Blue Screen/Buggy system

**Rodrigo** · 08-10-2011

Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: 7882

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/5/2011 7:31:58 PM
mbam-log-2011-10-05 (19-31-58).txt

Scan type: Full scan (C:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|N:\|O:\|P :\|Q:\|)
Objects scanned: 266705
Time elapsed: 1 hour(s), 15 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

**Rodrigo** · 08-10-2011

GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-10-06 09:28:27
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3750630AS rev.HP26
Running: 5qlu78ws.exe; Driver: C:\DOCUME~1\Rodrigo\LOCALS~1\Temp\pxtdrpob.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xB446B374]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xB44FA2B8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xB448F829]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xB446D996]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xB446D9EE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xB446DB04]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateKey [0xB448F1DD]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xB446D8EC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xB446DA3E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xB446D940]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xB446DAB2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xB446B398]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xB448FEEF]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xB44901A5]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xB446DD88]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xB448FD5A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xB448FBC5]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xB44FA368]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xB446B162]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xB446B3BC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xB446DEFC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xB446BE54]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xB446D9C6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xB446DA16]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xB446DB2E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenKey [0xB448F539]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xB446D918]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xB446DBC0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xB446DA7E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xB446D96E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xB446DCA4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xB446DADC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xB44FA400]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xB448FA40]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xB446BD1A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xB448F892]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB45026E2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xB448E850]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xB446B3E0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xB446B404]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xB446B1BC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xB446B2F8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xB448FFF6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xB446B2D4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xB446B31C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xB446B428]

INT 0x62 ? 8B509CC8
INT 0x73 ? 8B2D0F00
INT 0x74 ? 8B2D0F00
INT 0x82 ? 8B509CC8
INT 0x83 ? 8B2D0F00
INT 0x83 ? 8B2D0F00
INT 0x94 ? 8B2D0F00
INT 0xA4 ? 8B2D0F00

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB450F9A6]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2F14 805047B0 4 Bytes CALL CB58FBFD
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 5EC 805A64D4 4 Bytes CALL B446C4AF \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC582 5 Bytes JMP B450B3DE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805C3006 5 Bytes JMP B450CE84 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805D11AA 7 Bytes JMP B450F9AA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE sptd.sys B7EF3000 1 Byte [74]
PAGE sptd.sys B7EF3004 5 Bytes [40, 33, EF, B7, A3] {INC EAX; XOR EBP, EDI; MOV BH, 0xa3}
PAGE sptd.sys B7EF300C 5 Bytes [50, 34, EF, B7, 98] {PUSH EAX; XOR AL, 0xef; MOV BH, 0x98}
PAGE sptd.sys B7EF3014 5 Bytes [B8, 33, EF, B7, 59] {MOV EAX, 0x59b7ef33}
PAGE sptd.sys B7EF301C 5 Bytes [78, 32, EF, B7, 61] {JS 0x34; OUT DX, EAX; MOV BH, 0x61}
PAGE ...
.sptd2 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd2" section [0xB7F8CD38]
? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB70163A0, 0x88C445, 0xE8000020]
.text USBPORT.SYS!DllUnload B6FF68EC 5 Bytes JMP 8B2D0410
.text am4v2i2u.SYS B6F0E306 74 Bytes [00, 00, 00, 40, 03, 00, 40, ...]
.text am4v2i2u.SYS B6F0E351 87 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text am4v2i2u.SYS B6F0E3A9 10 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text am4v2i2u.SYS B6F0E3B4 34 Bytes [40, 00, 00, C8, 50, 41, 47, ...]
.text am4v2i2u.SYS B6F0E3D7 1 Byte [00]
.text ...
.text win32k.sys!EngFreeUserMem + 674 BF8098FD 2 Bytes JMP B446EE48 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFreeUserMem + 677 BF809900 2 Bytes [C6, F4]
.text win32k.sys!EngDeleteSurface + 45 BF8138F1 5 Bytes JMP B446ED54 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + 322E BF81E772 5 Bytes JMP B446E016 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPaint + 11A6 BF82D683 5 Bytes JMP B446E0DA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngLockSurface + C09 BF82E801 5 Bytes JMP B446EFB2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + 654A BF83DA73 5 Bytes JMP B446F1BA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + BEFF BF843428 5 Bytes JMP B446ECC4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + DBA1 BF8450CA 5 Bytes JMP B446E14A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 5807 BF87260C 5 Bytes JMP B446E326 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 5892 BF872697 5 Bytes JMP B446E4CC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 646A BF87326F 5 Bytes JMP B446DFFE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + B836 BF87863B 5 Bytes JMP B446ED7E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnicodeToMultiByteN + 67E7 BF87F85E 5 Bytes JMP B446EEFA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 411E BF89969B 5 Bytes JMP B446E4A4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGradientFill + 2862 BF8BA062 5 Bytes JMP B446F118 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngAlphaBlend + 1A3D BF8C2084 5 Bytes JMP B446E1E4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1517 BF8CA4E6 5 Bytes JMP B446E254 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1797 BF8CA766 5 Bytes JMP B446E28E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + 3B3E BF8EC1B7 5 Bytes JMP B446DF32 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 1A0A BF9134E3 5 Bytes JMP B446E096 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 25DE BF9140B7 5 Bytes JMP B446E1AE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 4F3D BF916A16 5 Bytes JMP B446E5E6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPlgBlt + 1957 BF9465F2 5 Bytes JMP B446F070 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\RunDLL32.exe[204] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\RunDLL32.exe[204] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\RunDLL32.exe[204] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\RunDLL32.exe[204] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\RunDLL32.exe[204] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\RunDLL32.exe[204] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\RunDLL32.exe[204] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\RunDLL32.exe[204] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\RunDLL32.exe[204] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\RunDLL32.exe[204] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
.text C:\WINDOWS\system32\RunDLL32.exe[204] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\RunDLL32.exe[204] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\RunDLL32.exe[204] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
.text C:\WINDOWS\system32\RunDLL32.exe[204] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
.text C:\WINDOWS\system32\RunDLL32.exe[204] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\RunDLL32.exe[204] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\RunDLL32.exe[204] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
.text C:\Program Files\AVAST Software\Avast\avastUI.exe[228] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\avastUI.exe[228] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002D1014
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002D0804
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002D0A08
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002D0C0C
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002D0E10
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002D01F8
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002D03FC
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002D0600
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002E0804
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002E0A08
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002E0600
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002E01F8
.text C:\Program Files\Microsoft IntelliPoint\ipoint.exe[236] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002E03FC
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001501F8
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001503FC
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 003A1014
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 003A0804
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 003A0A08
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 003A0C0C
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 003A0E10
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003A01F8
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003A03FC
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 003A0600
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003B0804
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003B0A08
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003B0600
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003B01F8
.text C:\Program Files\Microsoft IntelliType Pro\itype.exe[244] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003B03FC
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001501F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001503FC
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 003A1014
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 003A0804
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 003A0A08
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 003A0C0C
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 003A0E10
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003A01F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003A03FC
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 003A0600
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003B0804
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003B0A08
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003B0600
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003B01F8
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[272] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003B03FC
.text C:\WINDOWS\system32\ctfmon.exe[300] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000A01F8
.text C:\WINDOWS\system32\ctfmon.exe[300] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[300] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000A03FC
.text C:\WINDOWS\system32\ctfmon.exe[300] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[300] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
.text C:\WINDOWS\system32\ctfmon.exe[300] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\ctfmon.exe[300] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\ctfmon.exe[300] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
.text C:\WINDOWS\system32\ctfmon.exe[300] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
.text C:\WINDOWS\system32\ctfmon.exe[300] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\ctfmon.exe[300] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\ctfmon.exe[300] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\ctfmon.exe[300] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002D0804
.text C:\WINDOWS\system32\ctfmon.exe[300] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002D0A08
.text C:\WINDOWS\system32\ctfmon.exe[300] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002D0600
.text C:\WINDOWS\system32\ctfmon.exe[300] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002D01F8
.text C:\WINDOWS\system32\ctfmon.exe[300] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002D03FC
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001501F8
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001503FC
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 003A1014
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 003A0804
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 003A0A08
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 003A0C0C
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 003A0E10
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003A01F8
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003A03FC
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 003A0600
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003B0804
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003B0A08
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003B0600
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003B01F8
.text C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe[304] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003B03FC
.text C:\WINDOWS\System32\smss.exe[560] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[808] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[808] KERNEL32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[832] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000701F8
.text C:\WINDOWS\system32\winlogon.exe[832] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[832] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000703FC
.text C:\WINDOWS\system32\winlogon.exe[832] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[832] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\winlogon.exe[832] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\winlogon.exe[832] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\winlogon.exe[832] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\winlogon.exe[832] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\winlogon.exe[832] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\winlogon.exe[832] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\winlogon.exe[832] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\winlogon.exe[832] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\winlogon.exe[832] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\winlogon.exe[832] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\winlogon.exe[832] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\winlogon.exe[832] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\services.exe[876] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\services.exe[876] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[876] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\services.exe[876] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[876] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\services.exe[876] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\services.exe[876] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\services.exe[876] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\services.exe[876] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\services.exe[876] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\services.exe[876] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\services.exe[876] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\services.exe[876] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\services.exe[876] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\services.exe[876] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\services.exe[876] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\services.exe[876] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\lsass.exe[888] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\lsass.exe[888] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[888] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\lsass.exe[888] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[888] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\lsass.exe[888] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\lsass.exe[888] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\lsass.exe[888] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\lsass.exe[888] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\lsass.exe[888] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\lsass.exe[888] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\lsass.exe[888] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\lsass.exe[888] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\lsass.exe[888] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\lsass.exe[888] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\lsass.exe[888] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\lsass.exe[888] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\svchost.exe[1068] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\svchost.exe[1068] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\svchost.exe[1068] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\svchost.exe[1068] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\svchost.exe[1068] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\svchost.exe[1068] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\svchost.exe[1152] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1152] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1152] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1152] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1152] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\svchost.exe[1152] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\svchost.exe[1152] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\svchost.exe[1152] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\svchost.exe[1152] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\svchost.exe[1152] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\svchost.exe[1152] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\svchost.exe[1152] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\svchost.exe[1152] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\svchost.exe[1152] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\svchost.exe[1152] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\svchost.exe[1152] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\svchost.exe[1152] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\wuauclt.exe[1240] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000A01F8
.text C:\WINDOWS\system32\wuauclt.exe[1240] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\wuauclt.exe[1240] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000A03FC
.text C:\WINDOWS\system32\wuauclt.exe[1240] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\wuauclt.exe[1240] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\wuauclt.exe[1240] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002D0804
.text C:\WINDOWS\system32\wuauclt.exe[1240] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002D0A08
.text C:\WINDOWS\system32\wuauclt.exe[1240] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002D0600
.text C:\WINDOWS\system32\wuauclt.exe[1240] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002D01F8
.text C:\WINDOWS\system32\wuauclt.exe[1240] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002D03FC
.text C:\WINDOWS\System32\svchost.exe[1268] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\System32\svchost.exe[1268] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1268] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\System32\svchost.exe[1268] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1268] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\System32\svchost.exe[1268] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\System32\svchost.exe[1268] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\System32\svchost.exe[1268] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\System32\svchost.exe[1268] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\System32\svchost.exe[1268] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\System32\svchost.exe[1268] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\System32\svchost.exe[1268] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\System32\svchost.exe[1268] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\System32\svchost.exe[1268] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\System32\svchost.exe[1268] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\System32\svchost.exe[1268] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\System32\svchost.exe[1268] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\svchost.exe[1312] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1312] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1312] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1312] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1312] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\svchost.exe[1312] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\svchost.exe[1312] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\svchost.exe[1312] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\svchost.exe[1312] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\svchost.exe[1312] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\svchost.exe[1312] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\svchost.exe[1312] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\svchost.exe[1312] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\svchost.exe[1312] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\svchost.exe[1312] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\svchost.exe[1312] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\svchost.exe[1312] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\svchost.exe[1464] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1464] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1464] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1464] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1464] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\svchost.exe[1464] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\svchost.exe[1464] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\svchost.exe[1464] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\svchost.exe[1464] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\svchost.exe[1464] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\svchost.exe[1464] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\svchost.exe[1464] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\svchost.exe[1464] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\svchost.exe[1464] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\svchost.exe[1464] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\svchost.exe[1464] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\svchost.exe[1464] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\svchost.exe[1556] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[1556] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1556] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[1556] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1556] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\svchost.exe[1556] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\svchost.exe[1556] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\svchost.exe[1556] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\svchost.exe[1556] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\svchost.exe[1556] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\svchost.exe[1556] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\svchost.exe[1556] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\svchost.exe[1556] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\svchost.exe[1556] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\svchost.exe[1556] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\svchost.exe[1556] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\svchost.exe[1556] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1680] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1680] kernel32.dll!SetUnhandledExceptionFilter 7C844935 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1680] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1824] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\Explorer.EXE[1824] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1824] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\Explorer.EXE[1824] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1824] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
.text C:\WINDOWS\Explorer.EXE[1824] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
.text C:\WINDOWS\Explorer.EXE[1824] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
.text C:\WINDOWS\Explorer.EXE[1824] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
.text C:\WINDOWS\Explorer.EXE[1824] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
.text C:\WINDOWS\Explorer.EXE[1824] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
.text C:\WINDOWS\Explorer.EXE[1824] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
.text C:\WINDOWS\Explorer.EXE[1824] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
.text C:\WINDOWS\Explorer.EXE[1824] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002D0804
.text C:\WINDOWS\Explorer.EXE[1824] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002D0A08
.text C:\WINDOWS\Explorer.EXE[1824] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002D0600
.text C:\WINDOWS\Explorer.EXE[1824] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002D01F8
.text C:\WINDOWS\Explorer.EXE[1824] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002D03FC
.text C:\WINDOWS\system32\taskswitch.exe[1960] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\taskswitch.exe[1960] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\taskswitch.exe[1960] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\taskswitch.exe[1960] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\taskswitch.exe[1960] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002D0804
.text C:\WINDOWS\system32\taskswitch.exe[1960] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002D0A08
.text C:\WINDOWS\system32\taskswitch.exe[1960] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002D0600
.text C:\WINDOWS\system32\taskswitch.exe[1960] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002D01F8
.text C:\WINDOWS\system32\taskswitch.exe[1960] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002D03FC
.text C:\WINDOWS\system32\taskswitch.exe[1960] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002E1014
.text C:\WINDOWS\system32\taskswitch.exe[1960] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002E0804
.text C:\WINDOWS\system32\taskswitch.exe[1960] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002E0A08
.text C:\WINDOWS\system32\taskswitch.exe[1960] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002E0C0C
.text C:\WINDOWS\system32\taskswitch.exe[1960] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002E0E10
.text C:\WINDOWS\system32\taskswitch.exe[1960] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002E01F8
.text C:\WINDOWS\system32\taskswitch.exe[1960] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002E03FC
.text C:\WINDOWS\system32\taskswitch.exe[1960] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002E0600
.text C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001401F8
.text C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\RTHDCPL.EXE[1980] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001403FC
.text C:\WINDOWS\RTHDCPL.EXE[1980] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00381014
.text C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00380804
.text C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00380A08
.text C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00380C0C
.text C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00380E10
.text C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003801F8
.text C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003803FC
.text C:\WINDOWS\RTHDCPL.EXE[1980] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00380600
.text C:\WINDOWS\RTHDCPL.EXE[1980] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
.text C:\WINDOWS\RTHDCPL.EXE[1980] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
.text C:\WINDOWS\RTHDCPL.EXE[1980] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
.text C:\WINDOWS\RTHDCPL.EXE[1980] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
.text C:\WINDOWS\RTHDCPL.EXE[1980] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC
.text C:\WINDOWS\system32\svchost.exe[2060] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[2060] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[2060] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[2060] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[2060] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\svchost.exe[2060] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\svchost.exe[2060] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\svchost.exe[2060] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\svchost.exe[2060] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\svchost.exe[2060] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\svchost.exe[2060] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\svchost.exe[2060] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\svchost.exe[2060] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\svchost.exe[2060] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\svchost.exe[2060] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\svchost.exe[2060] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\svchost.exe[2060] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000801F8
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000803FC
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002D0804
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002D0A08
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002D0600
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002D01F8
.text C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe[2080] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002D03FC
.text C:\WINDOWS\system32\svchost.exe[2096] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\svchost.exe[2096] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[2096] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\svchost.exe[2096] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[2096] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\svchost.exe[2096] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\svchost.exe[2096] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\svchost.exe[2096] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\svchost.exe[2096] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\svchost.exe[2096] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\svchost.exe[2096] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\svchost.exe[2096] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\svchost.exe[2096] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\svchost.exe[2096] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\svchost.exe[2096] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\svchost.exe[2096] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\svchost.exe[2096] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001401F8
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001403FC
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00381014
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00380804
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00380A08
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00380C0C
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00380E10
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003801F8
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003803FC
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00380600
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
.text C:\WINDOWS\system32\Brmfrmps.exe[2260] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001401F8
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001403FC
.text C:\WINDOWS\system32\EloSrvce.exe[2288] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00381014
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00380804
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00380A08
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00380C0C
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00380E10
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003801F8
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003803FC
.text C:\WINDOWS\system32\EloSrvce.exe[2288] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00380600
.text C:\WINDOWS\system32\EloSrvce.exe[2288] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
.text C:\WINDOWS\system32\EloSrvce.exe[2288] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
.text C:\WINDOWS\system32\EloSrvce.exe[2288] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
.text C:\WINDOWS\system32\EloSrvce.exe[2288] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
.text C:\WINDOWS\system32\EloSrvce.exe[2288] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001501F8
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001503FC
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00391014
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00390804
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00390A08
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00390C0C
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00390E10
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003901F8
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003903FC
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00390600
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003A0804
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003A0A08
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003A0600
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003A01F8
.text C:\Program Files\Java\jre6\bin\jqs.exe[2704] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003A03FC
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001401F8
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001403FC
.text C:\WINDOWS\system32\brsvc01a.exe[2756] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\brsvc01a.exe[2756] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00380804
.text C:\WINDOWS\system32\brsvc01a.exe[2756] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00380A08
.text C:\WINDOWS\system32\brsvc01a.exe[2756] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00380600
.text C:\WINDOWS\system32\brsvc01a.exe[2756] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003801F8
.text C:\WINDOWS\system32\brsvc01a.exe[2756] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003803FC
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00391014
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00390804
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00390A08
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00390C0C
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00390E10
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003901F8
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003903FC
.text C:\WINDOWS\system32\brsvc01a.exe[2756] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00390600
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001501F8
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001503FC
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00390804
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00390A08
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00390600
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003901F8
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003903FC
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 003A1014
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 003A0804
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 003A0A08
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 003A0C0C
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 003A0E10
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003A01F8
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003A03FC
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2864] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 003A0600
.text C:\WINDOWS\system32\spoolsv.exe[2964] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\system32\spoolsv.exe[2964] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[2964] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\system32\spoolsv.exe[2964] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[2964] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002B1014
.text C:\WINDOWS\system32\spoolsv.exe[2964] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002B0804
.text C:\WINDOWS\system32\spoolsv.exe[2964] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002B0A08
.text C:\WINDOWS\system32\spoolsv.exe[2964] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002B0C0C
.text C:\WINDOWS\system32\spoolsv.exe[2964] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002B0E10
.text C:\WINDOWS\system32\spoolsv.exe[2964] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002B01F8
.text C:\WINDOWS\system32\spoolsv.exe[2964] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002B03FC
.text C:\WINDOWS\system32\spoolsv.exe[2964] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002B0600
.text C:\WINDOWS\system32\spoolsv.exe[2964] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002C0804
.text C:\WINDOWS\system32\spoolsv.exe[2964] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002C0A08
.text C:\WINDOWS\system32\spoolsv.exe[2964] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\spoolsv.exe[2964] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002C01F8
.text C:\WINDOWS\system32\spoolsv.exe[2964] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002C03FC
.text C:\WINDOWS\system32\brss01a.exe[2976] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001401F8
.text C:\WINDOWS\system32\brss01a.exe[2976] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\brss01a.exe[2976] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001403FC
.text C:\WINDOWS\system32\brss01a.exe[2976] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\brss01a.exe[2976] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 00380804
.text C:\WINDOWS\system32\brss01a.exe[2976] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 00380A08
.text C:\WINDOWS\system32\brss01a.exe[2976] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 00380600
.text C:\WINDOWS\system32\brss01a.exe[2976] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003801F8
.text C:\WINDOWS\system32\brss01a.exe[2976] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003803FC
.text C:\WINDOWS\system32\brss01a.exe[2976] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00391014
.text C:\WINDOWS\system32\brss01a.exe[2976] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00390804
.text C:\WINDOWS\system32\brss01a.exe[2976] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00390A08
.text C:\WINDOWS\system32\brss01a.exe[2976] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00390C0C
.text C:\WINDOWS\system32\brss01a.exe[2976] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00390E10
.text C:\WINDOWS\system32\brss01a.exe[2976] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003901F8
.text C:\WINDOWS\system32\brss01a.exe[2976] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003903FC
.text C:\WINDOWS\system32\brss01a.exe[2976] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00390600
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001501F8
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001503FC
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00391014
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00390804
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00390A08
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00390C0C
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00390E10
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003901F8
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003903FC
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00390600
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003A0804
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003A0A08
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003A0600
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003A01F8
.text C:\Program Files\CDBurnerXP\NMSAccessU.exe[3144] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003A03FC
.text C:\WINDOWS\System32\alg.exe[3452] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 000901F8
.text C:\WINDOWS\System32\alg.exe[3452] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[3452] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 000903FC
.text C:\WINDOWS\System32\alg.exe[3452] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[3452] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 002B0804
.text C:\WINDOWS\System32\alg.exe[3452] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 002B0A08
.text C:\WINDOWS\System32\alg.exe[3452] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 002B0600
.text C:\WINDOWS\System32\alg.exe[3452] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 002B01F8
.text C:\WINDOWS\System32\alg.exe[3452] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 002B03FC
.text C:\WINDOWS\System32\alg.exe[3452] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 002C1014
.text C:\WINDOWS\System32\alg.exe[3452] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 002C0804
.text C:\WINDOWS\System32\alg.exe[3452] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 002C0A08
.text C:\WINDOWS\System32\alg.exe[3452] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 002C0C0C
.text C:\WINDOWS\System32\alg.exe[3452] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 002C0E10
.text C:\WINDOWS\System32\alg.exe[3452] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 002C01F8
.text C:\WINDOWS\System32\alg.exe[3452] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 002C03FC
.text C:\WINDOWS\System32\alg.exe[3452] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 002C0600
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001501F8
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001503FC
.text C:\WINDOWS\system32\nvsvc32.exe[3612] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00391014
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00390804
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00390A08
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00390C0C
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00390E10
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003901F8
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003903FC
.text C:\WINDOWS\system32\nvsvc32.exe[3612] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00390600
.text C:\WINDOWS\system32\nvsvc32.exe[3612] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003A0804
.text C:\WINDOWS\system32\nvsvc32.exe[3612] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003A0A08
.text C:\WINDOWS\system32\nvsvc32.exe[3612] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003A0600
.text C:\WINDOWS\system32\nvsvc32.exe[3612] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003A01F8
.text C:\WINDOWS\system32\nvsvc32.exe[3612] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003A03FC
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ntdll.dll!LdrLoadDll 7C915C35 5 Bytes JMP 001501F8
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ntdll.dll!LdrUnloadDll 7C916AD5 5 Bytes JMP 001503FC
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ADVAPI32.dll!SetServiceObjectSecurity 77E36D81 5 Bytes JMP 00391014
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ADVAPI32.dll!ChangeServiceConfigA 77E36E69 5 Bytes JMP 00390804
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ADVAPI32.dll!ChangeServiceConfigW 77E37001 5 Bytes JMP 00390A08
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ADVAPI32.dll!ChangeServiceConfig2A 77E37101 5 Bytes JMP 00390C0C
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ADVAPI32.dll!ChangeServiceConfig2W 77E37189 5 Bytes JMP 00390E10
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ADVAPI32.dll!CreateServiceA 77E37211 5 Bytes JMP 003901F8
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ADVAPI32.dll!CreateServiceW 77E373A9 5 Bytes JMP 003903FC
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] ADVAPI32.dll!DeleteService 77E374B1 5 Bytes JMP 00390600
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 003A0804
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 003A0A08
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] USER32.dll!SetWindowsHookExA 7E431211 5 Bytes JMP 003A0600
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] USER32.dll!SetWinEventHook 7E4317F7 5 Bytes JMP 003A01F8
.text C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[3996] USER32.dll!UnhookWinEvent 7E4318AC 5 Bytes JMP 003A03FC
.text C:\Documents and Settings\Rodrigo\Desktop\DAL help\5qlu78ws.exe[5020] ntdll.dll!RtlDosSearchPath_U + 186 7C91616D 1 Byte [62]
.text C:\Documents and Settings\Rodrigo\Desktop\DAL help\5qlu78ws.exe[5020] kernel32.dll!GetBinaryTypeW + 80 7C86936C 1 Byte [62]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [B7E96574] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [B7E960C0] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [B7E96FE0] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B7E960C0] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B7E96362] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B7E962A4] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B7E971BC] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B7E96FE0] sptd.sys
IAT \SystemRoot\System32\Drivers\am4v2i2u.SYS[HAL.dll!KeGetCurrentIrql] 830C4D8A
IAT \SystemRoot\System32\Drivers\am4v2i2u.SYS[HAL.dll!KfAcquireSpinLock] 0001CCB8
IAT \SystemRoot\System32\Drivers\am4v2i2u.SYS[HAL.dll!KfReleaseSpinLock] 48880000
IAT \SystemRoot\System32\Drivers\am4v2i2u.SYS[HAL.dll!KfRaiseIrql] C0940F68
IAT \SystemRoot\System32\Drivers\am4v2i2u.SYS[HAL.dll!KfLowerIrql] 8B55C35D
IAT \SystemRoot\System32\Drivers\am4v2i2u.SYS[USBD.SYS!USBD_CreateConfigurationRequestEx] 458D5653

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[876] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 005F0002
IAT C:\WINDOWS\system32\services.exe[876] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 005F0000

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 8B5081F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBPDO-0 8B2DE430
Device \Driver\usbuhci \Device\USBPDO-1 8B2DE430
Device \Driver\usbehci \Device\USBPDO-2 8B317430
Device \Driver\usbehci \Device\USBPDO-3 8B317430
Device \Driver\usbuhci \Device\USBPDO-4 8B2DE430
Device \Driver\ubohci \Device\UBOHCI0 UB1394.SYS (FireAPI® 1394 Class Driver (XP)/Unibrain S.A.)

