windows\system32\wbem\scrcons.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   47104 c:\windows\system32\wbem\ncprov.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   47104 c:\windows\system32\wbem\ncprov.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   16384 c:\windows\system32\wbem\mofcomp.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   16384 c:\windows\system32\wbem\mofcomp.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   24576 c:\windows\system32\wbem\krnlprov.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   24576 c:\windows\system32\wbem\krnlprov.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   21504 c:\windows\system32\wbem\evntrprv.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   17664 c:\windows\system32\watchdog.sys
+ 2004-08-27 12:00 . 2008-04-13 18:44   17664 c:\windows\system32\watchdog.sys
- 2004-08-27 12:00 . 2004-08-27 12:00   15872 c:\windows\system32\w3ssl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   15872 c:\windows\system32\w3ssl.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   96752 c:\windows\system32\vxblock.dll
+ 2009-11-12 18:19 . 2006-12-01 10:05   63488 c:\windows\system32\VITrans\wmplayer.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   56832 c:\windows\system32\VITrans\sol.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   69120 c:\windows\system32\VITrans\notepad.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   90112 c:\windows\system32\VITrans\mydocs.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   59904 c:\windows\system32\VITrans\msimn.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   55296 c:\windows\system32\VITrans\freecell.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   80384 c:\windows\system32\VITrans\charmap.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   28672 c:\windows\system32\VITrans\batmeter.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   18944 c:\windows\system32\version.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18944 c:\windows\system32\version.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   26624 c:\windows\system32\verifier.dll
+ 2006-03-17 00:38 . 2008-04-14 02:18   28672 c:\windows\system32\verclsid.exe
- 2006-03-17 00:38 . 2006-03-17 00:38   28672 c:\windows\system32\verclsid.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   51712 c:\windows\system32\vdmredir.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   51712 c:\windows\system32\vdmredir.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   26112 c:\windows\system32\vdmdbg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   26112 c:\windows\system32\vdmdbg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   30749 c:\windows\system32\vbajet32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   30749 c:\windows\system32\vbajet32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   50176 c:\windows\system32\utilman.exe
- 2004-08-27 12:00 . 2006-10-04 13:32   50176 c:\windows\system32\utilman.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   19968 c:\windows\system32\usmt\log.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   19968 c:\windows\system32\usmt\log.dll
+ 2008-04-13 16:44 . 2008-04-13 16:44   17920 c:\windows\system32\usmt\cobramsg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   26112 c:\windows\system32\userinit.exe
- 2005-12-08 08:51 . 2004-08-26 15:53   72704 c:\windows\system32\usbui.dll
+ 2005-12-08 08:51 . 2008-04-14 02:17   72704 c:\windows\system32\usbui.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   16896 c:\windows\system32\usbmon.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   16896 c:\windows\system32\usbmon.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   18432 c:\windows\system32\ups.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   18432 c:\windows\system32\ups.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   16896 c:\windows\system32\upnpcont.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   16896 c:\windows\system32\upnpcont.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   13824 c:\windows\system32\uniplat.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   13824 c:\windows\system32\uniplat.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   73216 c:\windows\system32\unimdmat.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   73216 c:\windows\system32\unimdmat.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   76288 c:\windows\system32\uniime.dll
+ 2005-12-08 08:47 . 2008-04-14 02:16   76288 c:\windows\system32\uniime.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   35840 c:\windows\system32\umandlg.dll
- 2004-08-27 12:00 . 2006-10-04 13:38   35840 c:\windows\system32\umandlg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   26624 c:\windows\system32\udhisapi.dll
+ 2007-01-29 08:58 . 2010-04-21 13:28   46080 c:\windows\system32\tzchange.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   57856 c:\windows\system32\twext.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   50688 c:\windows\system32\tspkg.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   53248 c:\windows\system32\tsgqec.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   12168 c:\windows\system32\tsddd.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   12168 c:\windows\system32\tsddd.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   93696 c:\windows\system32\tscfgwmi.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   93696 c:\windows\system32\tscfgwmi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   90112 c:\windows\system32\trkwks.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   12800 c:\windows\system32\tree.com
- 2004-08-27 12:00 . 2004-08-27 12:00   12288 c:\windows\system32\tracert.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   12288 c:\windows\system32\tracert.exe
+ 2004-08-27 12:00 . 2009-06-12 12:31   76288 c:\windows\system32\telnet.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   45056 c:\windows\system32\tcpmonui.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   45056 c:\windows\system32\tcpmonui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   45568 c:\windows\system32\tcpmon.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   14848 c:\windows\system32\tcpmib.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   14848 c:\windows\system32\tcpmib.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   57856 c:\windows\system32\synceng.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   57856 c:\windows\system32\synceng.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   14336 c:\windows\system32\svchost.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   14336 c:\windows\system32\svchost.exe
+ 2004-08-27 12:00 . 2009-10-21 05:39   75776 c:\windows\system32\strmfilt.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   75776 c:\windows\system32\strmfilt.dll
+ 2005-12-08 08:46 . 2008-04-14 02:17   73216 c:\windows\system32\storprop.dll
- 2005-12-08 08:46 . 2004-08-26 17:53   73216 c:\windows\system32\storprop.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   14848 c:\windows\system32\stimon.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   14848 c:\windows\system32\stimon.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   68096 c:\windows\system32\sti.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   59392 c:\windows\system32\stclient.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   14336 c:\windows\system32\ssstars.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   14336 c:\windows\system32\ssstars.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   18944 c:\windows\system32\ssmyst.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   18944 c:\windows\system32\ssmyst.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   47104 c:\windows\system32\ssmypics.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   47104 c:\windows\system32\ssmypics.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   20992 c:\windows\system32\ssmarque.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   20992 c:\windows\system32\ssmarque.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   71680 c:\windows\system32\ssdpsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   71680 c:\windows\system32\ssdpsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   34816 c:\windows\system32\ssdpapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   34816 c:\windows\system32\ssdpapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   19968 c:\windows\system32\ssbezier.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   19968 c:\windows\system32\ssbezier.scr
+ 2004-08-27 12:00 . 2008-04-14 02:17   96768 c:\windows\system32\srvsvc.dll
- 2004-08-27 12:00 . 2004-12-07 19:34   96768 c:\windows\system32\srvsvc.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   67584 c:\windows\system32\srclient.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   67584 c:\windows\system32\srclient.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   20992 c:\windows\system32\spupdwxp.exe
+ 2005-12-09 10:11 . 2009-01-07 16:21   26144 c:\windows\system32\spupdsvc.exe
+ 2009-11-17 19:02 . 2009-11-21 09:57   15607 c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
+ 2009-11-21 09:57 . 2009-11-21 09:57   11024 c:\windows\system32\SpoonUninstall-dBpoweramp DSP Effects.dat
+ 2004-08-27 12:00 . 2008-04-14 02:17   57856 c:\windows\system32\spoolsv.exe
- 2004-08-27 12:00 . 2005-06-10 23:53   57856 c:\windows\system32\spoolsv.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   75264 c:\windows\system32\spoolss.dll
+ 2008-01-30 06:19 . 2008-07-06 12:06   89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2004-08-27 12:00 . 2008-04-13 17:18   11264 c:\windows\system32\spnpinst.exe
- 2007-11-17 18:16 . 2007-11-30 11:19   16760 c:\windows\system32\spmsg.dll
+ 2009-12-17 06:43 . 2009-05-26 11:41   16760 c:\windows\system32\spmsg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   24576 c:\windows\system32\sort.exe
+ 2005-12-08 07:20 . 2004-08-27 12:00   59904 c:\windows\system32\sol.exe
+ 2009-10-20 10:33 . 2009-08-06 17:24   44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-20 10:33 . 2009-08-06 17:24   35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18944 c:\windows\system32\snmpapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   18944 c:\windows\system32\snmpapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   50688 c:\windows\system32\smss.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   50688 c:\windows\system32\smss.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   88064 c:\windows\system32\smlogsvc.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   88064 c:\windows\system32\smlogsvc.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   73796 c:\windows\system32\slserv.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   32866 c:\windows\system32\slrundll.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   73832 c:\windows\system32\slcoinst.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   98304 c:\windows\system32\slbiop.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   98304 c:\windows\system32\slbiop.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   25088 c:\windows\system32\slayerxp.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   25088 c:\windows\system32\slayerxp.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   26112 c:\windows\system32\skeys.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   26112 c:\windows\system32\skeys.exe