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBPDO-5 8B2DE430
Device \Driver\usbuhci \Device\USBPDO-6 8B2DE430
Device \Driver\usbuhci \Device\USBPDO-7 8B2DE430
Device \Driver\Cdrom \Device\CdRom0 8B2DA430
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B7DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B7DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B7DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [B7DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom1 8B2DA430
Device \Driver\ubohci \Device\C1394 UB1394.SYS (FireAPI® 1394 Class Driver (XP)/Unibrain S.A.)
Device \Driver\Cdrom \Device\CdRom2 8B2DA430
Device \Driver\Cdrom \Device\CdRom3 8B2DA430
Device \Driver\Cdrom \Device\CdRom4 8B2DA430
Device \Driver\Cdrom \Device\CdRom5 8B2DA430
Device \Driver\NetBT \Device\NetBt_Wins_Export 8AF141F8
Device \Driver\usbstor \Device\00000083 8A77A1F8
Device \Driver\Cdrom \Device\CdRom6 8B2DA430
Device \Driver\PCI_PNP1736 \Device\0000004b sptd.sys
Device \Driver\PCI_PNP1736 \Device\0000004b sptd.sys
Device \Driver\NetBT \Device\NetbiosSmb 8AF141F8
Device \Driver\usbstor \Device\00000086 8A77A1F8
Device \Driver\usbstor \Device\00000088 8A77A1F8

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbstor \Device\00000089 8A77A1F8

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\usbuhci \Device\USBFDO-0 8B2DE430
Device \Driver\usbuhci \Device\USBFDO-1 8B2DE430
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A6EE1F8
Device \Driver\usbehci \Device\USBFDO-2 8B317430
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A6EE1F8
Device \Driver\usbuhci \Device\USBFDO-3 8B2DE430
Device \Driver\usbuhci \Device\USBFDO-4 8B2DE430
Device \Driver\usbstor \Device\0000008a 8A77A1F8
Device \Driver\usbuhci \Device\USBFDO-5 8B2DE430
Device \Driver\usbstor \Device\0000008b 8A77A1F8
Device \Driver\usbuhci \Device\USBFDO-6 8B2DE430
Device \Driver\usbstor \Device\0000008c 8A77A1F8
Device \Driver\usbehci \Device\USBFDO-7 8B317430
Device \Driver\am4v2i2u \Device\Scsi\am4v2i2u1Port2Path0Target5Lun0 8B34E3C8
Device \Driver\am4v2i2u \Device\Scsi\am4v2i2u1 8B34E3C8
Device \Driver\am4v2i2u \Device\Scsi\am4v2i2u1Port2Path0Target0Lun0 8B34E3C8
Device \Driver\am4v2i2u \Device\Scsi\am4v2i2u1Port2Path0Target4Lun0 8B34E3C8
Device \Driver\am4v2i2u \Device\Scsi\am4v2i2u1Port2Path0Target2Lun0 8B34E3C8
Device \Driver\am4v2i2u \Device\Scsi\am4v2i2u1Port2Path0Target3Lun0 8B34E3C8
Device \Driver\am4v2i2u \Device\Scsi\am4v2i2u1Port2Path0Target1Lun0 8B34E3C8
Device \FileSystem\Cdfs \Cdfs 8A6DF1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04@ujdew 0x0F 0x7F 0x3D 0x15 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001@ujdew 0xA3 0x96 0x4C 0x03 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x71 0x91 0x02 0xA2 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0xA7 0x26 0x1E 0x84 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg42@ujdew 0x90 0x80 0x6F 0x93 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg43@ujdew 0xB4 0xF6 0xE9 0xC5 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg44 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg44@ujdew 0xE4 0xAA 0x9C 0x13 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg45 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg45@ujdew 0xE4 0xAA 0x9C 0x13 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04@ujdew 0x0F 0x7F 0x3D 0x15 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001@ujdew 0xA3 0x96 0x4C 0x03 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujd ew 0x71 0x91 0x02 0xA2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg41
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujd ew 0xA7 0x26 0x1E 0x84 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg42
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg42@ujd ew 0x90 0x80 0x6F 0x93 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg43
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg43@ujd ew 0xB4 0xF6 0xE9 0xC5 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg44
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg44@ujd ew 0xE4 0xAA 0x9C 0x13 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg45
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D 79C293C1ED61418462E24595C90D04\00000001\jdgg45@ujd ew 0xE4 0xAA 0x9C 0x13 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04@ujdew 0x0F 0x7F 0x3D 0x15 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001@ujdew 0xA3 0x96 0x4C 0x03 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x71 0x91 0x02 0xA2 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0xA7 0x26 0x1E 0x84 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg42@ujdew 0x90 0x80 0x6F 0x93 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg43@ujdew 0xB4 0xF6 0xE9 0xC5 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg44 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg44@ujdew 0xE4 0xAA 0x9C 0x13 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg45 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C2 93C1ED61418462E24595C90D04\00000001\jdgg45@ujdew 0xE4 0xAA 0x9C 0x13 ...

---- EOF - GMER 1.0.15 ----

**Rodrigo** · 08-10-2011

aswMBR version 0.9.7.777 Copyright(c) 2011 AVAST Software
Run date: 2011-10-06 15:27:50
-----------------------------
15:27:50.000 OS Version: Windows 5.1.2600 Service Pack 3
15:27:50.000 Number of processors: 4 586 0x1707
15:27:50.000 ComputerName: Rawd UserName:
15:27:51.062 Initialize success
15:27:51.140 AVAST engine defs: 11100600
15:28:10.765 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:28:10.781 Disk 0 Vendor: ST3750630AS HP26 Size: 715404MB BusType: 3
15:28:10.796 Disk 0 MBR read successfully
15:28:10.796 Disk 0 MBR scan
15:28:10.796 Disk 0 Windows XP default MBR code
15:28:10.812 Disk 0 scanning sectors +1465144065
15:28:10.937 Disk 0 scanning C:\WINDOWS\system32\drivers
15:28:26.515 Service scanning
15:28:28.500 Disk 0 trace - called modules:
15:28:28.515 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
15:28:28.515 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b495ab8]
15:28:28.515 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\0000006f[0x8b46d9e8]
15:28:28.531 5 ACPI.sys[b7e54620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8b474940]
15:28:29.515 AVAST engine scan C:\WINDOWS
15:30:00.093 AVAST engine scan C:\WINDOWS\system32
15:39:02.265 AVAST engine scan C:\WINDOWS\system32\drivers
15:42:20.531 AVAST engine scan C:\Documents and Settings\Rodrigo
16:06:15.140 AVAST engine scan C:\Documents and Settings\All Users
16:07:25.890 Scan finished successfully
00:09:27.109 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Rodrigo\Desktop\DAL help\MBR.dat"
00:09:27.125 The log file has been saved successfully to "C:\Documents and Settings\Rodrigo\Desktop\DAL help\aswMBR.txt"

**Rodrigo** · 08-10-2011

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-07-14.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/25/2009 9:07:47 PM
System Uptime: 10/4/2011 9:45:44 PM (51 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz | CPU 1 | 2332/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 685 GiB total, 365.202 GiB free.
E: is Removable
F: is Removable
G: is Removable
H: is FIXED (NTFS) - 13 GiB total, 12.966 GiB free.
I: is CDROM ()
J: is CDROM ()
K: is CDROM ()
L: is Removable
M: is CDROM ()
N: is CDROM ()
O: is CDROM ()
P: is CDROM ()
Q: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Device ID: PCI\VEN_168C&DEV_002A&SUBSYS_1000168C&REV_01\4&373 5DC3F&0&00E1
Manufacturer: Atheros
Name: Atheros 802.11 a/b/g/n Dualband Wireless Network Module
PNP Device ID: PCI\VEN_168C&DEV_002A&SUBSYS_1000168C&REV_01\4&373 5DC3F&0&00E1
Service: AR5416
.
==== System Restore Points ===================
.
RP286: 7/10/2011 12:32:31 PM - System Checkpoint
RP287: 7/11/2011 12:43:54 PM - System Checkpoint
RP288: 7/12/2011 1:41:02 PM - System Checkpoint
RP289: 7/13/2011 1:46:41 PM - System Checkpoint
RP290: 7/14/2011 2:24:34 PM - System Checkpoint
RP291: 7/15/2011 4:16:36 PM - System Checkpoint
RP292: 7/16/2011 5:18:29 PM - System Checkpoint
RP293: 7/17/2011 6:40:13 PM - System Checkpoint
RP294: 7/18/2011 7:16:35 PM - System Checkpoint
RP295: 7/19/2011 12:22:57 AM - Removed ESET Smart Security
RP296: 7/19/2011 1:00:37 PM - avast! Free Antivirus Setup
RP297: 7/20/2011 1:13:49 PM - System Checkpoint
RP298: 7/21/2011 6:00:04 PM - System Checkpoint
RP299: 7/22/2011 7:29:12 PM - System Checkpoint
RP300: 7/23/2011 8:15:53 PM - System Checkpoint
RP301: 7/24/2011 8:33:52 PM - System Checkpoint
RP302: 7/25/2011 9:55:30 PM - System Checkpoint
RP303: 7/27/2011 3:28:38 AM - System Checkpoint
RP304: 7/28/2011 11:02:53 AM - System Checkpoint
RP305: 7/29/2011 11:43:10 AM - System Checkpoint
RP306: 7/30/2011 12:13:11 PM - System Checkpoint
RP307: 7/31/2011 1:13:13 PM - System Checkpoint
RP308: 8/1/2011 2:13:09 PM - System Checkpoint
RP309: 8/2/2011 3:01:09 PM - System Checkpoint
RP310: 8/3/2011 5:33:45 PM - System Checkpoint
RP311: 8/4/2011 6:13:18 PM - System Checkpoint
RP312: 8/5/2011 7:13:18 PM - System Checkpoint
RP313: 8/6/2011 7:14:23 PM - System Checkpoint
RP314: 8/7/2011 7:37:20 PM - System Checkpoint
RP315: 8/8/2011 8:01:36 PM - System Checkpoint
RP316: 8/10/2011 4:00:30 AM - System Checkpoint
RP317: 8/11/2011 1:23:53 PM - System Checkpoint
RP318: 8/12/2011 1:26:48 PM - System Checkpoint
RP319: 8/13/2011 1:43:38 PM - System Checkpoint
RP320: 8/14/2011 2:43:36 PM - System Checkpoint
RP321: 8/15/2011 2:39:41 PM - Installed Windows XP Wdf01009.
RP322: 8/16/2011 3:55:51 PM - System Checkpoint
RP323: 8/17/2011 7:54:32 PM - System Checkpoint
RP324: 8/19/2011 10:06:35 PM - System Checkpoint
RP325: 8/20/2011 9:33:01 PM - Removed Windows Live Sign-in Assistant
RP326: 8/20/2011 9:33:17 PM - Removed Windows Live Upload Tool
RP327: 8/21/2011 9:51:18 PM - System Checkpoint
RP328: 8/22/2011 10:47:59 PM - System Checkpoint
RP329: 8/23/2011 11:52:43 PM - System Checkpoint
RP330: 8/25/2011 11:32:07 AM - System Checkpoint
RP331: 8/26/2011 12:10:03 PM - System Checkpoint
RP332: 8/27/2011 11:38:42 PM - System Checkpoint
RP333: 8/28/2011 2:36:41 AM - Installed DirectX
RP334: 8/29/2011 2:54:07 AM - System Checkpoint
RP335: 8/30/2011 1:28:24 PM - System Checkpoint
RP336: 8/31/2011 4:15:00 PM - System Checkpoint
RP337: 9/1/2011 7:31:38 PM - System Checkpoint
RP338: 9/2/2011 7:55:15 PM - System Checkpoint
RP339: 9/3/2011 8:17:35 PM - System Checkpoint
RP340: 9/5/2011 4:41:00 PM - System Checkpoint
RP341: 9/6/2011 4:47:52 PM - System Checkpoint
RP342: 9/7/2011 5:20:33 PM - System Checkpoint
RP343: 9/8/2011 5:27:31 PM - System Checkpoint
RP344: 9/9/2011 9:59:52 PM - System Checkpoint
RP345: 9/10/2011 10:32:14 PM - System Checkpoint
RP346: 9/12/2011 5:59:14 AM - System Checkpoint
RP347: 9/13/2011 9:29:48 AM - System Checkpoint
RP348: 9/14/2011 9:38:30 AM - System Checkpoint
RP349: 9/15/2011 10:22:09 AM - System Checkpoint
RP350: 9/16/2011 10:41:17 AM - System Checkpoint
RP351: 9/17/2011 4:39:16 PM - Software Distribution Service 3.0
RP352: 9/17/2011 4:44:20 PM - Installed Java(TM) 6 Update 26
RP353: 9/18/2011 4:57:28 PM - System Checkpoint
RP354: 9/19/2011 6:51:39 PM - System Checkpoint
RP355: 9/21/2011 12:13:48 AM - System Checkpoint
RP356: 9/22/2011 3:06:16 AM - System Checkpoint
RP357: 9/23/2011 3:20:01 PM - System Checkpoint
RP358: 9/24/2011 5:10:25 PM - Software Distribution Service 3.0
RP359: 9/25/2011 2:11:01 PM - Software Distribution Service 3.0
RP360: 9/26/2011 3:47:06 PM - System Checkpoint
RP361: 9/27/2011 4:00:19 PM - System Checkpoint
RP362: 9/29/2011 12:52:03 AM - System Checkpoint
RP363: 10/1/2011 3:42:49 AM - System Checkpoint
RP364: 10/2/2011 4:53:41 AM - System Checkpoint
RP365: 10/3/2011 7:24:24 AM - System Checkpoint
RP366: 10/4/2011 8:19:32 AM - System Checkpoint
RP367: 10/5/2011 12:57:03 PM - System Checkpoint
RP368: 10/6/2011 2:07:51 PM - System Checkpoint
.
==== Installed Programs ======================
.
µTorrent
7-Zip 4.65
AAC Decoder
AC3Filter 1.62b
Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.6
Alt-Tab Task Switcher Powertoy for Windows XP
Apple Application Support
AutoUpdate
avast! Free Antivirus
Brother MFL-Pro Suite
CDBurnerXP
Champions Online: Free For All
Click to Call with Skype
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
Dragon Age: Origins
DriverMax 5
Facebook Video Calling 1.0.0.8526
Foxit Reader
Free M4a to MP3 Converter 6.1
Google Chrome
Google Earth Plug-in
Google Update Helper
Guitar Pro 5.2
H.264 Decoder
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 26
Magicka
Malwarebytes' Anti-Malware version 1.51.2.1300
Media Cope 3.2
Meebo Notifier
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft AppLocale
Microsoft Calculator Plus
Microsoft Choice Guard
Microsoft Corporation
Microsoft IntelliPoint 8.2
Microsoft IntelliType Pro 7.1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft LifeCam
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Windows Application Compatibility Database
Microsoft XNA Framework Redistributable 3.1
MKV Splitter
Mozilla Firefox 7.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
msxml4
MultiScreen
NVIDIA Control Panel 275.33
NVIDIA Graphics Driver 275.33
NVIDIA Install Application
NVIDIA nView 135.85
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Update 1.3.5
NVIDIA Update Components
OpenOffice.org 3.1
Paint.NET v3.5.8
Project64 1.6
QuickTime
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Skype™ 5.5
Spiral Knights
Steam
TabIt version 2.01
Team Fortress 2
Unlocker 1.8.7
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
User Profile Hive Cleanup Service
VC80CRTRedist - 8.0.50727.762
VDownloader 3.6.924
Ventrilo Client
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.5
WebFldrs XP
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Media Format 11 runtime
Windows Movie Maker 2.0
WinPcap 4.1.1
.
==== Event Viewer Messages From Past Week ========
.
10/7/2011 12:10:04 AM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
10/6/2011 6:58:47 PM, error: Dhcp [1002] - The IP address lease 192.168.1.148 for the Network Card with network address 00248C6D7446 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
10/5/2011 9:39:34 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
10/4/2011 8:25:58 AM, error: Dhcp [1002] - The IP address lease 192.168.1.123 for the Network Card with network address 00248C6D7446 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
10/2/2011 12

23 AM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.
10/2/2011 12

23 AM, error: Service Control Manager [7000] - The wscsvc service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.
10/1/2011 4:14:43 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
.
==== End Of File ===========================

**Rodrigo** · 08-10-2011

DDS (Ver_2011-07-14.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Rodrigo at 0:10:01 on 2011-10-07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2544 [GMT -4:00]
.
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\EloSrvce.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 52\AxAutoMntSrv.exe" -automount
uRun: [MultiScreen]
uRun: [Google Update] "c:\documents and settings\rodrigo\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "c:\documents and settings\rodrigo\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver
mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10b.ex e
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\sta tus~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: MaxRecentDocs = dword:18
mPolicies-Explorer: NoSMConfigurePrograms = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoRecentDocsNetHood = dword:1
mPolicies-Explorer: MemCheckBoxInRunDlg = dword:1
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 68.87.74.166 68.87.68.166 192.168.1.1
TCP: Interfaces\{0F24FD84-4C61-4FE4-A41B-4F94A90051A4} : DHCPNameServer = 68.87.74.166 68.87.68.166 192.168.1.1
Handler: ipp - <Clsid value has no data>
Handler: msdaipp - <Clsid value has no data>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
IFEO: Your Image File Name Here without a path - ntsd -d
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rodrigo\application data\mozilla\firefox\profiles\o6ttki7f.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\documents and settings\rodrigo\local settings\application data\facebook\video\skype\npFacebookVideoCalling.d ll
FF - plugin: c:\documents and settings\rodrigo\local settings\application data\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.67\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMGWRAP.DLL
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-9-3 64288]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.s ys [2011-7-19 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-7-19 320856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [2011-7-19 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-7-19 44768]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-1-26 50704]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-6-2 2214504]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 52\starwind\StarWindServiceAE.exe [2009-12-23 370688]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [2009-6-26 14080]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [2009-6-26 36352]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [2011-8-15 45288]
R3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX2000/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [2009-6-28 30560]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [2009-6-26 77056]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-9-20 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfil t.sys [2009-6-25 1684736]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\dragon age\bin_ship\daupdatersvc.service.exe [2010-12-3 25832]
S3 elomoufiltr;ELO TouchSystems-SRV2;c:\windows\system32\drivers\EloFiltr.sys [2009-11-5 48640]
S3 EloUsb;ELO TouchSystems-SRV;c:\windows\system32\drivers\EloUsb.Sys [2009-11-5 55680]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-9-20 136176]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-8-12 1355928]
.
=============== File Associations ===============
.
ShellExec: FOXITR~1.EXE: print="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1"
ShellExec: FOXITR~1.EXE: printto="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EX E"/t "%1" "%2" "%3" "%4"
.
=============== Created Last 30 ================
.
2011-09-20 21:58:24 599552 ------w- c:\windows\system32\dllcache\crypt32.dll
2011-09-15 14:45:16 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2011-09-15 14:45:12 105984 ------w- c:\windows\system32\dllcache\url.dll
2011-09-15 14:45:05 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2011-09-12 04:48:31 -------- d-----w- c:\documents and settings\rodrigo\local settings\application data\Facebook
2011-09-10 20:58:44 83456 ---ha-w- C:\wifv.exe
2011-09-10 20:58:44 340480 ---ha-w- C:\Speak Text.exe
2011-09-10 20:58:42 579576 ----a-w- c:\windows\system32\Codejock.SkinFramework.v15.0.1 .ocx
2011-09-10 20:58:42 211456 ----a-w- c:\windows\system32\MediaCopeShellS.dll
2011-09-10 20:58:42 211456 ----a-w- c:\windows\system32\MediaCopeShellM.dll
2011-09-10 20:58:42 -------- d-----w- c:\program files\Media Cope
2011-09-10 01:27:33 -------- d-----w- c:\documents and settings\rodrigo\application data\VDownloader
2011-09-10 01:27:25 -------- d-----w- c:\program files\WinPcap
2011-09-10 01:27:23 444283 ----a-w- c:\program files\common files\WinPcapNmap.exe
2011-09-10 01:27:23 -------- d-----w- C:\ProgramData
2011-09-10 01:27:21 -------- d-----w- c:\program files\VDownloader
2011-09-10 01:19:35 -------- d-----w- c:\windows\system32\vscodecpack_173
2011-09-10 01:19:29 -------- d-----w- c:\program files\VideoSpirit Pro
.
==================== Find3M ====================
.
2011-09-24 21:09:24 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:11:14 599552 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45:29 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:38:05 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-01 19

42 45288 ----a-w- c:\windows\system32\drivers\dc3d.sys
2011-08-01 19

42 40936 ----a-w- c:\windows\system32\drivers\point32.sys
2011-08-01 19

42 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-07-15 13:29:35 457856 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
============= FINISH: 0:11:01.06 ===============

**broni** · 08-10-2011

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running tools or applying updates other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
You're guilty as charged for one offense: http://www.d-a-l.com/help/spyware-ad...d-madness.html
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

================================================== ==============================

I don't see anything malicious so far....

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: Uninstall & Remove McAfee, Symantec, Norton, AVG, Avast & More Antivirus and Security Applications and Programs
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode (How to...)