+ 2009-07-26 14:44 . 2009-07-26 14:44   48448 c:\windows\system32\sirenacm.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   70144 c:\windows\system32\sigverif.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   70144 c:\windows\system32\sigverif.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   12800 c:\windows\system32\sigtab.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   12800 c:\windows\system32\sigtab.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   19456 c:\windows\system32\shutdown.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   19456 c:\windows\system32\shutdown.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   27648 c:\windows\system32\shscrap.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   27648 c:\windows\system32\shscrap.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   77312 c:\windows\system32\shrpubw.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   77312 c:\windows\system32\shrpubw.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   45056 c:\windows\system32\shmgrate.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   65024 c:\windows\system32\shimeng.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   68096 c:\windows\system32\shgina.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   68096 c:\windows\system32\shgina.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   25088 c:\windows\system32\shfolder.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   25088 c:\windows\system32\shfolder.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   32768 c:\windows\system32\setupn.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   26624 c:\windows\system32\Setup\startoc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17408 c:\windows\system32\Setup\ocmsn.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   17408 c:\windows\system32\Setup\ocmsn.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   15872 c:\windows\system32\Setup\ocgen.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   15872 c:\windows\system32\Setup\ocgen.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   62464 c:\windows\system32\Setup\ntoc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   62464 c:\windows\system32\Setup\ntoc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   76288 c:\windows\system32\Setup\netoc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   76288 c:\windows\system32\Setup\netoc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   15360 c:\windows\system32\Setup\msgrocm.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   15360 c:\windows\system32\Setup\msgrocm.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   90112 c:\windows\system32\Setup\msdtcstp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   32828 c:\windows\system32\Setup\fp40ext.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   32828 c:\windows\system32\Setup\fp40ext.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   23040 c:\windows\system32\setup.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   23040 c:\windows\system32\setup.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   31744 c:\windows\system32\sethc.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   31744 c:\windows\system32\sethc.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   55808 c:\windows\system32\servdeps.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   55808 c:\windows\system32\servdeps.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   39424 c:\windows\system32\sens.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   55296 c:\windows\system32\sendmail.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   55296 c:\windows\system32\sendmail.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   29184 c:\windows\system32\sendcmsg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   29184 c:\windows\system32\sendcmsg.dll
+ 2004-08-27 12:00 . 2009-06-25 08:26   56832 c:\windows\system32\secur32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   18432 c:\windows\system32\seclogon.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18432 c:\windows\system32\seclogon.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   29184 c:\windows\system32\sdhcinst.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   29184 c:\windows\system32\sdhcinst.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   77312 c:\windows\system32\sdbinst.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   77312 c:\windows\system32\sdbinst.exe
+ 2009-11-12 18:19 . 2009-03-23 15:39   20480 c:\windows\system32\scrnrdr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   20992 c:\windows\system32\sclgntfy.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20992 c:\windows\system32\sclgntfy.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   95744 c:\windows\system32\scardsvr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   95744 c:\windows\system32\scardsvr.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   69120 c:\windows\system32\scarddlg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   69120 c:\windows\system32\scarddlg.dll
+ 2004-08-27 12:00 . 2009-02-06 10:39   35328 c:\windows\system32\sc.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   13312 c:\windows\system32\savedump.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   13312 c:\windows\system32\savedump.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   64000 c:\windows\system32\samlib.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   64000 c:\windows\system32\samlib.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   45568 c:\windows\system32\safrslv.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   45568 c:\windows\system32\safrslv.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   29696 c:\windows\system32\safrdm.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   29696 c:\windows\system32\safrdm.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   43520 c:\windows\system32\safrcdlg.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   43520 c:\windows\system32\safrcdlg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   14336 c:\windows\system32\runonce.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   14336 c:\windows\system32\runonce.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   33280 c:\windows\system32\rundll32.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   33280 c:\windows\system32\rundll32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   44032 c:\windows\system32\rtutils.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   44032 c:\windows\system32\rtutils.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   31744 c:\windows\system32\rtipxmib.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   31744 c:\windows\system32\rtipxmib.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   76288 c:\windows\system32\rtcshare.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   76288 c:\windows\system32\rtcshare.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   92672 c:\windows\system32\rsvpsp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   18944 c:\windows\system32\rsmps.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18944 c:\windows\system32\rsmps.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   39424 c:\windows\system32\rshx32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   39424 c:\windows\system32\rshx32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   14848 c:\windows\system32\rsh.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   14848 c:\windows\system32\rsh.exe
+ 2004-05-31 12:39 . 2004-05-31 12:39   45056 c:\windows\system32\rfg726.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   13824 c:\windows\system32\rexec.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   13824 c:\windows\system32\rexec.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   58880 c:\windows\system32\resutils.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   58880 c:\windows\system32\resutils.dll
+ 2007-02-12 12:41 . 2009-11-12 18:16   46212 c:\windows\system32\Restore\rstrlog.dat
+ 2005-12-08 07:20 . 2008-04-14 02:17   59904 c:\windows\system32\remotepg.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   59904 c:\windows\system32\remotepg.dll
+ 2009-10-04 11:17 . 2004-08-03 23:07   42368 c:\windows\system32\ReinstallBackups\0020\DriverFiles\i386\AGP440.SYS
+ 2009-10-04 11:17 . 2004-08-27 12:00   39680 c:\windows\system32\ReinstallBackups\0017\DriverFiles\i386\intelppm.sys
+ 2009-10-04 11:17 . 2004-08-27 12:00   39680 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\intelppm.sys
+ 2009-10-04 11:17 . 2004-08-03 21:10   38016 c:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\bthmodem.sys
+ 2009-10-04 11:17 . 2004-08-03 21:10   38016 c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\bthmodem.sys
+ 2009-10-04 11:17 . 2004-08-03 21:10   38016 c:\windows\system32\ReinstallBackups\0013\DriverFiles\i386\bthmodem.sys
+ 2009-10-04 11:16 . 2004-08-03 21:10   59648 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\rfcomm.sys
+ 2009-10-04 11:16 . 2004-08-26 15:53   26112 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\irmon.dll
+ 2009-10-04 11:16 . 2004-08-03 21:10   17024 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\BthEnum.sys
+ 2009-10-04 11:16 . 2004-08-03 21:10   38016 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\bthmodem.sys
+ 2009-10-04 11:16 . 2004-08-03 21:10   18944 c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\BTHUSB.SYS
+ 2009-10-04 11:16 . 2004-08-03 21:10   17024 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\bthenum.sys
+ 2009-11-12 18:19 . 2006-12-03 15:15   19968 c:\windows\system32\reico.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   11264 c:\windows\system32\regsvr32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   11264 c:\windows\system32\regsvr32.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   59904 c:\windows\system32\regsvc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   59904 c:\windows\system32\regsvc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   49664 c:\windows\system32\regapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   49664 c:\windows\system32\regapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   50176 c:\windows\system32\reg.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   50176 c:\windows\system32\reg.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   67072 c:\windows\system32\rdshost.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   67072 c:\windows\system32\rdshost.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   13824 c:\windows\system32\rdsaddin.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   13824 c:\windows\system32\rdsaddin.exe
+ 2005-12-08 07:20 . 2008-04-14 02:18   87176 c:\windows\system32\rdpwsx.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   87176 c:\windows\system32\rdpwsx.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   19968 c:\windows\system32\rdpsnd.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   19968 c:\windows\system32\rdpsnd.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   92424 c:\windows\system32\rdpdd.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   62976 c:\windows\system32\rdpclip.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   21504 c:\windows\system32\rcp.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   21504 c:\windows\system32\rcp.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   35840 c:\windows\system32\rcimlby.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   35840 c:\windows\system32\rcimlby.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   58368 c:\windows\system32\rastapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   16384 c:\windows\system32\rassapi.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   61952 c:\windows\system32\rasqec.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   56320 c:\windows\system32\rasphone.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   56320 c:\windows\system32\rasphone.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   61440 c:\windows\system32\rasman.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   61440 c:\windows\system32\rasman.dll
+ 2004-08-27 12:00 . 2009-10-12 13:39   79872 c:\windows\system32\raschap.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   88576 c:\windows\system32\rasauto.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   43520 c:\windows\system32\racpldlg.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   43520 c:\windows\system32\racpldlg.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   76800 c:\windows\system32\qutil.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   19968 c:\windows\system32\qprocess.exe