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
Do not reboot until instructed.
If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

**Rodrigo** · 09-10-2011

ComboFix 11-10-08.05 - Rodrigo 10/08/2011 22:51:45.7.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2846 [GMT -4:00]
Running from: c:\documents and settings\Rodrigo\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Rodrigo\WINDOWS
c:\windows\system32\d3d9caps.dat
.
.
((((((((((((((((((((((((( Files Created from 2011-09-09 to 2011-10-09 )))))))))))))))))))))))))))))))
.
.
2011-09-21 01:59 . 2011-10-06 19:11 -------- d-----w- c:\program files\Google
2011-09-20 21:58 . 2011-09-09 09:11 599552 ------w- c:\windows\system32\dllcache\crypt32.dll
2011-09-17 20:45 . 2011-09-17 20:45 -------- d-----w- c:\program files\Common Files\Java
2011-09-15 14:45 . 2011-06-24 14:09 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2011-09-15 14:45 . 2011-06-23 18:36 105984 ------w- c:\windows\system32\dllcache\url.dll
2011-09-15 14:45 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2011-09-12 04:48 . 2011-09-12 04:48 -------- d-----w- c:\documents and settings\Rodrigo\Local Settings\Application Data\Facebook
2011-09-10 20:58 . 2010-09-20 15:36 340480 ---ha-w- C:\Speak Text.exe
2011-09-10 20:58 . 2009-11-04 22:20 83456 ---ha-w- C:\wifv.exe
2011-09-10 20:58 . 2011-09-10 20:58 -------- d-----w- c:\program files\Media Cope
2011-09-10 20:58 . 2011-02-08 18:58 579576 ----a-w- c:\windows\system32\Codejock.SkinFramework.v15.0.1 .ocx
2011-09-10 20:58 . 2010-09-10 20:38 211456 ----a-w- c:\windows\system32\MediaCopeShellM.dll
2011-09-10 20:58 . 2010-09-10 20:37 211456 ----a-w- c:\windows\system32\MediaCopeShellS.dll
2011-09-10 01:27 . 2011-09-10 01:28 -------- d-----w- c:\documents and settings\Rodrigo\Application Data\VDownloader
2011-09-10 01:27 . 2011-09-10 01:27 -------- d-----w- c:\program files\WinPcap
2011-09-10 01:27 . 2011-09-10 01:27 -------- d-----w- C:\ProgramData
2011-09-10 01:27 . 2010-01-26 15:11 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2011-09-10 01:27 . 2011-09-10 01:27 -------- d-----w- c:\program files\VDownloader
2011-09-10 01:19 . 2011-09-10 01:19 -------- d-----w- c:\windows\system32\vscodecpack_173
2011-09-10 01:19 . 2011-09-10 18:06 -------- d-----w- c:\program files\VideoSpirit Pro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2011-09-24 21:09 . 2011-06-15 01:08 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:11 . 2009-04-20 18:16 599552 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45 . 2011-07-19 17:00 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-07-19 17:00 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-07-19 17:01 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-07-19 17:01 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-07-19 17:01 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-07-19 17:01 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-07-19 17:00 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2011-07-19 17:00 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2011-07-19 17:01 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2011-07-19 17:00 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-08-31 21:00 . 2010-03-02 17:43 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-01 19:56 . 2011-08-15 18:40 40936 ----a-w- c:\windows\system32\drivers\point32.sys
2011-08-01 19:56 . 2011-08-15 18:39 45288 ----a-w- c:\windows\system32\drivers\dc3d.sys
2011-08-01 19:56 . 2011-08-15 18:39 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-07-15 13:29 . 2009-04-20 18:17 457856 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2011-09-30 05:07 . 2011-05-06 09:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2007-10-31 . E9EEB38B858B637F4F8FA3401F325DC5 . 13824 . . [5.1.2600.3244] . . c:\windows\system32\wscntfy.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-09-11_00.33.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-19 02:51 . 2011-04-19 02:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3 b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
+ 2009-07-12 04:05 . 2009-07-12 04:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-12 04:05 . 2009-07-12 04:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2011-05-14 00:17 . 2011-05-14 00:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3 b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
+ 2009-07-12 01:54 . 2009-07-12 01:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3 b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-13 23:45 . 2011-05-13 23:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-12 01:32 . 2009-07-12 01:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2011-05-14 05:06 . 2011-05-14 05:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-14 05:23 . 2011-05-14 05:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
+ 2009-07-12 06:07 . 2009-07-12 06:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 06:19 . 2009-07-12 06:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2011-05-13 22:37 . 2011-05-13 22:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a 1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 56656 c:\windows\WinSxS\amd64_Microsoft.VC90.OpenMP_1fc8 b3b9a1e18e3b_9.0.30729.4148_x-ww_22d6ba8a\vcomp90.dll
+ 2011-10-09 02:44 . 2011-10-09 02:44 16384 c:\windows\Temp\Perflib_Perfdata_64c.dat
+ 2011-05-10 07:45 . 2010-02-04 14:01 74072 c:\windows\system32\XAPOFX1_4.dll
+ 2009-06-26 01:02 . 2009-09-04 21:44 69464 c:\windows\system32\XAPOFX1_3.dll
- 2009-06-26 01:02 . 2009-04-20 18:23 65032 c:\windows\system32\XAPOFX1_0.dll
+ 2009-06-26 01:02 . 2008-05-30 18:17 65032 c:\windows\system32\XAPOFX1_0.dll
+ 2011-05-10 07:45 . 2010-02-04 14:01 22360 c:\windows\system32\X3DAudio1_7.dll
+ 2009-06-26 01:02 . 2008-05-30 18:17 25608 c:\windows\system32\X3DAudio1_4.dll
- 2009-06-26 01:02 . 2009-04-20 18:19 25608 c:\windows\system32\X3DAudio1_4.dll
+ 2001-12-19 21:03 . 2001-12-19 21:03 36864 c:\windows\system32\vscodecpack_173\real\psvince.d ll
+ 2010-02-15 18:00 . 2010-02-15 18:00 49152 c:\windows\system32\vscodecpack_173\real\Codecs\rv 40.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 53248 c:\windows\system32\vscodecpack_173\real\Codecs\rv 30.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 57344 c:\windows\system32\vscodecpack_173\real\Codecs\rv 20.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 35328 c:\windows\system32\vscodecpack_173\real\Codecs\rv 10.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 72192 c:\windows\system32\vscodecpack_173\real\Codecs\ra 32clv1.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 86016 c:\windows\system32\vscodecpack_173\real\Codecs\qc lp.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 53248 c:\windows\system32\vscodecpack_173\real\Codecs\mp 4v.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 36903 c:\windows\system32\vscodecpack_173\real\Codecs\dn et3260.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 53287 c:\windows\system32\vscodecpack_173\real\Codecs\dd nt3260.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 65536 c:\windows\system32\vscodecpack_173\real\Codecs\co ok3260.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 65536 c:\windows\system32\vscodecpack_173\real\Codecs\co ok.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 45056 c:\windows\system32\vscodecpack_173\real\Codecs\av cq.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 90112 c:\windows\system32\vscodecpack_173\real\Codecs\at rc.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 77824 c:\windows\system32\vscodecpack_173\real\Codecs\am rw.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 57383 c:\windows\system32\vscodecpack_173\real\Codecs\28 _83260.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 98343 c:\windows\system32\vscodecpack_173\real\Codecs\14 _43260.dll
+ 2004-05-15 15:10 . 2004-05-15 15:10 75264 c:\windows\system32\vscodecpack_173\general\Filter s\MACDec.dll
+ 2011-03-03 10:35 . 2011-03-03 10:35 80384 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\mkzlib.dll
+ 2011-03-03 10:35 . 2011-03-03 10:35 24576 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\mkunicode.dll
+ 2011-03-03 10:37 . 2011-03-03 10:37 93184 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\avss.dll
+ 2011-03-03 10:38 . 2011-03-03 10:38 97792 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\avs.dll
+ 2009-10-28 12:03 . 2009-10-28 12:03 12488 c:\windows\system32\vscodecpack_173\general\Filter s\bass_alac.dll
+ 2010-06-17 11:31 . 2010-06-17 11:31 99896 c:\windows\system32\vscodecpack_173\general\Filter s\bass.dll
+ 2011-02-10 15:20 . 2011-02-10 15:20 47776 c:\windows\system32\vscodecpack_173\general\ffdsho w\libgcc_s_dw2-1.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 65024 c:\windows\system32\vscodecpack_173\general\ffdsho w\FLT_ffdshow.dll
+ 2009-04-20 18:18 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
- 2009-04-20 18:18 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2010-08-27 06:05 99840 c:\windows\system32\srvsvc.dll
+ 2009-06-26 01:02 . 2008-11-07 22:55 26144 c:\windows\system32\spupdsvc.exe
- 2009-06-26 01:02 . 2009-04-20 18:23 26144 c:\windows\system32\spupdsvc.exe
+ 2008-04-14 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2011-08-15 18:39 . 2008-11-07 22:55 16928 c:\windows\system32\spmsgXP_2k3.dll
- 2009-07-16 03:05 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
+ 2009-07-16 03:05 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
+ 2010-04-17 03:12 . 2010-04-17 03:12 48464 c:\windows\system32\sirenacm.dll
+ 2011-08-20 04:08 . 2008-04-14 02:09 14592 c:\windows\system32\ReinstallBackups\0026\DriverFi les\i386\kbdhid.sys
+ 2011-08-20 04:08 . 2008-04-14 12:00 24576 c:\windows\system32\ReinstallBackups\0026\DriverFi les\i386\kbdclass.sys
+ 2011-08-15 18:40 . 2001-08-17 16:48 12160 c:\windows\system32\ReinstallBackups\0025\DriverFi les\i386\mouhid.sys
+ 2011-08-15 18:40 . 2008-04-14 03:09 23040 c:\windows\system32\ReinstallBackups\0025\DriverFi les\i386\mouclass.sys
+ 2011-05-11 03:16 . 2008-10-07 18:33 81920 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvwddi.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 86016 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvmctray.dll
+ 2011-08-15 18:39 . 2009-04-20 18:18 32384 c:\windows\system32\ReinstallBackups\0023\DriverFi les\i386\usbccgp.sys
+ 2010-01-27 02:09 . 2010-01-27 02:09 53299 c:\windows\system32\pthreadVC.dll
+ 2008-04-14 12:00 . 2011-09-17 20:43 71278 c:\windows\system32\perfc009.dat
+ 2010-01-05 19:03 . 2011-05-25 06:09 61440 c:\windows\system32\OpenCL.dll
+ 2011-06-02 06:11 . 2011-05-25 06:09 54272 c:\windows\system32\nvwddi.dll
- 2009-04-20 18:18 . 2009-04-20 18:18 66560 c:\windows\system32\mshtmled.dll
+ 2009-04-20 18:18 . 2011-06-23 18:36 66560 c:\windows\system32\mshtmled.dll
+ 2009-04-20 18:22 . 2011-06-23 18:36 55296 c:\windows\system32\msfeedsbs.dll
- 2009-04-20 18:22 . 2010-06-24 12:21 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-04-20 18:17 . 2011-06-23 18:36 43520 c:\windows\system32\licmgr10.dll
- 2009-04-20 18:17 . 2010-06-24 12:21 25600 c:\windows\system32\jsproxy.dll
+ 2009-04-20 18:17 . 2011-06-23 18:36 25600 c:\windows\system32\jsproxy.dll
- 2009-06-26 01:04 . 2008-04-14 12:00 81920 c:\windows\system32\isign32.dll
+ 2009-06-26 01:04 . 2010-11-18 18:12 81920 c:\windows\system32\isign32.dll
+ 2011-08-12 00:33 . 2008-04-14 07:41 21504 c:\windows\system32\hidserv.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 80896 c:\windows\system32\ff_vfw.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 46592 c:\windows\system32\dxdllreg.exe
+ 2011-08-15 18:40 . 2011-08-01 19:56 40936 c:\windows\system32\DRVSTORE\point32_F3A4C20ECDA4E 2F8AC61BB0104098F5E3A155AB4\point32.sys
+ 2011-08-15 18:39 . 2011-08-01 19:56 21784 c:\windows\system32\DRVSTORE\nuidfltr_E43E90E372F0 A2F8BC202108BA821FE6CFC086E0\NuidFltr.sys
+ 2011-08-20 04:08 . 2009-11-03 09:20 14736 c:\windows\system32\DRVSTORE\nuidfltr_4E0E8EE59F9D AE2041109D0574E5E84EF08156B8\NuidFltr.sys
+ 2011-08-15 18:39 . 2011-08-01 19:56 45288 c:\windows\system32\DRVSTORE\dc3du_39E47C72985BACB 24FE918E6F37284425E557DA1\dc3d.sys
+ 2011-08-15 18:39 . 2011-08-01 19:56 45288 c:\windows\system32\DRVSTORE\dc3dh_5AAC9D9A8E42927 AFEBA0780EF6036EE556BE709\dc3d.sys
+ 2009-07-14 14:35 . 2009-07-14 14:35 37608 c:\windows\system32\drivers\wdfldr.sys
+ 2009-04-20 18:18 . 2008-04-22 17:09 32384 c:\windows\system32\drivers\usbccgp.sys
- 2009-04-20 18:18 . 2009-04-20 18:18 32384 c:\windows\system32\drivers\usbccgp.sys
+ 2010-01-27 02:09 . 2010-01-27 02:09 50704 c:\windows\system32\drivers\npf.sys
+ 2008-04-14 12:00 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
+ 2008-04-14 12:00 . 2011-07-08 14:02 10496 c:\windows\system32\drivers\ndistapi.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 52096 c:\windows\system32\drivers\msdv.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 15104 c:\windows\system32\drivers\mpe.sys
+ 2009-07-30 02:44 . 2001-08-17 15:48 12160 c:\windows\system32\drivers\mouhid.sys
- 2009-07-30 02:44 . 2001-08-17 16:48 12160 c:\windows\system32\drivers\mouhid.sys
- 2008-04-13 22:09 . 2008-04-14 03:09 23040 c:\windows\system32\drivers\mouclass.sys
+ 2008-04-13 22:09 . 2008-04-14 02:09 23040 c:\windows\system32\drivers\mouclass.sys
+ 2011-08-12 00:33 . 2008-04-14 02:09 14592 c:\windows\system32\drivers\kbdhid.sys
- 2008-04-14 12:00 . 2008-04-14 12:00 24576 c:\windows\system32\drivers\kbdclass.sys
+ 2008-04-14 12:00 . 2008-04-14 02:09 24576 c:\windows\system32\drivers\kbdclass.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 11392 c:\windows\system32\drivers\bdasup.sys
- 2008-04-14 12:00 . 2008-04-14 12:00 45568 c:\windows\system32\dnsrslvr.dll
+ 2008-04-14 12:00 . 2009-04-20 17:06 45568 c:\windows\system32\dnsrslvr.dll
+ 2009-06-26 18:04 . 2011-06-23 18:36 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-06-26 18:04 . 2010-06-24 12:22 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-11-25 15:35 . 2004-07-09 09:26 47104 c:\windows\system32\dllcache\wstdecod.dll
+ 2009-04-20 18:18 . 2008-04-22 17:09 32384 c:\windows\system32\dllcache\usbccgp.sys
+ 2010-10-13 18:04 . 2010-08-27 06:05 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2010-09-15 12:51 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2010-11-25 15:35 . 2002-08-29 08:41 31744 c:\windows\system32\dllcache\pid.dll
+ 2011-02-10 02:21 . 2010-11-02 15:17 40960 c:\windows\system32\dllcache\ndproxy.sys
+ 2010-10-13 18:03 . 2011-06-23 18:36 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-07-29 06:52 . 2011-06-23 18:36 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-07-29 06:52 . 2010-06-24 12:21 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 13312 c:\windows\system32\dllcache\msdmo.dll
+ 2009-07-30 02:44 . 2001-08-17 15:48 12160 c:\windows\system32\dllcache\mouhid.sys
+ 2008-04-13 22:09 . 2008-04-14 02:09 23040 c:\windows\system32\dllcache\mouclass.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 34304 c:\windows\system32\dllcache\mciqtz32.dll
+ 2010-10-13 18:03 . 2011-06-23 18:36 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2011-08-12 00:33 . 2008-04-14 02:09 14592 c:\windows\system32\dllcache\kbdhid.sys
+ 2008-04-14 12:00 . 2008-04-14 02:09 24576 c:\windows\system32\dllcache\kbdclass.sys
+ 2009-06-26 18:04 . 2011-06-23 18:36 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-06-26 18:04 . 2010-06-24 12:21 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2011-02-10 02:26 . 2010-11-18 18:12 81920 c:\windows\system32\dllcache\isign32.dll
+ 2011-08-12 00:33 . 2008-04-14 07:41 21504 c:\windows\system32\dllcache\hidserv.dll
+ 2010-11-25 15:35 . 2001-08-23 10:00 10496 c:\windows\system32\dllcache\dxapi.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 18432 c:\windows\system32\dllcache\dswave.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 79360 c:\windows\system32\dllcache\dpwsockx.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 80896 c:\windows\system32\dllcache\dpvsetup.exe
+ 2010-11-25 15:35 . 2002-12-12 05:14 19968 c:\windows\system32\dllcache\dpvacm.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 16896 c:\windows\system32\dllcache\dpnsvr.exe
+ 2010-11-25 15:35 . 2003-03-24 14:00 68096 c:\windows\system32\dllcache\dpnhupnp.dll
+ 2010-11-25 15:35 . 2003-03-24 14:00 32768 c:\windows\system32\dllcache\dpnhpast.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 77824 c:\windows\system32\dllcache\dpmodemx.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 28160 c:\windows\system32\dllcache\dplaysvr.exe
+ 2011-04-26 06:11 . 2009-04-20 17:06 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 98816 c:\windows\system32\dllcache\dmstyle.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 76800 c:\windows\system32\dllcache\dmscript.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 33280 c:\windows\system32\dllcache\dmloader.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 58368 c:\windows\system32\dllcache\dmcompos.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 27136 c:\windows\system32\dllcache\dmband.dll
+ 2010-11-25 15:35 . 2001-08-23 10:00 44032 c:\windows\system32\dllcache\dimap.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 24064 c:\windows\system32\dllcache\ddrawex.dll
+ 2010-11-25 15:35 . 2001-08-23 10:00 47616 c:\windows\system32\dllcache\d3dxof.dll
+ 2010-11-25 15:35 . 2001-08-23 10:00 34816 c:\windows\system32\dllcache\d3dpmesh.dll
- 2010-03-17 06:03 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-03-17 06:03 . 2011-04-26 11:02 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 64512 c:\windows\system32\dllcache\amstream.dll
+ 2008-04-14 12:00 . 2011-04-26 11:02 33280 c:\windows\system32\csrsrv.dll
- 2008-04-14 12:00 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
+ 2011-03-11 06:04 . 2011-03-11 06:04 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-19 09:22 . 2010-09-11 00:22 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-26 01:07 . 2011-03-11 06:04 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-06-26 01:07 . 2010-09-11 00:22 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-03-19 09:22 . 2010-09-11 00:22 16384 c:\windows\system32\config\systemprofile\Cookies\i ndex.dat
+ 2011-03-11 06:04 . 2011-03-11 06:04 16384 c:\windows\system32\config\systemprofile\Cookies\i ndex.dat
+ 2010-11-25 15:35 . 2004-07-09 09:26 47104 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstdecod.dll
+ 2010-11-25 15:35 . 2004-07-09 09:26 18688 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstcodec.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 14976 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\streamip.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 10880 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\slip.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 10112 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ndisip.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 83968 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\nabtsfec.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 16896 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msyuv.dll
+ 2010-11-25 15:35 . 2004-07-09 09:26 15104 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\mpe.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 16384 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ccdecode.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 11392 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\bdasup.sys
+ 2010-11-25 15:35 . 2004-07-09 09:27 48512 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\stream.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 13312 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\msdmo.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 34304 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mciqtz32.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 18944 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\encapi.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 46592 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
+ 2010-11-25 15:35 . 2002-12-12 05:14 18432 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dswave.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 79360 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpwsockx.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 80896 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe
+ 2010-11-25 15:35 . 2002-12-12 05:14 19968 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvacm.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 16896 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe
+ 2010-11-25 15:35 . 2003-03-24 14:00 68096 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhupnp.dll
+ 2010-11-25 15:35 . 2003-03-24 14:00 32768 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhpast.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 77824 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpmodemx.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 28160 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe
+ 2010-11-25 15:35 . 2002-12-12 05:14 98816 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmstyle.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 76800 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmscript.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 33280 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 58368 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmcompos.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 27136 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmband.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 24064 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddrawex.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 64512 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\amstream.dll
+ 2010-09-22 13:43 . 2010-09-22 13:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_wp.exe
- 2010-03-23 09:31 . 2010-03-23 09:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspn et_wp.exe
- 2010-04-01 15:42 . 2010-04-01 15:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.Security.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.Security.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor sn.dll
- 2010-03-31 18:51 . 2010-03-31 18:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor sn.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ie.dll
- 2010-03-31 18:51 . 2010-03-31 18:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ie.dll
- 2010-03-31 18:51 . 2010-03-31 18:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPe rfMonExt.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPe rfMonExt.dll
- 2010-03-31 19:32 . 2010-03-31 19:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_wp.exe
+ 2010-09-23 07:17 . 2010-09-23 07:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_wp.exe
- 2010-03-31 19:32 . 2010-03-31 19:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_filter.dll
+ 2010-09-23 07:17 . 2010-09-23 07:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_filter.dll
+ 2009-06-28 23:27 . 2005-03-18 22:23 12800 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
- 2009-06-28 23:27 . 2005-03-18 20:23 12800 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
- 2009-06-28 23:27 . 2005-03-18 20:23 53248 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayba ck.dll
+ 2009-06-28 23:27 . 2005-03-18 22:23 53248 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayba ck.dll
+ 2011-02-04 01:01 . 2011-02-04 01:01 27136 c:\windows\Installer\16214be4.msi
+ 2011-02-04 01:00 . 2011-02-04 01:00 58880 c:\windows\Installer\16214bb8.msi
+ 2011-09-25 03:05 . 2011-09-25 03:05 22016 c:\windows\Installer\1497dc2.msi
+ 2011-02-04 01:00 . 2011-02-04 01:00 61272 c:\windows\Installer\{E6158D07-2637-4ECF-B576-37C489669174}\IconWlc.exe
+ 2011-02-04 01:01 . 2011-02-04 01:01 80395 c:\windows\Installer\{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}\MsblIco.Exe
+ 2011-05-20 22:39 . 2011-05-20 22:39 77610 c:\windows\Installer\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}\_853F67D554F05449430E7E.exe
+ 2011-10-06 19:11 . 2011-10-06 19:11 65536 c:\windows\Installer\{98780400-EC17-11E0-96CF-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A 4CDCBDCF41F6A74_1.exe
+ 2011-10-06 19:11 . 2011-10-06 19:11 65536 c:\windows\Installer\{98780400-EC17-11E0-96CF-B8AC6F97B88E}\ARPPRODUCTICON.exe
- 2010-06-22 18:33 . 2010-09-05 00:09 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-22 18:33 . 2011-07-05 14:58 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-09-23 08:47 . 2010-09-23 08:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\reader_sl.exe
+ 2010-09-23 07:03 . 2010-09-23 07:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\eula.exe
+ 2010-09-21 03:07 . 2010-09-21 03:07 70584 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\adobeextractfiles.d ll
+ 2010-09-23 06:52 . 2010-09-23 06:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\acrotextextractor.e xe
+ 2010-09-22 22:12 . 2010-09-22 22:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\AcroRd32Info.exe
+ 2011-09-17 20:40 . 2011-04-25 16:11 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 12800 c:\windows\ie8updates\KB2530548-IE8\xpshims.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 66560 c:\windows\ie8updates\KB2530548-IE8\mshtmled.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 55296 c:\windows\ie8updates\KB2530548-IE8\msfeedsbs.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 43520 c:\windows\ie8updates\KB2530548-IE8\licmgr10.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 25600 c:\windows\ie8updates\KB2530548-IE8\jsproxy.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 12800 c:\windows\ie8updates\KB2497640-IE8\xpshims.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 66560 c:\windows\ie8updates\KB2497640-IE8\mshtmled.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 55296 c:\windows\ie8updates\KB2497640-IE8\msfeedsbs.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 43520 c:\windows\ie8updates\KB2497640-IE8\licmgr10.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 25600 c:\windows\ie8updates\KB2497640-IE8\jsproxy.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll
+ 2010-10-13 18:07 . 2010-06-24 12:22 12800 c:\windows\ie8updates\KB2360131-IE8\xpshims.dll
+ 2010-10-13 18:07 . 2009-04-20 18:18 66560 c:\windows\ie8updates\KB2360131-IE8\mshtmled.dll
+ 2010-10-13 18:07 . 2010-06-24 12:21 55296 c:\windows\ie8updates\KB2360131-IE8\msfeedsbs.dll
+ 2010-10-13 18:07 . 2009-04-20 18:17 43008 c:\windows\ie8updates\KB2360131-IE8\licmgr10.dll
+ 2010-10-13 18:07 . 2010-06-24 12:21 25600 c:\windows\ie8updates\KB2360131-IE8\jsproxy.dll
+ 2010-11-25 15:35 . 2004-07-09 09:26 18688 c:\windows\Driver Cache\i386\wstcodec.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 14976 c:\windows\Driver Cache\i386\streamip.sys
+ 2010-11-25 15:35 . 2004-07-09 09:27 48512 c:\windows\Driver Cache\i386\stream.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 10880 c:\windows\Driver Cache\i386\slip.sys
+ 2010-11-25 15:35 . 2002-08-29 08:41 31744 c:\windows\Driver Cache\i386\pid.dll
+ 2010-11-25 15:35 . 2004-07-09 09:26 10112 c:\windows\Driver Cache\i386\ndisip.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 83968 c:\windows\Driver Cache\i386\nabtsfec.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 52096 c:\windows\Driver Cache\i386\msdv.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 15104 c:\windows\Driver Cache\i386\mpe.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 16384 c:\windows\Driver Cache\i386\ccdecode.sys
+ 2010-11-25 15:35 . 2004-07-09 09:26 11392 c:\windows\Driver Cache\i386\bdasup.sys
+ 2010-10-12 01:30 . 2010-10-12 01:30 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System .Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_0b03f 731\System.Drawing.Design.dll
+ 2010-10-12 01:30 . 2010-10-12 01:30 61440 c:\windows\assembly\NativeImages1_v1.1.4322\Custom Marshalers\1.0.5000.0__b03f5f7f11d50a3a_a1e166af\C ustomMarshalers.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 24576 c:\windows\assembly\NativeImages_v2.0.50727_32\Wia Proxy32\d5cd392b58b4fca02e9b69425633375e\WiaProxy3 2.ni.exe
+ 2011-07-05 15:04 . 2011-07-05 15:04 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationProvider\1492e9393417d6e91b5ddc746b5ef320 \UIAutomationProvider.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Pres#\343c52b741531ce9ae874ea7508831a7 \System.Windows.Presentation.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.DynamicD#\246110974e3c48733458819b07464b23 \System.Web.DynamicData.Design.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f \System.ComponentModel.DataAnnotations.ni.dll
+ 2011-07-05 15:39 . 2011-07-05 15:39 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.AddIn.Contra#\177a17af98d803ab79006d6785706462 \System.AddIn.Contract.ni.dll
+ 2011-09-17 20:44 . 2011-09-17 20:44 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFontCac#\40ee65aacd9d7472cd6f8dddbfca604b \PresentationFontCache.ni.exe
+ 2011-09-17 20:43 . 2011-09-17 20:43 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationCFFRast#\12c424eed7ee0e9c017bf72ff09eb78c \PresentationCFFRasterizer.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Vsa\f9c514544c8e23220493cd42a0e20678\Micros oft.Vsa.ni.dll
+ 2011-07-05 15:37 . 2011-07-05 15:37 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.VisualC\a96b02abbfcaae424cfb91a198a9e0e9\Mi crosoft.VisualC.ni.dll