+ 2005-12-08 07:22 . 2008-04-14 02:17   18944 c:\windows\system32\qmgrprxy.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   18944 c:\windows\system32\qmgrprxy.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   62464 c:\windows\system32\qcliprov.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   66032 c:\windows\system32\pxinsa64.exe
+ 2006-05-16 03:58 . 2009-04-28 20:20   72176 c:\windows\system32\pxhpinst.exe
+ 2006-05-16 03:58 . 2009-04-28 20:20   66544 c:\windows\system32\pxcpya64.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   33792 c:\windows\system32\pstorsvc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   33792 c:\windows\system32\pstorsvc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   43520 c:\windows\system32\pstorec.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   43520 c:\windows\system32\pstorec.dll
+ 2009-11-12 18:19 . 2004-11-27 17:00   94208 c:\windows\system32\pskill.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   95744 c:\windows\system32\psbase.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   95744 c:\windows\system32\psbase.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   23040 c:\windows\system32\psapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   23040 c:\windows\system32\psapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   50176 c:\windows\system32\proquota.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   50176 c:\windows\system32\proquota.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   27648 c:\windows\system32\profmap.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   27648 c:\windows\system32\profmap.dll
+ 2010-03-30 21:16 . 2010-03-30 21:16   99176 c:\windows\system32\PresentationHostProxy.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17408 c:\windows\system32\powrprof.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   17408 c:\windows\system32\powrprof.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   49152 c:\windows\system32\powercfg.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   49152 c:\windows\system32\powercfg.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   58880 c:\windows\system32\pnrpnsp.dll
+ 2004-08-27 12:00 . 2009-03-08 02:31   46592 c:\windows\system32\pngfilt.dll
+ 2004-08-26 17:53 . 2008-04-14 02:17   15360 c:\windows\system32\pjlmon.dll
- 2004-08-26 17:53 . 2004-08-27 12:00   15360 c:\windows\system32\pjlmon.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17920 c:\windows\system32\ping.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   17920 c:\windows\system32\ping.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   24064 c:\windows\system32\pidgen.dll
+ 2004-08-27 12:00 . 2008-04-13 18:35   24064 c:\windows\system32\pidgen.dll
+ 2004-08-26 17:53 . 2008-04-14 02:17   35328 c:\windows\system32\pid.dll
- 2004-08-26 17:53 . 2004-08-27 12:00   35328 c:\windows\system32\pid.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   34816 c:\windows\system32\perfproc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   34816 c:\windows\system32\perfproc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   25088 c:\windows\system32\perfos.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   25088 c:\windows\system32\perfos.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17408 c:\windows\system32\perfnet.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   15872 c:\windows\system32\perfmon.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   15872 c:\windows\system32\perfmon.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   26624 c:\windows\system32\perfdisk.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   26624 c:\windows\system32\perfdisk.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   38400 c:\windows\system32\perfctrs.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   38400 c:\windows\system32\perfctrs.dll
+ 2004-08-27 12:00 . 2010-06-23 21:15   67312 c:\windows\system32\perfc009.dat
+ 2004-08-27 12:00 . 2008-04-14 02:17   64512 c:\windows\system32\pautoenr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   57344 c:\windows\system32\packager.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   57344 c:\windows\system32\packager.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   67072 c:\windows\system32\osuninst.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   67072 c:\windows\system32\osuninst.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   51200 c:\windows\system32\oobe\oobebaln.exe
- 2005-12-08 07:22 . 2004-08-27 12:00   51200 c:\windows\system32\oobe\oobebaln.exe
+ 2005-12-08 07:22 . 2008-04-14 02:17   29184 c:\windows\system32\oobe\msoobe.exe
+ 2005-12-08 07:22 . 2008-04-14 02:17   19456 c:\windows\system32\oobe\msobweb.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   30720 c:\windows\system32\oobe\msobshel.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   30720 c:\windows\system32\oobe\msobshel.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   16384 c:\windows\system32\oobe\msobdl.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   16384 c:\windows\system32\oobe\msobdl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   84992 c:\windows\system32\olepro32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   37376 c:\windows\system32\olecnv32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   74752 c:\windows\system32\olecli32.dll
- 2004-08-27 12:00 . 2005-07-26 04:40   74752 c:\windows\system32\olecli32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20511 c:\windows\system32\odtext32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20511 c:\windows\system32\odtext32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20510 c:\windows\system32\odpdx32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20510 c:\windows\system32\odpdx32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20510 c:\windows\system32\odfox32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20510 c:\windows\system32\odfox32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20510 c:\windows\system32\odexl32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20510 c:\windows\system32\odexl32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20511 c:\windows\system32\oddbse32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20511 c:\windows\system32\oddbse32.dll
+ 1998-05-13 21:00 . 1998-05-13 21:00   72704 c:\windows\system32\ODBCTL32.DLL
- 2004-08-27 12:00 . 2004-08-27 12:00   12288 c:\windows\system32\odbcp32r.dll
+ 2004-08-27 12:00 . 2008-04-13 17:26   12288 c:\windows\system32\odbcp32r.dll
+ 2004-08-27 12:00 . 2008-04-14 02:16   53279 c:\windows\system32\odbcji32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   94208 c:\windows\system32\odbcint.dll
+ 2004-08-27 12:00 . 2008-04-13 15:40   94208 c:\windows\system32\odbcint.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   65536 c:\windows\system32\odbccu32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   65536 c:\windows\system32\odbccu32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   65536 c:\windows\system32\odbccr32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   65536 c:\windows\system32\odbccr32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   69632 c:\windows\system32\odbcconf.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   69632 c:\windows\system32\odbcconf.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   24576 c:\windows\system32\odbcbcp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   24576 c:\windows\system32\odbcbcp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   32768 c:\windows\system32\odbcad32.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   32768 c:\windows\system32\odbcad32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   16384 c:\windows\system32\odbc32gt.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   16384 c:\windows\system32\odbc32gt.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   66560 c:\windows\system32\ocmanage.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   15360 c:\windows\system32\ntvdmd.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   90112 c:\windows\system32\ntprint.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   90112 c:\windows\system32\ntprint.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   40960 c:\windows\system32\ntmsapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   40960 c:\windows\system32\ntmsapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   44032 c:\windows\system32\ntlanman.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   67072 c:\windows\system32\ntdsapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   67072 c:\windows\system32\ntdsapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   76800 c:\windows\system32\nslookup.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   76800 c:\windows\system32\nslookup.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   54784 c:\windows\system32\npptools.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   54784 c:\windows\system32\npptools.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   15360 c:\windows\system32\npp\nppagent.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   15360 c:\windows\system32\npp\nppagent.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   57344 c:\windows\system32\npp\ndisnpp.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   57344 c:\windows\system32\npp\ndisnpp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   70144 c:\windows\system32\notepad.exe
- 2006-06-29 06:05 . 2006-06-29 06:05   23552 c:\windows\system32\normaliz.dll
+ 2006-06-29 06:05 . 2009-01-07 16:20   23552 c:\windows\system32\normaliz.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   28672 c:\windows\system32\nmmkcert.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   28672 c:\windows\system32\nmmkcert.dll
- 2006-06-28 15:59 . 2006-06-28 15:59   24576 c:\windows\system32\nlsdl.dll
+ 2006-06-28 15:59 . 2009-01-07 16:20   24576 c:\windows\system32\nlsdl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   98304 c:\windows\system32\nlhtml.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   77824 c:\windows\system32\netui0.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   77824 c:\windows\system32\netui0.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   36864 c:\windows\system32\netstat.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   36864 c:\windows\system32\netstat.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   86016 c:\windows\system32\netsh.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   86016 c:\windows\system32\netsh.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   11776 c:\windows\system32\netrap.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   49488 c:\windows\system32\netfxperf.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   42496 c:\windows\system32\net.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   42496 c:\windows\system32\net.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   18432 c:\windows\system32\nddenb32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18432 c:\windows\system32\nddenb32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17920 c:\windows\system32\nddeapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   17920 c:\windows\system32\nddeapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   36352 c:\windows\system32\ncobjapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   36352 c:\windows\system32\ncobjapi.dll
- 2004-08-27 12:00 . 2006-10-04 13:32   53760 c:\windows\system32\narrator.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   53760 c:\windows\system32\narrator.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   30208 c:\windows\system32\napipsec.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2005-12-08 07:20 . 2008-06-12 14:22   91648 c:\windows\system32\mtxoci.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   34304 c:\windows\system32\mtxlegih.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   30720 c:\windows\system32\mtxdm.dll
+ 2004-08-27 12:00 . 2008-06-12 14:22   66560 c:\windows\system32\mtxclu.dll
- 2004-08-27 12:00 . 2006-03-01 19:43   66560 c:\windows\system32\mtxclu.dll
+ 2004-08-26 17:53 . 2009-11-27 17:13   17920 c:\windows\system32\msyuv.dll
+ 2008-04-14 01:57 . 2008-04-14 01:57   67584 c:\windows\system32\msxml6r.dll
+ 2004-08-27 12:00 . 2008-04-14 0