+ 2011-07-05 15:39 . 2011-07-05 15:39 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e \Microsoft.Build.Framework.ni.dll
+ 2011-07-05 15:38 . 2011-07-05 15:38 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270 \Microsoft.Build.Framework.ni.dll
+ 2011-07-05 15:37 . 2011-07-05 15:37 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Int erop.WIA\98c93980bcd7a4ce51a2f11bf2a35543\Interop. WIA.ni.dll
+ 2011-07-05 15:38 . 2011-07-05 15:38 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfs vc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe
+ 2011-07-05 15:36 . 2011-07-05 15:36 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Acc essibility\d9228d58804dfd75fd92a4d12ffac8af\Access ibility.ni.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExp ressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.Regu larExpressions.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExp ressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.Regu larExpressions.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design \2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.d ll
+ 2011-09-17 20:42 . 2011-09-17 20:42 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design \2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.d ll
- 2010-09-05 00:19 . 2010-09-05 00:19 81920 c:\windows\assembly\GAC_MSIL\System.Configuration. Install\2.0.0.0__b03f5f7f11d50a3a\System.Configura tion.Install.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 81920 c:\windows\assembly\GAC_MSIL\System.Configuration. Install\2.0.0.0__b03f5f7f11d50a3a\System.Configura tion.Install.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0 __b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0 __b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.Code DOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.V sa.Vb.CodeDOMProcessor.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.Code DOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.V sa.Vb.CodeDOMProcessor.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBas ic.Vsa.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBas ic.Vsa.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utili ties\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Uti lities.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utili ties\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Uti lities.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Frame work\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra mework.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Frame work\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Fra mework.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5 f7f11d50a3a\IEHost.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5 f7f11d50a3a\IEHost.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b0 3f5f7f11d50a3a\cscompmgd.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b0 3f5f7f11d50a3a\cscompmgd.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0 __b03f5f7f11d50a3a\Accessibility.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0 __b03f5f7f11d50a3a\Accessibility.dll
+ 2011-05-10 07:44 . 2011-05-10 07:44 98304 c:\windows\assembly\GAC_32\Microsoft.Xna.Framework .Game\3.1.0.0__6d5c3888ef60e27d\Microsoft.Xna.Fram ework.Game.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-06-22 18:34 . 2010-06-22 18:34 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0 __b03f5f7f11d50a3a\System.Security.dll
+ 2010-10-12 01:30 . 2010-10-12 01:30 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0 __b03f5f7f11d50a3a\System.Security.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnost ics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .Diagnostics.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnost ics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .Diagnostics.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVid eoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft. DirectX.AudioVideoPlayback.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVid eoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft. DirectX.AudioVideoPlayback.dll
+ 2011-08-15 18:39 . 2009-07-13 20:49 47104 c:\windows\$NtUninstallWdf01009$\spuninst\KmdfCust om.dll
+ 2011-05-10 09:11 . 2008-04-14 12:00 45568 c:\windows\$NtUninstallKB2509553$\dnsrslvr.dll
+ 2011-02-11 15:04 . 2009-12-14 07:08 33280 c:\windows\$NtUninstallKB2476687$\csrsrv.dll
+ 2011-02-11 15:06 . 2010-06-21 14:46 46080 c:\windows\$NtUninstallKB2443685$\tzchange.exe
+ 2011-02-11 15:06 . 2010-11-05 05:57 16896 c:\windows\$NtUninstallKB2443685$\spuninst\tzchang e.dll
+ 2011-02-11 15:08 . 2008-04-14 12:00 81920 c:\windows\$NtUninstallKB2443105$\isign32.dll
+ 2011-02-11 15:08 . 2008-04-14 12:00 40576 c:\windows\$NtUninstallKB2440591$\ndproxy.sys
+ 2010-09-22 03:05 . 2008-04-14 12:00 57856 c:\windows\$NtUninstallKB2347290$\spoolsv.exe
+ 2010-10-13 18:07 . 2008-04-14 12:00 96768 c:\windows\$NtUninstallKB2345886$\srvsvc.dll
+ 2010-09-29 16:22 . 2010-04-21 13:28 46080 c:\windows\$NtUninstallKB2158563$\tzchange.exe
+ 2010-09-29 16:22 . 2010-06-23 00:54 16896 c:\windows\$NtUninstallKB2158563$\spuninst\tzchang e.dll
+ 2010-10-13 18:07 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982132\update\spcustom.dll
+ 2010-10-13 18:07 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB982132\spmsg.dll
+ 2010-09-22 03:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981322\update\spcustom.dll
+ 2010-09-22 03:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB981322\spmsg.dll
+ 2011-03-16 04:45 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971029\update\spcustom.dll
+ 2011-03-16 04:45 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971029\spmsg.dll
+ 2011-07-05 14:50 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2544521-IE8\update\spcustom.dll
+ 2011-07-05 14:50 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2544521-IE8\spmsg.dll
+ 2011-07-05 14:56 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2530548-IE8\update\spcustom.dll
+ 2011-07-05 14:56 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2530548-IE8\spmsg.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 12800 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\xpshims.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 66560 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtmled.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 55296 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeedsbs.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 43520 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\licmgr10.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 25600 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\jsproxy.dll
+ 2011-05-11 02:38 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2524375\update\spcustom.dll
+ 2011-05-11 02:38 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2524375\spmsg.dll
+ 2011-05-10 09:11 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2510531-IE8\update\spcustom.dll
+ 2011-05-10 09:11 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2510531-IE8\spmsg.dll
+ 2011-05-10 09:12 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2508272\update\spcustom.dll
+ 2011-05-10 09:12 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2508272\spmsg.dll
+ 2011-05-10 09:11 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2506212\update\spcustom.dll
+ 2011-05-10 09:11 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2506212\spmsg.dll
+ 2011-05-10 09:15 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2497640-IE8\update\spcustom.dll
+ 2011-05-10 09:15 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2497640-IE8\spmsg.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 12800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\xpshims.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 66560 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtmled.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 55296 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeedsbs.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 43520 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\licmgr10.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 25600 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\jsproxy.dll
+ 2011-02-11 15:05 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2482017-IE8\update\spcustom.dll
+ 2011-02-11 15:05 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2482017-IE8\spmsg.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 12800 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\xpshims.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 66560 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtmled.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 55296 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeedsbs.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 43520 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\licmgr10.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 25600 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\jsproxy.dll
+ 2011-03-16 04:46 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-16 04:46 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2011-02-11 15:04 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476687\update\spcustom.dll
+ 2011-02-11 15:04 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476687\spmsg.dll
+ 2011-02-10 02:27 . 2010-12-09 14:29 33280 c:\windows\$hf_mig$\KB2476687\SP3QFE\csrsrv.dll
+ 2011-07-05 14:57 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll
+ 2011-07-05 14:57 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2476490\spmsg.dll
+ 2011-02-11 15:08 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2443105\update\spcustom.dll
+ 2011-02-11 15:08 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2443105\spmsg.dll
+ 2011-02-10 02:26 . 2010-11-18 18:12 81920 c:\windows\$hf_mig$\KB2443105\SP3QFE\isign32.dll
+ 2011-02-11 15:08 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2440591\update\spcustom.dll
+ 2011-02-11 15:08 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2440591\spmsg.dll
+ 2011-02-10 02:21 . 2010-11-03 05:55 40960 c:\windows\$hf_mig$\KB2440591\SP3QFE\ndproxy.sys
+ 2010-10-13 18:08 . 2010-02-22 14:23 26488 c:\windows\$hf_mig$\KB2387149\update\spcustom.dll
+ 2010-10-13 18:08 . 2010-02-22 14:23 17272 c:\windows\$hf_mig$\KB2387149\spmsg.dll
+ 2010-10-13 18:07 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB2360131-IE8\update\spcustom.dll
+ 2010-10-13 18:07 . 2009-05-26 09:01 17272 c:\windows\$hf_mig$\KB2360131-IE8\spmsg.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 12800 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\xpshims.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 66560 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtmled.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 55296 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeedsbs.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 43520 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\licmgr10.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 25600 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\jsproxy.dll
+ 2010-09-22 03:05 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2347290\update\spcustom.dll
+ 2010-09-22 03:05 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB2347290\spmsg.dll
+ 2010-09-15 12:51 . 2010-08-17 13:19 58880 c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
+ 2011-09-17 20:42 . 2011-09-17 20:42 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a 3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a 3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2009-04-20 18:23 . 2011-02-17 12:32 5120 c:\windows\system32\xpsp4res.dll
+ 2008-02-27 19:49 . 2008-02-27 19:49 8536 c:\windows\system32\vscodecpack_173\general\Filter s\bass_tta.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 3072 c:\windows\system32\dllcache\dpnlobby.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 3072 c:\windows\system32\dllcache\dpnaddr.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 8192 c:\windows\system32\dllcache\d3d8thk.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 4096 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\swenum.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 5504 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mstee.sys
+ 2010-11-25 15:35 . 2001-08-23 10:00 4608 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspqm.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 5248 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspclock.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 7424 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mskssrv.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 4096 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 3072 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnlobby.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 3072 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnaddr.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 8192 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8thk.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 4096 c:\windows\Driver Cache\i386\swenum.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 5504 c:\windows\Driver Cache\i386\mstee.sys
+ 2010-11-25 15:35 . 2001-08-23 10:00 4608 c:\windows\Driver Cache\i386\mspqm.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 5248 c:\windows\Driver Cache\i386\mspclock.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 7424 c:\windows\Driver Cache\i386\mskssrv.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 4096 c:\windows\Driver Cache\i386\ksuser.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0 .0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0 .0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f 5f7f11d50a3a\IIEHost.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f 5f7f11d50a3a\IIEHost.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0_ _b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0_ _b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-09-22 03:04 . 2009-04-20 18:23 2560 c:\windows\$NtUninstallKB982802$\xpsp4res.dll
+ 2011-05-10 09:12 . 2010-08-26 12:52 5120 c:\windows\$NtUninstallKB2508429$\xpsp4res.dll
+ 2010-10-13 18:05 . 2010-07-22 05:57 5120 c:\windows\$NtUninstallKB2360937$\xpsp4res.dll
+ 2010-10-13 18:07 . 2010-08-13 12:53 5120 c:\windows\$NtUninstallKB2345886$\xpsp4res.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a 1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2011-05-14 05:17 . 2011-05-14 05:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
+ 2011-05-14 05:12 . 2011-05-14 05:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
+ 2011-05-14 05:11 . 2011-05-14 05:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
+ 2009-07-12 05:12 . 2009-07-12 05:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 05:09 . 2009-07-12 05:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 05:08 . 2009-07-12 05:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 624448 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b 9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcr90.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 853312 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b 9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcp90.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 245760 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b 9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcm90.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 176456 c:\windows\WinSxS\amd64_Microsoft.VC90.ATL_1fc8b3b 9a1e18e3b_9.0.30729.4148_x-ww_673f7fa2\atl90.dll
+ 2010-11-03 18:08 . 2010-11-03 18:08 237568 c:\windows\system32\yv12vfw.dll
+ 2011-03-24 19:35 . 2011-03-24 19:35 243200 c:\windows\system32\xvidvfw.dll
+ 2011-03-24 19:28 . 2011-03-24 19:28 631808 c:\windows\system32\xvidcore.dll
+ 2011-05-10 07:45 . 2010-02-04 14:01 528216 c:\windows\system32\XAudio2_6.dll
+ 2011-05-10 07:45 . 2009-09-04 21:44 515416 c:\windows\system32\XAudio2_5.dll
+ 2009-06-26 01:02 . 2008-05-30 18:19 507400 c:\windows\system32\XAudio2_1.dll
- 2009-06-26 01:02 . 2009-04-20 18:23 507400 c:\windows\system32\XAudio2_1.dll
+ 2011-05-10 07:45 . 2010-02-04 14:01 238936 c:\windows\system32\xactengine3_6.dll
+ 2011-05-10 07:45 . 2009-09-04 21:44 238936 c:\windows\system32\xactengine3_5.dll
+ 2009-06-26 01:02 . 2008-05-30 18:18 238088 c:\windows\system32\xactengine3_1.dll
- 2009-06-26 01:02 . 2009-04-20 18:19 238088 c:\windows\system32\xactengine3_1.dll
+ 2010-01-27 02:09 . 2010-01-27 02:09 281104 c:\windows\system32\wpcap.dll
+ 2009-04-20 18:19 . 2011-06-20 17:43 293376 c:\windows\system32\winsrv.dll
- 2009-04-20 18:19 . 2009-04-20 18:19 293376 c:\windows\system32\winsrv.dll
+ 2009-04-20 18:19 . 2011-06-23 18:36 916480 c:\windows\system32\wininet.dll
- 2009-04-20 18:19 . 2010-06-24 12:22 916480 c:\windows\system32\wininet.dll
+ 2011-03-05 17:39 . 2011-03-05 17:39 323624 c:\windows\system32\wiaaut.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 139264 c:\windows\system32\vscodecpack_173\real\Codecs\si pr3260.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 139264 c:\windows\system32\vscodecpack_173\real\Codecs\si pr.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 155648 c:\windows\system32\vscodecpack_173\real\Codecs\ra lf.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 557056 c:\windows\system32\vscodecpack_173\real\Codecs\ra ac.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 286720 c:\windows\system32\vscodecpack_173\real\Codecs\dr vc.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 180224 c:\windows\system32\vscodecpack_173\real\Codecs\dr v2.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 106496 c:\windows\system32\vscodecpack_173\real\Codecs\dr v1.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 212992 c:\windows\system32\vscodecpack_173\real\Codecs\dm p4.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 548919 c:\windows\system32\vscodecpack_173\real\Codecs\co lorcvt.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 172032 c:\windows\system32\vscodecpack_173\real\Codecs\am rn.dll
+ 2007-10-07 13:36 . 2007-10-07 13:36 258048 c:\windows\system32\vscodecpack_173\general\Filter s\libFLAC.dll
+ 2011-03-03 10:38 . 2011-03-03 10:38 154112 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\ts.dll
+ 2011-03-03 10:39 . 2011-03-03 10:39 123392 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\ogm.dll
+ 2011-03-03 10:39 . 2011-03-03 10:39 141824 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\mp4.dll
+ 2011-03-03 10:40 . 2011-03-03 10:40 150528 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\mkx.dll
+ 2011-03-03 10:37 . 2011-03-03 10:37 358400 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\gdsmux.exe
+ 2011-03-03 10:38 . 2011-03-03 10:38 249856 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\dxr.dll
+ 2011-03-03 10:39 . 2011-03-03 10:39 109568 c:\windows\system32\vscodecpack_173\general\Filter s\Haali\avi.dll
+ 2009-02-27 13:52 . 2009-02-27 13:52 151416 c:\windows\system32\vscodecpack_173\general\Filter s\bass_aac.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 324096 c:\windows\system32\vscodecpack_173\general\ffdsho w\TomsMoComp_ff.dll
+ 2011-02-23 08:23 . 2011-02-23 08:23 879630 c:\windows\system32\vscodecpack_173\general\ffdsho w\libstdc++-6.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 163840 c:\windows\system32\vscodecpack_173\general\ffdsho w\libmpeg2_ff.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 100864 c:\windows\system32\vscodecpack_173\general\ffdsho w\ff_wmv9.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 181248 c:\windows\system32\vscodecpack_173\general\ffdsho w\ff_unrar.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 178688 c:\windows\system32\vscodecpack_173\general\ffdsho w\ff_libmad.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 484864 c:\windows\system32\vscodecpack_173\general\ffdsho w\ff_libfaad2.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 257024 c:\windows\system32\vscodecpack_173\general\ffdsho w\ff_libdts.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 141312 c:\windows\system32\vscodecpack_173\general\ffdsho w\ff_liba52.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 206789 c:\windows\system32\vscodecpack_173\general\ffdsho w\ff_kernelDeint.dll
+ 2009-04-20 18:19 . 2011-03-04 06:37 420864 c:\windows\system32\vbscript.dll
+ 2008-04-14 12:00 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 406016 c:\windows\system32\usp10.dll
+ 2009-04-20 18:18 . 2011-06-23 18:36 105984 c:\windows\system32\url.dll
- 2009-04-20 18:18 . 2009-04-20 18:18 105984 c:\windows\system32\url.dll
+ 2011-03-02 10:43 . 2011-03-02 10:43 175616 c:\windows\system32\unrar.dll
+ 2008-04-14 12:00 . 2010-08-27 08:02 119808 c:\windows\system32\t2embed.dll
- 2008-04-14 12:00 . 2009-10-15 16:28 119808 c:\windows\system32\t2embed.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 135168 c:\windows\system32\shsvcs.dll
+ 2008-04-14 12:00 . 2009-07-27 23:17 135168 c:\windows\system32\shsvcs.dll
+ 2008-04-14 12:00 . 2011-01-21 14:42 439808 c:\windows\system32\shimgvw.dll
+ 2009-04-20 18:18 . 2011-04-29 17:23 151552 c:\windows\system32\schannel.dll
+ 2008-04-14 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\sbe.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 270848 c:\windows\system32\sbe.dll
+ 2009-04-20 18:18 . 2010-08-16 08:43 590848 c:\windows\system32\rpcrt4.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 163908 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvsvc32.exe
+ 2011-05-11 03:16 . 2008-10-07 18:33 286720 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvnt4cpl.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 458752 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvmccssr.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 188416 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvmccss.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 229376 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvmccs.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 122880 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvcod.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 475136 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvapi.dll
+ 2010-11-25 15:35 . 2004-07-09 09:26 354816 c:\windows\system32\psisdecd.dll
+ 2010-02-15 18:00 . 2010-02-15 18:00 278528 c:\windows\system32\pncrt.dll
+ 2008-04-14 12:00 . 2011-09-17 20:43 441468 c:\windows\system32\perfh009.dat
+ 2010-01-27 02:09 . 2010-01-27 02:09 100880 c:\windows\system32\Packet.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 551936 c:\windows\system32\oleaut32.dll
+ 2008-04-14 12:00 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
+ 2009-04-20 18:18 . 2010-11-09 14:50 253952 c:\windows\system32\odbc32.dll
+ 2009-04-20 18:18 . 2011-06-23 18:36 206848 c:\windows\system32\occache.dll
- 2009-04-20 18:18 . 2010-06-24 12:22 206848 c:\windows\system32\occache.dll
+ 2011-06-02 06:11 . 2011-05-25 06:09 154728 c:\windows\system32\nvsvc32.exe
+ 2011-06-02 06:11 . 2011-05-25 06:09 111208 c:\windows\system32\nvmctray.dll
+ 2011-06-02 06:10 . 2011-05-25 06:09 865896 c:\windows\system32\nvgenco322090.dll
+ 2011-05-11 03:16 . 2011-06-02 06:10 273344 c:\windows\system32\nvdrsdb1.bin
+ 2011-05-11 03:16 . 2011-06-02 06:10 273344 c:\windows\system32\nvdrsdb0.bin
+ 2011-06-02 06:10 . 2011-05-25 06:09 899688 c:\windows\system32\nvdispco3220150.dll
- 2009-11-21 01:32 . 2009-11-21 01:32 145000 c:\windows\system32\nvcolor.exe
+ 2011-06-02 06:11 . 2011-05-25 06:09 145000 c:\windows\system32\nvcolor.exe
+ 2009-02-09 10:56 . 2010-12-09 15:15 718336 c:\windows\system32\ntdll.dll
+ 2009-04-20 18:18 . 2011-06-23 18:36 611840 c:\windows\system32\mstime.dll
- 2009-04-20 18:18 . 2010-06-24 12:22 611840 c:\windows\system32\mstime.dll
+ 2009-04-20 18:22 . 2011-06-23 18:36 602112 c:\windows\system32\msfeeds.dll
+ 2009-04-20 18:22 . 2010-03-30 16:24 317440 c:\windows\system32\mp4sdecd.dll
- 2009-04-20 18:22 . 2009-04-20 18:22 317440 c:\windows\system32\mp4sdecd.dll
+ 2008-04-14 12:00 . 2011-02-08 23:03 974848 c:\windows\system32\mfc42u.dll
+ 2008-04-14 12:00 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll
+ 2008-04-14 12:00 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll
+ 2008-04-14 12:00 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll
+ 2011-09-24 21:09 . 2011-09-24 21:09 243360 c:\windows\system32\Macromed\Flash\FlashUtil10x_Pl ugin.exe
+ 2009-04-20 18:17 . 2010-12-20 17:24 730112 c:\windows\system32\lsasrv.dll
- 2009-04-20 18:17 . 2009-06-26 19:11 730112 c:\windows\system32\lsasrv.dll
+ 2009-04-20 18:17 . 2010-12-22 12:32 301568 c:\windows\system32\kerberos.dll
- 2009-04-20 18:17 . 2009-06-25 08:41 301568 c:\windows\system32\kerberos.dll
- 2009-04-20 18:17 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll
+ 2009-04-20 18:17 . 2011-03-04 06:37 726528 c:\windows\system32\jscript.dll
+ 2011-09-17 20:44 . 2011-05-04 08:52 157472 c:\windows\system32\javaws.exe
+ 2011-09-17 20:44 . 2011-05-04 08:52 145184 c:\windows\system32\javaw.exe
- 2010-03-04 01:08 . 2009-12-17 22:14 145184 c:\windows\system32\javaw.exe
- 2010-03-04 01:08 . 2009-12-17 22:14 145184 c:\windows\system32\java.exe
+ 2011-09-17 20:44 . 2011-05-04 08:52 145184 c:\windows\system32\java.exe
+ 2009-04-20 18:17 . 2011-05-02 15:30 692736 c:\windows\system32\inetcomm.dll
- 2009-04-20 18:17 . 2010-06-24 12:21 184320 c:\windows\system32\iepeers.dll
+ 2009-04-20 18:17 . 2011-06-23 18:36 184320 c:\windows\system32\iepeers.dll
+ 2009-04-20 18:17 . 2011-06-23 18:36 387584 c:\windows\system32\iedkcs32.dll
- 2009-04-20 18:17 . 2010-06-24 12:21 387584 c:\windows\system32\iedkcs32.dll
+ 2009-04-20 18:17 . 2011-06-23 12:05 173568 c:\windows\system32\ie4uinit.exe
+ 2009-06-25 19:43 . 2011-09-19 21:46 183424 c:\windows\system32\FNTCACHE.DAT
+ 2008-04-14 12:00 . 2011-02-09 13:53 186880 c:\windows\system32\encdec.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 186880 c:\windows\system32\encdec.dll
+ 2011-06-02 06:11 . 2011-05-25 06:09 543336 c:\windows\system32\easyupdatusapiu.dll
+ 2011-08-15 18:39 . 2011-08-01 19:56 395624 c:\windows\system32\DRVSTORE\dc3dh_5AAC9D9A8E42927 AFEBA0780EF6036EE556BE709\ipcoin82.dll
+ 2009-07-14 14:35 . 2009-07-14 14:35 444136 c:\windows\system32\drivers\wdf01000.sys
+ 2009-04-20 18:25 . 2008-06-20 11:59 361600 c:\windows\system32\drivers\tcpip.sys
- 2009-04-20 18:25 . 2008-08-25 23:38 361600 c:\windows\system32\drivers\tcpip.sys
+ 2009-04-20 18:18 . 2011-02-17 13:19 357888 c:\windows\system32\drivers\srv.sys
+ 2010-11-25 14:57 . 2010-11-25 14:57 436792 c:\windows\system32\drivers\sptd.sys
- 2009-06-26 01:01 . 2009-04-20 18:18 139656 c:\windows\system32\drivers\rdpwd.sys
+ 2009-06-26 01:01 . 2011-06-24 14:09 139656 c:\windows\system32\drivers\rdpwd.sys
+ 2009-04-20 18:18 . 2011-04-21 13:52 105472 c:\windows\system32\drivers\mup.sys
- 2009-04-20 18:16 . 2009-04-20 18:16 138496 c:\windows\system32\drivers\afd.sys
+ 2009-04-20 18:16 . 2011-02-16 13:25 138496 c:\windows\system32\drivers\afd.sys
+ 2009-04-20 18:16 . 2011-03-03 06:53 149504 c:\windows\system32\dnsapi.dll
+ 2010-10-13 18:04 . 2010-07-12 13:02 218112 c:\windows\system32\dllcache\wordpad.exe
+ 2010-09-15 12:51 . 2011-06-20 17:43 293376 c:\windows\system32\dllcache\winsrv.dll
- 2009-06-26 18:04 . 2010-06-24 12:22 916480 c:\windows\system32\dllcache\wininet.dll
+ 2009-06-26 18:04 . 2011-06-23 18:36 916480 c:\windows\system32\dllcache\wininet.dll
+ 2011-06-28 16:24 . 2011-04-30 03:01 758784 c:\windows\system32\dllcache\vgx.dll
+ 2010-04-22 01:57 . 2011-03-04 06:37 420864 c:\windows\system32\dllcache\vbscript.dll
+ 2010-09-15 12:50 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2011-04-26 06:11 . 2008-06-20 11:59 361600 c:\windows\system32\dllcache\tcpip.sys
- 2009-07-15 06:51 . 2009-10-15 16:28 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-07-15 06:51 . 2010-08-27 08:02 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2010-03-17 06:03 . 2011-02-17 13:19 357888 c:\windows\system32\dllcache\srv.sys
+ 2011-03-11 17:08 . 2009-07-27 23:17 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2011-02-10 02:27 . 2011-01-21 14:42 439808 c:\windows\system32\dllcache\shimgvw.dll
+ 2009-09-02 22:43 . 2011-04-29 17:23 151552 c:\windows\system32\dllcache\schannel.dll
+ 2011-03-11 02:56 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
+ 2009-06-26 18:04 . 2010-08-16 08:43 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 733184 c:\windows\system32\dllcache\qedwipes.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 470528 c:\windows\system32\dllcache\qdvd.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 316928 c:\windows\system32\dllcache\qdv.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 257024 c:\windows\system32\dllcache\qcap.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 173056 c:\windows\system32\dllcache\qasf.dll
+ 2011-06-28 16:30 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2011-02-10 02:27 . 2010-11-09 14:50 253952 c:\windows\system32\dllcache\odbc32.dll
- 2009-07-29 06:52 . 2010-06-24 12:22 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-07-29 06:52 . 2011-06-23 18:36 206848 c:\windows\system32\dllcache\occache.dll
+ 2011-02-10 02:22 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
+ 2011-06-28 16:26 . 2011-04-21 13:52 105472 c:\windows\system32\dllcache\mup.sys
+ 2011-04-26 06:11 . 2008-06-20 17:43 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2010-04-01 20:03 . 2011-06-23 18:36 611840 c:\windows\system32\dllcache\mstime.dll
- 2010-04-01 20:03 . 2010-06-24 12:22 611840 c:\windows\system32\dllcache\mstime.dll
+ 2011-02-10 02:27 . 2010-11-09 14:50 102400 c:\windows\system32\dllcache\msjro.dll
+ 2009-07-29 06:52 . 2011-06-23 18:36 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2011-02-10 02:27 . 2010-11-09 14:50 200704 c:\windows\system32\dllcache\msadox.dll
+ 2011-02-10 02:27 . 2010-11-09 14:50 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2010-11-10 01:20 . 2010-11-10 01:20 565248 c:\windows\system32\dllcache\msado15.dll
+ 2011-02-10 02:27 . 2010-11-09 14:50 143360 c:\windows\system32\dllcache\msadco.dll
+ 2010-03-17 06:03 . 2011-07-15 13:29 457856 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-03-30 16:24 . 2010-03-30 16:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2010-09-18 16:23 . 2011-02-08 23:03 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2010-10-13 18:04 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2010-10-13 18:04 . 2010-09-18 06:53 953856 c:\windows\system32\dllcache\mfc40u.dll
+ 2010-10-13 18:04 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
+ 2009-06-26 19:11 . 2010-12-20 17:24 730112 c:\windows\system32\dllcache\lsasrv.dll
- 2009-06-26 19:11 . 2009-06-26 19:11 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-09-02 22:43 . 2010-12-22 12:32 301568 c:\windows\system32\dllcache\kerberos.dll
- 2009-09-02 22:43 . 2009-06-25 08:41 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2009-09-09 23:48 . 2011-03-04 06:37 726528 c:\windows\system32\dllcache\jscript.dll
- 2009-09-09 23:48 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll
+ 2010-05-16 01:39 . 2011-05-02 15:30 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-06-26 18:04 . 2011-06-23 18:36 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-06-26 18:04 . 2010-06-24 12:21 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-07-29 06:52 . 2011-06-23 18:36 184320 c:\windows\system32\dllcache\iepeers.dll
- 2009-07-29 06:52 . 2010-06-24 12:21 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-19 22:07 . 2011-06-23 18:36 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-06-19 22:07 . 2010-06-24 12:21 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2009-06-26 18:04 . 2011-06-23 18:36 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2009-06-26 18:04 . 2010-06-24 12:21 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-06-26 18:04 . 2011-06-23 12:05 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2010-11-25 15:35 . 2001-08-23 10:00 223232 c:\windows\system32\dllcache\gcdef.dll
+ 2011-03-11 02:56 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 974848 c:\windows\system32\dllcache\dxdiag.exe
+ 2010-11-25 15:35 . 2002-12-12 05:14 602624 c:\windows\system32\dllcache\dx7vb.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 381952 c:\windows\system32\dllcache\dsound.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 491520 c:\windows\system32\dllcache\dsdmoprp.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 186880 c:\windows\system32\dllcache\dsdmo.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 112128 c:\windows\system32\dllcache\dpvvox.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 381952 c:\windows\system32\dllcache\dpvoice.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 723968 c:\windows\system32\dllcache\dpnet.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 230400 c:\windows\system32\dllcache\dplayx.dll
+ 2011-04-26 06:11 . 2011-03-03 06:53 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 122880 c:\windows\system32\dllcache\dmusic.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 100864 c:\windows\system32\dllcache\dmsynth.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 181248 c:\windows\system32\dllcache\dmime.dll
+ 2010-11-25 15:35 . 2002-08-29 08:40 667648 c:\windows\system32\dllcache\dinput8.dll
+ 2010-11-25 15:35 . 2002-08-29 08:40 648704 c:\windows\system32\dllcache\dinput.dll
+ 2010-11-25 15:35 . 2001-08-23 10:00 467968 c:\windows\system32\dllcache\diactfrm.dll
+ 2010-11-25 15:35 . 2003-05-30 14:00 132608 c:\windows\system32\dllcache\devenum.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 292864 c:\windows\system32\dllcache\ddraw.dll
+ 2010-11-25 15:35 . 2001-08-23 10:00 350208 c:\windows\system32\dllcache\d3drm.dll
+ 2010-11-25 15:35 . 2001-08-23 10:00 590336 c:\windows\system32\dllcache\d3dramp.dll
+ 2010-11-25 15:35 . 2003-05-30 14:00 797184 c:\windows\system32\dllcache\d3dim700.dll
+ 2010-11-25 15:35 . 2001-08-23 10:00 436224 c:\windows\system32\dllcache\d3dim.dll
+ 2010-10-13 18:04 . 2010-08-23 16:12 617472 c:\windows\system32\dllcache\comctl32.dll
+ 2010-06-19 22:12 . 2011-02-15 13:05 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2011-04-26 06:11 . 2011-02-16 13:25 138496 c:\windows\system32\dllcache\afd.sys
+ 2010-09-15 02:52 . 2011-05-04 08:52 472808 c:\windows\system32\deployJava1.dll
+ 2011-05-10 07:45 . 2009-09-04 21:29 235344 c:\windows\system32\d3dx11_42.dll
+ 2011-05-10 07:45 . 2009-09-04 21:29 453456 c:\windows\system32\d3dx10_42.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 617472 c:\windows\system32\comctl32.dll
+ 2008-04-14 12:00 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll
+ 2008-12-21 21:46 . 2008-12-21 21:46 351744 c:\windows\system32\avisynth.dll
- 2008-11-21 07:17 . 2008-07-19 06:08 351744 c:\windows\system32\avisynth.dll
+ 2009-04-20 18:16 . 2011-02-15 13:05 290432 c:\windows\system32\atmfd.dll
+ 2010-11-25 15:35 . 2004-07-09 09:26 354816 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\psisdecd.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 733184 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedwipes.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 470528 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdvd.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 316928 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdv.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 257024 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qcap.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 173056 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qasf.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 324096 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mswebdvd.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 130304 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ks.sys
+ 2010-11-25 15:35 . 2004-07-09 09:27 974848 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
+ 2010-11-25 15:35 . 2002-12-12 05:14 602624 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx7vb.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 381952 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 491520 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmoprp.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 186880 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmo.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 112128 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvvox.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 381952 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvoice.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 723968 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnet.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 230400 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplayx.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 122880 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmusic.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 100864 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmsynth.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 181248 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmime.dll
+ 2010-11-25 15:35 . 2003-05-30 14:00 132608 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\devenum.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 292864 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
+ 2010-11-25 15:35 . 2003-05-30 14:00 797184 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3dim700.dll
+ 2010-09-22 13:43 . 2010-09-22 13:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webe ngine.dll
- 2010-03-23 09:31 . 2010-03-23 09:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webe ngine.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS. dll
- 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS. dll
+ 2011-03-25 10:15 . 2011-03-25 10:15 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rjit.dll
- 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rdacwks.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rdacwks.dll
- 2010-03-31 18:51 . 2010-03-31 18:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ld.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor ld.dll
+ 2010-09-23 06:25 . 2010-09-23 06:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor jit.dll
- 2010-03-31 18:49 . 2010-03-31 18:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor jit.dll
+ 2010-09-23 07:17 . 2010-09-23 07:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_isapi.dll
- 2010-03-31 19:32 . 2010-03-31 19:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspne t_isapi.dll
- 2009-06-28 23:27 . 2006-03-31 15:27 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-28 23:27 . 2006-03-31 16:27 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
- 2009-06-28 23:27 . 2006-02-03 11:40 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-28 23:27 . 2006-02-03 12:40 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-28 23:27 . 2005-12-05 22:20 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
- 2009-06-28 23:27 . 2005-12-05 21:20 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-28 23:27 . 2005-09-28 19:11 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
- 2009-06-28 23:27 . 2005-09-28 18:11 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
- 2009-06-28 23:27 . 2005-07-22 21:21 577024 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-28 23:27 . 2005-07-22 22:21 577024 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-28 23:27 . 2005-05-26 20:15 576000 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
- 2009-06-28 23:27 . 2005-05-26 19:15 576000 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-28 23:27 . 2005-03-18 22:23 567296 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
- 2009-06-28 23:27 . 2005-03-18 21:23 567296 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
- 2009-06-28 23:27 . 2005-02-05 23:32 563712 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-28 23:27 . 2005-02-06 00:32 563712 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
- 2009-06-28 23:27 . 2005-03-18 20:23 223232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2009-06-28 23:27 . 2005-03-18 22:23 223232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
- 2009-06-28 23:27 . 2005-03-18 20:23 178176 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2009-06-28 23:27 . 2005-03-18 22:23 178176 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2009-06-28 23:27 . 2005-03-18 22:23 364544 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
- 2009-06-28 23:27 . 2005-03-18 20:23 364544 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2009-06-28 23:27 . 2005-03-18 22:23 159232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
- 2009-06-28 23:27 . 2005-03-18 20:23 159232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2009-06-28 23:27 . 2005-03-18 22:23 145920 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
- 2009-06-28 23:27 . 2005-03-18 20:23 145920 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2009-06-28 23:27 . 2005-03-18 22:23 473600 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
- 2009-06-28 23:27 . 2005-03-18 20:23 473600 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2011-09-27 22:53 . 2011-09-27 22:53 114688 c:\windows\Installer\e93024.msi
+ 2011-10-06 19:11 . 2011-10-06 19:11 922624 c:\windows\Installer\bc02a58.msi
+ 2011-05-20 22:39 . 2011-05-20 22:39 490496 c:\windows\Installer\93bc8ad.msi
+ 2010-09-24 01:02 . 2010-09-24 01:02 798208 c:\windows\Installer\7e84a8a.msp
+ 2011-08-20 04:07 . 2011-08-20 04:07 301056 c:\windows\Installer\7d617f.msi
+ 2011-05-10 07:44 . 2011-05-10 07:44 892416 c:\windows\Installer\73c49fc.msi
+ 2011-09-17 20:45 . 2011-09-17 20:45 203776 c:\windows\Installer\6828bf4.msi
+ 2011-09-17 20:41 . 2011-09-17 20:41 223744 c:\windows\Installer\6828bd3.msi
+ 2011-07-05 14:53 . 2011-07-05 14:53 467456 c:\windows\Installer\60eb8.msi
+ 2010-09-30 00:02 . 2010-09-30 00:02 807936 c:\windows\Installer\5ff82ae.msi
+ 2011-07-19 17:00 . 2011-07-19 17:00 219648 c:\windows\Installer\2bb9d2d.msi
+ 2011-02-04 01:01 . 2011-02-04 01:01 429056 c:\windows\Installer\16214c10.msi
+ 2011-02-04 01:00 . 2011-02-04 01:00 149504 c:\windows\Installer\16214bd1.msi
+ 2011-08-29 17:04 . 2011-08-29 17:04 371272 c:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
+ 2010-09-21 03:07 . 2010-09-21 03:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\readerupdater.exe
+ 2010-09-22 22:10 . 2010-09-22 22:10 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\nppdf32.dll
+ 2010-09-10 22:17 . 2010-09-10 22:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\JP2KLib.dll
+ 2010-09-23 00:41 . 2010-09-23 00:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\AdobeCollabSync.exe
+ 2010-09-21 03:07 . 2010-09-21 03:07 932288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\adobearm.exe
+ 2010-09-23 08:47 . 2010-09-23 08:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\AcroRd32.exe
+ 2010-09-22 22:04 . 2010-09-22 22:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\AcroPDF.dll
+ 2010-09-22 23:39 . 2010-09-22 23:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\acrobroker.exe
+ 2010-09-21 03:07 . 2010-09-21 03:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\acrobatupdater.exe
+ 2010-09-22 22:50 . 2010-09-22 22:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\a3dutility.exe
+ 2011-09-17 20:40 . 2011-04-25 16:11 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll
+ 2011-09-17 20:40 . 2009-04-20 18:18 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll
+ 2011-09-17 20:40 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
+ 2011-09-17 20:40 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
+ 2011-09-17 20:40 . 2011-04-25 16:11 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
+ 2011-09-17 20:40 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
+ 2011-07-05 14:50 . 2009-04-20 18:19 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
+ 2011-07-05 14:50 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2011-07-05 14:50 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2011-07-05 14:56 . 2011-02-22 23:06 916480 c:\windows\ie8updates\KB2530548-IE8\wininet.dll
+ 2011-07-05 14:56 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2530548-IE8\spuninst\updspapi.dll
+ 2011-07-05 14:56 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2530548-IE8\spuninst\spuninst.exe
+ 2011-07-05 14:56 . 2011-02-22 23:06 206848 c:\windows\ie8updates\KB2530548-IE8\occache.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 611840 c:\windows\ie8updates\KB2530548-IE8\mstime.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 602112 c:\windows\ie8updates\KB2530548-IE8\msfeeds.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 247808 c:\windows\ie8updates\KB2530548-IE8\ieproxy.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 184320 c:\windows\ie8updates\KB2530548-IE8\iepeers.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 743424 c:\windows\ie8updates\KB2530548-IE8\iedvtool.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 387584 c:\windows\ie8updates\KB2530548-IE8\iedkcs32.dll
+ 2011-07-05 14:56 . 2011-02-18 11:49 173568 c:\windows\ie8updates\KB2530548-IE8\ie4uinit.exe
+ 2011-05-10 09:11 . 2010-03-10 06:15 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2011-05-10 09:11 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2011-05-10 09:11 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
+ 2011-05-10 09:11 . 2009-12-09 05:53 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 916480 c:\windows\ie8updates\KB2497640-IE8\wininet.dll
+ 2011-05-10 09:15 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2497640-IE8\spuninst\updspapi.dll
+ 2011-05-10 09:15 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2497640-IE8\spuninst\spuninst.exe
+ 2011-05-10 09:15 . 2010-12-20 23:59 206848 c:\windows\ie8updates\KB2497640-IE8\occache.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 611840 c:\windows\ie8updates\KB2497640-IE8\mstime.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 602112 c:\windows\ie8updates\KB2497640-IE8\msfeeds.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 247808 c:\windows\ie8updates\KB2497640-IE8\ieproxy.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 184320 c:\windows\ie8updates\KB2497640-IE8\iepeers.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 743424 c:\windows\ie8updates\KB2497640-IE8\iedvtool.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 387584 c:\windows\ie8updates\KB2497640-IE8\iedkcs32.dll
+ 2011-05-10 09:15 . 2010-12-20 12:55 173568 c:\windows\ie8updates\KB2497640-IE8\ie4uinit.exe
+ 2011-02-11 15:04 . 2010-09-10 05:58 916480 c:\windows\ie8updates\KB2482017-IE8\wininet.dll
+ 2011-02-11 15:05 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll
+ 2011-02-11 15:05 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe
+ 2011-02-11 15:04 . 2010-09-10 05:58 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll
+ 2011-02-11 15:04 . 2010-08-26 12:22 173056 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe
+ 2010-10-13 18:07 . 2010-06-24 12:22 916480 c:\windows\ie8updates\KB2360131-IE8\wininet.dll
+ 2010-10-13 18:07 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2360131-IE8\spuninst\updspapi.dll
+ 2010-10-13 18:07 . 2009-05-26 09:01 231288 c:\windows\ie8updates\KB2360131-IE8\spuninst\spuninst.exe
+ 2010-10-13 18:07 . 2010-06-24 12:22 206848 c:\windows\ie8updates\KB2360131-IE8\occache.dll
+ 2010-10-13 18:07 . 2010-06-24 12:22 611840 c:\windows\ie8updates\KB2360131-IE8\mstime.dll
+ 2010-10-13 18:07 . 2010-06-24 12:21 599040 c:\windows\ie8updates\KB2360131-IE8\msfeeds.dll
+ 2010-10-13 18:07 . 2010-06-24 12:21 247808 c:\windows\ie8updates\KB2360131-IE8\ieproxy.dll
+ 2010-10-13 18:07 . 2010-06-24 12:21 184320 c:\windows\ie8updates\KB2360131-IE8\iepeers.dll
+ 2010-10-13 18:07 . 2010-06-24 12:21 743424 c:\windows\ie8updates\KB2360131-IE8\iedvtool.dll
+ 2010-10-13 18:07 . 2010-06-24 12:21 387584 c:\windows\ie8updates\KB2360131-IE8\iedkcs32.dll
+ 2010-10-13 18:07 . 2010-06-23 12:08 173056 c:\windows\ie8updates\KB2360131-IE8\ie4uinit.exe
+ 2010-11-25 15:35 . 2004-07-09 09:26 354816 c:\windows\Driver Cache\i386\psisdecd.dll
+ 2010-03-17 06:03 . 2011-07-15 13:29 457856 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-11-25 15:35 . 2002-12-12 05:14 130304 c:\windows\Driver Cache\i386\ks.sys
+ 2010-10-12 01:30 . 2010-10-12 01:30 839680 c:\windows\assembly\NativeImages1_v1.1.4322\System .Drawing\1.0.5000.0__b03f5f7f11d50a3a_4ee43241\Sys tem.Drawing.dll
+ 2010-10-12 01:31 . 2010-10-12 01:31 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System .Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f353e 101\System.Drawing.Design.dll
+ 2010-10-12 01:31 . 2010-10-12 01:31 118784 c:\windows\assembly\NativeImages1_v1.1.4322\Custom Marshalers\1.0.5000.0__b03f5f7f11d50a3a_f181e929\C ustomMarshalers.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\Wsa tConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfi g.ni.exe
+ 2011-09-17 20:45 . 2011-09-17 20:45 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\Win dowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961 \WindowsFormsIntegration.ni.dll
+ 2011-07-05 15:04 . 2011-07-05 15:04 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UI AutomationTypes.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationClient\431e918aee8da919f5b9e3a5195ccf93\U IAutomationClient.ni.dll
+ 2011-09-17 21:09 . 2011-09-17 21:09 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\Syst em.Xml.Linq.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\S ystem.Web.Routing.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3 \System.Web.RegularExpressions.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54 \System.Web.Extensions.Design.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Entity\2314ff800782dc85224e69e802a073f7\Sy stem.Web.Entity.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c \System.Web.Entity.Design.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.DynamicD#\c5c96400424b85536443623f96f64581 \System.Web.DynamicData.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Abstract#\5f8e87b47465a038403e73012c6d102a \System.Web.Abstractions.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Transactions\846dd505f97805f00999ee26aec9bf75\ System.Transactions.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceProce#\70a1400affdc775d7c7398e036359286 \System.ServiceProcess.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Security\de9cd25ccb24bcf8a0316756e766721f\Syst em.Security.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9 \System.Runtime.Serialization.Formatters.Soap.ni.d ll
+ 2011-09-17 21:08 . 2011-09-17 21:08 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Ne t.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Management\6e563a58e6fc0117070d5b8fd59e4e1b\Sy stem.Management.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad \System.Management.Instrumentation.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System .IO.Log.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14 \System.IdentityModel.Selectors.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e \System.EnterpriseServices.Wrapper.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e \System.EnterpriseServices.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b \System.Drawing.Design.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\822c996e6ad4901219b7de399a6f78bf \System.DirectoryServices.AccountManagement.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10 \System.DirectoryServices.Protocols.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8 \System.Data.Services.Design.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6 \System.Data.Services.Client.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead \System.Data.Entity.Design.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b \System.Data.DataSetExtensions.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuration\77df2cd21a5b85a1605b335aa9ad9d44 \System.Configuration.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuratio#\585e68739b2a8aff61ee6b2786513245 \System.Configuration.Install.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.AddIn\fbf6ef12d1456058acde29f2640092fb\System. AddIn.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMS vcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost. ni.exe
+ 2011-09-17 21:07 . 2011-09-17 21:07 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMD iagnostics\ca07e9cf488af1290d2340d682574a24\SMDiag nostics.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\Ser viceModelReg\a5aa977dd575a6beb3a416bd480b98a7\Serv iceModelReg.ni.exe
+ 2011-09-17 20:44 . 2011-09-17 20:44 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\f52e48f55258d0a04fbab3a1f93752e9 \PresentationFramework.Classic.ni.dll
+ 2011-09-17 20:44 . 2011-09-17 20:44 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\cf812b99f587ab514afb36fa9d4c1567 \PresentationFramework.Aero.ni.dll
+ 2011-09-17 20:44 . 2011-09-17 20:44 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\b7795999cc67f3a6cec40f5b24005e00 \PresentationFramework.Luna.ni.dll
+ 2011-09-17 20:44 . 2011-09-17 20:44 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\09f5af61ea2af04eb32c04b3091ffc86 \PresentationFramework.Royale.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 900096 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.SystemL#\359964375cbd59cebf5b5248e700980f \PaintDotNet.SystemLayer.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.SystemL#\2447b346de034dfb6df8bddb5d37fe67 \PaintDotNet.SystemLayer.Native.x86.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 388608 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.Resourc#\e083236b043754bb73c6c94cabd3b81f \PaintDotNet.Resources.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 813056 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.Effects\92e7ce899af8113e239c1d816587972e\ PaintDotNet.Effects.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 568832 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.Data\5640218f2347b5a6936cf0ed70339d66\Pai ntDotNet.Data.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.Base\fb5351d952ad079475d47ccf4980327c\Pai ntDotNet.Base.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSB uild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.e xe
+ 2011-09-17 21:07 . 2011-09-17 21:07 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b \Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66 \Microsoft.Build.Utilities.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b \Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b \Microsoft.Build.Engine.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd \Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 547840 c:\windows\assembly\NativeImages_v2.0.50727_32\ICS harpCode.SharpZi#\1e25a95f3506bace6c9475638c730dbb \ICSharpCode.SharpZipLib.ni.dll
+ 2011-07-05 15:38 . 2011-07-05 15:38 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\Cus tomMarshalers\80bd17388778c90f301746ad88700758\Cus tomMarshalers.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\Com SvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcC onfig.ni.exe
+ 2011-09-17 21:06 . 2011-09-17 21:06 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\Asp NetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetM MCExt.ni.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2 .0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2 .0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0 .0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0 .0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess \2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.d ll
+ 2011-09-17 20:42 . 2011-09-17 20:42 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess \2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.d ll
- 2010-09-05 00:19 . 2010-09-05 00:19 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0 .0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0 .0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serial ization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\ System.Runtime.Serialization.Formatters.Soap.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serial ization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\ System.Runtime.Serialization.Formatters.Soap.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoti ng\2.0.0.0__b77a5c561934e089\System.Runtime.Remoti ng.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoti ng\2.0.0.0__b77a5c561934e089\System.Runtime.Remoti ng.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0. 0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0. 0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0 .0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0 .0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0. 0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0. 0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServ ices.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServ ices.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.Dir ectoryServices.Protocols.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServi ces.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.Dir ectoryServices.Protocols.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0 .0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0 .0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2. 0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2. 0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\ 2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\ 2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03 f5f7f11d50a3a\sysglobl.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03 f5f7f11d50a3a\sysglobl.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic \8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.d ll
- 2010-09-05 00:19 . 2010-09-05 00:19 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic \8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.d ll
- 2010-09-05 00:19 . 2010-09-05 00:19 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft .VisualBasic.Compatibility.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft .VisualBasic.Compatibility.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Micr osoft.VisualBasic.Compatibility.Data.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic .Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Micr osoft.VisualBasic.Compatibility.Data.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0 .0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks \2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.d ll