10

Tech Clinic / Annoying virus keeps reappearing

« on: July 17, 2010, 02:20:32 AM »

Both logs are attached to this reply. Thanks again!

#Edit: I ran a full complete scan with SuperAntiSpyware and it seems to have removed one of the reappearing files (there is another one still, 4.exe, which it didn't detect in the scan), and also two other trojans. Here's the log:

Memory items scanned : 448
Memory threats detected : 0
Registry items scanned : 7496
Registry threats detected : 0
File items scanned : 22438
File threats detected : 3

Trojan.Agent/Gen-MailPassView
   C:\DOCUMENTS AND SETTINGS\עדן\LOCAL SETTINGS\TEMP\3.EXE

Trojan.Agent/Gen-Krpytik
   C:\SYSTEM VOLUME INFORMATION\_RESTORE{0D1368F3-4705-4684-A322-DC445637B4F1}\RP640\A1162847.EXE

Trojan.Agent/Gen
   C:\SYSTEM VOLUME INFORMATION\_RESTORE{0D1368F3-4705-4684-A322-DC445637B4F1}\RP644\A1163187.EXE

OTL logfile created on: 17/07/2010 10:11:45 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\עדן\שולחן העבודה
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040D | Country: ישראל | Language: HEB | Date Format: dd/MM/yyyy

511.00 Mb Total Physical Memory | 266.00 Mb Available Physical Memory | 52.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 1.57 Gb Free Space | 1.40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TAP-7409E23BDD
Current User Name: עדן
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/17 10:10:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\עדן\שולחן העבודה\OTL.exe
PRC - [2010/07/17 09:50:31 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\44371c0f-58c5-4c7b-9bd4-12ac96b5e9ba.com
PRC - [2010/06/27 19:08:29 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\עדן\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2008/04/14 05:17:44 | 001,429,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 20:39:20 | 000,049,152 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe
PRC - [2004/09/16 15:39:44 | 000,069,632 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

========== Modules (SafeList) ==========

MOD - [2010/07/17 10:10:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\עדן\שולחן העבודה\OTL.exe
MOD - [2008/04/14 05:16:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XTrapD12.sys -- (XTrapD12)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva136.sys -- (XDva136)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva090.sys -- (XDva090)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva089.sys -- (XDva089)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva078.sys -- (XDva078)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva062.sys -- (XDva062)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva054.sys -- (XDva054)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva049.sys -- (XDva049)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva041.sys -- (XDva041)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva039.sys -- (XDva039)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva033.sys -- (XDva033)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva032.sys -- (XDva032)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva031.sys -- (XDva031)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva025.sys -- (XDva025)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva020.sys -- (XDva020)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva010.sys -- (XDva010)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva009.sys -- (XDva009)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva007.sys -- (XDva007)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva002.sys -- (XDva002)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys -- (SABKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Gravity\SpiritusRO\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\9E2D~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/05/10 21:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 21:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/10/27 13:26:38 | 000,077,608 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NEOFLTR_640_14811.sys -- (NEOFLTR_640_14811) Juniper Networks TDI Filter Driver (NEOFLTR_640_14811)
DRV - [2008/04/13 21:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 21:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/01 16:53:43 | 000,715,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2004/09/30 08:35:00 | 002,743,840 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/09/21 14:53:18 | 002,278,784 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002/12/18 19:13:34 | 000,122,121 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw)
DRV - [2002/11/18 15:29:26 | 000,399,700 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dumant.sys -- (DumaNT)
DRV - [2002/10/11 11:19:00 | 000,046,551 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2001/09/18 15:26:38 | 000,153,631 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xnd5.sys -- (EL90X)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/06/19 11:44:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/17 09:18:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/16 20:18:27 | 000,000,000 | ---D | M]

[2009/06/13 12:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\עדן\Application Data\Mozilla\Extensions
[2009/11/08 21:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\עדן\Application Data\Mozilla\Firefox\Profiles\sx612zxc.default\extensions
[2009/07/13 17:12:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\עדן\Application Data\Mozilla\Firefox\Profiles\sx612zxc.default\searchplugins\icqplugin.xml
[2010/07/16 20:18:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/16 20:18:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/16 20:17:54 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/01/04 18:36:50 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2008/01/04 18:36:50 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2008/09/22 22:14:04 | 000,000,759 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2008/01/04 18:36:50 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/01/04 23:40:48 | 000,000,849 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &יצא ל- Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {03EC4525-6918-4674-9EFF-738EEB3E189F} http://maxshein10.cctvuser.com/plusviewer.cab (PlusViewer Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1202306177953 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://ssl.sonol.co.il/dana-cached/setup/JuniperSetupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ssl.sonol.co.il/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\http - No CLSID value found
O18 - Protocol\Handler\https - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (sevenui.exe) - C:\WINDOWS\System32\sevenui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (דף הבית הנוכחי שלי) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\עדן\My Documents\My Pictures\2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\עדן\My Documents\My Pictures\2.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 19:13:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\Shell\AutoRun\command - "" = G:\RECYCLER\usbassist.exe -- File not found
O33 - MountPoints2\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\Shell\opEN\CoMmanD - "" = G:\RECYCLER\usbassist.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/17 10:10:14 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\עדן\שולחן העבודה\OTL.exe
[2010/07/16 22:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\עדן\Application Data\SUPERAntiSpyware.com
[2010/07/16 22:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
[2010/07/16 22:46:59 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/07/16 22:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\עדן\שולחן העבודה\SAP.v4.36.1006
[2010/07/16 22:41:31 | 009,070,944 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\עדן\שולחן העבודה\SUPERAntiSpywarePro.exe
[2010/07/16 22:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/07/16 20:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun
[2010/07/16 20:18:27 | 000,073,728 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/16 20:18:26 | 000,423,656 | ---- | C] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/16 20:18:26 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/16 20:18:26 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/16 20:18:26 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/16 16:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\עדן\Application Data\Uniblue
[2010/07/14 13:58:52 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/07/11 23:37:36 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010/06/19 22:31:38 | 000,000,000 | ---D | C] -- C:\Program Files\SexyKO
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/17 10:13:06 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-261903793-1801674531-1004UA.job
[2010/07/17 10:10:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\עדן\שולחן העבודה\OTL.exe
[2010/07/17 10:03:28 | 000,000,854 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/17 10:03:28 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/17 10:03:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/07/17 09:05:44 | 000,007,883 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/07/17 09:05:39 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/17 09:05:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/17 09:05:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/17 09:04:59 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/17 00:20:41 | 012,582,912 | ---- | M] () -- C:\Documents and Settings\עדן\ntuser.dat
[2010/07/17 00:20:41 | 000,000,306 | -HS- | M] () -- C:\Documents and Settings\עדן\ntuser.ini
[2010/07/16 23:11:15 | 000,013,205 | ---- | M] () -- C:\Documents and Settings\עדן\שולחן העבודה\asd.JPG
[2010/07/16 22:47:04 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\שולחן העבודה\SUPERAntiSpyware Professional.lnk
[2010/07/16 22:41:46 | 000,277,459 | ---- | M] () -- C:\Documents and Settings\עדן\שולחן העבודה\SAP.v4.36.1006.rar
[2010/07/16 22:41:31 | 009,070,944 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\עדן\שולחן העבודה\SUPERAntiSpywarePro.exe
[2010/07/16 20:17:53 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/16 20:17:53 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/16 20:17:53 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/16 20:17:53 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/16 20:17:53 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/16 19:13:01 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-261903793-1801674531-1004Core.job
[2010/07/16 14:32:33 | 003,147,656 | -H-- | M] () -- C:\Documents and Settings\עדן\Local Settings\Application Data\IconCache.db
[2010/07/15 18:20:26 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\עדן\My Documents\spider.sav
[2010/07/15 15:31:48 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\עדן\Application Data\Microsoft\Internet Explorer\Quick Launch\הפעל את Microsoft Outlook.lnk
[2010/07/14 13:16:57 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/13 21:56:57 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\שולחן העבודה\Mp3tag.lnk
[2010/07/11 23:37:42 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\שולחן העבודה\TeamSpeak 3 Client.lnk
[2010/07/06 17:43:33 | 106,954,753 | ---- | M] () -- C:\Documents and Settings\עדן\שולחן העבודה\VDay.2010.720p.700MB.ShAaNiG.part1.rar
[2010/06/24 00:15:29 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/24 00:15:29 | 000,345,584 | ---- | M] () -- C:\WINDOWS\System32\perfh00d.dat
[2010/06/24 00:15:29 | 000,067,296 | ---- | M] () -- C:\WINDOWS\System32\perfc00d.dat
[2010/06/24 00:15:28 | 000,888,296 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/24 00:15:28 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/24 00:12:25 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\עדן\שולחן העבודה\Adobe Photoshop CS2.lnk
[2010/06/20 09:38:55 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\עדן\שולחן העבודה\קיצור דרך אל ‎Launcher.exe.lnk
[2010/06/19 23:43:51 | 000,182,272 | ---- | M] () -- C:\Documents and Settings\עדן\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/16 23:11:15 | 000,013,205 | ---- | C] () -- C:\Documents and Settings\עדן\שולחן העבודה\asd.JPG
[2010/07/16 22:47:04 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\שולחן העבודה\SUPERAntiSpyware Professional.lnk
[2010/07/16 22:41:46 | 000,277,459 | ---- | C] () -- C:\Documents and Settings\עדן\שולחן העבודה\SAP.v4.36.1006.rar
[2010/07/15 18:20:26 | 000,000,372 | ---- | C] () -- C:\Documents and Settings\עדן\My Documents\spider.sav
[2010/07/11 23:37:42 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\שולחן העבודה\TeamSpeak 3 Client.lnk
[2010/07/06 17:43:09 | 106,954,753 | ---- | C] () -- C:\Documents and Settings\עדן\שולחן העבודה\VDay.2010.720p.700MB.ShAaNiG.part1.rar
[2010/06/24 00:12:25 | 000,001,776 | ---- | C] () -- C:\Documents and Settings\עדן\שולחן העבודה\Adobe Photoshop CS2.lnk
[2010/06/20 09:38:55 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\עדן\שולחן העבודה\קיצור דרך אל ‎Launcher.exe.lnk
[2009/11/30 22:33:46 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/11/26 22:41:03 | 000,258,048 | ---- | C] () -- C:\WINDOWS\libFLAC.dll
[2009/09/07 12:40:20 | 000,070,236 | ---- | C] () -- C:\WINDOWS\System32\rus_lang_plusviewer.ini
[2009/09/07 12:40:20 | 000,033,899 | ---- | C] () -- C:\WINDOWS\System32\rus_lang_setupmng.ini
[2009/07/28 12:37:46 | 000,072,342 | ---- | C] () -- C:\WINDOWS\System32\spn_lang_plusviewer.ini
[2009/07/10 13:43:46 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\spn_lang_setupmng.ini
[2009/07/10 13:43:40 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\prt_lang_setupmng.ini
[2009/07/10 13:43:34 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\pol_lang_setupmng.ini
[2009/07/10 13:43:28 | 000,033,110 | ---- | C] () -- C:\WINDOWS\System32\kor_lang_setupmng.ini
[2009/07/10 13:43:24 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\jpn_lang_setupmng.ini
[2009/07/10 13:43:18 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\heb_lang_setupmng.ini
[2009/07/10 13:43:12 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\eng_lang_setupmng.ini
[2009/07/10 13:43:06 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\chat_lang_setupmng.ini
[2009/07/10 13:43:00 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\chas_lang_setupmng.ini
[2009/07/06 15:19:10 | 000,054,028 | ---- | C] () -- C:\WINDOWS\System32\chas_lang_plusviewer.ini
[2009/07/02 18:20:40 | 000,054,080 | ---- | C] () -- C:\WINDOWS\System32\chat_lang_plusviewer.ini
[2009/06/29 15:24:20 | 000,033,357 | ---- | C] () -- C:\WINDOWS\System32\eng_lang_plusviewer.ini
[2009/06/19 11:30:40 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009/06/18 15:27:28 | 000,032,762 | ---- | C] () -- C:\WINDOWS\System32\kor_lang_plusviewer.ini
[2009/06/18 15:27:06 | 000,033,285 | ---- | C] () -- C:\WINDOWS\System32\jpn_lang_plusviewer.ini
[2009/06/16 17:52:50 | 000,066,734 | ---- | C] () -- C:\WINDOWS\System32\prt_lang_plusviewer.ini
[2009/03/12 19:13:50 | 000,064,436 | ---- | C] () -- C:\WINDOWS\System32\heb_lang_plusviewer.ini
[2009/03/11 12:08:48 | 000,033,234 | ---- | C] () -- C:\WINDOWS\System32\pol_lang_plusviewer.ini
[2008/06/16 18:17:50 | 000,098,892 | ---- | C] () -- C:\WINDOWS\System32\PPPoEWin.sys
[2008/06/16 18:17:50 | 000,098,892 | ---- | C] () -- C:\WINDOWS\System32\drivers\PPPoEWin.sys
[2007/05/12 12:01:25 | 000,715,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/03/21 17:30:52 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\mp4dec2avi.dll
[2006/12/02 21:50:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/19 20:14:09 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2006/10/30 21:28:05 | 000,000,068 | ---- | C] () -- C:\WINDOWS\rootcracker.ini
[2006/02/23 21:00:26 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2006/02/21 15:18:59 | 000,000,139 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2006/01/28 18:19:35 | 000,000,039 | ---- | C] () -- C:\WINDOWS\ideq32.ini
[2006/01/26 20:19:42 | 000,000,026 | ---- | C] () -- C:\WINDOWS\NeoSetup.INI
[2006/01/26 16:08:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006/01/12 19:53:18 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\memtest.dll
[2006/01/12 19:53:17 | 000,039,208 | R--- | C] () -- C:\WINDOWS\System32\drivers\vgauti.sys
[2006/01/12 19:53:17 | 000,039,208 | R--- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2006/01/02 21:21:44 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\cwsmaf40.dll
[2006/01/02 21:21:43 | 001,097,728 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006/01/02 21:21:43 | 001,003,520 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006/01/02 21:21:43 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\pwmdtl40.dll
[2006/01/02 21:21:43 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/01/02 21:21:43 | 000,182,784 | ---- | C] () -- C:\WINDOWS\System32\DGVorbis.dll
[2006/01/02 21:21:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\Mp3dec.dll
[2006/01/02 21:21:43 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\cwpwmd10.dll
[2006/01/02 21:21:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\MP3enc.dll
[2006/01/02 21:21:43 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2006/01/02 21:21:43 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005/12/08 13:52:38 | 000,000,651 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/08 12:57:41 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2005/12/08 12:57:37 | 000,000,331 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2005/12/08 12:57:33 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2005/03/10 21:47:18 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\rfmp4dec.dll
[2004/12/14 14:04:48 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/14 14:02:49 | 001,175,552 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004/05/31 15:39:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\rfg726.dll
[2004/01/19 18:17:58 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\mwmp4dec.dll
[2002/11/18 15:29:28 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\nvimage.dll
[2002/11/18 15:29:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\stereoi.dll
[2002/03/21 14:51:52 | 000,503,808 | R--- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2002/03/21 14:51:52 | 000,286,720 | R--- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2002/03/21 14:51:52 | 000,163,840 | R--- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2002/03/21 14:51:52 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2002/03/21 14:51:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2002/03/21 14:51:52 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2002/03/21 14:51:52 | 000,020,480 | R--- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2002/03/20 23:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002/03/20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002/03/20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002/03/20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002/03/20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[2002/03/13 17:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[1996/04/03 22:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 219 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:4295826C
< End of report >

OTL Extras logfile created on: 17/07/2010 10:11:45 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\עדן\שולחן העבודה
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040D | Country: ישראל | Language: HEB | Date Format: dd/MM/yyyy