- 2010-09-05 00:19 . 2010-09-05 00:19 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks \2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.d ll
- 2010-09-05 00:19 . 2010-09-05 00:19 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engin e\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine .dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engin e\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine .dll
- 2010-09-05 00:19 . 2010-09-05 00:19 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0_ _b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0_ _b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0 .0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0 .0.0__b77a5c561934e089\System.Transactions.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 113664 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Wrapper.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 113664 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Wrapper.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 258048 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 258048 c:\windows\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 486400 c:\windows\assembly\GAC_32\System.Data.OracleClien t\2.0.0.0__b77a5c561934e089\System.Data.OracleClie nt.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 486400 c:\windows\assembly\GAC_32\System.Data.OracleClien t\2.0.0.0__b77a5c561934e089\System.Data.OracleClie nt.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902 .0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902 .0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSo und\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .DirectSound.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSo und\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .DirectSound.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPl ay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX. DirectPlay.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPl ay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX. DirectPlay.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectIn put\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .DirectInput.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectIn put\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .DirectInput.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDr aw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX. DirectDraw.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDr aw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX. DirectDraw.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D \1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Di rect3D.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D \1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Di rect3D.dll
+ 2010-12-04 01:38 . 2010-12-04 01:38 200704 c:\windows\1C4551A64743409391E41477CD655043.TMP\Wi seCustomCalla.dll
+ 2011-08-15 18:39 . 2008-11-07 22:55 382496 c:\windows\$NtUninstallWdf01009$\spuninst\updspapi .dll
+ 2011-08-15 18:39 . 2008-11-07 22:55 231456 c:\windows\$NtUninstallWdf01009$\spuninst\spuninst .exe
+ 2010-09-22 03:04 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB982802$\spuninst\updspapi .dll
+ 2010-09-22 03:04 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB982802$\spuninst\spuninst .exe
+ 2010-09-22 03:04 . 2009-04-15 15:24 585216 c:\windows\$NtUninstallKB982802$\rpcrt4.dll
+ 2010-10-13 18:07 . 2009-10-15 16:28 119808 c:\windows\$NtUninstallKB982132$\t2embed.dll
+ 2010-10-13 18:07 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB982132$\spuninst\updspapi .dll
+ 2010-10-13 18:07 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB982132$\spuninst\spuninst .exe
+ 2010-10-13 18:05 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB981957$\spuninst\updspapi .dll
+ 2010-10-13 18:05 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB981957$\spuninst\spuninst .exe
+ 2010-09-22 03:04 . 2008-04-14 12:00 406016 c:\windows\$NtUninstallKB981322$\usp10.dll
+ 2010-09-22 03:04 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB981322$\spuninst\updspapi .dll
+ 2010-09-22 03:04 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB981322$\spuninst\spuninst .exe
+ 2010-10-13 18:07 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB979687$\spuninst\updspapi .dll
+ 2010-10-13 18:07 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB979687$\spuninst\spuninst .exe
+ 2010-09-22 03:05 . 2007-07-28 03:11 382840 c:\windows\$NtUninstallKB975558_WM8$\spuninst\upds papi.dll
+ 2010-09-22 03:05 . 2007-07-28 03:11 231288 c:\windows\$NtUninstallKB975558_WM8$\spuninst\spun inst.exe
+ 2010-09-22 03:05 . 2009-04-20 18:22 317440 c:\windows\$NtUninstallKB975558_WM8$\mp4sdecd.dll
+ 2011-03-16 04:45 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971029$\spuninst\updspapi .dll
+ 2011-03-16 04:45 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971029$\spuninst\spuninst .exe
+ 2011-03-16 04:45 . 2008-04-14 12:00 135168 c:\windows\$NtUninstallKB971029$\shsvcs.dll
+ 2011-07-05 14:53 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2544893$\spuninst\updspap i.dll
+ 2011-07-05 14:53 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2544893$\spuninst\spunins t.exe
+ 2011-07-05 14:53 . 2011-03-07 05:31 692736 c:\windows\$NtUninstallKB2544893$\inetcomm.dll
+ 2011-07-05 14:57 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2536276$\spuninst\updspap i.dll
+ 2011-07-05 14:57 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2536276$\spuninst\spunins t.exe
+ 2011-07-05 14:57 . 2011-02-17 13:19 457472 c:\windows\$NtUninstallKB2536276$\mrxsmb.sys
+ 2011-07-05 14:57 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2535512$\spuninst\updspap i.dll
+ 2011-07-05 14:57 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2535512$\spuninst\spunins t.exe
+ 2011-07-05 14:57 . 2009-04-20 18:18 105344 c:\windows\$NtUninstallKB2535512$\mup.sys
+ 2011-05-11 02:38 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2524375$\spuninst\updspap i.dll
+ 2011-05-11 02:38 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2524375$\spuninst\spunins t.exe
+ 2011-05-10 09:11 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2511455$\spuninst\updspap i.dll
+ 2011-05-10 09:11 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2511455$\spuninst\spunins t.exe
+ 2011-05-10 09:11 . 2010-02-24 11:57 457216 c:\windows\$NtUninstallKB2511455$\mrxsmb.sys
+ 2011-05-10 09:11 . 2008-08-25 23:38 361600 c:\windows\$NtUninstallKB2509553$\tcpip.sys
+ 2011-05-10 09:11 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2509553$\spuninst\updspap i.dll
+ 2011-05-10 09:11 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2509553$\spuninst\spunins t.exe
+ 2011-05-10 09:11 . 2009-04-20 18:16 147968 c:\windows\$NtUninstallKB2509553$\dnsapi.dll
+ 2011-05-10 09:12 . 2010-08-26 13:37 357248 c:\windows\$NtUninstallKB2508429$\srv.sys
+ 2011-05-10 09:12 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2508429$\spuninst\updspap i.dll
+ 2011-05-10 09:12 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2508429$\spuninst\spunins t.exe
+ 2011-05-10 09:12 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2508272$\spuninst\updspap i.dll
+ 2011-05-10 09:12 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2508272$\spuninst\spunins t.exe
+ 2011-05-10 09:12 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2507618$\spuninst\updspap i.dll
+ 2011-05-10 09:12 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2507618$\spuninst\spunins t.exe
+ 2011-05-10 09:12 . 2011-01-07 14:09 290048 c:\windows\$NtUninstallKB2507618$\atmfd.dll
+ 2011-05-10 09:15 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2506223$\spuninst\updspap i.dll
+ 2011-05-10 09:15 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2506223$\spuninst\spunins t.exe
+ 2011-05-10 09:11 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2506212$\spuninst\updspap i.dll
+ 2011-05-10 09:11 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2506212$\spuninst\spunins t.exe
+ 2011-05-10 09:11 . 2010-09-18 16:23 974848 c:\windows\$NtUninstallKB2506212$\mfc42u.dll
+ 2011-05-10 09:11 . 2010-09-18 06:53 974848 c:\windows\$NtUninstallKB2506212$\mfc42.dll
+ 2011-07-05 14:57 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2503665$\spuninst\updspap i.dll
+ 2011-07-05 14:57 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2503665$\spuninst\spunins t.exe
+ 2011-07-05 14:57 . 2009-04-20 18:16 138496 c:\windows\$NtUninstallKB2503665$\afd.sys
+ 2011-05-10 09:12 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2503658$\spuninst\updspap i.dll
+ 2011-05-10 09:12 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2503658$\spuninst\spunins t.exe
+ 2011-05-10 09:12 . 2010-06-09 07:41 692736 c:\windows\$NtUninstallKB2503658$\inetcomm.dll
+ 2011-02-11 15:08 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2485376$\spuninst\updspap i.dll
+ 2011-02-11 15:08 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2485376$\spuninst\spunins t.exe
+ 2011-02-11 15:08 . 2010-09-01 11:48 285824 c:\windows\$NtUninstallKB2485376$\atmfd.dll
+ 2011-02-11 15:06 . 2010-07-05 23:46 382840 c:\windows\$NtUninstallKB2483185$\spuninst\updspap i.dll
+ 2011-02-11 15:06 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2483185$\spuninst\spunins t.exe
+ 2011-02-11 15:06 . 2008-04-14 12:00 438272 c:\windows\$NtUninstallKB2483185$\shimgvw.dll
+ 2011-03-16 04:46 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2479943$\spuninst\updspap i.dll
+ 2011-03-16 04:46 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2479943$\spuninst\spunins t.exe
+ 2011-03-16 04:46 . 2008-04-14 12:00 270848 c:\windows\$NtUninstallKB2479943$\sbe.dll
+ 2011-03-16 04:46 . 2008-04-14 12:00 186880 c:\windows\$NtUninstallKB2479943$\encdec.dll
+ 2011-02-11 15:07 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2479628$\spuninst\updspap i.dll
+ 2011-02-11 15:07 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2479628$\spuninst\spunins t.exe
+ 2011-02-11 15:08 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2478971$\spuninst\updspap i.dll
+ 2011-02-11 15:08 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2478971$\spuninst\spunins t.exe
+ 2011-02-11 15:08 . 2009-06-25 08:41 301568 c:\windows\$NtUninstallKB2478971$\kerberos.dll
+ 2011-02-11 15:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2478960$\spuninst\updspap i.dll
+ 2011-02-11 15:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2478960$\spuninst\spunins t.exe
+ 2011-02-11 15:04 . 2009-06-26 19:11 730112 c:\windows\$NtUninstallKB2478960$\lsasrv.dll
+ 2011-02-11 15:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2476687$\spuninst\updspap i.dll
+ 2011-02-11 15:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2476687$\spuninst\spunins t.exe
+ 2011-07-05 14:57 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2476490$\spuninst\updspap i.dll
+ 2011-07-05 14:57 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2476490$\spuninst\spunins t.exe
+ 2011-07-05 14:57 . 2008-04-14 12:00 551936 c:\windows\$NtUninstallKB2476490$\oleaut32.dll
+ 2011-02-11 15:06 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2443685$\spuninst\updspap i.dll
+ 2011-02-11 15:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2443685$\spuninst\spunins t.exe
+ 2011-02-11 15:08 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2443105$\spuninst\updspap i.dll
+ 2011-02-11 15:08 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2443105$\spuninst\spunins t.exe
+ 2011-02-11 15:08 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2440591$\spuninst\updspap i.dll
+ 2011-02-11 15:08 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2440591$\spuninst\spunins t.exe
+ 2011-02-11 15:04 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2419632$\spuninst\updspap i.dll
+ 2011-02-11 15:04 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2419632$\spuninst\spunins t.exe
+ 2011-02-11 15:04 . 2009-04-20 18:18 249856 c:\windows\$NtUninstallKB2419632$\odbc32.dll
+ 2011-02-11 15:04 . 2008-04-14 12:00 102400 c:\windows\$NtUninstallKB2419632$\msjro.dll
+ 2011-02-11 15:04 . 2008-04-14 12:00 200704 c:\windows\$NtUninstallKB2419632$\msadox.dll
+ 2011-02-11 15:04 . 2008-04-14 12:00 180224 c:\windows\$NtUninstallKB2419632$\msadomd.dll
+ 2011-02-11 15:04 . 2009-04-20 18:17 536576 c:\windows\$NtUninstallKB2419632$\msado15.dll
+ 2011-02-11 15:04 . 2008-04-14 12:00 143360 c:\windows\$NtUninstallKB2419632$\msadco.dll
+ 2011-05-10 09:15 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2412687$\spuninst\updspap i.dll
+ 2011-05-10 09:15 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2412687$\spuninst\spunins t.exe
+ 2011-02-11 15:04 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2393802$\spuninst\updspap i.dll
+ 2011-02-11 15:04 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2393802$\spuninst\spunins t.exe
+ 2011-02-11 15:04 . 2009-02-09 10:56 715264 c:\windows\$NtUninstallKB2393802$\ntdll.dll
+ 2010-10-13 18:08 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2387149$\spuninst\updspap i.dll
+ 2010-10-13 18:08 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2387149$\spuninst\spunins t.exe
+ 2010-10-13 18:08 . 2008-04-14 12:00 981760 c:\windows\$NtUninstallKB2387149$\mfc42u.dll
+ 2010-10-13 18:08 . 2008-04-14 12:00 927504 c:\windows\$NtUninstallKB2387149$\mfc40u.dll
+ 2010-10-13 18:08 . 2008-04-14 12:00 924432 c:\windows\$NtUninstallKB2387149$\mfc40.dll
+ 2010-10-13 18:07 . 2007-07-28 03:11 382840 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\upd spapi.dll
+ 2010-10-13 18:07 . 2007-07-28 03:11 231288 c:\windows\$NtUninstallKB2378111_WM9$\spuninst\spu ninst.exe
+ 2010-10-13 18:05 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2360937$\spuninst\updspap i.dll
+ 2010-10-13 18:05 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2360937$\spuninst\spunins t.exe
+ 2010-10-13 18:05 . 2010-07-23 06:13 590848 c:\windows\$NtUninstallKB2360937$\rpcrt4.dll
+ 2010-09-22 03:05 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB2347290$\spuninst\updspap i.dll
+ 2010-09-22 03:05 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB2347290$\spuninst\spunins t.exe
+ 2010-10-13 18:07 . 2010-06-21 14:18 354304 c:\windows\$NtUninstallKB2345886$\srv.sys
+ 2010-10-13 18:07 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2345886$\spuninst\updspap i.dll
+ 2010-10-13 18:07 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2345886$\spuninst\spunins t.exe
+ 2010-10-13 18:07 . 2009-05-26 09:01 382840 c:\windows\$NtUninstallKB2296011$\spuninst\updspap i.dll
+ 2010-10-13 18:07 . 2009-05-26 09:01 231288 c:\windows\$NtUninstallKB2296011$\spuninst\spunins t.exe
+ 2010-10-13 18:07 . 2008-04-14 12:00 617472 c:\windows\$NtUninstallKB2296011$\comctl32.dll
+ 2010-10-13 18:08 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2279986$\spuninst\updspap i.dll
+ 2010-10-13 18:08 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2279986$\spuninst\spunins t.exe
+ 2010-10-13 18:08 . 2010-04-20 05:37 285824 c:\windows\$NtUninstallKB2279986$\atmfd.dll
+ 2010-09-29 16:22 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2158563$\spuninst\updspap i.dll
+ 2010-09-29 16:22 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2158563$\spuninst\spunins t.exe
+ 2010-09-22 03:03 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2141007$\spuninst\updspap i.dll
+ 2010-09-22 03:03 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2141007$\spuninst\spunins t.exe
+ 2010-09-22 03:03 . 2010-01-29 14:53 691712 c:\windows\$NtUninstallKB2141007$\inetcomm.dll
+ 2010-09-22 03:05 . 2009-04-20 18:19 293376 c:\windows\$NtUninstallKB2121546$\winsrv.dll
+ 2010-09-22 03:05 . 2010-02-22 14:23 382840 c:\windows\$NtUninstallKB2121546$\spuninst\updspap i.dll
+ 2010-09-22 03:05 . 2010-02-22 14:23 231288 c:\windows\$NtUninstallKB2121546$\spuninst\spunins t.exe
+ 2010-10-13 18:07 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB982132\update\updspapi.dll
+ 2010-10-13 18:07 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB982132\update\update.exe
+ 2010-10-13 18:07 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB982132\spuninst.exe
+ 2010-10-13 18:04 . 2010-08-27 08:01 119808 c:\windows\$hf_mig$\KB982132\SP3QFE\t2embed.dll
+ 2010-09-22 03:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB981322\update\updspapi.dll
+ 2010-09-22 03:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB981322\update\update.exe
+ 2010-09-22 03:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB981322\spuninst.exe
+ 2010-09-15 12:50 . 2010-04-16 15:29 406016 c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
+ 2011-03-16 04:45 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971029\update\updspapi.dll
+ 2011-03-16 04:45 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB971029\update\update.exe
+ 2011-03-16 04:45 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971029\spuninst.exe
+ 2011-03-11 17:08 . 2009-07-27 22:13 135168 c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
+ 2011-07-05 14:50 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2544521-IE8\update\updspapi.dll
+ 2011-07-05 14:50 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2544521-IE8\update\update.exe
+ 2011-07-05 14:50 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2544521-IE8\spuninst.exe
+ 2011-06-28 16:24 . 2011-04-30 02:59 758784 c:\windows\$hf_mig$\KB2544521-IE8\SP3QFE\vgx.dll
+ 2011-07-05 14:56 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2530548-IE8\update\updspapi.dll
+ 2011-07-05 14:56 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2530548-IE8\update\update.exe
+ 2011-07-05 14:56 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2530548-IE8\spuninst.exe
+ 2011-06-28 16:26 . 2011-04-25 16:09 919552 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 206848 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\occache.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 611840 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mstime.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 602112 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeeds.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 247808 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieproxy.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 184320 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iepeers.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 743424 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedvtool.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 387584 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedkcs32.dll
+ 2011-06-28 16:26 . 2011-04-25 11:37 173568 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ie4uinit.exe
+ 2011-05-11 02:38 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2524375\update\updspapi.dll
+ 2011-05-11 02:38 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2524375\update\update.exe
+ 2011-05-11 02:38 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2524375\spuninst.exe
+ 2011-05-10 09:11 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2510531-IE8\update\updspapi.dll
+ 2011-05-10 09:11 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2510531-IE8\update\update.exe
+ 2011-05-10 09:11 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2510531-IE8\spuninst.exe
+ 2011-04-26 06:06 . 2011-03-04 06:35 420864 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\vbscript.dll
+ 2011-04-26 06:06 . 2011-03-04 06:35 726528 c:\windows\$hf_mig$\KB2510531-IE8\SP3QFE\jscript.dll
+ 2011-05-10 09:12 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2508272\update\updspapi.dll
+ 2011-05-10 09:12 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2508272\update\update.exe
+ 2011-05-10 09:12 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2508272\spuninst.exe
+ 2011-05-10 09:11 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2506212\update\updspapi.dll
+ 2011-05-10 09:11 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2506212\update\update.exe
+ 2011-05-10 09:11 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2506212\spuninst.exe
+ 2011-04-26 06:11 . 2011-02-08 13:32 974848 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42u.dll
+ 2011-04-26 06:11 . 2011-02-08 13:32 978944 c:\windows\$hf_mig$\KB2506212\SP3QFE\mfc42.dll
+ 2011-05-10 09:15 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2497640-IE8\update\updspapi.dll
+ 2011-05-10 09:15 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2497640-IE8\update\update.exe
+ 2011-05-10 09:15 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2497640-IE8\spuninst.exe
+ 2011-04-26 06:10 . 2011-02-22 23:27 919552 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 206848 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\occache.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 611840 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mstime.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 602112 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\msfeeds.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 247808 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieproxy.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 184320 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iepeers.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 743424 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedvtool.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 387584 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iedkcs32.dll
+ 2011-04-26 06:10 . 2011-02-22 12:08 173568 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ie4uinit.exe
+ 2011-02-11 15:05 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2482017-IE8\update\updspapi.dll
+ 2011-02-11 15:05 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2482017-IE8\update\update.exe
+ 2011-02-11 15:05 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2482017-IE8\spuninst.exe
+ 2011-02-10 02:24 . 2010-12-20 23:58 919552 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 206848 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\occache.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 611840 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mstime.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 602112 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\msfeeds.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 247808 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieproxy.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 184320 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iepeers.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 743424 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iedvtool.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 387584 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iedkcs32.dll
+ 2011-02-10 02:24 . 2010-12-20 12:48 173568 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ie4uinit.exe
+ 2011-03-16 04:46 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-16 04:46 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-16 04:46 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-03-11 02:56 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-03-11 02:56 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2011-02-11 15:04 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476687\update\updspapi.dll
+ 2011-02-11 15:04 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476687\update\update.exe
+ 2011-02-11 15:04 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476687\spuninst.exe
+ 2011-07-05 14:57 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll
+ 2011-07-05 14:57 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2476490\update\update.exe
+ 2011-07-05 14:57 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2476490\spuninst.exe
+ 2011-06-28 16:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll
+ 2011-02-11 15:08 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2443105\update\updspapi.dll
+ 2011-02-11 15:08 . 2010-02-22 14:23 755576 c:\windows\$hf_mig$\KB2443105\update\update.exe
+ 2011-02-11 15:08 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2443105\spuninst.exe
+ 2011-02-11 15:08 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2440591\update\updspapi.dll
+ 2011-02-11 15:08 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2440591\update\update.exe
+ 2011-02-11 15:08 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2440591\spuninst.exe
+ 2010-10-13 18:08 . 2010-02-22 14:23 382840 c:\windows\$hf_mig$\KB2387149\update\updspapi.dll
+ 2010-10-13 18:08 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2387149\update\update.exe
+ 2010-10-13 18:08 . 2010-02-22 14:23 231288 c:\windows\$hf_mig$\KB2387149\spuninst.exe
+ 2010-10-13 18:04 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42u.dll
+ 2010-10-13 18:04 . 2010-09-18 07:18 974848 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc42.dll
+ 2010-10-13 18:04 . 2010-09-18 07:18 953856 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
+ 2010-10-13 18:04 . 2010-09-18 07:18 954368 c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40.dll
+ 2010-10-13 18:07 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2360131-IE8\update\updspapi.dll
+ 2010-10-13 18:07 . 2009-05-26 09:01 755576 c:\windows\$hf_mig$\KB2360131-IE8\update\update.exe
+ 2010-10-13 18:07 . 2009-05-26 09:01 231288 c:\windows\$hf_mig$\KB2360131-IE8\spuninst.exe
+ 2010-10-13 18:03 . 2010-09-10 05:57 919552 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 206848 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\occache.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 611840 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mstime.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 602112 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\msfeeds.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 247808 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieproxy.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 184320 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iepeers.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 743424 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iedvtool.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 387584 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iedkcs32.dll
+ 2010-10-13 18:03 . 2010-09-08 15:48 173056 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ie4uinit.exe
+ 2010-09-22 03:05 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB2347290\update\updspapi.dll
+ 2010-09-22 03:05 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB2347290\update\update.exe
+ 2010-09-22 03:05 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB2347290\spuninst.exe
+ 2011-04-26 06:08 . 2010-10-23 00:51 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_65 95b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2010-10-13 18:04 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
+ 2011-04-19 02:51 . 2011-04-19 02:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-12 04:02 . 2009-07-12 04:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2011-05-14 00:04 . 2011-05-14 00:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
+ 2011-05-14 00:04 . 2011-05-14 00:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
+ 2009-07-12 01:46 . 2009-07-12 01:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-12 01:46 . 2009-07-12 01:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2009-04-20 18:19 . 2011-06-02 14:07 1867904 c:\windows\system32\win32k.sys
+ 2008-08-09 12:30 . 2008-08-09 12:30 1003520 c:\windows\system32\vsfilter.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 1003520 c:\windows\system32\vscodecpack_173\general\Filter s\vsfilter.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 1076707 c:\windows\system32\vscodecpack_173\general\ffdsho w\ffmpegmt.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 3867314 c:\windows\system32\vscodecpack_173\general\ffdsho w\ffmpeg.dll
+ 2011-03-29 08:00 . 2011-03-29 08:00 1557504 c:\windows\system32\vscodecpack_173\general\ffdsho w\ff_samplerate.dll
+ 2009-04-20 18:18 . 2011-06-23 18:36 1212416 c:\windows\system32\urlmon.dll
+ 2009-04-20 18:18 . 2011-01-21 14:42 8463360 c:\windows\system32\shell32.dll
- 2009-04-20 18:18 . 2010-07-27 06:28 8463360 c:\windows\system32\shell32.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 2981888 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvwssr.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 2686976 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvwss.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 4149248 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvvitvsr.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 3764224 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvvitvs.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 8826880 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvoglnt.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 2854912 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvmoblsr.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 1257472 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvmobls.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 3457024 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvgamesr.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 3444736 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvgames.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 5799936 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvdispsr.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 3989504 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvdisps.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 1368064 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvcuda.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 6133856 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nv4_mini.sys