511.00 Mb Total Physical Memory | 266.00 Mb Available Physical Memory | 52.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 1.57 Gb Free Space | 1.40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TAP-7409E23BDD
Current User Name: עדן
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\5.0\ACDSee5.exe" "%1" (ACD Systems, Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Scan with Ad-aware...] -- "C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" "%1" "+SD" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 1
"UpdatesDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Tactical Ops\TacticalOps 3\System\TacticalOps.exe" = C:\Program Files\Tactical Ops\TacticalOps 3\System\TacticalOps.exe:*:Enabled:TacticalOps -- ()
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Documents and Settings\עדן\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe" = C:\Documents and Settings\עדן\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe:*:Enabled:Juniper Terminal Services Client -- (Juniper Networks)
"C:\Program Files\Juniper Networks\Secure Application Manager\dsSamProxy.exe" = C:\Program Files\Juniper Networks\Secure Application Manager\dsSamProxy.exe:*:Enabled:Secure Application Manager Proxy -- (Juniper Networks)
"C:\Program Files\Tactical Ops\TacticalOps 4\System\TacticalOps.exe" = C:\Program Files\Tactical Ops\TacticalOps 4\System\TacticalOps.exe:*:Enabled:TacticalOps -- ()
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"C:\UnrealTournament\System\UnrealTournament.exe" = C:\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament -- File not found
"C:\Program Files\eMule.co.il\Fire eMule 7\eMule.exe" = C:\Program Files\eMule.co.il\Fire eMule 7\eMule.exe:*:Enabled:eMule -- File not found
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Teamspeak2_RC2_Server\server_windows.exe" = C:\Program Files\Teamspeak2_RC2_Server\server_windows.exe:*:Enabled:Server -- File not found
"C:\Documents and Settings\עדן\שולחן העבודה\wormsarm\WA.exe" = C:\Documents and Settings\עדן\שולחן העבודה\wormsarm\WA.exe:*:Disabled:Worms Armageddon -- File not found
"C:\Documents and Settings\עדן\Application Data\GameRanger\GameRanger\GameRanger.exe" = C:\Documents and Settings\עדן\Application Data\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger -- File not found
"C:\Documents and Settings\עדן\שולחן העבודה\WWPBy FeuoZz For HorAdoT.nEt\wwp.exe" = C:\Documents and Settings\עדן\שולחן העבודה\WWPBy FeuoZz For HorAdoT.nEt\wwp.exe:*:Enabled:Worms World Party -- File not found
"C:\Program Files\UT2004\System\UT2004.exe" = C:\Program Files\UT2004\System\UT2004.exe:*:Enabled:UT2004 -- ()
"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\UnisonPlay\UniFS.exe" = C:\Program Files\UnisonPlay\UniFS.exe:*:Enabled:UniFS Media - UniFS.exe -- File not found
"" = :*:Enabled:ldrsoft
"C:\Documents and Settings\עדן\Local Settings\temp\957822.exe" = C:\Documents and Settings\עדן\Local Settings\temp\957822.exe:*:Disabled:957822 -- File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{035D48BB-503E-4F09-9D52-EC57D3411DDC}" = Windows Live Essentials
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = כלי ההעלאה של Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{350C97B4-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38E0C491-5230-4373-B62E-F1A6E94B1033}" = Nero 7 Ultra Edition
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}" = Ulead COOL 360 1.0
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = ECI USB ADSL
"{4B719A70-F14A-4f5c-90B5-346B24B7FFF1}" = Windows 7 Upgrade Advisor
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{634328D0-C948-4C4D-BDE9-58015B941648}" = Windows Live Messenger
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.8.0.193j
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7784A172-61F1-445E-8368-601607E0DD22}" = MP3 Player Utilities 3.73
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{885A5214-9CDD-40E0-A89D-7672588748E1}" = Windows Live Call
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0020-040D-0000-0000000FF1CE}" = חבילת תאימות עבור מהדורת 2007 של מערכת Office
"{9028040D-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional עם FrontPage
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95774351-6087-3A3B-8CA8-70BEE49D2BD5}" = Google Gears
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0D6AA15-66B9-41BE-BA85-17EB8C84A685}" = Knight Online
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A34386F8-7655-4E3B-9F51-D3064F607C89}" = blaxxun Contact
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF5E8D43-49AD-4BE7-A941-2BB0A8CACA62}" = ACDSee 5.0 Standard
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCBA462D-3E1B-416C-89F8-492020D4BBF4}" = מסייע הכניסה של Windows Live
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 SE Basic
"{DF3E37E0-06D5-4A1B-A264-BD2B7E30B458}" = Knight Online
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"7-Zip" = 7-Zip 9.10 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"dBpoweramp AAC Encoder" = dBpoweramp AAC Encoder
"dBpoweramp CD Writer" = dBpoweramp CD Writer
"dBpoweramp DirectShow Decoder" = dBpoweramp DirectShow Decoder
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp FLAC Codec" = dBpoweramp FLAC Codec
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ESE_Registration" = ESE Account Manager (remove only)
"ESET Online Scanner" = ESET Online Scanner v3
"Fraps" = Fraps (remove only)
"getPlus(R)_ocx" = getPlus(R)_ocx
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"MKVtoolnix" = MKVtoolnix 2.9.8
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"Mp3 Audio Editor" = Mp3 Audio Editor
"Mp3tag" = Mp3tag v2.46a
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
"Ogg Codecs" = Ogg Codecs 0.81.15562
"Seven Transformation Pack" = Seven Transformation Pack 3.0
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"ST6UNST #1" = RonlightSync
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 2 Server_is1" = TeamSpeak 2 Server RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"uTorrent" = µTorrent
"VentriloMIX" = VentriloMIX
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Essentials Pack" = Winamp Essentials Pack
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WOW" = WOW
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XviD" = XviD MPEG-4 Codec
"YouTubeGet_is1" = YouTubeGet 5.2.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Juniper_Networks_Cache_Cleaner 6.0.0" = Juniper Networks Cache Cleaner 6.0.0
"Juniper_Networks_Cache_Cleaner 6.4.0" = Juniper Networks Cache Cleaner 6.4.0
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"MaxKO" = MaxKO
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"NoNameScript" = NoNameScript

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/07/2010 03:42:59 | Computer Name = TAP-7409E23BDD | Source = Application Error | ID = 1000
Description = ‏‏תקלה ביישום maxkoc.exe, גירסה 2.3.11.1718, תקלה במודול maxkoc.exe,
גירסה 2.3.11.1718, כתובת התקלה 0x000dac5e‏.

Error - 08/07/2010 03:22:48 | Computer Name = TAP-7409E23BDD | Source = SecurityCenter | ID = 1802
Description = ‏‏לשירות מרכז האבטחה של Windows לא היתה אפשרות ליצור שאילתות אירוע
ב- WMI כדי לפקח על תוכניות אנטי-וירוס וחומת אש של יצרנים אחרים.

Error - 08/07/2010 04:57:57 | Computer Name = TAP-7409E23BDD | Source = Application Error | ID = 1000
Description = ‏‏תקלה ביישום chrome.exe, גירסה 0.0.0.0, תקלה במודול unknown, גירסה
0.0.0.0, כתובת התקלה 0x806fff43‏.

Error - 09/07/2010 16:19:58 | Computer Name = TAP-7409E23BDD | Source = Application Error | ID = 1000
Description = ‏‏תקלה ביישום explorer.exe, גירסה 6.0.2900.5512, תקלה במודול unknown,
גירסה 0.0.0.0, כתובת התקלה 0x0b2fd6b0‏.

Error - 10/07/2010 23:13:34 | Computer Name = TAP-7409E23BDD | Source = Google Update | ID = 20
Description =

Error - 12/07/2010 16:42:13 | Computer Name = TAP-7409E23BDD | Source = Application Hang | ID = 1002
Description = ‏‏יישום לא מגיב MaxKOC.exe, גירסה 2.3.11.1718, מודול חוסר תגובה hungapp,
גירסה 0.0.0.0, כתובת חוסר תגובה 0x00000000‏.

Error - 15/07/2010 07:13:34 | Computer Name = TAP-7409E23BDD | Source = Google Update | ID = 20
Description =

Error - 15/07/2010 08:13:34 | Computer Name = TAP-7409E23BDD | Source = Google Update | ID = 20
Description =

Error - 16/07/2010 04:10:39 | Computer Name = TAP-7409E23BDD | Source = Google Update | ID = 20
Description =

Error - 16/07/2010 04:13:34 | Computer Name = TAP-7409E23BDD | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 16/07/2010 13:10:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 16/07/2010 13:10:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 16/07/2010 13:10:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 16/07/2010 13:10:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 16/07/2010 13:10:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 16/07/2010 15:45:31 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7000
Description = The General Purpose USB Driver (adildr.sys) service failed to start
due to the following error: %%1058

Error - 16/07/2010 15:50:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7000
Description = The SABKUTIL service failed to star

11

Tech Clinic / Annoying virus keeps reappearing

« on: July 16, 2010, 04:17:38 PM »

Hi, I've recently found out that I'm infected with some kind of a virus. After realising that, I ran a scan with ESET Online Scanner (log below), and it found a few infected files and removed them, but every time I reboot my PC a new infected file appears to be running. All of the virus' files seem to be recreating in the folder C:\Documents and Settings\×¢×“×Ÿ\Local Settings\temp\ but I'm not completely sure that there is no other ones in other folders as well. The files were named 2.exe and 3.exe and they had an envelope icon. ESET removed the file when I ran the scan, and after I rebooted I deleted the file myself.

Here's the ESET Online Scanner Log:

# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=39bab8fa442c19429180bc8f8a36ea6d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-16 09:53:07
# local_time=2010-07-16 12:53:07 )
# country="Israel"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 34955561 34955561 0 0
# compatibility_mode=8192 67108863 100 0 33152118 33152118 0 0
# scanned=71617
# found=8
# cleaned=7
# scan_time=3131
C:\Documents and Settings\×¢×“×Ÿ\Application Data\MaxKO.exe   Win32/PSW.Fignotok.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000   C
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\temp\service.exe   a variant of Win32/Kryptik.FJP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000   C
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\temp\svcnost.exe   Win32/TrojanDownloader.Delf.POH trojan (cleaned by deleting (after the next restart) - quarantined)   00000000000000000000000000000000   C
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\temp\tmp77373732727.tmp   Win32/TrojanDownloader.Delf.POH trojan (cleaned by deleting - quarantined)   00000000000000000000000000000000   C
C:\Documents and Settings\×¢×“×Ÿ\My Documents\Matroska\Wizard-1.2\dll\libcharset.dll   probably a variant of Win32/Spy.Banker trojan (cleaned by deleting - quarantined)   00000000000000000000000000000000   C
C:\Program Files\VentriloMIX\Ventrilo 2.2.0.exe   probably a variant of Win32/Agent trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000   C
C:\WINDOWS\system32\userinit.exe   Win32/TrojanDownloader.Delf.POH trojan (unable to clean)   00000000000000000000000000000000   I
C:\WINDOWS\system32\Com\svchost.exe   a variant of Win32/Kryptik.FJP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000   C
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=39bab8fa442c19429180bc8f8a36ea6d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-16 10:59:11
# local_time=2010-07-16 01:59:11 )
# country="Israel"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 34961357 34961357 0 0
# compatibility_mode=8192 67108863 100 0 33157914 33157914 0 0
# scanned=34584
# found=1
# cleaned=1
# scan_time=1302
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\temp\NODBE.tmp   Win32/TrojanDownloader.Delf.POH trojan (cleaned by deleting - quarantined)   00000000000000000000000000000000   C
esets_scanner_update returned -1 esets_gle=53251

I also ran a scan with HijackThis, but nothing seemed suspicious so I won't bother with that.
I rebooted the PC to take a screenshot and show you how the files look like: http://i26.tinypic.com/25f1uoi.jpg

Any help is greatly appreciated! Thanks in advance.

12

Tech Clinic / Random slowness and crashes

« on: June 29, 2009, 03:58:31 AM »

In the beginning I could only delete one of the Spybot folders, the other one had a file that refused to be deleted (SDHelper.dll) as it was "in use and/or protected" or something like that, so I moved him to the desktop and deleted the empty folder. Then I downloaded Spybot from your link and installed it, and then removed it, rebooted pc.

When I was back in windows, I tried to delete that SDHelper.dll file again (that was on the desktop) and it's finally gone, but when looking at the Add/Remove Programs list I can still see that there is Spybot there and I can't uninstall it, it gives me an error: "File C:\WINDOWS\unins001.dat" does not exist. Could not uninstall." There are a few more programs in the list that are not removeable, including blaxxun contact, Ulead cool 360 and Knight Online.

Here's a fresh Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:54, on 29/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.il/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ×¢×•×–×¨ ×”×›× ×™×¡×” ×©×œ Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\×¢×“×Ÿ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &×™×¦× ×œ- Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab
O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) - http://xiah.gamescampus.com/luncher/GamesCampus.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1202306177953
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/static/...er_4.0.15.0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://ssl.sonol.co.il/dana-cached/setup/J...perSetupSP1.cab
O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} - http://irc.nana.co.il/Cabs/launcher39.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7220 bytes

13

Tech Clinic / Random slowness and crashes

« on: June 28, 2009, 04:35:01 PM »

It worked after I ran WinsockXPfix.exe and rebooted! But I just ran a Hijackthis scan and there's still one 'Unknown Winsock LSP' file (log below). By the way, we still haven't got rid of Spybot S&D, can we try and remove it completely, or should I just leave it alone as it's not any bad? Thanks mate!!! I appreciate it greatly, you're the best <3

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:30:22, on 29/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.il/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ×¢×•×–×¨ ×”×›× ×™×¡×” ×©×œ Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\×¢×“×Ÿ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &×™×¦× ×œ- Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab
O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) - http://xiah.gamescampus.com/luncher/GamesCampus.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1202306177953
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/static/...er_4.0.15.0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://ssl.sonol.co.il/dana-cached/setup/J...perSetupSP1.cab
O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} - http://irc.nana.co.il/Cabs/launcher39.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{138FBCB5-DF29-4828-B640-71D6034CC076}: NameServer = 192.115.106.35 62.219.186.7
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7709 bytes

14

Tech Clinic / Random slowness and crashes

« on: June 28, 2009, 03:11:00 PM »

Wow that's some weird [censored]. I downloaded Proxifier from one of the links you gave me, installed it, rebooted pc, uninstalled it, then rebooted again and I lost internet connection, so I restored again to the point I had saved...

15

Tech Clinic / Random slowness and crashes

« on: June 28, 2009, 02:51:55 PM »

SystemLook v1.0 by jpshortstuff (22.05.09)
Log created at 22:51 on 28/06/2009 by ×¢×“×Ÿ (Administrator - Elevation successful)

========== dir ==========

C:\Program Files - Parameters: "(none)"

---Files---
Thumbs.db   --ahs- 48640 bytes   [12:14 29/01/2005]   [12:14 29/01/2005]

---Folders---
ACD Systems   d-----   [08:21 08/05/2004]
Adobe   d-----   [14:10 08/08/2004]
Ahead   d-----   [18:37 17/11/2004]
Apple Software Update   d-----   [18:04 17/10/2007]
Avira   d-----   [11:02 31/05/2009]
AvRack   d-----   [16:33 30/04/2004]
CCleaner   d-----   [09:06 08/04/2007]
Common Files   d-a---   [17:01 30/04/2004]
ComPlus Applications   d-----   [16:11 30/04/2004]
D-Tools   d-----   [13:03 07/08/2004]
DAEMON Tools   d-----   [13:58 01/01/2008]
directx   d-----   [12:51 12/09/2004]
DivX   d-----   [11:25 10/05/2004]
Download Direct   d-----   [11:02 31/05/2009]
ECI Telecoms   d-----   [11:02 31/05/2009]
eMule   d-----   [10:40 31/05/2009]
eMule.co.il   d-----   [12:16 07/11/2006]
ESE   d-----   [14:13 29/03/2008]
ESET   d-----   [11:06 31/05/2009]
Game Cam Lite v1.4   d-----   [09:40 13/10/2007]
Gravity   d-----   [22:19 08/11/2007]
GRETECH   d-----   [10:33 26/12/2008]
HighMAT CD Writing Wizard   d-----   [18:26 07/05/2004]
HijackThis   d-----   [09:21 08/04/2007]
ICQ6   d-----   [19:05 14/07/2008]
InstallShield Installation Information   d--h--   [16:33 30/04/2004]
InterMute   d-----   [11:06 31/05/2009]
Internet Explorer   d-----   [16:11 30/04/2004]
Java   d-----   [23:04 04/06/2004]
JavaSoft   d-----   [00:54 18/05/2004]
Juniper Networks   d-----   [15:58 26/08/2008]
Knight-Empire.net   d-----   [10:53 31/05/2009]
Malwarebytes' Anti-Malware   d-----   [18:06 06/06/2009]
Messenger   d-----   [16:11 30/04/2004]
Microsoft   d-----   [07:27 01/04/2009]
Microsoft CAPICOM 2.1.0.2   d-----   [11:01 31/05/2009]
microsoft frontpage   d-----   [16:14 30/04/2004]
Microsoft Office   d-----   [16:59 30/04/2004]
mIRC   d-----   [08:14 19/06/2009]
Movie Maker   d-----   [16:12 30/04/2004]
Mozilla Firefox   d-----   [09:13 13/06/2009]
MP3 Player Utilities 3.73   d-----   [16:58 19/11/2006]
MSBuild   d-----   [06:25 30/01/2008]
MSI   d-----   [16:24 30/04/2004]
MSN   d-----   [16:11 30/04/2004]
MSN Gaming Zone   d-----   [16:11 30/04/2004]
MSXML 6.0   d-----   [11:01 31/05/2009]
Nero   d-----   [15:58 02/12/2006]
Netex   d-----   [11:06 31/05/2009]
NetMeeting   d-----   [16:12 30/04/2004]
Online Services   d-----   [16:11 30/04/2004]
Outlook Express   d-----   [16:12 30/04/2004]
QuickTime   d-----   [19:33 20/03/2008]
Reference Assemblies   d-----   [06:19 30/01/2008]
SodaBush   d-----   [11:04 31/05/2009]
Sony Setup   d-----   [11:06 31/05/2009]
Spybot - Search & Destroy   d-----   [08:04 28/06/2009]
Spybot - Search & Destroy2   d-----   [10:31 31/05/2009]
Tactical Ops   d-----   [16:20 04/11/2006]
Teamspeak2_RC2   d-----   [16:48 31/03/2006]
Teamspeak2_RC2_Server   d-----   [15:38 02/02/2007]
Trend Micro   d-----   [19:08 06/06/2009]
Uninstall Information   d--h--   [16:17 30/04/2004]
Ventrilo   d-----   [19:56 06/03/2008]
VentriloMIX   d-----   [16:57 26/08/2007]
Windows Journal Viewer   d-----   [12:34 26/01/2007]
Windows Live   d-----   [07:26 01/04/2009]
Windows Live SkyDrive   d-----   [07:27 01/04/2009]
Windows Media Connect 2   d-----   [18:15 17/11/2007]
Windows Media Player   d-----   [16:12 30/04/2004]
Windows NT   d-----   [16:10 30/04/2004]
WindowsUpdate   d--h--   [16:11 30/04/2004]
WinRAR   d-----   [11:27 10/05/2004]
WinZip   d-----   [11:27 10/05/2004]
wow250   d-----   [11:04 31/05/2009]
xerox   d-----   [16:14 30/04/2004]
Xfire   d-----   [14:20 25/05/2009]
XviD   d-----   [21:39 05/11/2008]
â€â€×¢×•×ª×§ ×©×œ Teamspeak2_RC2   d-----   [15:45 21/05/2007]

-=End Of File=-

16

Tech Clinic / Random slowness and crashes

« on: June 28, 2009, 02:40:45 PM »

I did what you said and I lost internet connection so I restored back to the point I had created. How come is that program so important? I downloaded it about a year ago to connect to a proxy and bypass some country-IP check for an online game. I didn't use it then so I don't even know how it works.