+ 2011-05-11 03:16 . 2008-10-07 18:33 6058112 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nv4_disp.dll
+ 2009-04-20 18:18 . 2010-07-16 12:04 1289216 c:\windows\system32\ole32.dll
+ 2010-01-05 19:03 . 2011-05-25 06:09 2808936 c:\windows\system32\nvcuvid.dll
+ 2010-01-05 19:03 . 2011-05-25 06:09 2082408 c:\windows\system32\nvcuvenc.dll
+ 2009-06-26 03:27 . 2011-05-25 06:09 5332992 c:\windows\system32\nvcuda.dll
+ 2009-06-26 03:27 . 2011-05-25 06:09 2328576 c:\windows\system32\nvapi.dll
+ 2009-06-26 03:27 . 2011-05-25 06:09 4198272 c:\windows\system32\nv4_disp.dll
+ 2009-04-20 18:18 . 2010-12-09 13:47 2148864 c:\windows\system32\ntoskrnl.exe
+ 2009-02-06 10:30 . 2010-12-09 13:09 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2009-04-20 18:18 . 2011-07-25 15:17 5969920 c:\windows\system32\mshtml.dll
+ 2009-10-28 03:40 . 2011-09-24 21:09 6277280 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-04-20 18:21 . 2011-06-23 18:36 1991680 c:\windows\system32\iertutil.dll
+ 2011-08-15 18:40 . 2011-08-01 19:56 1461992 c:\windows\system32\DRVSTORE\point32_F3A4C20ECDA4E 2F8AC61BB0104098F5E3A155AB4\wdfcoinstaller01009.dl l
+ 2011-08-15 18:39 . 2011-08-01 19:56 1461992 c:\windows\system32\DRVSTORE\nuidfltr_E43E90E372F0 A2F8BC202108BA821FE6CFC086E0\wdfcoinstaller01009.d ll
+ 2011-08-20 04:08 . 2009-06-01 22:23 1421736 c:\windows\system32\DRVSTORE\nuidfltr_4E0E8EE59F9D AE2041109D0574E5E84EF08156B8\wdfcoinstaller01005.d ll
+ 2011-08-15 18:39 . 2011-08-01 19:56 1461992 c:\windows\system32\DRVSTORE\dc3du_39E47C72985BACB 24FE918E6F37284425E557DA1\WdfCoInstaller01009.dll
+ 2011-08-15 18:39 . 2011-08-01 19:56 1461992 c:\windows\system32\DRVSTORE\dc3dh_5AAC9D9A8E42927 AFEBA0780EF6036EE556BE709\WdfCoInstaller01009.dll
+ 2009-04-17 20:20 . 2011-06-02 14:07 1867904 c:\windows\system32\dllcache\win32k.sys
+ 2009-06-26 18:04 . 2011-06-23 18:36 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2010-09-04 00:21 . 2010-07-27 06:28 8463360 c:\windows\system32\dllcache\shell32.dll
+ 2010-09-04 00:21 . 2011-01-21 14:42 8463360 c:\windows\system32\dllcache\shell32.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 1798144 c:\windows\system32\dllcache\qedit.dll
+ 2010-10-13 18:04 . 2010-07-16 12:04 1289216 c:\windows\system32\dllcache\ole32.dll
+ 2009-06-26 03:27 . 2011-05-25 06:09 4198272 c:\windows\system32\dllcache\nv4_disp.dll
+ 2009-10-14 03:14 . 2010-12-09 13:43 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-10-14 03:14 . 2010-12-09 13:09 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-08-04 22:47 . 2010-12-09 23:39 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-10-14 03:14 . 2010-12-09 13:47 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2010-11-25 15:35 . 2004-07-09 09:26 1230336 c:\windows\system32\dllcache\msvidctl.dll
+ 2009-06-26 18:04 . 2011-07-25 15:17 5969920 c:\windows\system32\dllcache\mshtml.dll
+ 2009-06-26 18:04 . 2011-06-23 18:36 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2010-11-25 15:35 . 2003-05-30 14:00 1189888 c:\windows\system32\dllcache\dx8vb.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 1294336 c:\windows\system32\dllcache\dsound3d.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 1201152 c:\windows\system32\dllcache\d3d8.dll
+ 2011-05-10 07:45 . 2009-09-04 21:29 1892184 c:\windows\system32\D3DX9_42.dll
+ 2011-05-10 07:45 . 2009-09-04 21:29 5501792 c:\windows\system32\d3dcsx_42.dll
+ 2011-05-10 07:45 . 2009-09-04 21:29 1974616 c:\windows\system32\D3DCompiler_42.dll
+ 2010-11-25 15:35 . 2004-07-09 09:26 1230336 c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msvidctl.dll
+ 2010-11-25 15:35 . 2003-05-30 14:00 1962496 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\quartz.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 1798144 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedit.dll
+ 2010-11-25 15:35 . 2003-05-30 14:00 1189888 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx8vb.dll
+ 2010-11-25 15:35 . 2002-12-12 05:14 1294336 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound3d.dll
+ 2010-11-25 15:35 . 2004-07-09 09:27 1201152 c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8.dll
- 2008-07-25 15:17 . 2008-07-25 15:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Windows.Forms.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Windows.Forms.dll
- 2010-03-23 09:32 . 2010-03-23 09:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Web.dll
+ 2010-09-22 13:44 . 2010-09-22 13:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.Web.dll
+ 2011-04-29 01:50 . 2011-04-29 01:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.dll
- 2010-03-23 09:32 . 2010-03-23 09:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Syst em.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rwks.dll
- 2010-05-11 10:40 . 2010-05-11 10:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rlib.dll
+ 2011-03-25 10:15 . 2011-03-25 10:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\msco rlib.dll
- 2010-04-01 15:42 . 2010-04-01 15:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.Web.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.Web.dll
- 2010-04-01 15:42 . 2010-04-01 15:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Syste m.dll
+ 2010-09-23 06:26 . 2010-09-23 06:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor wks.dll
- 2010-03-31 18:50 . 2010-03-31 18:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor wks.dll
+ 2010-09-23 06:25 . 2010-09-23 06:25 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor svr.dll
- 2010-04-01 15:42 . 2010-04-01 15:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor lib.dll
+ 2010-09-23 19:55 . 2010-09-23 19:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscor lib.dll
- 2009-06-28 23:27 . 2004-12-01 19:53 2846720 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-28 23:27 . 2004-12-01 20:53 2846720 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
- 2009-06-28 23:27 . 2004-09-29 16:38 2676224 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-28 23:27 . 2004-09-29 17:38 2676224 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-15 18:40 . 2011-08-15 18:40 1415680 c:\windows\Installer\f73bc42.msi
+ 2010-11-08 07:14 . 2010-11-08 07:14 3402752 c:\windows\Installer\e10974.msp
+ 2011-08-29 17:04 . 2011-08-29 17:04 1241088 c:\windows\Installer\c52e27e.msi
+ 2011-08-29 17:04 . 2011-08-29 17:04 1527808 c:\windows\Installer\c52e278.msi
+ 2011-09-07 23:36 . 2011-09-07 23:36 6069248 c:\windows\Installer\9332c65.msp
+ 2010-09-23 11:39 . 2010-09-23 11:39 4265472 c:\windows\Installer\7e84a82.msp
+ 2011-08-20 04:08 . 2011-08-20 04:08 1351168 c:\windows\Installer\7d6185.msi
+ 2011-05-10 05:39 . 2011-05-10 05:39 1065984 c:\windows\Installer\6ca7fbc.msi
+ 2011-05-02 04:06 . 2011-05-02 04:06 2705920 c:\windows\Installer\6828bda.msp
+ 2011-01-19 03:36 . 2011-01-19 03:36 2687488 c:\windows\Installer\60ebf.msp
+ 2010-09-30 00:02 . 2010-09-30 00:02 9472000 c:\windows\Installer\5ff82b4.msi
+ 2011-06-02 06:11 . 2011-06-02 06:11 1604096 c:\windows\Installer\5a496c4.msi
+ 2010-10-13 16:19 . 2010-10-13 16:19 3940864 c:\windows\Installer\2b732d.msi
+ 2010-09-22 22:05 . 2010-09-22 22:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\rt3d.dll
+ 2010-09-16 07:08 . 2010-09-16 07:08 6210560 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\authplay.dll
+ 2010-06-19 21:51 . 2010-06-19 21:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\AGM.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-09-17 20:40 . 2011-05-30 22:19 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
+ 2011-09-17 20:40 . 2011-04-25 16:11 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 1210880 c:\windows\ie8updates\KB2530548-IE8\urlmon.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 5962240 c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 1991680 c:\windows\ie8updates\KB2530548-IE8\iertutil.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 1210880 c:\windows\ie8updates\KB2497640-IE8\urlmon.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 5961216 c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
+ 2011-05-10 09:15 . 2010-12-20 23:59 1991680 c:\windows\ie8updates\KB2497640-IE8\iertutil.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 1210880 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 5957120 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 1986560 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll
+ 2010-10-13 18:07 . 2010-06-24 12:22 1210368 c:\windows\ie8updates\KB2360131-IE8\urlmon.dll
+ 2010-10-13 18:07 . 2010-06-24 12:22 5951488 c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
+ 2010-10-13 18:07 . 2010-06-24 12:21 1986560 c:\windows\ie8updates\KB2360131-IE8\iertutil.dll
+ 2009-10-14 03:14 . 2010-12-09 13:43 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-10-14 03:14 . 2010-12-09 13:09 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-08-04 22:47 . 2010-12-09 23:39 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-10-14 03:14 . 2010-12-09 13:47 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-10-12 01:31 . 2010-10-12 01:31 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System \1.0.5000.0__b77a5c561934e089_6b0975bc\System.dll
+ 2010-10-12 01:30 . 2010-10-12 01:30 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System \1.0.5000.0__b77a5c561934e089_5c7dbfaa\System.dll
+ 2010-10-12 01:30 . 2010-10-12 01:30 2117632 c:\windows\assembly\NativeImages1_v1.1.4322\System .Xml\1.0.5000.0__b77a5c561934e089_d4369b8d\System. Xml.dll
+ 2010-10-12 01:31 . 2010-10-12 01:31 5644288 c:\windows\assembly\NativeImages1_v1.1.4322\System .Xml\1.0.5000.0__b77a5c561934e089_45cb40c6\System. Xml.dll
+ 2010-10-12 01:31 . 2010-10-12 01:31 7905280 c:\windows\assembly\NativeImages1_v1.1.4322\System .Windows.Forms\1.0.5000.0__b77a5c561934e089_e3fab7 7f\System.Windows.Forms.dll
+ 2010-10-12 01:30 . 2010-10-12 01:30 3026944 c:\windows\assembly\NativeImages1_v1.1.4322\System .Windows.Forms\1.0.5000.0__b77a5c561934e089_665cb3 db\System.Windows.Forms.dll
+ 2010-10-12 01:31 . 2010-10-12 01:31 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System .Drawing\1.0.5000.0__b03f5f7f11d50a3a_8c419c32\Sys tem.Drawing.dll
+ 2010-10-12 01:30 . 2010-10-12 01:30 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System .Design\1.0.5000.0__b03f5f7f11d50a3a_b593f441\Syst em.Design.dll
+ 2010-10-12 01:31 . 2010-10-12 01:31 3403776 c:\windows\assembly\NativeImages1_v1.1.4322\System .Design\1.0.5000.0__b03f5f7f11d50a3a_207d3b77\Syst em.Design.dll
+ 2010-10-12 01:31 . 2010-10-12 01:31 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorl ib\1.0.5000.0__b77a5c561934e089_794c5eb4\mscorlib. dll
+ 2010-10-12 01:30 . 2010-10-12 01:30 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorl ib\1.0.5000.0__b77a5c561934e089_16d0515a\mscorlib. dll
+ 2011-09-17 20:44 . 2011-09-17 20:44 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\Win dowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsB ase.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIA utomationClients#\162600dde59fbaa0c048a949158ecba3 \UIAutomationClientsideProviders.ni.dll
+ 2011-09-17 20:43 . 2011-09-17 20:43 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xm l.ni.dll
+ 2011-09-17 21:09 . 2011-09-17 21:09 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.WorkflowServ#\22229a30650a9afbac984e1093898b13 \System.WorkflowServices.ni.dll
+ 2011-09-17 21:09 . 2011-09-17 21:09 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a \System.Workflow.Runtime.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e \System.Workflow.ComponentModel.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Workflow.Act#\ab4b50c7c789e46a485903365765fde8 \System.Workflow.Activities.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Services\a2392c995b1bb6b63079091259222357\ System.Web.Services.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\Sy stem.Web.Mobile.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1 \System.Web.Extensions.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Speech\e1208f0d981c420fc59f806bfbaa713b\System .Speech.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69 \System.ServiceModel.Web.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32 \System.Runtime.Serialization.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Printing\90b444d02047ef27921153d46967ef0e\Syst em.Printing.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc \System.IdentityModel.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing\7ed09623172a292eaee51e2e3bcaf784\Syste m.Drawing.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1 \System.DirectoryServices.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\Sy stem.Deployment.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data\db2d84e279807592a680ef4135e9fe9a\System.D ata.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\S ystem.Data.SqlXml.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Services\c1b9b8ce390548dcca661a5e6a908408 \System.Data.Services.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Linq\571af34939797a7c1cd05b0b925a45bf\Sys tem.Data.Linq.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Data.Entity\2b58cc071d6bf0c741e91f86c09de5d7\S ystem.Data.Entity.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Core\e54e013315849f5e34d8f2a8e7fdb450\System.C ore.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\Rea chFramework\24ab0cacc77e8696ceff3157942a2de4\Reach Framework.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationUI\fac1ca86f4fea17de40d7fdaba38563e\Prese ntationUI.ni.dll
+ 2011-09-17 20:43 . 2011-09-17 20:43 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationBuildTa#\b187becbc388c4ce7f33ede4da76e7b1 \PresentationBuildTasks.ni.dll
+ 2011-09-17 21:06 . 2011-09-17 21:06 3192832 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet\2b62afd29286711f88d12defd79a667c\PaintDot Net.ni.exe
+ 2011-09-17 21:06 . 2011-09-17 21:06 1850880 c:\windows\assembly\NativeImages_v2.0.50727_32\Pai ntDotNet.Core\bd787cb864d5f5b726e61af6413af823\Pai ntDotNet.Core.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.VisualBas#\c6b19db2534042d435ede580f92bc75c \Microsoft.VisualBasic.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984 \Microsoft.Transactions.Bridge.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.JScript\345abd035c9378667b1cac54c1f21c97\Mi crosoft.JScript.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13 \Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2 \Microsoft.Build.Tasks.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Mic rosoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5 \Microsoft.Build.Engine.ni.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5 c561934e089\System.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5 c561934e089\System.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b 77a5c561934e089\System.XML.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b 77a5c561934e089\System.XML.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\ 2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\ 2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-06-26 01:13 . 2009-06-26 01:13 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions \3.5.0.0__31bf3856ad364e35\System.Web.Extensions.d ll
+ 2010-10-12 01:33 . 2010-10-12 01:33 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions \3.5.0.0__31bf3856ad364e35\System.Web.Extensions.d ll
+ 2011-09-17 20:42 . 2011-09-17 20:42 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0 __b03f5f7f11d50a3a\System.Design.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0 __b03f5f7f11d50a3a\System.Design.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03 f5f7f11d50a3a\System.Web.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03 f5f7f11d50a3a\System.Web.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b7 7a5c561934e089\System.Data.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b7 7a5c561934e089\System.Data.dll
- 2010-09-05 00:19 . 2010-09-05 00:19 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5 c561934e089\mscorlib.dll
+ 2011-09-17 20:42 . 2011-09-17 20:42 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5 c561934e089\mscorlib.dll
+ 2011-05-10 07:44 . 2011-05-10 07:44 1034752 c:\windows\assembly\GAC_32\Microsoft.Xna.Framework \3.1.0.0__6d5c3888ef60e27d\Microsoft.Xna.Framework .dll
- 2010-06-22 18:34 . 2010-06-22 18:34 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c5 61934e089\System.dll
+ 2010-10-12 01:30 . 2010-10-12 01:30 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c5 61934e089\System.dll
+ 2010-10-12 01:30 . 2010-10-12 01:30 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03 f5f7f11d50a3a\System.Web.dll
- 2010-06-22 18:34 . 2010-06-22 18:34 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03 f5f7f11d50a3a\System.Web.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
- 2009-06-28 23:27 . 2009-06-28 23:27 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2011-08-28 06:37 . 2011-08-28 06:37 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D X\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
+ 2010-10-13 18:05 . 2010-06-24 02:14 1861120 c:\windows\$NtUninstallKB981957$\win32k.sys
+ 2010-10-13 18:07 . 2009-04-20 18:18 1288704 c:\windows\$NtUninstallKB979687$\ole32.dll
+ 2011-05-10 09:15 . 2010-12-31 13:14 1864064 c:\windows\$NtUninstallKB2506223$\win32k.sys
+ 2011-02-11 15:06 . 2010-07-27 06:28 8463360 c:\windows\$NtUninstallKB2483185$\shell32.dll
+ 2011-02-11 15:07 . 2010-08-31 13:38 1861888 c:\windows\$NtUninstallKB2479628$\win32k.sys
+ 2011-02-11 15:04 . 2010-04-27 13:54 2146304 c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
+ 2011-02-11 15:04 . 2010-04-27 13:14 2024448 c:\windows\$NtUninstallKB2393802$\ntkrpamp.exe
+ 2011-02-11 15:04 . 2010-04-27 13:14 2024448 c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
+ 2011-02-11 15:04 . 2010-04-27 13:54 2146304 c:\windows\$NtUninstallKB2393802$\ntkrnlmp.exe
+ 2010-10-13 18:08 . 2008-04-14 12:00 1028096 c:\windows\$NtUninstallKB2387149$\mfc42.dll
+ 2011-03-11 17:08 . 2009-07-27 22:13 8462848 c:\windows\$hf_mig$\KB971029\SP3QFE\shell32.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 1213952 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\urlmon.dll
+ 2011-06-28 16:26 . 2011-05-30 22:17 5967360 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 1992192 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iertutil.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 1212928 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\urlmon.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 5964800 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
+ 2011-04-26 06:10 . 2011-02-22 23:27 1992192 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\iertutil.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 1211904 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\urlmon.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 5962240 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 1992192 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\iertutil.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 1211904 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\urlmon.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 5958656 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
+ 2010-10-13 18:03 . 2010-09-10 05:57 1987072 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\iertutil.dll
- 2009-04-20 18:19 . 2009-07-14 03:43 10841088 c:\windows\system32\wmp.dll
+ 2009-04-20 18:19 . 2010-08-26 03:36 10841088 c:\windows\system32\wmp.dll
+ 2011-05-11 03:16 . 2008-10-07 18:33 13574144 c:\windows\system32\ReinstallBackups\0024\DriverFi les\nvcpl.dll
+ 2009-06-26 03:27 . 2011-05-25 06:09 16068608 c:\windows\system32\nvoglnt.dll
+ 2011-06-02 06:11 . 2011-05-25 06:09 13895272 c:\windows\system32\nvcpl.dll
+ 2010-01-05 19:03 . 2011-05-25 06:09 13004800 c:\windows\system32\nvcompiler.dll
+ 2009-04-20 18:22 . 2011-09-06 17:58 46249416 c:\windows\system32\MRT.exe
+ 2009-04-20 18:21 . 2011-06-23 18:36 11081728 c:\windows\system32\ieframe.dll
+ 2009-06-26 03:27 . 2011-05-25 06:09 12753664 c:\windows\system32\drivers\nv4_mini.sys
+ 2009-07-14 03:43 . 2010-08-26 03:36 10841088 c:\windows\system32\dllcache\wmp.dll
- 2009-07-14 03:43 . 2009-07-14 03:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-06-26 03:27 . 2011-05-25 06:09 12753664 c:\windows\system32\dllcache\nv4_mini.sys
+ 2009-06-26 18:04 . 2011-06-23 18:36 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2010-09-24 18:08 . 2010-09-24 18:08 11430400 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updat es\M2416447\M2416447Uninstall.msp
+ 2011-02-11 15:07 . 2011-02-11 15:07 20304384 c:\windows\Installer\7ec54e8.msp
+ 2010-10-12 01:29 . 2010-10-12 01:29 17518080 c:\windows\Installer\7e84a78.msp
+ 2011-03-28 07:27 . 2011-03-28 07:27 15456256 c:\windows\Installer\60ed7.msp
+ 2011-07-05 14:57 . 2011-07-05 14:57 20333056 c:\windows\Installer\60ecb.msp
+ 2011-06-08 04:39 . 2011-06-08 04:39 19798016 c:\windows\Installer\4d230.msp
+ 2010-09-29 16:23 . 2010-09-29 16:23 20303872 c:\windows\Installer\45b6898.msp
+ 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\2314e91c.msp
+ 2011-03-11 02:53 . 2011-03-11 02:53 20308992 c:\windows\Installer\21f97b5.msp
+ 2011-05-10 09:16 . 2011-05-10 09:16 20314624 c:\windows\Installer\1d039a.msp
+ 2011-02-12 00:47 . 2011-02-12 00:47 12028928 c:\windows\Installer\1d0387.msp
+ 2010-09-23 07:03 . 2010-09-23 07:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA 7DA73301B7449A0400000010\9.4.0\AcroRd32.dll
+ 2011-09-17 20:40 . 2011-04-26 14:11 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
+ 2011-07-05 14:56 . 2011-02-22 23:06 11080704 c:\windows\ie8updates\KB2530548-IE8\ieframe.dll
+ 2011-05-10 09:15 . 2010-12-21 10:29 11080704 c:\windows\ie8updates\KB2497640-IE8\ieframe.dll
+ 2011-02-11 15:04 . 2010-09-10 05:58 11080192 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll
+ 2010-10-13 18:07 . 2010-06-24 21:51 11077120 c:\windows\ie8updates\KB2360131-IE8\ieframe.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87 \System.Windows.Forms.ni.dll
+ 2011-09-17 21:08 . 2011-09-17 21:08 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web\40893760431f8f0dcce3e18630e45b23\System.We b.ni.dll
+ 2011-09-17 21:07 . 2011-09-17 21:07 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\ System.ServiceModel.ni.dll
+ 2011-09-17 20:45 . 2011-09-17 20:45 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Design\63ad0cd9b5e038c8e2e41415657db8fc\System .Design.ni.dll
+ 2011-09-17 20:44 . 2011-09-17 20:44 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\704556e34128441ea9f1a81cc89f8a79 \PresentationFramework.ni.dll
+ 2011-09-17 20:44 . 2011-09-17 20:44 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\Pre sentationCore\5f332c48d03eca57419c4f0e884092ee\Pre sentationCore.ni.dll
+ 2011-07-05 15:02 . 2011-07-05 15:02 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\msc orlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni .dll
+ 2010-10-13 18:07 . 2009-07-14 03:43 10841088 c:\windows\$NtUninstallKB2378111_WM9$\wmp.dll
+ 2011-06-28 16:26 . 2011-04-25 16:09 11083776 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll
+ 2011-02-23 08:57 . 2011-02-23 08:57 11082752 c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\ieframe.dll
+ 2011-02-10 02:24 . 2010-12-20 23:58 11082752 c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\ieframe.dll
+ 2010-09-10 15:27 . 2010-09-10 15:27 11082240 c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\00 avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" [2010-08-20 33120]
"Facebook Update"="c:\documents and settings\Rodrigo\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" [2011-09-12 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"CoolSwitch"="c:\windows\system32\taskswitch.e xe" [2002-03-19 45632]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-13 17508864]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2009-03-17 157552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-05 1632360]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-05 1505144]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-04-20 128512]
"FlashPlayerUpdate"="c:\windows\system32\macromed\ flash\FlashUtil10b.exe" [2009-04-20 240544]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2009-6-29 819200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"MaxRecentDocs"= 18 (0x12)
"NoSMConfigurePrograms"= 1 (0x1)
"NoRecentDocsNetHood"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 03:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\champions online\\Champions Online.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\spiral knights\\java_vm\\bin\\javaw.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\magicka\\Magicka. exe"=
"c:\\Documents and Settings\\Rodrigo\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling .exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [9/3/2010 2:15 PM 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/25/2010 10:57 AM 436792]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.s ys [7/19/2011 1:01 PM 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7/19/2011 1:01 PM 320856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [7/19/2011 1:01 PM 20568]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1/26/2010 10:09 PM 50704]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [6/2/2011 2:11 AM 2214504]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [6/26/2009 4:20 AM 14080]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [6/26/2009 4:20 AM 36352]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [8/15/2011 2:39 PM 45288]
R3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX2000/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [6/28/2009 7:31 PM 30560]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [6/26/2009 4:20 AM 77056]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/20/2011 10:00 PM 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfil t.sys [6/25/2009 11:10 PM 1684736]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [12/3/2010 9:17 PM 25832]
S3 elomoufiltr;ELO TouchSystems-SRV2;c:\windows\system32\drivers\EloFiltr.sys [11/5/2009 7:23 PM 48640]
S3 EloUsb;ELO TouchSystems-SRV;c:\windows\system32\drivers\EloUsb.Sys [11/5/2009 7:23 PM 55680]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9/20/2011 10:00 PM 136176]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [8/12/2010 8:15 AM 1355928]
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-07 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 18:15]
.
2011-10-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006Core.job
- c:\documents and settings\Rodrigo\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-09-12 04:48]
.
2011-10-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006UA.job
- c:\documents and settings\Rodrigo\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-09-12 04:48]
.
2011-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-21 01:59]
.
2011-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-21 01:59]
.
2011-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006Core.job
- c:\documents and settings\Rodrigo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-24 01:43]
.
2011-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006UA.job
- c:\documents and settings\Rodrigo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-24 01:43]
.
2011-08-17 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_ exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 19:56]
.
2011-08-20 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_e xe.job
- c:\program files\Microsoft IntelliType Pro\itype.exe [2009-11-05 20:45]
.
2011-10-09 c:\windows\Tasks\User_Feed_Synchronization-{8B101C39-28AA-4D42-A2A7-ECD583DFC838}.job
- c:\windows\system32\msfeedssync.exe [2009-04-20 18:22]
.
2011-10-09 c:\windows\Tasks\User_Feed_Synchronization-{E01CF51F-E590-4F71-9873-26E382FC3185}.job
- c:\windows\system32\msfeedssync.exe [2009-04-20 18:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
FF - ProfilePath - c:\documents and settings\Rodrigo\Application Data\Mozilla\Firefox\Profiles\o6ttki7f.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-MultiScreen - (no file)
.
.
.
************************************************** ************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-10-08 23:02
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
MultiScreen = ?\Program Files\MultiScreen\MultiScreen.exe????????????????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:0 1,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,ba,04 ,f8,d1,5c,d2,4b,b6,0b,d9,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:0 1,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,ba,04 ,f8,d1,5c,d2,4b,b6,0b,d9,\
.
Completion time: 2011-10-08 23:05:23
ComboFix-quarantined-files.txt 2011-10-09 03:05
ComboFix2.txt 2010-09-13 16:01
ComboFix3.txt 2010-09-11 15:32
ComboFix4.txt 2010-09-11 00:34
ComboFix5.txt 2011-10-09 02:49
.
Pre-Run: 393,643,188,224 bytes free
Post-Run: 396,431,704,064 bytes free
.
- - End Of File - - 7A17A9DA6D9D0966D3937A0FE26BE177