17

Tech Clinic / Random slowness and crashes

« on: June 28, 2009, 01:46:46 PM »

Hijackthis uninstall list:

ACDSee 5.0 Standard
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 8.1.2
Adobe Shockwave Player
Adobe Stock Photos 1.0
Apple Software Update
blaxxun Contact
CCleaner (remove only)
Choice Guard
DivX Codec
DivX Converter
DivX Player
DivX Web Player
ECI USB ADSL
ESE Account Manager (remove only)
ESET Online Scanner v3
Fire eMule.co.il v7.1 (0.47c)
Fraps (remove only)
getPlus®_ocx
Google Gears
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
ICQ6
Java(tm) 6 Update 3
Juniper Networks Secure Application Manager
Knight Online
Knight Online
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional ×¢× FrontPage
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Windows Journal Viewer
mIRC
Mozilla Firefox (3.0.11)
MP3 Player Utilities 3.73
MSVCRT
MSXML 6.0 Parser (KB933579)
Nero 7 Ultra Edition
NVIDIA Drivers
NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Segoe UI
Speed eMule.co.il v8.0 (0.48a)
Spybot - Search & Destroy 1.5.2.20
Steam
TeamSpeak 2 RC2
TeamSpeak 2 Server RC2
Ulead COOL 360 1.0
Unreal Tournament G.O.T.Y. Edition
Ventrilo Client
VentriloMIX
Windows Genuine Advantage v1.3.0254.0
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR archiver
WOW
Xfire (remove only)
XviD MPEG-4 Codec
×›×œ×™ ×”×”×¢×œ××” ×©×œ Windows Live
×ž×¡×™×™×¢ ×”×›× ×™×¡×” ×©×œ Windows Live
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Internet Explorer 7 (KB928090)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Internet Explorer 7 (KB931768)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Internet Explorer 7 (KB933566)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Internet Explorer 7 (KB937143)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Internet Explorer 7 (KB938127)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Internet Explorer 7 (KB939653)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Internet Explorer 7 (KB942615)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Internet Explorer 7 (KB944533)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Internet Explorer 7 (KB950759)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Media Playerâ€ (KB911564)
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Media Player 11â€ (KB936782)
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Media Player 6.4â€ (KB925398)
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Media Player 9â€ (KB911565)
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Media Player 9â€ (KB917734)
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows Media Player 9â€ (KB936782)
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB890046)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB893066)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB893756)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB896358)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB896422)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB896423)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB896424)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB896428)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB896688)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB899587)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB899591)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB900725)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB901017)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB901190)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB901214)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB902400)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB904706)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB905414)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB905749)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB905915)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB908519)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB908531)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB911562)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB911567)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB911927)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB912812)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB912919)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB913446)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB913580)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB914388)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB914389)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB916281)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB917159)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB917344)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB917422)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB917953)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB918118)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB918439)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB918899)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB919007)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB920213)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB920214)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB920670)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB920683)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB920685)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB921398)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB921503)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB921883)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB922616)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB922760)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB922819)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB923191)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB923414)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XPâ€ (KB923689)
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB923694)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB923980)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB924191)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB924270)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB924496)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB924667)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB925454)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB925486)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB925902)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB926255)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB926436)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB927779)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB927802)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB928255)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB928843)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB929123)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB930178)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB931261)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB931784)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB932168)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB933729)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB935839)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB935840)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB936021)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB938829)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB941202)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB941568)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XPâ€ (KB941569)
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB941644)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB941693)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB943055)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB943460)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB943485)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB944653)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB945553)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB946026)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB948590)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB948881)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB950749)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB950760)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB950762)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB951376)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB951376-v2)â€Ž
×¢×“×›×•×Ÿ ××‘×˜×—×” ×¢×‘×•×¨ Windows XP (KB951698)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB894391)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB898461)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB900485)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB904942)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB910437)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB911280)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB916595)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB920872)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB922582)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB925720)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB927891)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB929338)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB930916)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB931836)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB932823-v3)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB933360)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB936357)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB938828)â€Ž
×¢×“×›×•×Ÿ ×¢×‘×•×¨ Windows XP (KB942763)â€Ž
×ª×™×§×•×Ÿ ×—× ×¢×‘×•×¨ Windows Internet Explorer 7 (KB947864)â€Ž
×ª×™×§×•×Ÿ ×—× ×¢×‘×•×¨ Windows Media Player 11â€ (KB939683)
×ª×™×§×•×Ÿ ×—× ×¢×‘×•×¨ Windows XP (KB914440)â€Ž
--------------------

LSP-Fix 'Keep' side entries:

Name (Description)

winrnr.dll (NTDS)
wshbth.dll (Bluetooth Namespace)
samnsp.dll (Juniper Secure DNS (Top))
PrxerNsp.dll (Proxifier Nsp)
mswsock.dll (Tcpip)
Prxerdrv.dll (Protocol handler)
rsvpsp.dll (Protocol handler)

18

Tech Clinic / Random slowness and crashes

« on: June 28, 2009, 03:18:52 AM »

Yes, I installed proxifier about a year ago, but I've removed it now. I downloaded Spybot from the link you gave me, installed it and then uninstalled, but it created a different 'program', the other Spybot in the Add/Remove programs list is still there (2MB btw) and I can't uninstall it.

Also, I did a Hijackthis scan again after I removed Proxifier and those three 'Unknown Winsock files' are still there, would it be safe to fix and remove them with Hijackthis? There's also a few things of Spybot which I don't need since I don't use it, can I safely remove it as well?

Here's a fresh Hijackthis scanlog, there are a few things I don't need and want to remove, I made them bold and underlined, can you tell me which ones are safe to 'fix' with Hijackthis?:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:15, on 28/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.il/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ×¢×•×–×¨ ×”×›× ×™×¡×” ×©×œ Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\×¢×“×Ÿ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &×™×¦× ×œ- Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab
O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) - http://xiah.gamescampus.com/luncher/GamesCampus.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1202306177953
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://play.battlefield-heroes.com/static/...er_4.0.15.0.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://ssl.sonol.co.il/dana-cached/setup/J...perSetupSP1.cab
O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} - http://irc.nana.co.il/Cabs/launcher39.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{138FBCB5-DF29-4828-B640-71D6034CC076}: NameServer = 192.115.106.31 192.115.106.31
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8079 bytes

Thanks!

19

Tech Clinic / Random slowness and crashes

« on: June 28, 2009, 02:02:13 AM »

Malwarebytes' Anti-Malware 1.38
Database version: 2344
Windows 5.1.2600 Service Pack 2

28/06/2009 09:43:52
mbam-log-2009-06-28 (09-43-52).txt

Scan type: Quick Scan
Objects scanned: 105118
Time elapsed: 4 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

What about the inability to uninstall programs? There are some stuff I want to remove and for some reason I can't. When trying to remove Spybot S&D it gives me an error: "File C:\Windows\unins001.dat does not exist. Cannot uninstall." Other programs say "An installation support file could not be installed" and sometimes I get a windows error message "Setup.exe has crashed and needs to close."

Is there anything I can do about it? It's not important really, but I'd like to solve this anyway.

Thanks!!!

20

Tech Clinic / Random slowness and crashes

« on: June 27, 2009, 12:52:09 PM »

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=7.00.6000.16674 (vista_gdr.080415-1732)
# OnlineScanner.ocx=1.0.0.5863
# api_version=3.0.2
# EOSSerial=39bab8fa442c19429180bc8f8a36ea6d
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-06-27 05:43:26
# local_time=2009-06-27 08:43:26 )
# country="Israel"
# lang=9
# osver=5.1.2600 NT Service Pack 2
# scanned=137818
# found=1
# cleaned=1
# scan_time=5310
C:\Program Files\Knight Online\XTrap\XTrapVa.dll probably a variant of Win32/Agent trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000

It only found one "trojan" which isn't really harmful or anything, it's an anti-cheat program. Does that mean everything's alright?

TheTechGuide Forum

News:

Messages - Brenneka

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Annoying virus keeps reappearing

Tech Clinic / Random slowness and crashes

Tech Clinic / Random slowness and crashes

Tech Clinic / Random slowness and crashes

Tech Clinic / Random slowness and crashes

Tech Clinic / Random slowness and crashes

Tech Clinic / Random slowness and crashes

Tech Clinic / Random slowness and crashes

Tech Clinic / Random slowness and crashes

Tech Clinic / Random slowness and crashes