**broni** · 09-10-2011

Looks good.

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Scan All Users checkbox.
Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

**Rodrigo** · 10-10-2011

Ran OTL as instructed, but only one notepad window was opened after the scan:

OTL logfile created on: 10/10/2011 1:13:50 AM - Run 5
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Rodrigo\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.72 Gb Available Physical Memory | 83.77% Memory free
5.09 Gb Paging File | 4.75 Gb Available in Paging File | 93.35% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 685.32 Gb Total Space | 368.93 Gb Free Space | 53.83% Space Free | Partition Type: NTFS
Drive H: | 13.31 Gb Total Space | 12.97 Gb Free Space | 97.45% Space Free | Partition Type: NTFS

Computer Name: Rawd | User Name: Rodrigo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/09 13:51:39 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rodrigo\Desktop\OTL.exe
PRC - [2011/09/06 16:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/05/25 02:09:21 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2009/12/23 17:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009/11/12 14:48:56 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/07/09 09:32:20 | 000,073,728 | ---- | M] (Elo Touchsystems) -- C:\WINDOWS\system32\EloSrvce.exe
PRC - [2009/04/20 14:17:01 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/03/17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\Brmfrmps.exe

========== Modules (No Company Name) ==========

MOD - [2011/10/09 13:33:40 | 001,596,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11100901\algo.dll
MOD - [2011/10/08 11:52:10 | 001,596,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11100801\algo.dll
MOD - [2011/10/06 05:55:24 | 000,212,640 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11100901\aswRep.dll
MOD - [2011/10/06 05:55:24 | 000,212,640 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11100801\aswRep.dll
MOD - [2009/11/12 14:48:56 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2008/04/14 08:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 08:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (wscsvc)
SRV - [2011/09/10 16:51:58 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/06 16:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/05/25 02:09:21 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/09/03 14:15:04 | 001,355,928 | ---- | M] (Lavasoft) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/12/23 17:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/12/15 15:07:17 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/11/12 14:48:56 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009/07/09 09:32:20 | 000,073,728 | ---- | M] (Elo Touchsystems) [Auto | Running] -- C:\WINDOWS\system32\EloSrvce.exe -- (EloSystemService)
SRV - [2009/03/17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Brmfrmps.exe -- (brmfrmps)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/09/06 16:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 16:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 16:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 16:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/08/01 15

42 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2010/11/25 10:57:05 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/08/12 08:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/01/26 22:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/06/22 14:18:28 | 000,055,680 | ---- | M] (Elo Touchsystems ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EloUsb.Sys -- (EloUsb)
DRV - [2009/06/22 14:18:28 | 000,048,640 | ---- | M] (Elo Touchsystems ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EloFiltr.sys -- (elomoufiltr)
DRV - [2009/06/05 12:46:32 | 000,142,336 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/03/17 14:24:06 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009/02/13 17:49:30 | 005,029,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/05 21:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/06/27 17:40:18 | 001,315,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2006/01/04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/07/27 17:25:28 | 000,077,056 | ---- | M] (Unibrain S.A.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ubohci.sys -- (ubohci)
DRV - [2005/07/27 17:25:28 | 000,036,352 | ---- | M] (Unibrain S.A.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\UBUMAPI.sys -- (ubumapi)
DRV - [2005/07/27 17:25:28 | 000,014,080 | ---- | M] (Unibrain S.A.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\UBSBM.sys -- (ubsbm)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-790525478-1229272821-1417001333-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-790525478-1229272821-1417001333-1006\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.d ll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Rodrigo\Application Data\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.d ll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/30 01:07:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/28 20:03:58 | 000,000,000 | ---D | M]

[2009/11/25 06:03:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rodrigo\Application Data\Mozilla\Extensions
[2009/11/25 06:03:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rodrigo\Application Data\Mozilla\Extensions\celtx@celtx.com
[2011/09/11 04:07:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rodrigo\Application Data\Mozilla\Firefox\Profiles\o6ttki7f.default\ext ensions
[2011/03/15 22:44:25 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Rodrigo\Application Data\Mozilla\Firefox\Profiles\o6ttki7f.default\ext ensions\personas@christopher.beard
[2011/09/17 16:45:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/29 13:04:14 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/09/14 22:52:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/01 21:43:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/01 13:27:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/09/17 16:45:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\RODRIGO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\O6TTKI7F.DEFAULT\EXT ENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
[2009/06/25 21:15:26 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/06/26 14:05:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/09/30 01:07:54 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2006/09/21 16:25:40 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/30 01:07:52 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google

riginalQueryForSuggestion}{google:searchFieldtrial Parameter}{google:instantFieldTrialGroupParameter} sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\gcswf3 2.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\ppGoog leNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Google\Chrome\Application\14.0.835.202\pdf.dl l
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfg npldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: McAfee Clinic (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMGWRAP.DLL
CHR - plugin: AOL Media Playback Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.d ll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AT_MEcko = C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fbdglekpmmdlmdfogflhiponnn dbokpk\2_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnp ncnbda\6.0.1289_0\
CHR - Extension: Click to call with Skype = C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfg npldfl\5.6.0.8153_0\

O1 HOSTS File: ([2011/10/08 23:02:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKU\S-1-5-21-790525478-1229272821-1417001333-1006..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-790525478-1229272821-1417001333-1006..\Run: [Facebook Update] C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10b.ex e (Adobe Systems, Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10b.ex e (Adobe Systems, Inc.)
O4 - HKU\S-1-5-21-790525478-1229272821-1417001333-1008..\RunOnce: [Auto Config] C:\WINDOWS\System32\CMD.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoSharedDocuments = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: MaxRecentDocs = 18
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoSMConfigurePrograms = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoRecentDocsNetHood = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: MemCheckBoxInRunDlg = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: verbosestatus = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-790525478-1229272821-1417001333-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-790525478-1229272821-1417001333-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-790525478-1229272821-1417001333-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-790525478-1229272821-1417001333-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-790525478-1229272821-1417001333-1008\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-790525478-1229272821-1417001333-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Oracle.com Outage (Java Plug-in 1.6.0_26)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pearsoned.com/Pegasus...es/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} Oracle.com Outage (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Oracle.com Outage (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.74.166 68.87.68.166 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{0F24FD84-4C61-4FE4-A41B-4F94A90051A4}: DhcpNameServer = 68.87.74.166 68.87.68.166 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/25 21:07:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\pdvcodec.dll (Matsu****a Electric Industrial Co., Ltd.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/10/10 01:12:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/10/09 13:51:39 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rodrigo\Desktop\OTL.exe
[2011/10/08 22:49:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/10/08 22:49:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/10/08 22:49:01 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/10/08 22:49:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/10/08 22:46:42 | 004,250,142 | R--- | C] (Swearware) -- C:\Documents and Settings\Rodrigo\Desktop\ComboFix.exe
[2011/10/06 15:11:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/09/20 21:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/09/17 16:45:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/09/12 00:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rodrigo\Local Settings\Application Data\Facebook
[2011/09/10 16:58:44 | 000,340,480 | -H-- | C] (Media Cope) -- C:\Speak Text.exe
[2011/09/10 16:58:44 | 000,083,456 | -H-- | C] (Media Cope) -- C:\wifv.exe
[2011/09/10 16:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Media Cope
[2011/09/10 16:58:42 | 000,579,576 | ---- | C] (Codejock Software) -- C:\WINDOWS\System32\Codejock.SkinFramework.v15.0.1 .ocx
[2011/09/10 16:58:42 | 000,211,456 | ---- | C] (Media Cope) -- C:\WINDOWS\System32\MediaCopeShellS.dll
[2011/09/10 16:58:42 | 000,211,456 | ---- | C] (Media Cope) -- C:\WINDOWS\System32\MediaCopeShellM.dll
[2011/09/10 16:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\Media Cope
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/10 01:15:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E01CF51F-E590-4F71-9873-26E382FC3185}.job
[2011/10/10 01:10:00 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/10 01:01:23 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8B101C39-28AA-4D42-A2A7-ECD583DFC838}.job
[2011/10/10 00:59:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006UA.job
[2011/10/10 00:53:01 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006UA.job
[2011/10/10 00:53:00 | 000,000,984 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006Core.job
[2011/10/09 23:10:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/09 15:59:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006Core.job
[2011/10/09 13:51:39 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rodrigo\Desktop\OTL.exe
[2011/10/08 23:02:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/10/08 22:46:43 | 004,250,142 | R--- | M] (Swearware) -- C:\Documents and Settings\Rodrigo\Desktop\ComboFix.exe
[2011/10/08 22:43:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/08 22:42:56 | 3488,862,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/07 00:38:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/07 00:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/10/05 13:00:00 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Rodrigo\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/05 12:59:59 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Rodrigo\Desktop\Google Chrome.lnk
[2011/10/01 19:55:40 | 000,095,232 | ---- | M] () -- C:\Documents and Settings\Rodrigo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/29 15

21 | 000,000,848 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2011/09/29 15:55:31 | 000,000,152 | ---- | M] () -- C:\WINDOWS\brpcfx.ini
[2011/09/28 22:24:27 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/24 19:37:18 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/09/19 17:46:39 | 000,183,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/18 05:13:58 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/09/17 16:43:19 | 000,441,468 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/17 16:43:19 | 000,071,278 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/09/13 22:50:15 | 000,023,640 | ---- | M] () -- C:\Documents and Settings\Rodrigo\My Documents\SRRS SCALE (individual in society paper 1).odt
[2011/09/11 20:42:54 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/10 18:19:24 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\Rodrigo\Desktop\Spiral Knights.url
[2011/09/10 16:58:45 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Rodrigo\Desktop\Media Cope.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/08 22:49:01 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/10/08 22:49:01 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/10/08 22:49:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/10/08 22:49:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/10/08 22:49:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/20 22:00:07 | 000,000,888 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/20 22:00:06 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/18 05:13:58 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/09/13 22:50:15 | 000,023,640 | ---- | C] () -- C:\Documents and Settings\Rodrigo\My Documents\SRRS SCALE (individual in society paper 1).odt
[2011/09/12 00:48:36 | 000,001,006 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006UA.job
[2011/09/12 00:48:35 | 000,000,984 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006Core.job
[2011/09/11 02:44:28 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2011/09/10 18:19:24 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\Rodrigo\Desktop\Spiral Knights.url
[2011/09/10 16:58:45 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Rodrigo\Desktop\Media Cope.lnk
[2011/09/09 21:27:23 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2011/06/02 02:10:04 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011/05/10 23:16:28 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/05/10 23:16:28 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/05/10 23:16:28 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/03/29 04:00:00 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/03/24 15:35:18 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/03/24 15:28:12 | 000,631,808 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/03/02 06:43:46 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/11/25 11:35:53 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/09/25 17:31:58 | 000,000,244 | ---- | C] () -- C:\WINDOWS\kaillera.ini
[2010/09/10 20:25:18 | 000,201,688 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/22 00:23:55 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2010/05/28 16:51:49 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2010/02/23 14:30:57 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/01/26 22:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/01/14 19:08:43 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/01/09 15:34:48 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/11/05 19:23:54 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\EloSetOptions.exe
[2009/09/29 11:34:24 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2009/09/29 11:34:21 | 000,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/07/20 15:37:22 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/06/29 13:55:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009/06/29 13:53:54 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2009/06/29 13:53:02 | 000,000,848 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2009/06/29 13:53:02 | 000,000,462 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2009/06/29 13:53:02 | 000,000,152 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2009/06/29 13:53:02 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF04A.dat
[2009/06/29 13:53:01 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/06/29 13:52:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2009/06/28 21:27:36 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/06/26 17:14:11 | 000,095,232 | ---- | C] () -- C:\Documents and Settings\Rodrigo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/26 04:47:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/06/25 23:27:31 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009/06/25 22:19:23 | 000,001,164 | ---- | C] () -- C:\WINDOWS\ipconfig.dat
[2009/06/25 21:59:35 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\BJAXSecurityManager.dll
[2009/06/25 21:59:34 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\BJInstaller.dll
[2009/06/25 21:22:11 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/06/25 21:07:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/06/25 21:03:44 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/06/25 15:46:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/06/25 15:43:34 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/06/25 15:43:19 | 000,183,424 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/20 14:25:16 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
[2008/04/14 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 08:00:00 | 000,441,468 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 08:00:00 | 000,071,278 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/03/19 18:30:00 | 000,045,632 | ---- | C] () -- C:\WINDOWS\System32\TaskSwitch.exe

========== LOP Check ==========

[2011/07/19 13:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/06/26 16:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010/12/03 21:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010/01/14 21:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/08/26 19

20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2010/01/09 12:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/06/25 22:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2009/10/11 19:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\myitlab
[2009/12/25 03:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/09/03 13:50:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2011/02/16 20:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\.minecraft
[2011/06/13 07:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\avidemux
[2011/08/02 05:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\Azureus
[2009/11/24 03:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\Blitware
[2009/10/31 08:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\Camfrog
[2010/05/21 21:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\Canneverbe Limited
[2010/01/09 12

07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\ESET
[2010/01/22 11:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\FMZilla
[2009/09/14 16:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\Meebo
[2009/07/24 12:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\OpenOffice.org
[2011/09/27 02:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\uTorrent
[2011/09/09 21:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rodrigo\Application Data\VDownloader
[2011/10/07 00:13:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/10/10 00:53:00 | 000,000,984 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006Core.job
[2011/10/10 00:53:01 | 000,001,006 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-790525478-1229272821-1417001333-1006UA.job
[2011/10/10 01:01:23 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{8B101C39-28AA-4D42-A2A7-ECD583DFC838}.job
[2011/10/10 01:15:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E01CF51F-E590-4F71-9873-26E382FC3185}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2011/10/08 22:42:49 | 000,093,921 | ---- | M] () -- C:\aaw7boot.log
[2009/06/25 21:07:01 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/06/26 00:48:41 | 010,001,714 | ---- | M] () -- C:\BellSouthIW.reg
[2011/10/08 23:05:25 | 000,202,009 | ---- | M] () -- C:\ComboFix.txt
[2009/06/25 21:07:01 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/10/08 22:42:56 | 3488,862,208 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/25 21:07:01 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/05/24 16:27:25 | 000,000,920 | -H-- | M] () -- C:\IPH.PH
[2010/09/14 22:55:00 | 000,000,737 | ---- | M] () -- C:\JavaRa.log
[2011/06/17 17:37:44 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2009/06/25 21:07:01 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/10/08 22:42:50 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010/09/20 11:36:42 | 000,340,480 | -H-- | M] (Media Cope) -- C:\Speak Text.exe
[2010/03/02 14:34:04 | 000,048,196 | ---- | M] () -- C:\TDSSKiller.txt
[2009/11/25 05:28:10 | 000,058,401 | ---- | M] () -- C:\WaxCrash.dmp
[2009/11/04 18:20:32 | 000,083,456 | -H-- | M] (Media Cope) -- C:\wifv.exe

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/25 21:06:26 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2004/02/09 00:00:00 | 000,026,285 | ---- | M] (Brother Industries ,Ltd ) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\brmfpp1. dll
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpi pelineprintproc.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfil terpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/09/06 16:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/06/25 15:42:34 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/06/25 15:42:34 | 001,073,152 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/06/25 15:42:34 | 000,868,352 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/06/25 21:07:08 | 000,000,227 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >
[2009/06/25 21:06:48 | 000,007,287 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\ASPNETSet up.log

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/06/26 14:15:59 | 000,000,060 | -HS- | M] () -- C:\Documents and Settings\Rodrigo\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/06/26 14:15:59 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Rodrigo\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/10/08 22:46:43 | 004,250,142 | R--- | M] (Swearware) -- C:\Documents and Settings\Rodrigo\Desktop\ComboFix.exe
[2011/10/09 13:51:39 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rodrigo\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >
[2010/01/26 11:11:08 | 000,444,283 | ---- | M] () -- C:\Program Files\Common Files\WinPcapNmap.exe

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/06/26 14:15:59 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Rodrigo\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011/10/10 01:01:22 | 000,049,152 | -HS- | M] () -- C:\Documents and Settings\Rodrigo\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >
[2003/06/13 18:23:06 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AppLoc.exe

< %SYSTEMROOT%\inf\*.exe >
[2009/04/20 14:18:58 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

**broni** · 10-10-2011

Update your Java version here: Verify Java Version

================================================== ===============

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.

================================================== =======

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Tick the box next to YES, I accept the Terms of Use
Click Start
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click on List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If Eset won't find any threats, it won't produce any log.

Blue Screen/Buggy system

Blue Screen/Buggy system

Similar Threads

Blue screen: stop error screen when gaming

Help, fatal system error blue screen of death

System Freezing & Blue Screen Problems

System Freezing & Blue Screen Problems

Like many of you, my system freezes, then blue screen...